Article

Static detection of brittle parameter typing

Authors:

Michael Pradel,

Severin Heiniger, and

Thomas R. GrossAuthors Info & Claims

ISSTA 2012: Proceedings of the 2012 International Symposium on Software Testing and Analysis

July 2012

Pages 265 - 275

https://doi.org/10.1145/2338965.2336785

Published: 15 July 2012 Publication History

Abstract

To avoid receiving incorrect arguments, a method specifies the expected type of each formal parameter. However, some parameter types are too general and have subtypes that the method does not expect as actual argument types. For example, this may happen if there is no common supertype that precisely describes all expected types. As a result of such brittle parameter typing, a caller may accidentally pass arguments unexpected by the callee without any warnings from the type system. This paper presents a fully automatic, static analysis to find brittle parameter typing and unexpected arguments given to brittle parameters. First, the analysis infers from callers of a method the types that arguments commonly have. Then, the analysis reports potentially unexpected arguments that stand out by having an unusual type. We apply the approach to 21 real-world Java programs that use the Swing API, an API providing various methods with brittle parameters. The analysis reveals 15 previously unknown bugs and code smells where programmers pass arguments that are compatible with the declared parameter type but nevertheless unexpected by the callee. The warnings reported by the analysis have 47% precision and 83% recall.

References

[1]

J. Bloch. Effective Java (Second Edition). Addison-Wesley, 2008.

Digital Library

[2]

R.-Y. Chang, A. Podgurski, and J. Yang. Finding what's not there: a new approach to revealing neglected conditions in software. In ISSTA, pages 163-173, 2007.

Digital Library

[3]

D. Engler, D. Y. Chen, S. Hallem, A. Chou, and B. Chelf. Bugs as deviant behavior: A general approach to inferring errors in systems code. In SOSP, pages 57-72, 2001.

Digital Library

[4]

M. D. Ernst, J. Cockrell, W. G. Griswold, and D. Notkin. Dynamically discovering likely program invariants to support program evolution. IEEE T Software Eng, 27(2):213-224, 2001.

Digital Library

[5]

M. Fowler. Refactoring: Improving the Design of Existing Code. Addison-Wesley, 1999.

Digital Library

[6]

M. Gabel and Z. Su. Online inference and enforcement of temporal properties. In ICSE, pages 15-24, 2010.

Digital Library

[7]

N. Gruska, A. Wasylkowski, and A. Zeller. Learning from 6,000 projects: Lightweight cross-project anomaly detection. In ISSTA, pages 119-130, 2010.

Digital Library

[8]

S. Hangal and M. S. Lam. Tracking down software bugs using automatic anomaly detection. In ICSE, pages 291-301, 2002.

Digital Library

[9]

O. Lhoták and L. J. Hendren. Evaluating the benefits of context-sensitive points-to analysis using a BDD-based implementation. ACM T Softw Eng Meth, 18(1), 2008.

Digital Library

[10]

Z. Li and Y. Zhou. PR-Miner: Automatically extracting implicit programming rules and detecting violations in large software code. In ESEC/FSE, pages 306-315, 2005.

Digital Library

[11]

B. Liskov. Data abstraction and hierarchy. In OOPSLA, 1987.

Digital Library

[12]

S. Lu, S. Park, C. Hu, X. Ma, W. Jiang, Z. Li, R. A. Popa, and Y. Zhou. MUVI: Automatically inferring multi-variable access correlations and detecting related semantic and concurrency bugs. In SOSP, pages 103-116, 2007.

Digital Library

[13]

S. Lu, J. Tucek, F. Qin, and Y. Zhou. AVIO: detecting atomicity violations via access interleaving invariants. In ASPLOS, pages 37-48, 2006.

Digital Library

[14]

M. Monperrus, M. Bruch, and M. Mezini. Detecting missing method calls in object-oriented software. In ECOOP, pages 2-25, 2010.

Digital Library

[15]

T. T. Nguyen, H. A. Nguyen, N. H. Pham, J. M. Al-Kofahi, and T. N. Nguyen. Graph-based mining of multiple object usage patterns. In ESEC/FSE, pages 383-392, 2009.

Digital Library

[16]

M. Pradel and T. R. Gross. Detecting anomalies in the order of equally-typed method arguments. In ISSTA, pages 232-242, 2011.

Digital Library

[17]

M. Pradel and T. R. Gross. Leveraging test generation and specification mining for automated bug detection without false positives. In ICSE, 2012.

Digital Library

[18]

M. Pradel, C. Jaspan, J. Aldrich, and T. R. Gross. Statically checking API protocol conformance with mined multi-object specifications. In ICSE, 2012.

Digital Library

[19]

S. Thummalapenta and T. Xie. Alattin: Mining alternative patterns for detecting neglected conditions. In ASE, pages 283-294, 2009.

Digital Library

[20]

S. Thummalapenta and T. Xie. Mining exception-handling rules as sequence association rules. In ICSE, pages 496-506, 2009.

Digital Library

[21]

F. Tip, A. Kiezun, and D. Bäumer. Refactoring for generalization using type constraints. In OOPSLA, pages 13-26, 2003.

Digital Library

[22]

R. Vallée-Rai, P. Co, E. Gagnon, L. J. Hendren, P. Lam, and V. Sundaresan. Soot - a Java bytecode optimization framework. In CASCON, pages 125-135, 1999.

Digital Library

[23]

A. Wasylkowski and A. Zeller. Mining temporal specifications from object usage. In ASE, pages 295-306, 2009.

Digital Library

[24]

J. Winther and M. I. Schwartzbach. Related types. In ECOOP, pages 434-458. Springer, 2011.

Digital Library

[25]

H. Zhong, T. Xie, L. Zhang, J. Pei, and H. Mei. MAPO: Mining and recommending API usage patterns. In ECOOP, pages 318-343, 2009.

Digital Library

Cited By

Lewowski TMadeyski L(2022)How far are we from reproducible research on code smell detection? A systematic literature reviewInformation and Software Technology10.1016/j.infsof.2021.106783144:COnline publication date: 1-Apr-2022
https://dl.acm.org/doi/10.1016/j.infsof.2021.106783
Maddox JLong YRajan HLeavens GGarcia APăsăreanu C(2018)Large-scale study of substitutability in the presence of effectsProceedings of the 2018 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering10.1145/3236024.3236075(528-538)Online publication date: 26-Oct-2018
https://dl.acm.org/doi/10.1145/3236024.3236075
Pradel MSchuh PSen KBertolino ACanfora GElbaum S(2015)TypeDevilProceedings of the 37th International Conference on Software Engineering - Volume 110.5555/2818754.2818795(314-324)Online publication date: 16-May-2015
https://dl.acm.org/doi/10.5555/2818754.2818795
Show More Cited By

Index Terms

Static detection of brittle parameter typing
1. Software and its engineering
  1. Software creation and management
    1. Software verification and validation
      1. Software defect analysis
        Software testing and debugging

Recommendations

Static memory leak detection using full-sparse value-flow analysis
ISSTA 2012: Proceedings of the 2012 International Symposium on Software Testing and Analysis

We introduce a static detector, Saber, for detecting memory leaks in C programs. Leveraging recent advances on sparse pointer analysis, Saber is the first to use a full-sparse value-flow analysis for leak detection. Saber tracks the flow of values from ...
Read More
Quasi-static typing
POPL '90: Proceedings of the 17th ACM SIGPLAN-SIGACT symposium on Principles of programming languages

We present a new approach to dynamic typing in a static framework. Our main innovation is the use of structural subtyping for dynamic types based on the idea that possible dynamic typing as a property should be inherited by objects of all types. Two ...
Read More
Typing dynamic typing

Even when programming in a statically typed language we every now and then encounter statically untypable values; such values result from interpreting values or from communicating with the outside world. To cope with this problem most languages include ...
Read More

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

ISSTA 2012: Proceedings of the 2012 International Symposium on Software Testing and Analysis

July 2012

341 pages

ISBN:9781450314541

DOI:10.1145/2338965

General Chair:
Mats Heimdahl,
Program Chair:
Zhendong Su

Copyright © 2012 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSOFT: ACM Special Interest Group on Software Engineering

In-Cooperation

SIGPLAN: ACM Special Interest Group on Programming Languages

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 15 July 2012

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Article

Conference

ISSTA '12

Sponsor:

SIGSOFT

ISSTA '12: International Symposium on Software Testing and Analysis

July 15 - 20, 2012

MN, Minneapolis, USA

Acceptance Rates

Overall Acceptance Rate 58 of 213 submissions, 27%

Upcoming Conference

ISSTA '24

Sponsor:
sigsoft

33rd ACM SIGSOFT International Symposium on Software Testing and Analysis

September 16 - 20, 2024

Vienna , Austria

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

7
Total Citations
View Citations
140
Total Downloads

Downloads (Last 12 months)1
Downloads (Last 6 weeks)0

Other Metrics

View Author Metrics

Citations

Cited By

Lewowski TMadeyski L(2022)How far are we from reproducible research on code smell detection? A systematic literature reviewInformation and Software Technology10.1016/j.infsof.2021.106783144:COnline publication date: 1-Apr-2022
https://dl.acm.org/doi/10.1016/j.infsof.2021.106783
Maddox JLong YRajan HLeavens GGarcia APăsăreanu C(2018)Large-scale study of substitutability in the presence of effectsProceedings of the 2018 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering10.1145/3236024.3236075(528-538)Online publication date: 26-Oct-2018
https://dl.acm.org/doi/10.1145/3236024.3236075
Pradel MSchuh PSen KBertolino ACanfora GElbaum S(2015)TypeDevilProceedings of the 37th International Conference on Software Engineering - Volume 110.5555/2818754.2818795(314-324)Online publication date: 16-May-2015
https://dl.acm.org/doi/10.5555/2818754.2818795
Asaduzzaman MRoy CMonir SSchneider K(2015)Exploring API method parameter recommendationsProceedings of the 2015 IEEE International Conference on Software Maintenance and Evolution (ICSME)10.1109/ICSM.2015.7332473(271-280)Online publication date: 29-Sep-2015
https://dl.acm.org/doi/10.1109/ICSM.2015.7332473
Pradel MSchuh PSen K(2015)TypeDevil: Dynamic Type Inconsistency Analysis for JavaScript2015 IEEE/ACM 37th IEEE International Conference on Software Engineering10.1109/ICSE.2015.51(314-324)Online publication date: May-2015
https://doi.org/10.1109/ICSE.2015.51
Pradel MGross TNotkin DCheng BPohl K(2013)Automatic testing of sequential and concurrent substitutabilityProceedings of the 2013 International Conference on Software Engineering10.5555/2486788.2486826(282-291)Online publication date: 18-May-2013
https://dl.acm.org/doi/10.5555/2486788.2486826
Pradel MGross T(2013)Automatic testing of sequential and concurrent substitutability2013 35th International Conference on Software Engineering (ICSE)10.1109/ICSE.2013.6606574(282-291)Online publication date: May-2013
https://doi.org/10.1109/ICSE.2013.6606574

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents