发布求助
文献互助 智能选刊 最新文献

2015 IEEE 15th International Working Conference on Source Code Analysis and Manipulation (SCAM)最新文献

筛选
英文 中文
Recording and replaying system specific, source code transformations 记录和重播系统的具体,源代码转换
2015 IEEE 15th International Working Conference on Source Code Analysis and Manipulation (SCAM) Pub Date : 2015-11-23 DOI: 10.1109/SCAM.2015.7335418
Gustavo Santos, Anne Etien, N. Anquetil, Stéphane Ducasse, M. T. Valente
{"title":"Recording and replaying system specific, source code transformations","authors":"Gustavo Santos, Anne Etien, N. Anquetil, Stéphane Ducasse, M. T. Valente","doi":"10.1109/SCAM.2015.7335418","DOIUrl":"https://doi.org/10.1109/SCAM.2015.7335418","url":null,"abstract":"During its lifetime, a software system is under continuous maintenance to remain useful. Maintenance can be achieved in activities such as adding new features, fixing bugs, improving the system's structure, or adapting to new APIs. In such cases, developers sometimes perform sequences of code changes in a systematic way. These sequences consist of small code changes (e.g., create a class, then extract a method to this class), which are applied to groups of related code entities (e.g., some of the methods of a class). This paper presents the design and proof-of-concept implementation of a tool called MacroRecorder. This tool records a sequence of code changes, then it allows the developer to generalize this sequence in order to apply it in other code locations. In this paper, we discuss MACRORECORDER's approach that is independent of both development and transformation tools. The evaluation is based on previous work on repetitive code changes related to rearchitecting. MacroRecorder was able to replay 92% of the examples, which consisted in up to seven code entities modified up to 66 times. The generation of a customizable, large-scale transformation operator has the potential to efficiently assist code maintenance.","PeriodicalId":192232,"journal":{"name":"2015 IEEE 15th International Working Conference on Source Code Analysis and Manipulation (SCAM)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-11-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131311772","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
How do Java methods grow? Java方法是如何增长的?
2015 IEEE 15th International Working Conference on Source Code Analysis and Manipulation (SCAM) Pub Date : 2015-11-23 DOI: 10.1109/SCAM.2015.7335411
Daniela Steidl, F. Deißenböck
{"title":"How do Java methods grow?","authors":"Daniela Steidl, F. Deißenböck","doi":"10.1109/SCAM.2015.7335411","DOIUrl":"https://doi.org/10.1109/SCAM.2015.7335411","url":null,"abstract":"Overly long methods hamper the maintainability of software - they are hard to understand and to change, but also difficult to test, reuse, and profile. While technically there are many opportunities to refactor long methods, little is known about their origin and their evolution. It is unclear how much effort should be spent to refactor them and when this effort is spent best. To obtain a maintenance strategy, we need a better understanding of how software systems and their methods evolve. This paper presents an empirical case study on method growth in Java with nine open source and one industry system. We show that most methods do not increase their length significantly; in fact, about half of them remain unchanged after the initial commit. Instead, software systems grow by adding new methods rather than by modifying existing methods.","PeriodicalId":192232,"journal":{"name":"2015 IEEE 15th International Working Conference on Source Code Analysis and Manipulation (SCAM)","volume":"37 1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-11-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132850307","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Cumulative code churn: Impact on maintainability 累积代码混乱:对可维护性的影响
2015 IEEE 15th International Working Conference on Source Code Analysis and Manipulation (SCAM) Pub Date : 2015-11-23 DOI: 10.1109/SCAM.2015.7335410
Csaba Faragó, Péter Hegedüs, R. Ferenc
{"title":"Cumulative code churn: Impact on maintainability","authors":"Csaba Faragó, Péter Hegedüs, R. Ferenc","doi":"10.1109/SCAM.2015.7335410","DOIUrl":"https://doi.org/10.1109/SCAM.2015.7335410","url":null,"abstract":"It is a well-known phenomena that the source code of software systems erodes during development, which results in higher maintenance costs in the long term. But can we somehow narrow down where exactly this erosion happens? Is it possible to infer the future erosion based on past code changes? Do modifications performed on frequently changing code have worse effect on software maintainability than those affecting less frequently modified code? In this study we investigated these questions and the results indicate that code churn indeed increases the pace of code erosion. We calculated cumulative code churn values and maintainability changes for every version control commit operation of three open-source and one proprietary software system. With the help of Wilcoxon rank test we compared the cumulative code churn values of the files in commits resulting maintainability increase with those of decreasing the maintainability. In the case of three systems the test showed very strong significance and in one case it resulted in strong significance (p-values 0.00235, 0.00436, 0.00018 and 0.03616). These results support our preliminary assumption that modifying high-churn code is more likely to decrease the overall maintainability of a software system, which can be thought of as the generalization of the already known phenomena that code churn results in higher number of defects.","PeriodicalId":192232,"journal":{"name":"2015 IEEE 15th International Working Conference on Source Code Analysis and Manipulation (SCAM)","volume":"11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-11-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124848427","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
Automated memory leak diagnosis by regression testing 通过回归测试自动进行内存泄漏诊断
2015 IEEE 15th International Working Conference on Source Code Analysis and Manipulation (SCAM) Pub Date : 2015-11-23 DOI: 10.1109/SCAM.2015.7335415
M. Ghanavati, A. Andrzejak
{"title":"Automated memory leak diagnosis by regression testing","authors":"M. Ghanavati, A. Andrzejak","doi":"10.1109/SCAM.2015.7335415","DOIUrl":"https://doi.org/10.1109/SCAM.2015.7335415","url":null,"abstract":"Memory leaks are tedious to detect and require significant debugging effort to be reproduced and localized. In particular, many of such bugs escape classical testing processes used in software development. One of the reasons is that unit and integration tests run too short for leaks to manifest via memory bloat or degraded performance. Moreover, many of such defects are environment-sensitive and not triggered by a test suite. Consequently, leaks are frequently discovered in the production scenario, causing elevated costs. In this paper we propose an approach for automated diagnosis of memory leaks during the development phase. Our technique is based on regression testing and exploits existing test suites. The key idea is to compare object (de-)allocation statistics (collected during unit/integration test executions) between a previous and the current software version. By grouping these statistics according to object creation sites we can detect anomalies and pinpoint the potential root causes of memory leaks. Such diagnosis can be completed before a visible memory bloat occurs, and in time proportional to the execution of test suite. We evaluate our approach using real leaks found in 7 Java applications. Results show that our approach has sufficient detection accuracy and is effective in isolating the leaky allocation site: true defect locations rank relatively high in the lists of suspicious code locations if the tests trigger the leak pattern. Our prototypical system imposes an acceptable instrumentation and execution overhead for practical memory leak detection even in large software projects.","PeriodicalId":192232,"journal":{"name":"2015 IEEE 15th International Working Conference on Source Code Analysis and Manipulation (SCAM)","volume":"AES-20 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-11-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126548434","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 10
CodeMetropolis: Eclipse over the city of source code CodeMetropolis: Eclipse在源代码之城之上
2015 IEEE 15th International Working Conference on Source Code Analysis and Manipulation (SCAM) Pub Date : 2015-11-23 DOI: 10.1109/SCAM.2015.7335425
Gergõ Balogh, Attila Szabolics, Árpád Beszédes
{"title":"CodeMetropolis: Eclipse over the city of source code","authors":"Gergõ Balogh, Attila Szabolics, Árpád Beszédes","doi":"10.1109/SCAM.2015.7335425","DOIUrl":"https://doi.org/10.1109/SCAM.2015.7335425","url":null,"abstract":"The graphical representations of software (code visualization in particular) may provide both professional programmers and students learning only the basics with support in program comprehension. Among the numerous proposed approaches, our research applies the city metaphor for the visualisation of such code elements as classes, functions, or attributes by the tool CodeMetropolis. It uses the game engine of Minecraft for the graphics, and is able to visualize various properties of the code based on structural metrics. In this work, we present our approach to integrate our visualization tool into the Eclipse IDE environment. Previously, only standalone usage was possible, but with this new version the users can invoke the visualization directly from the IDE, and all the analysis is performed in the background. The new version of the tool now includes an Eclipse plug-in and a Minecraft modification in addition to the analysis and visualization modules which have also been extended with some new features. Possible use cases and a detailed scenario are presented.","PeriodicalId":192232,"journal":{"name":"2015 IEEE 15th International Working Conference on Source Code Analysis and Manipulation (SCAM)","volume":"76 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-11-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117321861","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 17
LeakTracer: Tracing leaks along the way LeakTracer:一路上跟踪泄漏
2015 IEEE 15th International Working Conference on Source Code Analysis and Manipulation (SCAM) Pub Date : 2015-11-23 DOI: 10.1109/SCAM.2015.7335414
Hengyang Yu, Xiaohua Shi, Wei Feng
{"title":"LeakTracer: Tracing leaks along the way","authors":"Hengyang Yu, Xiaohua Shi, Wei Feng","doi":"10.1109/SCAM.2015.7335414","DOIUrl":"https://doi.org/10.1109/SCAM.2015.7335414","url":null,"abstract":"Unnecessary references in managed languages, such as Java and C#, often cause memory leaks without any immediate symptoms. These leaks become manifest when the program has been running for a long time (usually several hours, days or even weeks). Garbage collectors cannot handle this situation, since it only reclaims objects that have no external references to them. Consequently, when the number of leaked objects becomes large, garbage collection frequency increases and program performance degrades. Ultimately, the program will crash. This paper introduces LeakTracer, a tool that helps diagnose memory leaks in managed languages. The core of LeakTracer is the use of a novel leak predictor, which not only considers object size and staleness as a whole to predict leaked objects, but also carefully adjusts their contributions to the leak possibility of an object, according to the careful observation of activities of common objects during their lifetimes. We have implemented LeakTracer in two parts: (1) an online object events tracker in the Apache Harmony DRL virtual machine, and (2) an offline analyzer embedding our predictor. We have successfully used LeakTracer to find leaks in several real-world programs, and our case studies show that leak predictor can pinpoint leaked objects with high accuracy.","PeriodicalId":192232,"journal":{"name":"2015 IEEE 15th International Working Conference on Source Code Analysis and Manipulation (SCAM)","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-11-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134383456","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
A translation validation framework for symbolic value propagation based equivalence checking of FSMDAs 基于等价性检验的符号值传播翻译验证框架
2015 IEEE 15th International Working Conference on Source Code Analysis and Manipulation (SCAM) Pub Date : 2015-11-23 DOI: 10.1109/SCAM.2015.7335421
K. Banerjee, C. Mandal, D. Sarkar
{"title":"A translation validation framework for symbolic value propagation based equivalence checking of FSMDAs","authors":"K. Banerjee, C. Mandal, D. Sarkar","doi":"10.1109/SCAM.2015.7335421","DOIUrl":"https://doi.org/10.1109/SCAM.2015.7335421","url":null,"abstract":"A compiler is a computer program which translates a source code into a target code, often with an objective to reduce the execution time and/or save critical resources. However, an error in the design or in the implementation of a compiler may result in software bugs in the target code obtained from that compiler. Translation validation is a formal verification approach for compilers whereby, each individual translation is followed by a validation phase which verifies that the target code produced correctly implements the source code. In this paper, we present a tool for translation validation of optimizing transformations of programs; the original and the transformed programs are modeled as Finite State Machines with Datapath having Arrays (FSMDAs) and a symbolic value propagation (SVP) based equivalence checking strategy is applied over this model to determine the correctness of the applied transformations. The tool has been demonstrated to handle uniform and non-uniform code motions, including code motions across loops, along with transformations which result in modification of control structures of programs. Moreover, arithmetic transformations such as, associative, commutative, distributive transformations, expression simplification, constant folding, etc., are also supported.","PeriodicalId":192232,"journal":{"name":"2015 IEEE 15th International Working Conference on Source Code Analysis and Manipulation (SCAM)","volume":"7 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-11-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125316317","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Intent, tests, and release dependencies: Pragmatic recipes for source code integration 意图、测试和发布依赖关系:源代码集成的实用方法
2015 IEEE 15th International Working Conference on Source Code Analysis and Manipulation (SCAM) Pub Date : 2015-11-23 DOI: 10.1109/SCAM.2015.7335397
M. Brandtner, P. Leitner, H. Gall
{"title":"Intent, tests, and release dependencies: Pragmatic recipes for source code integration","authors":"M. Brandtner, P. Leitner, H. Gall","doi":"10.1109/SCAM.2015.7335397","DOIUrl":"https://doi.org/10.1109/SCAM.2015.7335397","url":null,"abstract":"Continuous integration of source code changes, for example, via pull-request driven contribution channels, has become standard in many software projects. However, the decision to integrate source code changes into a release is complex and has to be taken by a software manager. In this work, we identify a set of three pragmatic recipes plus variations to support the decision making of integrating code contributions into a release. These recipes cover the isolation of source code changes, contribution of test code, and the linking of commits to issues. We analyze the development history of 21 open-source software projects, to evaluate whether, and to what extent, those recipes are followed in open-source projects. The results of our analysis showed that open-source projects largely follow recipes on a compliance level of > 75%. Hence, we conclude that the identified recipes plus variations can be seen as wide-spread relevant best-practices for source code integration.","PeriodicalId":192232,"journal":{"name":"2015 IEEE 15th International Working Conference on Source Code Analysis and Manipulation (SCAM)","volume":"52 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-11-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130452420","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
On the comprehension of code clone visualizations: A controlled study using eye tracking 对代码克隆可视化的理解:一项使用眼动追踪的对照研究
2015 IEEE 15th International Working Conference on Source Code Analysis and Manipulation (SCAM) Pub Date : 2015-11-23 DOI: 10.1109/SCAM.2015.7335412
Md. Sami Uddin, Varun Gaur, C. Gutwin, C. Roy
{"title":"On the comprehension of code clone visualizations: A controlled study using eye tracking","authors":"Md. Sami Uddin, Varun Gaur, C. Gutwin, C. Roy","doi":"10.1109/SCAM.2015.7335412","DOIUrl":"https://doi.org/10.1109/SCAM.2015.7335412","url":null,"abstract":"Code clone visualizations (CCVs) are graphical representations of clone detection results provided by various state-of-the-art command line and graphical analysis tools. In order to properly analyze and manipulate code clones within a target system, these visualizations must be easily and efficiently comprehensible. We conducted an eye-tracking study with 20 participants (expert, intermediate, and novice) to assess how well people can comprehend visualizations such as Scatter plots, Treemaps, and Hierarchical Dependency Graphs provided by VisCad, a recent clone visualization tool. The goals of the study were to find out what elements of the visualizations (e.g., colors, shapes, object positions) are most important for comprehension, and to identify common usage patterns for different groups. Our results help us understand how developers with different levels of expertise explore and navigate through the visualizations while performing specific tasks. Distinctive patterns of eye movements for different visualizations were found depending on the expertise of the participants. Color, shape and position information were found to play vital roles in comprehension of CCVs. Our results provide recommendations that can improve the implementation of visualization techniques in VisCad and other clone visualization systems.","PeriodicalId":192232,"journal":{"name":"2015 IEEE 15th International Working Conference on Source Code Analysis and Manipulation (SCAM)","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-11-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115138586","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
Improving prioritization of software weaknesses using security models with AVUS 使用带有AVUS的安全模型改进软件弱点的优先级
2015 IEEE 15th International Working Conference on Source Code Analysis and Manipulation (SCAM) Pub Date : 2015-09-01 DOI: 10.1109/SCAM.2015.7335423
Stephan Renatus, Corrie Bartelheimer, Jörn Eichler
{"title":"Improving prioritization of software weaknesses using security models with AVUS","authors":"Stephan Renatus, Corrie Bartelheimer, Jörn Eichler","doi":"10.1109/SCAM.2015.7335423","DOIUrl":"https://doi.org/10.1109/SCAM.2015.7335423","url":null,"abstract":"Testing tools for application security have become an integral part of secure development life-cycles. Despite their ability to spot important software weaknesses, the high number of findings require rigorous prioritization. Most testing tools provide generic ratings to support prioritization. Unfortunately, ratings from established tools lack context information especially with regard to the security requirements of respective components or source code. Thus experts often spend a great deal of time re-assessing the prioritization provided by these tools. This paper introduces our lightweight tool AVUS that adjusts context-free ratings of software weaknesses according to a user-defined security model. We also present a first evaluation applying AVUS to a well-known open source project and the findings of a popular, commercially available application security testing tool.","PeriodicalId":192232,"journal":{"name":"2015 IEEE 15th International Working Conference on Source Code Analysis and Manipulation (SCAM)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129756557","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信