Abstract
AbstractLack of experience, inadequate documentation, and sub-optimal API design frequently cause developers to make mistakes when re-using third-party implementations. Such API misuses can result in unintended behavior, performance losses, or software crashes. Therefore, current research aims to automatically detect such misuses by comparing the way a developer used an API to previously inferred patterns of the correct API usage. While research has made significant progress, these techniques have not yet been adopted in practice. In part, this is due to the lack of a process capable of seamlessly integrating with software development processes. Particularly, existing approaches do not consider how to collect relevant source code samples from which to infer patterns. In fact, an inadequate collection can cause API usage pattern miners to infer irrelevant patterns which leads to false alarms instead of finding true API misuses. In this paper, we target this problem (a) by providing a method that increases the likelihood of finding relevant and true-positive patterns concerning a given set of code changes and agnostic to a concrete static, intra-procedural mining technique and (b) by introducing a concept for just-in-time API misuse detection which analyzes changes at the time of commit. Particularly, we introduce different, lightweight code search and filtering strategies and evaluate them on two real-world API misuse datasets to determine their usefulness in finding relevant intra-procedural API usage patterns. Our main results are (1) commit-based search with subsequent filtering effectively decreases the amount of code to be analyzed, (2) in particular method-level filtering is superior to file-level filtering, (3) project-internal and project-external code search find solutions for different types of misuses and thus are complementary, (4) incorporating prior knowledge of the misused API into the search has a negligible effect.
Funder
Otto-von-Guericke-Universität Magdeburg
Publisher
Springer Science and Business Media LLC
Reference93 articles.
1. Agrawal, A., Menzies, T.: Is ”Better Data” Better Than ”Better Data Miners”?: On the Benefits of Tuning SMOTE for Defect Prediction. In: Proceedings of the 40th International Conference on Software Engineering (ICSE), ACM, New York, NY, USA, pp. 1050–1061 (2018). https://doi.org/10.1145/3180155.3180197
2. Agrawal, R., Imieliński, T., Swami, A.: Mining association rules between sets of items in large databases. SIGMOD Rec. 22(2), 207–216 (1993). https://doi.org/10.1145/170036.170072
3. Allamanis, M., Sutton, C.: Mining Idioms from Source Code. In: Proceedings of the 22nd International Symposium on the Foundation of Software Engineering (FSE), ACM, New York, NY, USA, pp. 472–483 (2014). https://doi.org/10.1145/2635868.2635901
4. Amann, S.: A Systematic Approach to Benchmark and Improve Automated Static Detection of Java-API Misuses. PhD thesis, Technische Universität Darmstadt (2018). URL http://tubiblio.ulb.tu-darmstadt.de/106302/
5. Amann, S., Nadi, S., Nguyen, H.A., Nguyen, T.N., Mezini, M.: MUBench: A Benchmark for API-misuse Detectors. In: Proceedings of the 13th International Working in Mining Software Repositories (MSR), ACM, New York, NY, USA, pp. 464–467 (2016). https://doi.org/10.1145/2901739.2903506
Cited by
9 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
1. API Misuse Detection via Probabilistic Graphical Model;Proceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis;2024-09-11
2. Streamlining Java Programming: Uncovering Well-Formed Idioms with IdioMine;Proceedings of the IEEE/ACM 46th International Conference on Software Engineering;2024-04-12
3. API usage templates via structural generalization;Journal of Systems and Software;2024-04
4. Demystifying API misuses in deep learning applications;Empirical Software Engineering;2024-02-16
5. Mining Resource-Operation Knowledge to Support Resource Leak Detection;Proceedings of the 31st ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering;2023-11-30