发布求助
文献互助 智能选刊 最新文献

2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER)最新文献

筛选
英文 中文
ExcePy: A Python Benchmark for Bugs with Python Built-in Types 例外:Python内置类型bug的Python基准测试
2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER) Pub Date : 2022-03-01 DOI: 10.1109/saner53432.2022.00104
Xin Zhang, Rongjie Yan, Jiwei Yan, Baoquan Cui, Jun Yan, Jian Zhang
{"title":"ExcePy: A Python Benchmark for Bugs with Python Built-in Types","authors":"Xin Zhang, Rongjie Yan, Jiwei Yan, Baoquan Cui, Jun Yan, Jian Zhang","doi":"10.1109/saner53432.2022.00104","DOIUrl":"https://doi.org/10.1109/saner53432.2022.00104","url":null,"abstract":"As bugs of Python built-in types can cause code crashes, detecting them is critical to the robustness of the software. Researchers have concluded plenty of patterns for the bug causes and applied these patterns in detection tools. But these tools are only evaluated on handcrafted bugs or bugs obtained from QA pages. Because such bugs cannot reflect the complex code structures and various bug types encountered in real-world projects, the evaluation result is untrustworthy when applied to these projects. As a result, a collection of real-world reproducible bugs is essential for tool evaluation and future bug-related research. In this paper, we propose ExcePy, a benchmark for providing bugs of Python built-in types. We collect 180 bugs from the evolution of 15 real-world open-source Python projects on GitHub and then manually build test scripts for bug reproduction. Meanwhile, to improve tool evaluation efficiency, we present a code pruning strategy that can minimize buggy code size while retaining bug reproducibility and apply it to ExcePy to provide simplified buggy code. To demonstrate the benefits of ExcePy, we use three static analyzers and two fuzzers to detect bugs collected in ExcePy. We found that simplified code can significantly reduce running time and avoid many tool crashes, and bugs supplied by ExcePy can reveal limitations of existing tools in reporting real-world bugs.","PeriodicalId":437520,"journal":{"name":"2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER)","volume":"61 4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117224115","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
SANER: History SANER 2022
2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER) Pub Date : 2022-03-01 DOI: 10.1109/saner53432.2022.00005
{"title":"SANER: History SANER 2022","authors":"","doi":"10.1109/saner53432.2022.00005","DOIUrl":"https://doi.org/10.1109/saner53432.2022.00005","url":null,"abstract":"","PeriodicalId":437520,"journal":{"name":"2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER)","volume":"57 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125145913","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Bunk8s: Enabling Easy Integration Testing of Microservices in Kubernetes Bunk8s:在Kubernetes中实现微服务的轻松集成测试
2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER) Pub Date : 2022-03-01 DOI: 10.48550/arXiv.2207.06811
Christoph Reile, Mohak Chadha, Valentin Hauner, Anshul Jindal, Benjamin Hofmann, M. Gerndt
{"title":"Bunk8s: Enabling Easy Integration Testing of Microservices in Kubernetes","authors":"Christoph Reile, Mohak Chadha, Valentin Hauner, Anshul Jindal, Benjamin Hofmann, M. Gerndt","doi":"10.48550/arXiv.2207.06811","DOIUrl":"https://doi.org/10.48550/arXiv.2207.06811","url":null,"abstract":"Microservice architecture is the common choice for cloud applications these days since each individual microservice can be independently modified, replaced, and scaled. However, the complexity of microservice applications requires automated testing with a focus on the interactions between the services. While this is achievable with end-to-end tests, they are error-prone, brittle, expensive to write, time-consuming to run, and require the entire application to be deployed. Integration tests are an alternative to end-to-end tests since they have a smaller test scope and require the deployment of a significantly fewer number of services. The de-facto standard for deploying microservice applications in the cloud is containers with Kubernetes being the most widely used container orchestration platform. To support the integration testing of microservices in Kubernetes, several tools such as Octopus, Istio, and Jenkins exist. However, each of these tools either lack crucial functionality or lead to a substantial increase in the complexity and growth of the tool landscape when introduced into a project. To this end, we present Bunk8s, a tool for integration testing of microservice applications in Kubernetes that overcomes the limitations of these existing tools. Bunk8s is independent of the test framework used for writing integration tests, independent of the used CI/CD infrastructure, and supports test result publishing. A video demonstrating the functioning of our tool is available from https://www.youtube.com/watch?v=e8wbS25O4Bo.","PeriodicalId":437520,"journal":{"name":"2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER)","volume":"113 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125572646","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Towards using focus groups to identify software developer's interests regarding their development process 朝着使用焦点小组来确定软件开发人员对其开发过程的兴趣
2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER) Pub Date : 2022-03-01 DOI: 10.1109/saner53432.2022.00151
L. Kurnatowski, A. Meinecke, Adriana Rieger
{"title":"Towards using focus groups to identify software developer's interests regarding their development process","authors":"L. Kurnatowski, A. Meinecke, Adriana Rieger","doi":"10.1109/saner53432.2022.00151","DOIUrl":"https://doi.org/10.1109/saner53432.2022.00151","url":null,"abstract":"The assurance of quality, reliability, and trustwor-thiness of software systems is a basic requirement in software development. Therefore, it is necessary to have a comprehension and detailed understanding of a software project. To make the understanding of a complex software system more accessible, a set of tools that analyze and visualize complex software systems could be introduced. Such a software analysis and visualization tool has to meet challenging requirements to be suited for the specific needs of users. To fulfill these requirements and to provide an intuitive way to understand the software projects with visual analysis, we use the human-oriented method of focus groups. We developed a design for focus groups to identify topics of interest regarding the analysis of software development processes. To test and improve our focus group design we conducted a pilot study with research software developers.","PeriodicalId":437520,"journal":{"name":"2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131384657","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Detect, Fix, and Verify TensorFlow API Misuses 检测,修复和验证TensorFlow API误用
2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER) Pub Date : 2022-03-01 DOI: 10.1109/saner53432.2022.00110
Wilson Baker, Michael O'Connor, Seyed Reza Shahamiri, Valerio Terragni
{"title":"Detect, Fix, and Verify TensorFlow API Misuses","authors":"Wilson Baker, Michael O'Connor, Seyed Reza Shahamiri, Valerio Terragni","doi":"10.1109/saner53432.2022.00110","DOIUrl":"https://doi.org/10.1109/saner53432.2022.00110","url":null,"abstract":"The growing application of DL makes detecting and fixing defective DL programs of paramount importance. Recent studies on DL defects report that TensorFlow API misuses represent a common class of DL defects. However to effectively detect, fix, and verify them remains an understudied problem. This paper presents the TensorFlow API misuses Detector And Fixer (TADAF) technique, which relies on 11 common API misuses patterns and corresponding fixes that we extracted from StackOverftow. TADAF statically analyses a TensorFlow program for identifying matches of any of the 11 patterns. If it finds a match, it automatically generates a fixed version of the program. To verify that the misuse brings a tangible negative effect, TADAF reports functional, accuracy, or efficiency differences when training and testing (with the same data) the original and fixed versions of the program. Our preliminary evaluation on five GitHub projects shows that TADAF detected and fixed all the API misuses.","PeriodicalId":437520,"journal":{"name":"2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER)","volume":"183 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131609866","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
An Exploratory Study on Self-Fixed Software Vulnerabilities in OSS Projects OSS项目中自修复软件漏洞的探索性研究
2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER) Pub Date : 2022-03-01 DOI: 10.1109/saner53432.2022.00023
S. Forootani, Andrea Di Sorbo, C. A. Visaggio
{"title":"An Exploratory Study on Self-Fixed Software Vulnerabilities in OSS Projects","authors":"S. Forootani, Andrea Di Sorbo, C. A. Visaggio","doi":"10.1109/saner53432.2022.00023","DOIUrl":"https://doi.org/10.1109/saner53432.2022.00023","url":null,"abstract":"Remediation to a software vulnerability can be accomplished either by the developer who introduced it or by a different one. In this context, we refer to a self-fixed vulnerability when the fixing is carried out by the developer who introduced it. Previous research demonstrated that a developer who introduces a bug is also the best candidate to fix it. However, as vulnerabilities conceptually differ from non-security bugs and specific skills and knowledge are required for solving them, it is unclear if the previous finding also applies to vulnerabilities or specific vulnerability types. To fill this gap, in this paper, we investigate the diffusion of self-fixed vulnerabilities within software projects, the types of vulnerabilities that are more prone to self-fixing, and the time required to solve self-fixed vulnerabilities compared to non-self-fixed ones. Specifically, we analyzed 1,752 commits related to C and PHP open-source projects aimed at fixing (or self-fixing) vulnerabilities spanning 17 different types of software weaknesses. The results of our study show that 20.55% of the considered vulnerabilities in C projects and 36.46% of the considered vulnerabilities in PHP projects are self-fixed. In addition, the average remediation time of self-fixed vulnerabilities is generally shorter than non-self-fixed ones. In particular, in C projects, self-fixed integer overflow vulnerabilities are patched about 5 times shorter than non-self-fixed ones, while vulnerabilities related to improper calculation or conversion of numbers are generally fixed faster by other developers. Similarly, in PHP projects, CSRF vulnerabilities tend to be patched in a shorter time when they are self-fixed, while unauthorized access vulnerabilities are likely repaired faster by other developers. Our results can help both researchers and practitioners identifying the best candidates to solve specific vulnerability bugs.","PeriodicalId":437520,"journal":{"name":"2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER)","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115110176","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Crème de la crème. Investigating Metadata and Survivability of Top Android Apps cri<e:1> de la cri<e:1>。调查顶级Android应用的元数据和生存能力
2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER) Pub Date : 2022-03-01 DOI: 10.1109/saner53432.2022.00064
Anamaria Mojica-Hanke, Laura Bello-Jiménez, Camilo Escobar-Velásquez, M. Linares-Vásquez
{"title":"Crème de la crème. Investigating Metadata and Survivability of Top Android Apps","authors":"Anamaria Mojica-Hanke, Laura Bello-Jiménez, Camilo Escobar-Velásquez, M. Linares-Vásquez","doi":"10.1109/saner53432.2022.00064","DOIUrl":"https://doi.org/10.1109/saner53432.2022.00064","url":null,"abstract":"Mobile apps are distributed via online markets allowing practitioners to reach users worldwide; on the other side, users select what apps are more suitable for their preferences from a large set of apps offering similar features and capabilities. To facilitate that selection process, the distribution markets have different mechanisms, such as comments, ratings, and top-listed apps, including a curated list. As it is well known, apps stores metadata can provide insights for new, popular features or fixing existing bugs, as reported in previous works. However, to the best of our knowledge, app store data have not been used to identify possible predominant characteristics of successful apps using as a reference the aforementioned top lists. Thus, in this paper, we present a study that analyzes the metadata of apps belonging to Google Play top lists during 30 weeks in 4 countries to distill features of successful apps. Unfortunately, our results suggest that apps store metadata from top list apps do not provide enough information to identify those features.","PeriodicalId":437520,"journal":{"name":"2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER)","volume":"38 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123309557","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Hits and Misses: Newcomers' ability to identify Skills needed for OSS tasks 成功与失败:新人识别OSS任务所需技能的能力
2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER) Pub Date : 2022-03-01 DOI: 10.1109/saner53432.2022.00032
Ítalo Santos, I. Wiese, Igor Steinmacher, A. Sarma, M. Gerosa
{"title":"Hits and Misses: Newcomers' ability to identify Skills needed for OSS tasks","authors":"Ítalo Santos, I. Wiese, Igor Steinmacher, A. Sarma, M. Gerosa","doi":"10.1109/saner53432.2022.00032","DOIUrl":"https://doi.org/10.1109/saner53432.2022.00032","url":null,"abstract":"Participation in Open Source Software (OSS) projects offers real software development experience for students and other newcomers seeking to develop their skills. However, onboarding to an OSS project brings various challenges, including finding a suitable task among various open issues. Selecting an appropriate starter task requires newcomers to identify the skills needed to solve a project issue and avoiding tasks too far from their skill set. However, little is known about how effective newcomers are in identifying the skills needed to resolve an issue. We asked 154 undergrad students to evaluate issues from OSS projects and infer the skills needed to contribute. Students reported a total of 94 skills, which we classified into 10 categories. We compared the students' answers to those collected from 6 professional developers. In general, students misidentified and missed several skills (f-measure=0.37). Students had results closer to professional developers for skills related to database, operating infrastructure, programming concepts, and programming language, and they had worse results in identifying skills related to debugging and program comprehension. Our results can help educators who seek to use OSS as part of their courses and OSS communities that want to label newcomer-friendly issues to facilitate onboarding of new contributors.","PeriodicalId":437520,"journal":{"name":"2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER)","volume":"139 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127535564","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Knowledge Management Challenges for AI Quality 人工智能质量面临的知识管理挑战
2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER) Pub Date : 2022-03-01 DOI: 10.1109/saner53432.2022.00156
Xiaozhou Li, Sergio Moreschini, Aleksandra Filatova, D. Taibi
{"title":"Knowledge Management Challenges for AI Quality","authors":"Xiaozhou Li, Sergio Moreschini, Aleksandra Filatova, D. Taibi","doi":"10.1109/saner53432.2022.00156","DOIUrl":"https://doi.org/10.1109/saner53432.2022.00156","url":null,"abstract":"Developing an AI-based system is uniquely challenging as it requires knowledge across multiple domains. Though the project team is required to be versatile, it is possible that their repertoire cannot cover all of the requirements of the system, which results in damage to the software quality. Therefore, it is critical to have an effective team knowledge management (KM) strategy to detect the valuable “unknown”, optimize the “known” task assignment, and enlarge the team knowledge base. Moreover, it is more effective to support the process with data-driven approaches.","PeriodicalId":437520,"journal":{"name":"2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER)","volume":"PP 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126431052","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
A Lightweight Approach of Human-Like Playtest for Android Apps Android应用类人游戏测试的轻量级方法
2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER) Pub Date : 2022-03-01 DOI: 10.1109/saner53432.2022.00047
Yan Zhao, Enyi Tang, Haipeng Cai, Xi Guo, Xiaoyin Wang, Na Meng
{"title":"A Lightweight Approach of Human-Like Playtest for Android Apps","authors":"Yan Zhao, Enyi Tang, Haipeng Cai, Xi Guo, Xiaoyin Wang, Na Meng","doi":"10.1109/saner53432.2022.00047","DOIUrl":"https://doi.org/10.1109/saner53432.2022.00047","url":null,"abstract":"A play test is the process in which testers play video games for software quality assurance. Manual testing is expensive and time-consuming, especially when there are many mobile games to test and every game version requires extensive testing. Current testing frameworks (e.g., Android Monkey) are limited as they adopt no domain knowledge to play games. Learning-based tools (e.g., Wuji) require tremendous manual effort and ML expertise of developers. This paper presents LIT-a lightweight approach to generalize play test tactics from manual testing, and to adopt the tactics for automatic testing. Lit has two phases: tactic generalization and tactic concretization. In Phase I, when a human tester plays an Android game $G$ for a while (e.g., eight minutes), Lit records the tester's inputs and related scenes. Based on the collected data, Lit infers a set of context-aware, abstract play test tactics that describe under what circumstances, what actions can be taken. In Phase II, LIttests $G$ based on the generalized tactics. Namely, given a randomly generated game scene, Lit tentatively matches that scene with the abstract context of any inferred tactic; if the match succeeds, Lit customizes the tactic to generate an action for playtest. Our evaluation with nine games shows Lit to outperform two state-of-the-art tools and a reinforcement learning (RL)-based tool, by covering more code and triggering more errors. Lit complements existing tools and helps developers test various casual games (e.g., match3, shooting, and puzzles).","PeriodicalId":437520,"journal":{"name":"2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER)","volume":"43 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125901289","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信