Yepang Liu, Jue Wang, Lili Wei, Chang Xu, Shing-Chi Cheung, Tianyong Wu, Jun Yan, Jian Zhang. DroidLeaks: a comprehensive database of resource leaks in Android apps. In Empirical Software Engineering 2019.
@article{DBLP:journals/ese/LiuWWXCWYZ19,
author = {Yepang Liu and
Jue Wang and
Lili Wei and
Chang Xu and
Shing{-}Chi Cheung and
Tianyong Wu and
Jun Yan and
Jian Zhang},
title = {DroidLeaks: a comprehensive database of resource leaks in Android
apps},
journal = {Empirical Software Engineering},
volume = {24},
number = {6},
pages = {3435--3483},
year = {2019},
url = {https://doi.org/10.1007/s10664-019-09715-8},
doi = {10.1007/s10664-019-09715-8},
timestamp = {Thu, 19 Dec 2019 09:26:48 +0100},
biburl = {https://dblp.org/rec/bib/journals/ese/LiuWWXCWYZ19},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
Abstract
Resource leaks in Android apps are pervasive. They can cause serious performance degradation and system crashes. In recent years, many resource leak detection techniques have been proposed to help Android developers correctly manage system resources. Yet, there exist no common databases of real-world bugs for effectively comparing such techniques to understand their strengths and limitations. This paper describes our effort towards constructing such a bug database named DROIDLEAKS. To extract real resource leak bugs, we mined 124,215 code revisions of 34 popular open-source Android apps. After automated filtering and manual validation, we successfully found 292 fixed resource leak bugs, which cover a diverse set of resource classes, from 32 analyzed apps. To understand these bugs, we conducted an empirical study, which revealed the characteristics of resource leaks in Android apps and common patterns of resource management mistakes made by developers. To further demonstrate the usefulness of our work, we evaluated eight resource leak detectors from both academia and industry on DROIDLEAKS and performed a detailed analysis of their performance. We release DROIDLEAKS for public access to support future research.
IoT-J 2019
Yuxia Sun, Song Guo, Shing-Chi Cheung, Yong Tang. Analyzing and Disentangling Interleaved Interrupt-Driven IoT Programs. In IEEE Internet of Things Journal 2019.
@article{DBLP:journals/iotj/SunGCT19,
author = {Yuxia Sun and
Song Guo and
Shing{-}Chi Cheung and
Yong Tang},
title = {Analyzing and Disentangling Interleaved Interrupt-Driven IoT Programs},
journal = {{IEEE} Internet of Things Journal},
volume = {6},
number = {3},
pages = {5376--5386},
year = {2019},
url = {https://doi.org/10.1109/JIOT.2019.2900769},
doi = {10.1109/JIOT.2019.2900769},
timestamp = {Fri, 05 Jul 2019 09:39:40 +0200},
biburl = {https://dblp.org/rec/bib/journals/iotj/SunGCT19},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
Abstract
In the Internet of Things (IoT) community, wireless sensor network (WSN) is a key technique to enable ubiquitous sensing of environments and provide reliable services to applications. WSN programs, typically interrupt-driven, implement the functionalities via the collaboration of interrupt procedure instances (IPIs, namely executions of interrupt processing logic). However, due to the complicated concurrency model of WSN programs, the IPIs are interleaved intricately and the program behaviors are hard to predicate from the source codes. Thus, to improve the software quality of WSN programs, it is significant to disentangle the interleaved executions and develop various IPI-based program analysis techniques, including offline and online ones. As the common foundation of those techniques, a generic efficient and real-time algorithm to identify IPIs is urgently desired. However, the existing instance-identification approach cannot satisfy the desires. In this paper, we first formally define the concept of IPI. Next, we propose a generic IPI-identification algorithm, and prove its correctness, real-time, and efficiency. We also conduct comparison experiments to illustrate that our algorithm is more efficient than the existing one in terms of both time and space. As the theoretical analyses and empirical studies exhibit, our algorithm provides the groundwork for IPI-based analyses of WSN programs in IoT environment.
IoT-J 2019
Yuxia Sun, Shing-Chi Cheung, Song Guo, Ming Cheng. Disclosing and Locating Concurrency Bugs of Interrupt-Driven IoT Programs. In IEEE Internet of Things Journal 2019.
@article{DBLP:journals/iotj/SunCGC19,
author = {Yuxia Sun and
Shing{-}Chi Cheung and
Song Guo and
Ming Cheng},
title = {Disclosing and Locating Concurrency Bugs of Interrupt-Driven IoT Programs},
journal = {{IEEE} Internet of Things Journal},
volume = {6},
number = {5},
pages = {8945--8957},
year = {2019},
url = {https://doi.org/10.1109/JIOT.2019.2925291},
doi = {10.1109/JIOT.2019.2925291},
timestamp = {Thu, 07 Nov 2019 09:19:37 +0100},
biburl = {https://dblp.org/rec/bib/journals/iotj/SunCGC19},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
Abstract
The Internet of Things (IoT) is envisioned as a distributed network formed by many end devices, e.g., the motes of wireless sensor network (WSN). These important IoT end devices enable ubiquitous sensing of environments and provide reliable services for mission-critical applications. However, programs running on WSN devices are typically interrupt-driven and prone to interrupt-induced concurrency bugs, which are primarily caused by erroneous interleavings among interrupt procedure instances (IPIs) (namely, executions of interrupt processing logic). In this paper, we use a set of dynamic bug patterns to characterize the concurrency bugs due to buggy access-interleavings among IPIs to shared resources, including shared memory locations and shared communication channels. By matching the above bug patterns, a dynamic analysis approach called disclosing and locating concurrency bugs of interrupt-driven IoT programs based on dynamic bug patterns (Daemon) is proposed to automatically detect and locate concurrency bugs in WSN programs. A GUI tool of Daemon is developed. As the empirical studies exhibit, the tool can discover concurrency bugs effectively and locate the buggy source lines visually.
JSS 2019
Weiqiang Zhang, Shing-Chi Cheung, Zhenyu Chen, Yuming Zhou, Bin Luo. File-level socio-technical congruence and its relationship with bug proneness in OSS projects. In Journal of Systems and Software 156: 21-40 (2019).
@article{DBLP:journals/jss/ZhangCCZL19,
author = {Weiqiang Zhang and
Shing{-}Chi Cheung and
Zhenyu Chen and
Yuming Zhou and
Bin Luo},
title = {File-level socio-technical congruence and its relationship with bug
proneness in {OSS} projects},
journal = {Journal of Systems and Software},
volume = {156},
pages = {21--40},
year = {2019},
url = {https://doi.org/10.1016/j.jss.2019.05.030},
doi = {10.1016/j.jss.2019.05.030},
timestamp = {Thu, 05 Sep 2019 19:41:26 +0200},
biburl = {https://dblp.org/rec/bib/journals/jss/ZhangCCZL19},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
Abstract
Coordination is important in software development. Socio-Technical Congruence (STC) is proposed to measure the match between coordination requirements and actual coordination activities. The previous work of Cataldo et al. computes STC in commercial projects and finds it related to software failures. In this paper, we study the relationship between file-level STC and bug proneness in Open Source Software (OSS) projects. We apply the fundamental STC framework to the OSS data setting and present a method of computing file-level STC based on our available data. We also propose a derivative STC metric called Missing Developer Links (MDL), which is to measure the amount of coordination breakdowns. In our empirical analysis on five OSS projects, we find that MDL is more related to bug proneness than STC. Furthermore, STC or MDL can be computed based on different types of file networks and developer networks, and we find out the best file network and the best developer network via an empirical study. We also evaluate the usefulness of STC or MDL metrics in bug prediction. This work is promising to help detect coordination issues in OSS projects.
TSE 2020
Ming Wen, Junjie Chen, Yongqiang Tian, Rongxin Wu, Dan Hao, Shi Han, Shing-Chi Cheung. Historical Spectrum based Fault Localization. In Transactions of Software Engineering 2020. To Appear.
@article{WEN_TSE20,
author = {Ming, Wen and Junjie, Chen and Yongqiang, Tian and Rongxin, Wu and Dan, Hao and Shi, Han and Shing-Chi, Cheung},
title = {Historical Spectrum based Fault Localization},
journal = {IEEE Transactions on Software Engineering (TSE)},
year = {2020}
}
Abstract
Spectrum-based fault localization (SBFL) techniques are widely studied and have been evaluated to be effective in locating faults. Recent studies also showed that developers from industry value automated SBFL techniques. However, their effectiveness is still limited by two main reasons. First, the test coverage information leveraged to construct the spectrum does not reflect the root cause directly. Second, SBFL suffers from the tie issue so that the buggy code entities can not be well differentiated from non-buggy ones. To address these challenges, we propose to leverage the information of version histories in fault localization based on the following two intuitions. First, version histories record how bugs are introduced to software projects and this information reflects the root cause of bugs directly. Second, the evolution histories of code can help differentiate those suspicious code entities ranked in tie by SBFL. Our intuitions are also inspired by the observations on debugging practices from large open source projects and industry.
Based on the intuitions, we propose a novel technique HSFL (historical spectrum based fault localization). Specifically, HSFL identifies bug-inducing commits from the version history in the first step. It then constructs historical spectrum (denoted as Histrum) based on bug-inducing commits, which is another dimension of spectrum orthogonal to the coverage based spectrum used in SBFL. HSFL finally ranks the suspicious code elements based on our proposed Histrum and the conventional spectrum. HSFL outperforms the state-of-the-art SBFL techniques significantly on the Defects4J benchmark. Specifically, it locates and ranks the buggy statement at Top-1 for 77.8% more bugs as compared with SBFL, and 33.9% more bugs at Top-5. Besides, for the metrics MAP and MRR, HSFL achieves an average improvement of 28.3% and 40.8% over all bugs, respectively. Moreover, HSFL can also outperform other six families of fault localization techniques, and our proposed Histrum model can be integrated with different families of techniques and boost their performance.
ESEC/FSE 2019
Ming Wen, Rongxin Wu, Yepang Liu, Yongqiang Tian, Xuan Xie, Shing-Chi Cheung, Zhendong Su. Exploring and Exploiting the Correlations between Bug-Inducing and Bug-Fixing Commits. In The ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering 2019, Technical Research Paper, Tallinn, Estonia. To Appear.
@inproceedings{wen2019exploring,
title={Exploring and Exploiting the Correlations between Bug-Inducing and Bug-Fixing Commits.},
author={Wen, Ming and Wu, Rongxin and Liu, Yepang and Tian, Yongqiang and Xie, Xuan and Cheung, Shing-Chi and Su, Zhendong},
booktitle={Proceedings of the 2019 27th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering},
to appear,
year={2019},
organization={ACM}
}
Abstract
Bug-inducing commits provide important information to understand when and how bugs were introduced.
Therefore, they have been extensively investigated by existing studies and frequently leveraged to facilitate bug fixings in industrial practices.
Due to the importance of bug-inducing commits in software debugging,
we are motivated to conduct the first systematic empirical study to explore the correlations between bug-inducing and bug-fixing commits in terms of code elements and modifications.
To facilitate the study, we collected the inducing and fixing commits for 333 bugs from seven large open-source projects.
The empirical findings reveal important and significant correlations between a bug's inducing and fixing commits.
We further exploit the usefulness of such correlation findings from two aspects.
First, they explain why the SZZ algorithm, the most widely-adopted approach to collecting bug-inducing commits, is imprecise.
In view of SZZ's imprecision, we revisited the findings of previous studies based on SZZ,
and found that 8 out of 10 previous findings are significantly affected by SZZ's imprecision.
Second, they shed lights on the design of automated debugging techniques.
For demonstration, we designed approaches that exploit the correlations with respect to statements and change actions.
Our experiments on \textsc{Defects4J} show that our approaches can boost the performance of fault localization significantly and also advance existing APR techniques.
ICSE 2019
Ying Wang, Ming Wen, Rongxin Wu, Zhenwei Liu, Shin Hwei Tan, Zhiliang Zhu, Hai Yu, Shing-Chi Cheung. Could I Have a Stack Trace to Examine the Dependency Conflict Issue? In International Conference on Software Engineering 2019, Technical Research Paper, Montréal, QC, Canada, 25 May - 31 May.
@inproceedings {WANG2019STACK,
title = {{Could I Have a Stack Trace to Examine the Dependency Conflict Issue?}},
author = {Ying, Wang and Ming, Wen and Rongxin, Wu and Zhenwei, Liu and Shin Hwei, Tan and Zhiliang, Zhu and Hai, Yu and Shing-Chi, Cheung},
booktitle = {{Proceedings of the 41th International Conference on Software Engineering}},
series = {ICSE 2019},
year = {2019},
}
Abstract
Intensive use of libraries in Java projects brings potential risk of dependency conflicts, which occur when a project directly or indirectly depends on multiple versions of the same library or class. When this happens, JVM loads one version and shadows the others. Runtime exceptions can occur when methods in the shadowed versions are referenced. Although project management tools such as Maven are able to give warnings of potential dependency conflicts when a project is built, developers often ask for crashing stack traces before examining these warnings. It motivates us to develop RIDDLE, an automated approach that generates tests and collects crashing stack traces for projects subject to risk of dependency conflicts. RIDDLE, built on top of ASM and EVOSUITE, combines condition mutation, search strategies and condition restoration. We applied RIDDLE on 19 real-world Java projects with duplicate libraries or classes. We reported 20 identified dependency conflicts including their induced crashing stack traces and the details of generated tests. Among them, 15 conflicts were confirmed by developers as real issues, and 10 were readily fixed. The evaluation results demonstrate the effectiveness and usefulness of RIDDLE.
ICSE 2019
Ming Wen, Yepang Liu, Rongxin Wu, Xuan Xie, Shing-Chi Cheung, Zhendong Su. Exposing Library API Misuses via Mutation Analysis. In International Conference on Software Engineering 2019, Technical Research Paper, Montréal, QC, Canada, 25 May - 31 May.
@inproceedings {WEN2019API,
title = {{Exposing Library API Misuses via Mutation Analysis}},
author = {Ming, Wen and Yepang, Liu and Rongxin, Wu and Xuan, Xie and Shing-Chi, Cheung and Zhendong, Su},
booktitle = {{Proceedings of the 41th International Conference on Software Engineering}},
series = {ICSE 2019},
year = {2019},
}
Abstract
Misuses of library APIs are pervasive and often lead to software crashes and vulnerability issues. Various static analysis tools have been proposed to detect library API misuses. They often involve mining frequent patterns from a large number of correct API usage examples, which can be hard to obtain in practice. They also suffer from low precision due to an over-simplified assumption that a deviation from frequent usage patterns indicates a misuse.
We make two observations on the discovery of API misuse patterns. First, API misuses can be represented as mutants of the corresponding correct usages. Second, whether a mutant will introduce a misuse can be validated via executing it against a test suite and analyzing the execution information. Based on these observations, we propose MUTAPI, the first approach to discovering API misuse patterns via mutation analysis. To effectively mimic API misuses based on correct usages, we first design eight effective mutation operators inspired by the common characteristics of API misuses. MUTAPI generates mutants by applying these mutation operators on a set of client projects and collects mutant-killing tests as well as the associated stack traces. Misuse patterns are discovered from the killed mutants that are prioritized according to their likelihood of causing API misuses based on the collected information. We applied MUTAPI on 16 client projects with respect to 73 popular Java APIs. The results show that MUTAPI is able to discover substantial API misuse patterns with a high precision of 0.78. It also achieves a recall of 0.49 on the MUBENCH benchmark, which outperforms the state-of-the-art techniques.
ICSE 2019
Lili Wei, Yepang Liu, Shing-Chi Cheung. PIVOT: Learning API-Device Correlations to Facilitate Android Compatibility Issue Detection. In International Conference on Software Engineering 2019, Technical Research Paper, Montréal, QC, Canada, 25 May - 31 May.
@inproceedings {ICSE19Wei,
title = {{PIVOT: Learning API-Device Correlations to Facilitate Android Compatibility Issue Detection}},
author = {Lili Wei and Yepang Liu and Shing-Chi Cheung},
booktitle = {{Proceedings of the 41th International Conference on Software Engineering}, {ICSE 2019}},
year = {2019},
pages = {11}
}
Abstract
The heavily fragmented Android ecosystem has induced various compatibility issues in Android apps. The search space for such fragmentation-induced compatibility issues (FIC issues) is huge, comprising three dimensions: device models, Android OS versions, and Android APIs. FIC issues, especially those arising from device models, evolve quickly with the frequent release of new device models to the market. As a result, an automated technique is desired to maintain timely knowledge of such FIC issues, which are mostly undocumented. In this paper, we propose such a technique, PIVOT, that automatically learns API-device correlations of FIC issues from existing Android apps. PIVOT extracts and prioritizes API-device correlations from a given corpus of Android apps. We evaluated PIVOT with popular Android apps on Google Play. Evaluation results show that PIVOT can effectively prioritize valid API-device correlations for app corpora collected at different time. Leveraging the knowledge in the learned API-device correlations, we further conducted a case study and successfully uncovered ten previously-undetected FIC issues in open-source Android apps.
TSE 2019
Seonah Lee, Rongxin Wu, S.C. Cheung, Sungwon Kang. Automatic Detection and Update Suggestion for Outdated API Names in Documentation. In IEEE Transactions on Software Engineering 2019. To Appear.
@article{lee2019automatic,
title={Automatic Detection and Update Suggestion for Outdated API Names in Documentation},
author={Lee, Seonah and Wu, Rongxin and Cheung, Shing-Chi and Kang, Sungwon},
journal={IEEE Transactions on Software Engineering},
year={2019},
publisher={IEEE}
}
Abstract
Application programming interfaces (APIs) continually evolve to meet ever-changing user needs, and documentation provides an authoritative reference for their usage. However, API documentation is commonly outdated because nearly all of the associated updates are performed manually. Such outdated documentation, especially with regard to API names, causes major software development issues. In this paper, we propose a method for automatically updating outdated API names in API documentation. Our insight is that API updates in documentation can be derived from API implementation changes between code revisions. To evaluate the proposed method, we applied it to four open source projects. Our evaluation results show that our method, FreshDoc, detects outdated API names in API documentation with 48% higher accuracy than the existing state-of-the-art methods do. Moreover, when we checked the updates suggested by FreshDoc against the developers? manual updates in the revised documentation, FreshDoc addressed 82% of the outdated names. When we reported 40 outdated API names found by FreshDoc via issue tracking systems, developers accepted 75% of the suggestions. These evaluation results indicate that FreshDoc can be used as a practical method for the detection and updating of API names in the associated documentation.
TSE 2019
Ming Wen, Rongxin Wu, Shing-Chi Cheung. How Well Do Change Sequences Predict Defects? Sequence Learning from Software Changes. In IEEE Transactions on Software Engineering 2019. To Appear.
author={Ming Wen and Rongxin Wu and Shing-Chi Cheung},
journal={IEEE Transactions on Software Engineering},
title={How Well Do Change Sequences Predict Defects? Sequence Learning from Software Changes},
year={2019},
volume={},
number={},
pages={1-1},
doi={10.1109/TSE.2018.2876256},
ISSN={0098-5589},
month={},}
Abstract
Software defect prediction, which aims to identify defective modules, can assist developers in finding bugs and prioritizing limited quality assurance resources. Various features to build defect prediction models have been proposed and evaluated. Among them, process metrics are one important category. Yet, existing process metrics are mainly encoded manually from change histories and ignore the sequential information arising from the changes during software evolution. Unlike traditional process metrics used for existing defect prediction models, change sequences are mostly vectors of variable length. This makes it difficult to apply such sequences directly in prediction models that are driven by conventional classifiers. To resolve this challenge, we utilize Recurrent Neural Network (RNN), which is a deep learning technique, to encode features from sequence data automatically. In this paper, we propose a novel approach called Fences, which extracts six types of change sequences covering different aspects of software changes via fine-grained change analysis. It approaches defects prediction by mapping it to a sequence labeling problem solvable by RNN. Our evaluations on 10 open source projects show that Fences can predict defects with high performance. Fences also outperforms the state-of-the-art technique which learns semantic features automatically from static code via deep learning.
TSE 2019
Lili Wei, Yepang Liu, Shing-Chi Cheung, Huaxun Huang, Xuan Lu, Xuanzhe Liu. Understanding and Detecting Fragmentation-Induced Compatibility Issues for Android Apps. In IEEE Transactions on Software Engineering 2019. To Appear.
@ARTICLE{8493348,
author={Lili Wei and Yepang Liu and Shing-Chi Cheung and Huaxun Huang and Xuan Lu and Xuanzhe Liu},
journal={IEEE Transactions on Software Engineering},
title={Understanding and Detecting Fragmentation-Induced Compatibility Issues for Android Apps},
year={2019},
volume={},
number={},
pages={1-1},
doi={10.1109/TSE.2018.2876439},
ISSN={0098-5589},
month={},}
Abstract
Android ecosystem is heavily fragmented. The numerous combinations of different device models and operating system versions make it impossible for Android app developers to exhaustively test their apps, and thus various compatibility issues arise. Unfortunately, little is known on the characteristics of such fragmentation-induced compatibility issues. No mature tools exist to help developers quickly diagnose and fix these issues. To bridge the gap, we conducted an empirical study on 220 real-world compatibility issues collected from five popular open-source Android apps. We further interviewed Android practitioners and conducted an online survey to gain insights from real practices. Via the studies, we characterized compatibility issues, investigated common practices to handle compatibility issues, and disclosed that these issues exhibit common patterns. With these findings, we propose a technique, FicFinder, to automatically detect compatibility issues in Android apps. FicFinder performs static code analysis based on a model that captures Android APIs as well as their associated context by which compatibility issues can be triggered. FicFinder reports actionable debugging information to developers when it detects potential issues. We evaluated FicFinder with 53 large-scale open-source Android apps. The results show that FicFinder can precisely detect compatibility issues in these apps and uncover previously-unknown issues.
TSC 2019
Chunyang Ye, Shing-Chi Cheung, W.K. Chan. Sifter: A Service Isolation Strategy for Internet Applications. In IEEE Transactions on Services Computing 2019. To Appear.
@ARTICLE{8493286,
author={C. Ye and Shing-Chi Cheung and W. K. Chan},
journal={IEEE Transactions on Services Computing},
title={Sifter: A Service Isolation Strategy for Internet Applications},
year={2019},
volume={},
number={},
pages={1-1},
month={},}
Abstract
Service oriented architecture (SOA) provides a flexible platform to build collaborative Internet applications by composing existing self-contained and autonomous services. However, the implicit interactions among the concurrently provisioned services may introduce interference to Internet applications and cause them behave abnormally. It is thus desirable to isolate services to safeguard their application consistency. Existing approaches mostly address this problem by restricting concurrent execution of services to avoid all the implicit interactions. These approaches, however, compromise the performance and flexibility of Internet applications due to the long running nature of services. This paper presents Sifter, a new service isolation strategy for Internet applications. We devise in this strategy a novel static approach to analyze the potential implicit interactions among the services and their impacts on the consistency of the associated Internet applications. By locating only those afflicted implicit interactions that may violate the application consistency, a novel approach based on exception handling and behavior constraints is customized to involved services to eliminate their impacts. We show that this approach exempts the consistency property of Internet applications from being interfered at runtime. The experimental results show that our approach has a better performance than existing solutions.
TSE 2018
Ying Wang, Hai Yu, Zhiliang Zhu, Wei Zhang, Yuli Zhao. Automatic Software Refactoring via Weighted Clustering in Method-level Networks. IEEE Transactions on Software Engineering (TSE), Vol. 44, pp. 202-236, Mar 2018.
@article{wang2018automatic,
title={Automatic Software Refactoring via Weighted Clustering in Method-Level Networks},
author={Ying, Wang and Hai, Yu and Zhiliang, Zhu and Wei, Zhang and Yuli, Zhao},
journal={IEEE Transactions on Software Engineering},
volume={44},
number={3},
pages={202--236},
year={2018},
publisher={IEEE}
}
Abstract
In this study, we describe a system-level multiple refactoring algorithm, which can identify the move method, move field, and extract class refactoring opportunities automatically according to the principle of “high cohesion and low coupling.” The algorithm works by merging and splitting related classes to obtain the optimal functionality distribution from the system-level. Furthermore, we present a weighted clustering algorithm for regrouping the entities in a system based on merged method-level networks. Using a series of preprocessing steps and preconditions, the “bad smells” introduced by cohesion and coupling problems can be removed from both the non-inheritance and inheritance hierarchies without changing the code behaviors. We rank the refactoring suggestions based on the anticipated benefits that they bring to the system. Based on comparisons with related research and assessing the refactoring results using quality metrics and empirical evaluation, we show that the proposed approach performs well in different systems and is beneficial from the perspective of the original developers. Finally, an open source tool is implemented to support the proposed approach.
TCAS2 2018
Ying Wang, Zhiliang Zhu, Hai Yu. Risk Analysis on Multi-granular Network for Software Integration Testing. IEEE Transactions on Circuits and Systems II: Express Briefs (TCAS2). Vol. 65, pp. 1059-1063, Aug. 2018.
@article{wang2018risk,
title={Risk Analysis on Multi-Granular Flow Network for Software Integration Testing},
author={Ying, Wang and Zhiliang, Zhu and Hai, Yu and Bo, Yang},
journal={IEEE Transactions on Circuits and Systems II: Express Briefs},
volume={65},
number={8},
pages={1059--1063},
year={2018},
publisher={IEEE}
}
Abstract
This brief presents a model, a methodology, and an application scheme of risk assessment for information exchange system. The multi-granular flow network (MGFN) model serves as a basis for measuring the vulnerabilities and threats of components, and the failure consequences they bring to the system when a failure occurs. The risk factors of components are then quantified, assisted by a probabilistic risk analysis model. Furthermore, we apply the MGFN model and the risk assessment scheme in ordering class integration testing for object-oriented software system. By comparing our approach with the state-of-the-art integration test order algorithms from the perspectives of detection efficiency of severe faults and stubbing efforts, we show that classes with higher risk indexes can be tested in earlier integration steps, and that the total complexity of the established test stubs is minimized.
ESEC/FSE 2018
Mijung Kim, Shing-Chi Cheung, Sunghun Kim. Which Generated Test Failures Are Fault Revealing? Prioritizing Failures Based on Inferred Precondition Violations using PAF. In The ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering, Technical Research Paper, Lake Buena Vista, Florida, 4 Nov - 9 Nov 2018.
@inproceedings{kim2018paf,
title={Which Generated Test Failures Are Fault Revealing? Prioritizing
Failures Based on Inferred Precondition Violations using PAF},
author={Kim, Mijung and Cheung, Shing-Chi and Kim, Sunghun},
booktitle={Proceedings of the 2018 26th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE 2018)},
pages={1--12},
year={2018},
organization={ACM}
}
Abstract
Automated unit testing tools, such as Randoop, have been developed to produce failing tests as means of finding faults. However, these tools often produce false alarms, so are not widely used in practice. The main reason for a false alarm is that the generated failing test violates an implicit precondition of the method under test, such as a field should not be null at the entry of the method. This condition is not explicitly programmed or documented but implicitly assumed
by developers. To address this limitation, we propose a technique called Paf to cluster generated test failures due to the same cause and reorder them based on their likelihood of violating an implicit precondition of the method under test. From various test executions, Paf observes their dataflows to the variables whose values are used when the program fails. Based on the dataflow similarity and where these values are originated, Paf clusters failures and determines
their likelihood of being fault revealing. We integrated Paf into Randoop. Our empirical results on open-source projects show that Paf effectively clusters fault revealing tests arising from the same
fault and successfully prioritizes the fault-revealing ones.
ESEC/FSE 2018
Ying Wang, Ming Wen, Zhenwei Liu, Rongxin Wu, Rui Wang, Bo Yang, Hai Yu, Zhiliang Zhu and Shing-Chi Cheung. Do the Dependency Conflicts in My Project Matter? In The ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering, Technical Research Paper, Lake Buena Vista, Florida, 4 Nov - 9 Nov 2018.
@inproceedings{wang2018conflict,
title={Do the Dependency Conflicts in My Project Matter?},
author={Wang, Ying and Wen, Ming and Liu, Zhenwei and Wu, Rongxin and Wang, Rui and Yang, Bo and Yu, Hai and Zhu, Zhiliang and Cheung, Shing-Chi},
booktitle={Proceedings of the 2018 26th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE 2018)},
pages={1--12},
year={2018},
organization={ACM}
}
Abstract
Intensive dependencies of a Java project on third-party libraries can easily lead to the presence of multiple library or class versions on its classpath. When this happens, JVM will load one version and shadows the others. Dependency conflict (DC) issues occur when the loaded version fails to cover a required feature (e.g., method) referenced by the project, thus causing runtime exceptions. However, the warnings of duplicate classes or libraries detected by existing build tools such as Maven can be benign since not all instances of duplication will induce runtime exceptions, and hence are often ignored by developers. In this paper, we conducted an empirical study on real-world DC issues collected from large open source projects. We studied the manifestation and fixing patterns of DC issues. Based on our findings, we designed Decca, an automated detection tool that assesses DC issues' severity and filters out the benign ones. Our evaluation results on 30 projects show that Decca achieves a precision of 0.923 and recall of 0.766 in detecting high-severity DC issues. Decca also detected new DC issues in these projects. Subsequently, 20 DC bug reports were filed, and 11 of them were confirmed by developers. Issues in 6 reports were fixed with our suggested patches.
ESEC/FSE 2018
Dongjie Chen, Yanyan Jiang, Chang Xu, Xiaoxing Ma, and Jian Lu. Testing Multithreaded Programs via Thread Speed Control. In Proceedings of the 26th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE 2018), Lake Buena Vista, Florida, USA, Nov 2018.
@inproceedings{chen_testing_2018,
author = {Dongjie Chen and Yanyan Jiang and Chang Xu and Xiaoxing Ma and Jian Lu},
title = {Testing multithreaded programs via thread speed control},
pages = {to appear},
year = {2018},
booktitle = {Proceedings of the 26th Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE)},
pdf = {/spar/publication/chen_testing_2018.pdf},
code = {https://midwinter1993.github.io/Schnauzer/},
}
Abstract
Intensive dependencies of a Java project on third-party libraries can easily lead to the presence of multiple library or class versions on its classpath. When this happens, JVM will load one version and shadows the others. Dependency conflict (DC) issues occur when the loaded version fails to cover a required feature (e.g., method) referenced by the project, thus causing runtime exceptions. However, the warnings of duplicate classes or libraries detected by existing build tools such as Maven can be benign since not all instances of duplication will induce runtime exceptions, and hence are often ignored by developers. In this paper, we conducted an empirical study on real-world DC issues collected from large open source projects. We studied the manifestation and fixing patterns of DC issues. Based on our findings, we designed Decca, an automated detection tool that assesses DC issues' severity and filters out the benign ones. Our evaluation results on 30 projects show that Decca achieves a precision of 0.923 and recall of 0.766 in detecting high-severity DC issues. Decca also detected new DC issues in these projects. Subsequently, 20 DC bug reports were filed, and 11 of them were confirmed by developers. Issues in 6 reports were fixed with our suggested patches.
ASE 2018
Yuju Shen, Yanyan Jiang, Chang Xu, Ping Yu, Xiaoxing Ma, and Jian Lu. ReScue: Crafting Regular Expression DoS Attacks. In Proceedings of the 2018 33rd ACM/IEEE International Conference on Automated Software Engineering (ASE '18), September 2018, Montpellier, France.
@inproceedings{shen_rescue_2018,
author = {Yuju Shen and Yanyan Jiang and Chang Xu and Ping Yu and Xiaoxing Ma and Jian Lu},
title = {ReScue: Crafting regular expression DoS attacks},
pages = {to appear},
year = {2018},
booktitle = {Proceedings of the 33rd International Conference on Automated Software Engineering (ASE)},
pdf = {/spar/publication/shen_rescue_2018.pdf},
code = {http://2bdenny.github.io/ReScue/},
}
Abstract
Regular expression (regex) with modern extensions is one of the most popular string processing tools. However, poorly-designed regexes can yield exponentially many matching steps, and lead to regex Denial-of-Service (ReDoS) attacks under well-conceived string inputs. This paper presents ReScue, a three-phase gray-box analytical technique, to automatically generate ReDoS strings to highlight vulnerabilities of given regexes. ReScue systematically seeds (by a genetic search), incubates (by another genetic search), and finally pumps (by a regex-dedicated algorithm) for generat- ing strings with maximized search time. We implemenmted the ReScue tool and evaluated it against 29,088 practical regexes in real-world projects. The evaluation results show that ReScue found 49% more attack strings compared with the best existing technique, and applying ReScue to popular GitHub projects discovered ten previously unknown ReDoS vulnerabilities.
ASE 2018
Huaxun Huang, Lili Wei, Yepang Liu, Shing-Chi Cheung. Understanding and Detecting Callback Compatibility Issues for Android Applications. In Proceedings of the 2018 33rd ACM/IEEE International Conference on Automated Software Engineering (ASE '18), September 2018, Montpellier, France.
@inproceedings {ASE18,
title = {{Understanding and Detecting Callback Compatibility Issues for Android Applications}},
author = {Huaxun Huang, Lili Wei, Yepang Liu, Shing-Chi Cheung},
booktitle = {Proceedings of the 2018 33rd ACM/IEEE International Conference on Automated Software Engineering, {ASE} 2018},
year = {2018},
}
Abstract
The control flows of Android apps are largely driven by the protocols that govern how callback APIs are invoked in response to various event.
When these callback APIs evolve along with the Android framework, the changes in their invocation protocols can induce unexpected control flows to existing Android apps, causing various compatibility issues. We refer to these issues as callback compatibility issues.
While Android framework updates have received due attention, little is known about their impacts on app control flows and the callback compatibility issues thus induced.
To bridge the gap, we examined Android documentations
and conducted an empirical study on 100 real-world callback compatibility issues
to investigate how these issues were induced by callback API evolutions.
Based on our empirical findings, we propose a graph-based model to capture the control flow inconsistencies caused by API evolutions and devise a static analysis technique, CIDER, to detect callback compatibility issues.
Our evaluation of CIDER on 20 popular open-source Android apps shows that CIDER is effective. It detected 13 new callback compatibility issues in these apps, among which 12 issues were confirmed and 9 issues were fixed.
ASE 2018
Jiajun Hu, Lili Wei, Yepang Liu, Shing-Chi Cheung, and Huaxun Huang. A Tale of Two Cities: How WebView Induces Bugs to Android Applications. In Proceedings of 2018 33rd ACM/IEEE International Conference on Automated Software Engineering (ASE'18), September 3-7, 2018, Montpellier, France.
@inproceedings {ASE18Hu,
title = {{A Tale of Two Cities: How WebView Induces Bugs to Android Applications}},
author = {Jiajun Hu, Lili Wei, Yepang Liu, Shing-Chi Cheung, Huaxun Huang},
booktitle = {{Proceedings of the 2018 33rd ACM/IEEE International Conference on Automated Software Engineering (ASE’18)}},
year = {2018},
}
Abstract
WebView is a widely used Android component that augments a native app with web browser capabilities. It eases the interactions between an app’s native code and web code. However, the interaction mechanism of WebView induces new types of bugs in Android apps. Understanding the characteristics and manifestation of these WebView-induced bugs (ωBugs for short) facilitates the correct usages of WebViews in Android apps. This motivates us to conduct the first empirical study on ωBugs based on those found in popular open-source Android apps. Our study identified the major root causes and consequences of ωBugs and made interesting observations that can be leveraged for detecting and diagnosing ωBugs. Based on the empirical study, we further propose an automated testing technique ωDroid to effectively expose ωBugs in Android apps. In our experiments, ωDroid successfully discovered 30 unique and previously-unknown ωBugs when applied to 146 open-source Android apps. We reported the 30 ωBugs to the corresponding app developers. Out of these 30 ωBugs, 14 were confirmed and 7 of them were fixed. This shows that ωDroid can effectively detect ωBugs that are of the developers’ concern.
ISSTA 2018
Yuhao Zhang, Yifan Chen, Shing-Chi Cheung, Yingfei Xiong, Lu Zhang. An Empirical Study on TensorFlow Program Bugs. In International Symposium on Software Testing and Analysis, Amsterdam Netherlands, July 2018.
@inproceedings {ISSTA18,
title = {{An Empirical Study on TensorFlow Program Bugs}},
author = {Yuhao Zhang, Yifan Chen, Shing-Chi Cheung, Yingfei Xiong, Lu Zhang},
booktitle = {{Proceedings of The ACM SIGSOFT International Symposium on Software Testing and Analysis}},
year = {2018},
}
Abstract
Deep learning applications become increasingly popular in important domains such as self-driving systems and facial identity systems. Defective deep learning applications may lead to catastrophic consequences. Although recent research efforts were made on testing and debugging deep learning applications, the characteristics of deep learning defects have never been studied. To fill this gap, we studied deep learning applications built on top of TensorFlow and collected program bugs related to TensorFlow from StackOverflow QA pages and Github projects. We extracted information from QA pages, commit messages, pull request messages, and issue discussions to examine the root causes and symptoms of these bugs. We also studied the strategies deployed by TensorFlow users for bug detection and localization. These findings help researchers and TensorFlow users to gain a better understanding of coding defects in TensorFlow programs and point out a new direction for future research.
ECOOP 2018
Tianxiao Gu, Xiaoxing Ma, Chang Xu, Yanyan Jiang, Chun Cao, and Jian Lu. Automating Object Transformations for Dynamic Software Updating via Online Execution Synthesis. In Proceedings of the 32nd European Conference on Object-Oriented Programming (ECOOP 2018), Article 19, pp. 1-28, Amsterdam, Netherlands, Jul 2018.
@inproceedings{gu_automating_2018,
author = {Tianxiao Gu and Xiaoxing Ma and Chang Xu and Yanyan Jiang and Chun Cao and Jian Lu},
title = {Automating object transformations for dynamic software updating via online execution synthesis},
pages = {to appear},
year = {2018},
booktitle = {Proceedings of the 32nd European Conference on Object-Oriented Programming (ECOOP)},
}
Abstract
Dynamic software updating (DSU) is a technique to upgrade a running software system on the fly without stopping the system. During updating, the runtime state of the modified components of the system needs to be properly transformed into a new state, so that the modified components can still correctly interact with the rest of the system. However, the transformation is non-trivial to realize due to the gap between the low-level implementations of two versions of a program. This paper presents AOTES, a novel approach to automating object transformations for dynamic updating of Java programs. AOTES bridges the gap by abstracting the old state of an object to a history of method invocations, and re-invoking the new version of all methods in the history to get the desired new state. AOTES requires no instrumentation to record any data and thus has no overhead during normal execution. We propose and implement a novel technique that can synthesize an equivalent history of method invocations based on the current object state only. We evaluated AOTES on software updates taken from Apache Commons Collections, Tomcat, FTP Server and SSHD Server. Experimental results show that AOTES successfully handled 51 of 61 object transformations of 21 updated classes, while two state-of-the-art approaches only handled 11 and 6 of 61, respectively.
ICSE 2018
Ming Wen, Junjie Chen, Rongxin Wu, Dan Hao and Shing-Chi Cheung . Context-Aware Patch Generation for Better Automated Program Repair. In International Conference on Software Engineering, Technical Research Paper, Gothenburg, Sweden, May 27 - 3 June 2018.
@inproceedings {ICSE18,
title = {{Context-Aware Patch Generation for Better Automated Program Repair}},
author = {Ming, Wen and Junjie, Chen and Rongxin, Wu and Dan, Hao and Shing-Chi, Cheung},
booktitle = {{Proceedings of the 40th International Conference on Software Engineering}},
series = {ICSE 2016},
year = {2018},
doi = {10.1145/3180155.3180233},
url = {http://home.cse.ust.hk/~mwenaa/paper/Repair.pdf},
}
Abstract
The effectiveness of search-based automated program repair is limited in the number of correct patches that can be successfully generated.
There are two causes of such limitation.
First, the search space does not contain the correct patch.
Second, the search space is huge and therefore the correct patch cannot be generated (\ie correct patches are either generated after incorrect plausible ones or not generated within the time budget).
To increase the likelihood of including the correct patches in the search space, we propose to work at a fine granularity in terms of AST nodes.
This, however, will further enlarge the search space, increasing the challenge to find the correct patches.
We address the challenge by devising a strategy to prioritize the candidate patches based on their likelihood of being correct.
Specifically, we study the use of AST nodes' context information to estimate the likelihood.
In this paper, we propose CapGen, a context-aware patch generation technique.
The novelty which allows CapGen to produce more correct patches lies in three aspects:
(1) The fine-granularity design enables it to find more correct fixing ingredients;
(2) The context-aware prioritization of mutation operators enables it to constrain the search space;
(3) Three context-aware models enable it to rank correct patches at high positions before incorrect plausible ones.
We evaluate CapGen on Defects4J and compare it with the state-of-the-art program repair techniques.
Our evaluation shows that CapGen outperforms and complements existing techniques.
CapGen achieves a high precision of 84.00% and can prioritize the correct patches before 98.78% of the incorrect plausible ones.
ICSE Poster 2018
Jiarong Wu, Yanyan Jiang, Chang Xu, S.C. Cheung, Xiaoxing Ma, and Jian Lu. Synthesizing Relation-Aware Entity Transformation by Examples. In Proceedings of the 40th International Conference on Software Engineering (ICSE 2018 Poster), pp. 266-267, Gothenburg, Sweden, May-Jun 2018.
@inproceedings{wu_synthesizing_2018,
author = {Jiarong Wu and Yanyan Jiang and Chang Xu and S. C. Cheung and Xiaoxing Ma and Jian Lu},
title = {Synthesizing relation-aware entity transformation by examples},
booktitle = {Proceedings of the 40th International Conference on Software Engineering (ICSE Poster Track)},
pages = {to appear},
year = {2018},
}
Abstract
Recently, programming by examples (PBE) technique achieves a great success in processing and transforming data entities, yet existing approaches generally fall short on the tasks concerning entity relations. This paper presents ENTER, a domain-agnostic language for relation-aware entity transformation synthesis. It leverages the combination of two basic relations, the equivalence relation and the total order relation, to succinctly express complex entity relations. ENTER can be instantiated with domain-specific elements to solve a wide range of entity transformation tasks.
SCP 2018
Jue Wang, Yanyan Jiang, Chang Xu, Qiwei Li, Tianxiao Gu, Jun Ma, Xiaoxing Ma, and Jian Lu. AATT+: Effectively Manifesting Concurrency Bugs in Android Apps. Science of Computer Programming (SCP), Vol. 163, pp. 1-18, Oct 2018.
@inproceedings{wang_aatt_2018,
author = {Jue Wang and Yanyan Jiang and Chang Xu and Qiwei Li and Tianxiao Gu and Jun Ma and Xiaoxing Ma and Jian Lu},
title = {AATT+: Effectively manifesting concurrency bugs in Android apps},
journal = {Science of Computer Programming (SCP)},
year = {2018},
volume = {163},
pages = {1--18},
url = {https://doi.org/10.1016/j.scico.2018.03.008},
code = {https://github.com/skull591/AATT},
}
Abstract
Smartphones are indispensable in people’s daily activities, and smartphone apps tend to be increasingly concurrent due to the wide use of multi-core devices and technologies. Due to this tendency, developers are increasingly unable to tackle the complexity of concurrent apps and to avoid subtle concurrency bugs. To better address this issue, we propose a novel approach to detecting concurrency bugs in Android apps based on the fact that one can generate simultaneous input events and their schedules for an app, which would easily trigger concurrency bugs in an app. We conduct systematic state space exploration to find potentially conflicting resource accesses in an Android app. The app is then automatically pressure-tested by guided event and schedule generation. We implemented our prototype tool named AATT+ and evaluated it with two sets of real-world Android apps. Benchmarking using 15 Android apps with previously known concurrency bugs, AATT+ and existing concurrency-unaware techniques detected 10 and 1 bugs, respectively. Evaluated with another set of 17 popu- lar Android apps, AATT+ detected 11 concurrency bugs and 7 of them were previously unknown, achieving an over 80% higher detection rate than existing concurrency-unaware techniques.
JSS 2018
Ying Wang, Hai Yu, Zhiliang Zhu. Using Risk Analysis to Prioritize Test Cases. Journal of Systems and Software (JSS). Vol. 44, pp. 14-31, May 2018.
@article{wang2018using,
title={Using reliability risk analysis to prioritize test cases},
author={Ying, Wang and Zhiliang, Zhu and Bo,Yang and Fangda, Guo and Hai,Yu},
journal={Journal of Systems and Software},
volume={139},
pages={14--31},
year={2018},
publisher={Elsevier}
}
Abstract
In this paper, we present a risk-based test case prioritization (Ri-TCP) algorithm based on the transmission of information flows among software components. Most of the existing approaches rely on the historical code changes or test case execution data, few of them effectively use the system topology information covered by test cases when scheduling the execution of test cases. From the perspective of code structure, the proposed algorithm firstly maps software into an information flow-based directed network model. Then, functional paths covered by each test case are represented by a set of barbell motifs. Finally, combining with probabilistic risk analysis (PRA) and fault tree model, we assign a priority to each test case by calculating the sum of risk indexes of all the barbells covered by it. Experimental results demonstrate that Ri-TCP technique has a higher detection rate of faults with serious risk indicators and performs stably in different systems, compared with the other state-of-the-art algorithms.
JSS 2018
Wenhua Yang, Chang Xu, Minxue Pan, Chun Cao, Xiaoxing Ma, and Jian Lu. Efficient Validation of Self-adaptive Applications by Counterexample Probability Maximization. The Journal of Systems and Software (JSS), Vol. 138, pp. 82-99, Apr 2018.
@inproceedings{yang2018jss,
author = {Wenhua Yang, Chang Xu, Minxue Pan, Chun Cao, Xiaoxing Ma, and Jian Lu},
title = {The Journal of Systems and Software (JSS)},
year = {2018},
pages = {82-99}
}
Abstract
Self-adaptive applications’ executions can be affected by uncertainty factors like unreliable sensing and flawed adaptation and therefore often error-prone. Existing methods can verify the applications suffering uncertainty and report counterexamples. However, such verification results can deviate from reality when the uncertainty specification used in verification is itself imprecise. This thus calls for further validation of reported counterexamples. One outstanding challenge in counterexample validation is that the probabilities of counterex- amples occurring in real environment are usually very low, which makes the validation extremely inefficient. In this paper, we propose a novel approach to systematically deriving path-equivalent counterexamples with respect to origi- nal ones. The derived counterexamples guarantee to have higher probabilities, making them capable of being validated efficiently in field test. We evaluated our approach with real-world self-adaptive applications. The results reported that our approach significantly increased counterexample probabilities, and the derived counterexamples were also consistently and efficiently validated in both real environment and simulation.
TOIT 2018
Wenhua Yang, Chang Xu, Minxue Pan, Xiaoxing Ma, and Jian Lu. Improving Verification Accuracy of CPS by Modeling and Calibrating Interaction Uncertainty. ACM Transactions on Internet Technology (TOIT), Vol. 18, No. 2, Article 20, pp. 1-37, Jan 2018.
@inproceedings{yang2018toit,
author = {Wenhua Yang, Chang Xu, Minxue Pan, Xiaoxing Ma, and Jian Lu},
title = {Improving Verification Accuracy of CPS by Modeling and Calibrating Interaction Uncertainty},
journal = {ACM Transactions on Internet Technology (TOIT)},
year = {2018},
pages = {1-37}
}
Abstract
Cyber-Physical Systems (CPS) intrinsically combine hardware and physical systems with software and network, which are together creating complex and correlated interactions. CPS applications often experience uncertainty in interacting with environment through unreliable sensor. They can be faulty and exhibit runtime errors if developers have not considered environmental interaction uncertainty adequately. Existing work in verifying CPS applications ignores interaction uncertainty and thus may overlook uncertainty-related faults. To improve verification accuracy, in this article we propose a novel approach to verifying CPS applications with explicit modeling of uncertainty arisen in the interaction between them and the environment. Our approach builds an Interactive State Machine (ISM) network for a CPS application and models interaction uncertainty by error ranges and distributions. Then it encodes both the application and uncertainty models to SMT formula to leverage SMT solvers searching for counterexamples that represent application failures. The precision of uncertainty model can affect the verification results. However, it may be difficult to model interaction uncertainty precisely enough at the beginning, because of the uncontrollable noise of sensors and insufficient data sample size. To further improve the accuracy of the verification results, we propose an approach to identifying and calibrating imprecise uncertainty models. We exploit the inconsistency between the counterexamples’ estimate and actual occurrence probabilities to identify possible imprecision in uncertainty models, and the calibration of imprecise models is to minimize the inconsistency, which is reduced to a Search- Based Software Engineering (SBSE) problem. We experimentally evaluated our verification and calibration approaches with real-world CPS applications, and the experimental results confirmed their effectiveness and efficiency.
EmSE 2018
Rongxin Wu, Ming Wen, Shing-Chi Cheung and Hongyu Zhang. ChangeLocator: Locate Crash-Inducing Changes Based on Crash Reports. In Journal of Empirical Software Engineering (EmSE 2018), Vol. 23, No. 5, pp. 2866-2900, Oct 2018. Selected for journal-first presentation at ICSE 2018.
@article{wu2018changelocator,
title={ChangeLocator: locate crash-inducing changes based on crash reports},
author={Wu, Rongxin and Wen, Ming and Cheung, Shing-Chi and Zhang, Hongyu},
journal={Empirical Software Engineering},
volume={23},
number={5},
pages={2866--2900},
year={2018},
publisher={Springer}
}
Abstract
Software crashes are severe manifestations of software bugs. Debugging crashing bugs is tedious and time-consuming. Understanding software changes that induce a crashing bug can provide useful contextual information for bug fixing and is highly demanded by developers. Locating the bug inducing changes is also useful for automatic program repair, since it narrows down the root causes and reduces the search space of bug fix location. However, currently there are no systematic studies on locating the software changes to a source code repository that induce a crashing bug reflected by a bucket of crash reports. To tackle this problem, we first conducted an empirical study on characterizing the bug inducing changes for crashing bugs (denoted as crash-inducing changes). We also propose ChangeLocator, a method to automatically locate crash-inducing changes for a given bucket of crash reports. We base our approach on a learning model that uses features originated from our empirical study and train the model using the data from the historical fixed crashes. We evaluated ChangeLocator with six release versions of Netbeans project. The results show that it can locate the crash-inducing changes for 44.7%, 68.5%, and 74.5% of the bugs by examining only top 1, 5 and 10 changes in the recommended list, respectively. It significantly outperforms the existing state-of-the-art approach.
ESEC/FSE 2017
Lili Wei, Yepang Liu, and Shing-Chi Cheung.
OASIS: Prioritizing Static Analysis Warnings for Android Apps Based on App User Reviews. In Proceedings of the 11th joint meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering (ESEC/FSE 2017), Paderborn, Germany, Sept 2017.
@inproceedings{Wei_FSE17,
author = {Lili Wei and Yepang Liu and
Shing{-}Chi Cheung},
title = {OASIS: Prioritizing Static Analysis Warnings for Android Apps Based on App User Reviews},
booktitle = {joint meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering, {ESEC/FSE} 2017},
year = {2017}
}
Abstract
Lint is a widely-used static analyzer for detecting bugs/issues in Android apps. However, it can generate many false warnings. One existing solution to this problem is to leverage project history data (e.g., bug fixing statistics) for warning prioritization. Unfortunately, such techniques are biased toward a project’s archived warnings and can easily miss newissues. Anotherweakness is that developers cannot readily relate the warnings to the impacts perceivable by users. To overcome these weaknesses, in this paper, we propose a semantics-aware approach, OASIS, to prioritizing Lint warnings by leveraging app user reviews. OASIS combines program analysis and NLP techniques to recover the intrinsic links between the Lint warnings for a given app and the user complaints on the app problems caused by the issues of concern. OASIS leverages the strength of such links to prioritize warnings. We evaluated OASIS on six popular and large-scale open-source Android apps. The results show that OASIS can effectively prioritize Lint warnings and help identify new issues that are previously-unknown to app developers.
TSE 2017
Wensheng Dou, Chang Xu, Shing-Chi Cheung and Jun Wei. CACheck: Detecting and Repairing Cell Arrays in Spreadsheets. IEEE Transactions on Software Engineering (TSE), Vol. 43, Iss. 3, pp. 226-251, Mar 2017.
@article{Dou_TSE17,
author = {Wensheng Dou, Chang Xu, Shing-Chi Cheung and Jun Wei},
title = {CACheck: Detecting and Repairing Cell Arrays in Spreadsheets},
journal = {IEEE Transactions on Software Engineering (TSE)},
year = {2017}
}
Abstract
Spreadsheets are widely used by end users for numerical computation in their business. Spreadsheet cells whose computation is subject to the same semantics are often clustered in a row or column as a cell array. When a spreadsheet evolves, the cells in a cell array can degenerate due to ad hoc modifications. Such degenerated cell arrays no longer keep cells prescribing the same computational semantics, and are said to exhibit ambiguous computation smells. We propose CACheck, a novel technique that automatically detects and repairs smelly cell arrays by recovering their intended computational semantics. Our empirical study on the EUSES and Enron corpora finds that such smelly cell arrays are common. Our study also suggests that CACheck is useful for detecting and repairing real spreadsheet problems caused by smelly cell arrays. Compared with our previous work AmCheck, CACheck detects smelly cell arrays with higher precision and recall rate.
JSS 2017
Ruiqing Zhang, Chang Xu, S.C. Cheung, Ping Yu, Xiaoxing Ma and Jian Lu. How Effectively can Spreadsheet Anomalies be Detected: An Empirical Study. The Journal of Systems and Software (JSS), Vol. 126, pp. 87-100, Feb 2017.
@article{Zhang_JSS17,
author = {Ruiqing Zhang, Chang Xu, Shing-Chi Cheung, Ping Yu, Xiaoxing Ma and Jian Lu},
title = {How Effective can Spreadsheet Anomalies be Detected: An Empirical Study},
journal = {The Journal of Systems and Software (JSS)},
year = {2017}
}
Abstract
While spreadsheets are widely used, they have been found to be error-prone. Various techniques have been proposed to detect anomalies in spreadsheets, with varying scopes and effectiveness. Nevertheless, there is no empirical study comparing these techniques' practical usefulness and effectiveness. In this work, we conducted a large-scale empirical study of three state-of-the-art techniques on their effectiveness in detecting spreadsheet anomalies. Our study focused on the precision, recall rate, efficiency and scope. We found that one technique outperforms the other two in precision and recall rate of spreadsheet anomaly detection. Efficiency of the three techniques is acceptable for most spreadsheets, but they may not be scalable to large spreadsheets with complex formulas. Besides, they have different scopes for detecting different spreadsheet anomalies, thus complementing to each other. We also discussed limitations of these three techniques. Based on our findings, we give suggestions for future spreadsheet research.
FSE 2016
Yepang Liu, Chang Xu, Shing-Chi Cheung and Valerio Terrangi. Understanding and Detecting Wake Lock Misuses for Android Applications. In Proceedings of the 24th ACM SIGSOFT International Symposium on the Foundations of Software Engineering (FSE 2016), Seattle, WA, USA, Nov 2016,
pp. 396-409. Platinum-level Artifacts
@inproceedings{Liu_FSE16,
author = {Yepang Liu and Chang Xu and
Shing{-}Chi Cheung and Valerio Terragni},
title = {Understanding and Detecting Wake Lock Misuses for Android Applications},
booktitle = {Proceedings of the 2016 International Symposium on the Foundations of Software Engineering, {FSE} 2016},
year = {2016}
}
Abstract
Wake locks are widely used in Android apps to protect critical computations from being disrupted by device sleeping. Inappropriate use of wake locks often seriously impacts user experience. However, little is known on how wake locks are used in real-world Android apps and the impact of their misuses. To bridge the gap, we conducted a large-scale empirical study on 44,736 commercial and 31 open-source Android apps. By automated program analysis and manual investigation, we observed (1) common program points where wake locks are acquired and released, (2) 13 types of critical computational tasks that are often protected by wake locks, and (3) eight patterns of wake lock misuses that commonly cause functional and non-functional issues, only three of which had been studied by existing work. Based on our findings, we designed a static analysis technique, Elite, to detect two most common patterns of wake lock misuses. Our experiments on real-world subjects showed that Elite is effective and can outperform two state-of-the-art techniques.
FSE 2016
Wensheng Dou, Shing-Chi Cheung, Chushu Gao,
Chang Xu, Liang Xu and Jun Wei. Detecting Table Clones and Smells in
Spreadsheets. In Proceedings of the 24th ACM SIGSOFT International Symposium on
the Foundations of Software Engineering (FSE 2016), Seattle, WA, USA, Nov 2016,
pp. 787-798.
@inproceedings{Dou_FSE16,
author = {Wensheng Dou and Shing{-}Chi Cheung and Chushu Gao and Chang Xu and Liang Xu and Jun Wei},
title = {Detecting Table Clones and Smells in Spreadsheets},
booktitle = {Proceedings of the 2016 International Symposium on the Foundations of Software Engineering, {FSE} 2016},
year = {2016}
}
Abstract
Spreadsheets are widely used by end users for various business tasks, such as data analysis and financial reporting. End users may perform similar tasks by cloning a block of cells (table) in their spreadsheets. The corresponding cells in these cloned tables are supposed to keep the same or similar computational semantics. However, when spreadsheets evolve, thus cloned tables can become inconsistent due to ad-hoc modifications, and as a result suffer from smells. In this paper, we propose TableCheck to detect table clones and related smells due to inconsistency among them. We observe that two tables with the same header information at their corresponding cells are likely to be table clones. Inspired by existing finger-print-based code clone detection techniques, we developed a detection algorithm to detect this kind of table clones. We further detected outliers among corresponding cells as smells in the detected table clones. We implemented our idea into TableCheck, and applied it to real-world spreadsheets from the EUSES corpus. Experimental results show that table clones commonly exist (21.8%), and 25.6% of the spreadsheets with table clones suffer from smells due to inconsistency among these clones. TableCheck detected table clones and their smells with a precision of 92.2% and 85.5%, respectively, while existing techniques detected no more than 35.6% true smells that TableCheck could detect.
ASE 2016
Lili Wei, Yepang Liu, and Shing-Chi Cheung.
Taming Android Fragmentation: Characterizing and Detecting Compatibility
Issues for Android Apps. In Proceedings of the 31st IEEE/ACM International
Conference on Automated Software Engineering (ASE 2016), Singapore, Sept
2016, pp. 226-237. ACM SIGSOFT Distinguished Paper Award.
@inproceedings{Wei_ASE16,
author = {Lili Wei and Yepang Liu and
Shing{-}Chi Cheung},
title = {Taming Android Fragmentation: Characterizing and Detecting Compatibility Issues for Android Apps},
booktitle = {Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering, {ASE} 2016},
year = {2016}
}
Abstract
Android ecosystem is heavily fragmented. The numerous combinations of different device models and operating system versions make it impossible for Android app developers to exhaustively test their apps. As a result, various compatibility issues arise, causing poor user experience. However, little is known on the characteristics of such fragmentation-induced compatibility issues and no mature tools exist to help developers quickly diagnose and fix these issues. To bridge the gap, we conducted an empirical study on 191 real-world compatibility issues collected from popular open-source Android apps. Our study characterized the symptoms and root causes of compatibility issues, and disclosed that the patches of these issues exhibit common patterns. With these findings, we propose a technique named FicFinder to automatically detect compatibility issues in Android apps. FicFinder performs static code analysis based on a model that captures Android APIs as well as their associated context by which compatibility issues are triggered. FicFinder reports actionable debugging information to developers when it detects potential issues. We evaluated FicFinder with 27 large-scale open-source Android apps. The results show that FicFinder can precisely detect compatibility issues in these apps and uncover previously-unknown issues.
ASE 2016
Ming Wen, Rongxin Wu, and Shing-Chi Cheung.
Locus: Locating Bugs from Software Changes. In Proceedings of the 31st
IEEE/ACM International Conference on Automated Software Engineering (ASE
2016), Singapore, Sept 2016, pp. 262-273.
@inproceedings{Wei_ASE16,
author = {Ming Wen and Rongxin Wu and
Shing{-}Chi Cheung},
title = {Locus: Locating Bugs from Software Changes},
booktitle = {Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering, {ASE} 2016},
year = {2016}
}
Abstract
Various information retrieval (IR) based techniques have been proposed recently to locate bugs automatically at the file level. However, their usefulness is often compromised by the coarse granularity of files and the lack of contextual information. To address this, we propose to locate bugs using software changes, which offer finer granularity than files and provide important contextual clues for bug-fixing. We observe that bug inducing changes can facilitate the bug fixing process. For example, it helps triage the bug fixing task to the developers who committed the bug inducing changes or enables developers to fix bugs by reverting these changes. Our study further identifies that change logs and the naturally small granularity of changes can help boost the performance of IR-based bug localization. Motivated by these observations, we propose an IR-based approach Locus to locate bugs from software changes, and evaluate it on six large open source projects. The results show that Locus outperforms existing techniques at the source file level localization significantly. MAP and MRR in particular have been improved, on average, by 20.1% and 20.5%, respectively. Locus is also capable of locating the inducing changes within top 5 for 41.0% of the bugs. The results show that Locus can significantly reduce the number of lines needing to be scanned to locate the bug compared with existing techniques.
IST 2016
Jun Sui, Chang Xu, Shing-Chi Cheung, Wang Xi, Yanyan Jiang, Chun Cao, Xiaoxing Ma, and Jian Lu. Hybrid CPU-GPU Constraint Checking: Towards Efficient Context Consistency. Information and Software Technology (IST), Volume 74, 2016, pp. 230-242.
@article{Sui_IST2016,
author = {Jun Sui and
Chang Xu and
Shing{-}Chi Cheung and
Wang Xi and
Yanyan Jiang and
Chun Cao and
Xiaoxing Ma and
Jian Lu},
title = {Hybrid {CPU-GPU} constraint checking: Towards efficient context consistency},
journal = {Information {\&} Software Technology},
volume = {74},
pages = {230--242},
year = {2016},
url = {http://dx.doi.org/10.1016/j.infsof.2015.10.003},
doi = {10.1016/j.infsof.2015.10.003},
timestamp = {Mon, 25 Apr 2016 19:47:34 +0200},
biburl = {http://dblp.uni-trier.de/rec/bib/journals/infsof/SuiXCX0CML16},
bibsource = {dblp computer science bibliography, http://dblp.org}
}
Abstract
Context: modern software increasingly relies on contexts about computing environments to provide adaptive and smart services. Such contexts, captured and derived from environments of uncontrollable noises, can be inaccurate, incomplete or even in conflict with each other. This is known as the context inconsistency problem, and should be addressed by checking contexts in time to prevent abnormal behavior to applications. One popular way is to check application contexts against consistency constraints before their uses, but this can bring heavy computation due to tremendous amount of contexts in changing environments. Existing efforts improve the checking performance by incremental or concurrent computation, but they rely on CPU computing only and can consume valuable CPU capabilities that should otherwise be used by applications themselves.
Objective: in this article, we propose GAIN, a GPU-supported technique to checking consistency constraints systematically and efficiently.
Method: GAIN can automatically recognize a constraint’s parallel units and associate these units and their runtime instances with matched contexts under checking. GAIN coordinates CPU and GPU and utilizes their capabilities for task preparation and context checking, respectively.
Result: we evaluate GAIN experimentally with millions of real-life context data. The evaluation results show that GAIN can work at least 2–7 × faster and requires much less CPU usage than CPU-based techniques. Besides, GAIN can also work stably for different and varying workloads.
Conclusion: our experience with GAIN suggests its high efficiency in constraint checking for context consistency as well as its wide applicability to different application workloads.
ISSTA 2016
Valerio Terragni, Yepang Liu and Shing-Chi Cheung. CSNIPPEX: Automated
Synthesis of Compilable Code Snippets from Q&A Sites. In Proceedings of
the 25th International Symposium on Software Testing and Analysis (ISSTA
2016), Saarbrücken, Germany, July 2016, pp. 118-129.
@inproceedings{Terragni_ISSTA16,
author = {Valerio Terragni and Yepang Liu and
Shing{-}Chi Cheung},
title = {CSNIPPEX: Automated Synthesis of Compilable Code Snippets from Q\&A Sites},
booktitle = {Proceedings of the 2016 International Symposium on Software Testing
and Analysis, {ISSTA} 2016},
pages = {118--129},
year = {2016},
url = {http://dx.doi.org/10.1145/2931037.2931058}
}
Abstract
Popular Q&A sites like StackOverflow have collected numerous code snippets. However, many of them do not have complete type information, making them uncompilable and inapplicable to various software engineering tasks. This paper analyzes this problem, and proposes a technique CSNIPPEX to automatically convert code snippets into compilable Java source code files by resolving external dependencies, generating import declarations, and fixing syntactic errors. We implemented CSNIPPEX as a plug-in for Eclipse and evaluated it with 242,175 StackOverflow posts that contain code snippets. CSNIPPEX successfully synthesized compilable Java files for 40,410 of them. It was also able to effectively recover import declarations for each post with a precision of 91.04% in a couple of seconds.
ICSE 2016
Valerio Terragni and Shing-Chi Cheung. Coverage-Driven Test Code Generation for Concurrent Classes. In Proceedings of the 38th International Conference on Software Engineering (ICSE 2016), Austin, TX, USA, May 2016, pp. 1121-1132
@inproceedings{Terragni_ICSE16,
author = {Valerio Terragni and
Shing{-}Chi Cheung},
title = {Coverage-driven test code generation for concurrent classes},
booktitle = {Proceedings of the 38th International Conference on Software Engineering,
{ICSE} 2016, Austin, TX, USA, May 14-22, 2016},
pages = {1121--1132},
year = {2016},
url = {http://doi.acm.org/10.1145/2884781.2884876}
}
Abstract
Previous techniques on concurrency testing have mainly focused on exploring the interleaving space of manually written test code to expose faulty interleavings of shared memory accesses. These techniques assume the availability of failure-inducing tests. In this paper, we present AutoConTest, a coverage-driven approach to generate effective concurrent test code that achieve high interleaving coverage. AutoConTest consists of three components. First, it computes the coverage requirements dynamically and iteratively during sequential test code generation, using a coverage metric that captures the execution context of shared memory accesses. Second, it smartly selects these sequential codes based on the computed result and assembles them for concurrent tests, achieving increased context-sensitive interleaving coverage. Third, it explores the newly covered interleavings. We have implemented AutoConTest as an automated tool and evaluated it using 6 real-world concurrent Java subjects. The results show that AutoConTest is able to generate effective concurrent tests that achieve high interleaving coverage and expose concurrency faults quickly. AutoConTest took less than 65 seconds (including program analysis, test generation and execution) to expose the faults in the program subjects.
ICSE 2016
Shing-Chi Cheung, Wanjun Chen, Yepang Liu, and Chang Xu. Automatic Spreadsheet Cell Clustering and Smell Detection Using Strong and Weak Features. In Proceedings of the 38th International Conference on Software Engineering (ICSE 2016), Austin, TX, USA, May 2016, pp. 464-475.
@inproceedings{Cheung_ICSE2016,
author = {Shing{-}Chi Cheung and
Wanjun Chen and
Yepang Liu and
Chang Xu},
title = {{CUSTODES:} automatic spreadsheet cell clustering and smell detection
using strong and weak features},
booktitle = {Proceedings of the 38th International Conference on Software Engineering,
{ICSE} 2016, Austin, TX, USA, May 14-22, 2016},
pages = {464--475},
year = {2016},
crossref = {DBLP:conf/icse/2016},
url = {http://doi.acm.org/10.1145/2884781.2884796},
doi = {10.1145/2884781.2884796},
timestamp = {Sun, 15 May 2016 11:55:22 +0200},
biburl = {http://dblp.uni-trier.de/rec/bib/conf/icse/CheungCLX16},
bibsource = {dblp computer science bibliography, http://dblp.org}
}
Abstract
Various techniques have been proposed to detect smells in spreadsheets, which are susceptible to errors. These techniques typically detect spreadsheet smells through a mechanism based on a fixed set of patterns or metric thresholds. Unlike conventional programs, tabulation styles vary greatly across spreadsheets. Smell detection based on fixed patterns or metric thresholds, which are insensitive to the varying tabulation styles, can miss many smells in one spreadsheet while reporting many spurious smells in another. In this paper, we propose CUSTODES to effectively cluster spreadsheet cells and detect smells in these clusters. The clustering mechanism can automatically adapt to the tabulation styles of each spreadsheet using strong and weak features. These strong and weak features capture the invariant and variant parts of tabulation styles, respectively. As smelly cells in a spreadsheet normally occur in minority, they can be mechanically detected as clusters' outliers in feature spaces. We implemented and applied CUSTODES to 70 spreadsheets files randomly sampled from the EUSES corpus. These spreadsheets contain 1,610 formula cell clusters. Experimental results confirmed that CUSTODES is effective. It successfully detected harmful smells that can induce computation anomalies in spreadsheets with an F-measure of 0.72, outperforming state-of-the-art techniques.
ICSE SEIP 2016
Wensheng Dou, Liang Xu, Shing-Chi Cheung, Chushu Gao, Jun Wei and Tao Huang. VEnron: A Versioned Spreadsheet Corpus and Related Evolution Analysis. In Proceedings of the 38th International Conference on Software Engineering (ICSE 2016 - SEIP), Companion Volume, Austin, TX, USA, May 2016, pp. 162-171.
@inproceedings{Dou_ICSE2016,
author = {Wensheng Dou and
Liang Xu and
Shing{-}Chi Cheung and
Chushu Gao and
Jun Wei and
Tao Huang},
title = {VEnron: a versioned spreadsheet corpus and related evolution analysis},
booktitle = {Proceedings of the 38th International Conference on Software Engineering,
{ICSE} 2016, Austin, TX, USA, May 14-22, 2016 - Companion Volume},
pages = {162--171},
year = {2016},
crossref = {DBLP:conf/icse/2016c},
url = {http://doi.acm.org/10.1145/2889160.2889238},
doi = {10.1145/2889160.2889238},
timestamp = {Sun, 15 May 2016 12:23:10 +0200},
biburl = {http://dblp.uni-trier.de/rec/bib/conf/icse/DouXCGWH16},
bibsource = {dblp computer science bibliography, http://dblp.org}
}
Abstract
In this paper, we propose a semi-automated approach that leverages spreadsheets’ contexts (e.g., attached emails) and contents to identify evolved spreadsheets and recover the embedded version information. We apply it to the released email archive of the Enron Corporation and build an industrial-scale, versioned spreadsheet corpus VEnron. Our approach first clusters spreadsheets that likely evolved from one to another into evolution groups based on various fragmented information, such as spreadsheet filenames, spreadsheet contents, and spreadsheet-attached emails. Then, it recovers the version information of the spreadsheets in each evolution group. VEnron enables us to identify interesting issues that can arise from spreadsheet evolution. For example, the versioned spreadsheets popularly exist in the Enron email archive; changes in formulas are common; and some groups (16.9%) can introduce new errors during evolution.
According to our knowledge, VEnron is the first spreadsheet corpus with version information. It provides a valuable resource to understand issues arising from spreadsheet evolution.
POPL 2016
Rongxin Wu, Xiao Xiao, Shing-Chi Cheung, Hongyu Zhang, Charles Zhang. Casper: An Efficient Approach to Call Trace Collection. In Proceedings of the 43rd ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL 2016), St. Petersburg, Florida, January 2016, pp. 678-690.
@inproceedings{Wu_POPL2016,
author = {Rongxin Wu and
Xiao Xiao and
Shing{-}Chi Cheung and
Hongyu Zhang and
Charles Zhang},
title = {Casper: an efficient approach to call trace collection},
booktitle = {Proceedings of the 43rd Annual {ACM} {SIGPLAN-SIGACT} Symposium on
Principles of Programming Languages, {POPL} 2016, St. Petersburg,
FL, USA, January 20 - 22, 2016},
pages = {678--690},
year = {2016},
crossref = {DBLP:conf/popl/2016},
url = {http://doi.acm.org/10.1145/2837614.2837619},
doi = {10.1145/2837614.2837619},
timestamp = {Wed, 09 Mar 2016 08:11:59 +0100},
biburl = {http://dblp.uni-trier.de/rec/bib/conf/popl/WuXCZZ16},
bibsource = {dblp computer science bibliography, http://dblp.org}
}
Abstract
Call traces, i.e., sequences of function calls and returns, are fundamental to a wide range of program analyses such as bug reproduction, fault diagnosis, performance analysis, and many others. The conventional approach to collect call traces that instruments each function call and return site incurs large space and time overhead. Our approach aims at reducing the recording overheads by instrumenting only a small amount of call sites while keeping the capability of recovering the full trace. We propose a call trace model and a logged call trace model based on an LL(1) grammar, which enables us to define the criteria of a feasible solution to call trace collection. Based on the two models, we prove that to collect call traces with minimal instrumentation is an NP-hard problem. We then propose an efficient approach to obtaining a suboptimal solution. We implemented our approach as a tool Casper and evaluated it using the DaCapo benchmark suite. The experiment results show that our approach causes significantly lower runtime (and space) overhead than two state-of-the-arts approaches.
TSE 2015
Chang Xu, Wang Xi, Shing-Chi Cheung, Xiaoxing Ma, Chun Cao and Jian Lu. CINA: Suppressing the Detection of Unstable Context Inconsistency, IEEE Transactions of Software Engineering 41(9), September 2015, pp. 842-865.
@article{DBLP:journals/tse/XuXCMCL15,
author = {Chang Xu and
Wang Xi and
Shing{-}Chi Cheung and
Xiaoxing Ma and
Chun Cao and
Jian Lu},
title = {Cina: Suppressing the Detection of Unstable Context Inconsistency},
journal = {{IEEE} Trans. Software Eng.},
volume = {41},
number = {9},
pages = {842--865},
year = {2015},
url = {http://dx.doi.org/10.1109/TSE.2015.2418760},
doi = {10.1109/TSE.2015.2418760},
timestamp = {Thu, 10 Dec 2015 11:33:07 +0100},
biburl = {http://dblp.uni-trier.de/rec/bib/journals/tse/XuXCMCL15},
bibsource = {dblp computer science bibliography, http://dblp.org}
}
Abstract
Context-aware applications adapt their behavior based on contexts. Contexts can, however, be incorrect. A popular means to build dependable applications is to augment them with a set of constraints to govern the consistency of context values. These constraints are evaluated upon context changes to detect inconsistencies so that they can be timely handled. However, we observe that many context inconsistencies are unstable. They vanish by themselves and do not require handling. Such inconsistencies are detected due to misaligned sensor sampling or improper inconsistency detection scheduling. We call them unstable context inconsistencies (or STINs). STINs should be avoided to prevent unnecessary inconsistency handling and unstable behavioral adaptation to applications. In this article, we study STINs systematically, from examples to theoretical analysis, and present algorithms to suppress their detection. Our key insight is that only certain patterns of context changes can make a consistency constraint subject to the detection of STINs. We derive such patterns and proactively use them to suppress the detection of STINs. We implemented our idea and applied it to real-world applications. Experimental results confirmed its effectiveness in suppressing the detection of numerous STINs with negligible overhead, while preserving the detection of stable context inconsistencies that require inconsistency handling.
SCIS 2015
Wenhua Yang, Yepang Liu, Chang Xu and Shing-Chi Cheung. A Survey on Dependability Improvement Techniques for Pervasive Computing Systems, SCIENCE CHINA Information Sciences (SCIS) 58(5), May 2015, pp. 1-14.
@article{DBLP:journals/chinaf/YangLXC15,
author = {Wenhua Yang and
Yepang Liu and
Chang Xu and
Shing{-}Chi Cheung},
title = {A survey on dependability improvement techniques for pervasive computing
systems},
journal = {{SCIENCE} {CHINA} Information Sciences},
volume = {58},
number = {5},
pages = {1--14},
year = {2015},
url = {http://dx.doi.org/10.1007/s11432-015-5300-3},
doi = {10.1007/s11432-015-5300-3},
timestamp = {Wed, 29 Apr 2015 12:35:39 +0200},
biburl = {http://dblp.uni-trier.de/rec/bib/journals/chinaf/YangLXC15},
bibsource = {dblp computer science bibliography, http://dblp.org}
}
Abstract
The goal of this survey is to summarize the state-of-the-art research results and identify research challenges of developing and deploying dependable pervasive computing systems. We discuss the factors that affect the system dependability and the studies conducted to improve it with respect to these factors. These studies were categorized according to their similarities and differences in hope of shedding some insight into future research. There are three categories: context management, fault detection, and uncertainty handling. These three categories of work address the three most difficult problems of pervasive computing systems. First, pervasive computing systems’ perceived environments, which are also called their contexts, can vary intensively, and thus have a great impact on the systems’ dependability. Second, it is challenging to guarantee the correctness of the systems’ internal computations integrated with interactions with external environments for developers. Fault detection is then an important issue for improving dependability for these systems. Last but not least importantly, pervasive computing systems interact with their environments frequently. These interactions can be affected by many uncertainties, which can jeopardize the systems’ dependability. After a discussion of these pieces of work, we present an outlook for its future research directions.
IEEE SOFTWARE 2015
Yepang Liu, Chang Xu and Shing-Chi Cheung. Diagnosing Energy Efficiency and Performance for Mobile Internetware Applications: Challenges and Opportunities, IEEE Software 32(1), Jan/Feb 2015, pp. 67-75
@article{DBLP:journals/software/LiuXC15,
author = {Yepang Liu and
Chang Xu and
Shing{-}Chi Cheung},
title = {Diagnosing Energy Efficiency and Performance for Mobile Internetware
Applications},
journal = {{IEEE} Software},
volume = {32},
number = {1},
pages = {67--75},
year = {2015},
url = {http://dx.doi.org/10.1109/MS.2015.4},
doi = {10.1109/MS.2015.4},
timestamp = {Tue, 12 Jan 2016 12:01:52 +0100},
biburl = {http://dblp.uni-trier.de/rec/bib/journals/software/LiuXC15},
bibsource = {dblp computer science bibliography, http://dblp.org}
}
Abstract
Many smartphone applications' smart services are realized in a way that wastes energy or degrades performance, seriously affecting the user experience. What's worse, developers lack powerful tools to combat such problems, curbing the growth of Internet-based mobile computing. Research communities and industries have issued a strong call for effective techniques to diagnose energy and performance bugs in smartphone applications. This article describes bug characteristics, discusses diagnostic challenges, and reviews state-of-the-art diagnostic techniques. A case study shows how a representative tool analyzed commercial Android applications and the Samsung Mobile Software Developer's Kit, providing useful diagnostic information.
ICSE 2015
Valerio Terragni, Shing-Chi Cheung and Charles Zhang. RECONTEST: Effective Regression Testing of Concurrent Programs. In Proceedings of the 37th International Conference on Software Engineering (ICSE 2015), Florence, Italy, May 16-24, 2015, pp. 246-256.
@inproceedings{TERRAGNI_ICSE15,
author = {Valerio Terragni and
Shing{-}Chi Cheung and
Charles Zhang},
title = {{RECONTEST:} Effective Regression Testing of Concurrent Programs},
booktitle = {37th {IEEE/ACM} International Conference on Software Engineering,
{ICSE} 2015, Florence, Italy, May 16-24, 2015, Volume 1},
pages = {246--256},
year = {2015},
url = {http://dx.doi.org/10.1109/ICSE.2015.45},
}
Abstract
Concurrent programs proliferate as multi-core technologies advance. As a result, the conventional approach that selects a sub-set of test cases for regression testing without considering interleavings is insufficient. In this paper we present RECONTEST to address the problem by selecting the new interleavings that arise due to code changes. These interleavings must be explored in order to uncover regression bugs. RECONTEST efficiently selects new interleavings by first identifying shared memory accesses that are affected by the changes, and then exploring only those problematic interleavings that contain at least one of these accesses. We have implemented RECONTEST as an automated tool and evaluated it using 13 real-world concurrent program subjects. Our results show that RECONTEST can significantly reduce the regression testing cost without missing any faulty interleavings induced by code changes.
TSE 2014
Yepang Liu, Chang Xu, Shing-Chi Cheung, and Jian Lv. GreenDroid: Automated Diagnosis of Energy Inefficiency for Smartphone Applications, IEEE Transactions on Software Engineering 40(9), September 2014, pp. 911-940.
@ARTICLE{Liu:TSE2014,
author = {Liu, Yepang and Xu, Chang and Cheung, Shing-Chi and Lu, Jian},
journal = {IEEE Transactions on Software Engineering},
title = {GreenDroid: Automated Diagnosis of Energy Inefficiency for Smartphone Applications},
year = {2014},
volume = {40},
number = {9},
pages = {911-940},
doi = {10.1109/TSE.2014.2323982},
month = {Sept},
}
Abstract
Smartphone applications’ energy efficiency is vital, but many Android applications suffer from serious energy inefficiency problems. Locating these problems is labor-intensive and automated diagnosis is highly desirable. However, a key challenge is the lack of a decidable criterion that facilitates automated judgment of such energy problems. Our work aims to address this challenge. We conducted an in-depth study of 173 open-source and 229 commercial Android applications, and observed two common causes of energy problems: missing deactivation of sensors or wake locks, and cost-ineffective use of sensory data. With these findings, we
propose an automated approach to diagnosing energy problems in Android applications. Our approach explores an application’s state space by systematically executing the application using Java PathFinder (JPF). It monitors sensor and wake lock operations to detect missing deactivation of sensors and wake locks. It also tracks the transformation and usage of sensory data and judges whether they are effectively utilized by the application using our state-sensitive data utilization metric. In this way, our approach can generate detailed reports with actionable information to assist developers in validating detected energy problems. We built our approach as a tool, GreenDroid, on top of JPF. Technically, we addressed the challenges of generating user interaction events and scheduling event han- dlers in extending JPF for analyzing Android applications. We evaluated GreenDroid using 13 real-world popular Android applications. GreenDroid completed energy efficiency diagnosis for these applications in a few minutes. It successfully located real energy problems in these applications, and additionally found new unreported energy problems that were later confirmed by developers.
TOSEM 2014
Yueqi Li, Shing-Chi Cheung, Xiangyu Zhang, and Yepang Liu. Scaling Up Symbolic Analysis by Removing Z-Equivalent States, ACM Transactions on Software Engineering and Methodology 23(4), August 2014, 34:1-32.
@article{Li:TOSEM2014,
author = {Li, Yueqi and Cheung, Shing-Chi and Zhang, Xiangyu and Liu, Yepang},
title = {Scaling Up Symbolic Analysis by Removing Z-Equivalent States},
journal = {ACM Trans. Softw. Eng. Methodol.},
issue_date = {August 2014},
volume = {23},
number = {4},
month = sep,
year = {2014},
pages = {34:1--34:32},
articleno = {34},
url = {http://doi.acm.org/10.1145/2652484},
}
Abstract
Path explosion is a major issue in applying path-sensitive symbolic analysis to large programs. We ob- serve that many symbolic states generated by the symbolic analysis of a procedure are indistinguishable to its callers. It is, therefore, possible to keep only one state from each set of equivalent symbolic states without affecting the analysis result. Based on this observation, we propose an equivalence relation called z-equivalence, which is weaker than logical equivalence, to relate a large number of z-equivalent states. We prove that z-equivalence is strong enough to guarantee that paths to be traversed by the symbolic analysis of two z-equivalent states are identical, giving the same solutions to satisfiability and validity queries. We propose a sound linear algorithm to detect z-equivalence. Our experiments show that the symbolic analysis that leverages z-equivalence is able to achieve more than ten orders of magnitude reduction in terms of search space. The reduction significantly alleviates the path explosion problem, enabling us to apply symbolic analysis in large programs such as Hadoop and Linux Kernel.
IJSI 2014
Yepang Liu, Chang Xu, Shing-Chi Cheung, and Wenhua Yang. CHECKERDROID: Automated Quality Assurance for Smartphone Applications, International Journal of Software and Informatics (IJSI), vol. 8, no. 1, August 2014, pp. 21-41.
@article{DBLP:journals/ijsi/LiuXCY14,
author = {Yepang Liu and
Chang Xu and
S. C. Cheung and
Wenhua Yang},
title = {{CHECKERDROID} : Automated Quality Assurance for Smartphone Applications},
journal = {Int. J. Software and Informatics},
volume = {8},
number = {1},
pages = {21--41},
year = {2014},
url = {http://www.ijsi.org/ch/reader/view_abstract.aspx?file_no=i181},
timestamp = {Sun, 14 Aug 2016 14:06:59 +0200},
biburl = {http://dblp.uni-trier.de/rec/bib/journals/ijsi/LiuXCY14},
bibsource = {dblp computer science bibliography, http://dblp.org}
}
Abstract
Smartphone applications’ quality is vital. However, many smartphone applications on market suffer from various bugs. One major reason is that developers lack viable techniques to help expose potential bugs in their applications. This paper presents a practical dynamic analysis tool, CheckerDroid, to help developers automatically detect both functional and non-functional bugs in their Android applications. CheckerDroid currently supports the detection of the following three types of bugs: null pointer exception, resource leak and sensor listener misusage. We built CheckerDroid by extending Java PathFinder (JPF), a widely-used model checker for general Java programs. Our extension addresses two technical challenges. First, Android applications are event-driven and lack explicit control flow information between event handlers. Second, Android applications closely hinge on native framework libraries, whose implementations are platform-dependent. To address these challenges, we derive event handler scheduling policies from Android documentations, and encode them to guide CheckerDroid to realistically execute Android applications. Besides, we modeled the side effects for a critical set of Android APIs such that CheckerDroid can conduct bug detection precisely. To evaluate CheckerDroid, we conducted experiments with seven popular real-world Android applications. CheckerDroid analyzed these applications in a few minutes, and successfully located real bugs in them.
ASE 2014
Yueqi Li and Shing-Chi Cheung. Symbolic State Validation through Runtime Data. In Proceedings of the 29th IEEE/ACM International Conference on Automated Software Engineering (ASE 2014), Vasteras, Sweden, September 2014, pp. 187-198.
@inproceedings{DBLP:conf/kbse/LiC14,
author = {Yueqi Li and
Shing{-}Chi Cheung},
title = {Symbolic state validation through runtime data},
booktitle = {{ACM/IEEE} International Conference on Automated Software Engineering,
{ASE} '14, Vasteras, Sweden - September 15 - 19, 2014},
pages = {187--198},
year = {2014},
crossref = {DBLP:conf/kbse/2014},
url = {http://doi.acm.org/10.1145/2642937.2642973},
doi = {10.1145/2642937.2642973},
timestamp = {Fri, 07 Nov 2014 12:44:47 +0100},
biburl = {http://dblp.uni-trier.de/rec/bib/conf/kbse/LiC14},
bibsource = {dblp computer science bibliography, http://dblp.org}
}
Abstract
Real world programs are typically built on top of many library functions. Symbolic analysis of these programs generally requires precise models of these functions? Application Programming Interfaces (APIs), which are mostly unavailable because these models are costly to construct. A variant approach of symbolic analysis is to over-approximate the return values of those APIs that have not been modeled. However, such approximation can induce many unreachable symbolic states, which are expensive to validate manually. In this paper, we propose a static approach to automatically validating the reported anomalous symbolic states. The validation makes use of the available runtime data of the un-modeled APIs collected from previous program executions. We show that the symbolic state validation problem can be cast as a MAX-SAT problem and solved by existing constraint solvers.
Our approach is motivated by two observations. We may bind the symbolic parameters in un-modeled APIs based on observations made in former executions by other programs. The binding enables us to use the corresponding observed concrete return values of APIs to validate the symbolic states arising from the over-approximated return values of the un-modeled APIs. Second, some symbolic constraints can be accurately evaluated despite the imprecision of the over-approximated symbolic values.
Our technique found 80 unreported bugs when it was applied to 10 popular programs with a total of 1.5 million lines of code. All of them can be confirmed by test cases. Our technique presents a promising way to apply the big data paradigm to software engineering. It provides a mechanism to validate the symbolic states of a project by leveraging the many concrete input-output values of APIs collected from other projects.
ISSTA 2014
Rongxin Wu, Hongyu Zhang, Shing-Chi Cheung, and Sunghun Kim. CrashLocator: Locating Crashing Faults based on Crash Stacks . In Proceedings of the International Symposium on Software Testing and Analysis (ISSTA 2014), San Jose, California, USA, July 2014, pp. 204-214. ACM SIGSOFT Distinguished Paper Award.
@inproceedings{DBLP:conf/issta/WuZCK14,
author = {Rongxin Wu and
Hongyu Zhang and
Shing{-}Chi Cheung and
Sunghun Kim},
title = {CrashLocator: locating crashing faults based on crash stacks},
booktitle = {International Symposium on Software Testing and Analysis, {ISSTA}
'14, San Jose, CA, {USA} - July 21 - 26, 2014},
pages = {204--214},
year = {2014},
crossref = {DBLP:conf/issta/2014},
url = {http://doi.acm.org/10.1145/2610384.2610386},
doi = {10.1145/2610384.2610386},
timestamp = {Sun, 13 Jul 2014 13:49:26 +0200},
biburl = {http://dblp.uni-trier.de/rec/bib/conf/issta/WuZCK14},
bibsource = {dblp computer science bibliography, http://dblp.org}
}
Abstract
Software crash is common. When a crash occurs, software developers can receive a report upon user permission. A crash report typically includes a call stack at the time of crash. An important step of debugging a crash is to identify faulty functions, which is often a tedious and labor-intensive task. In this paper, we propose CrashLocator, a method to locate faulty functions using the crash stack information in crash reports. It deduces possible crash traces (the failing execution traces that lead to crash) by expanding the crash stack with functions in static call graph. It then calculates the suspiciousness of each function in the approximate crash traces. The functions are then ranked by their suspiciousness scores and are recommended to developers for further investigation. We evaluate our approach using real-world Mozilla crash data. The results show that our approach is effective: we can locate 50.6%, 63.7% and 67.5% of crashing faults by examining top 1, 5 and 10 functions recommended by CrashLocator, respectively. Our approach outperforms the conventional stack-only methods significantly.
ICSE 2014
Wensheng Dou, Shing-Chi Cheung, and Jun Wei. Is Spreadsheet Ambiguity Harmful? Detecting and Repairing Spreadsheet Smells due to Ambiguous Computation. In Proceedings of the 36th International Conference on Software Engineering (ICSE 2014), Hyderabad, India, May-Jun 2014, pp. 848-858.
@inproceedings{DBLP:conf/icse/DouCW14,
author = {Wensheng Dou and
Shing{-}Chi Cheung and
Jun Wei},
title = {Is spreadsheet ambiguity harmful? detecting and repairing spreadsheet
smells due to ambiguous computation},
booktitle = {36th International Conference on Software Engineering, {ICSE} '14,
Hyderabad, India - May 31 - June 07, 2014},
pages = {848--858},
year = {2014},
crossref = {DBLP:conf/icse/2014},
url = {http://doi.acm.org/10.1145/2568225.2568316},
doi = {10.1145/2568225.2568316},
timestamp = {Mon, 14 Sep 2015 15:13:50 +0200},
biburl = {http://dblp.uni-trier.de/rec/bib/conf/icse/DouCW14},
bibsource = {dblp computer science bibliography, http://dblp.org}
}
Abstract
Spreadsheets are widely used by end users for numerical computation in their business. Spreadsheet cells whose computation is subject to the same semantics are often clustered in a row or column. When a spreadsheet evolves, these cell clusters can degenerate due to ad hoc modifications or undisciplined copy-and-pastes. Such degenerated clusters no longer keep cells prescribing the same computational semantics, and are said to exhibit ambiguous computation smells. Our empirical study finds that such smells are common and likely harmful. We propose AmCheck, a novel technique that automatically detects and repairs ambiguous computation smells by recovering their intended computational semantics. A case study using AmCheck suggests that it is useful for discovering and repairing real spreadsheet problems.
ICSE 2014
Yepang Liu, Chang Xu, and Shing-Chi Cheung. Characterizing and Detecting Performance Bugs for Smartphone Applications. In Proceedings of the 36th International Conference on Software Engineering (ICSE 2014), Hyderabad, India, May-Jun 2014, pp. 1013-1024. ACM SIGSOFT Distinguished Paper Award.
@inproceedings{DBLP:conf/icse/LiuXC14,
author = {Yepang Liu and
Chang Xu and
Shing{-}Chi Cheung},
title = {Characterizing and detecting performance bugs for smartphone applications},
booktitle = {36th International Conference on Software Engineering, {ICSE} '14,
Hyderabad, India - May 31 - June 07, 2014},
pages = {1013--1024},
year = {2014},
crossref = {DBLP:conf/icse/2014},
url = {http://doi.acm.org/10.1145/2568225.2568229},
doi = {10.1145/2568225.2568229},
timestamp = {Sun, 18 May 2014 16:12:57 +0200},
biburl = {http://dblp.uni-trier.de/rec/bib/conf/icse/LiuXC14},
bibsource = {dblp computer science bibliography, http://dblp.org}
}
Abstract
Smartphone applications’ performance has a vital impact on user experience. However, many smartphone applications suffer from bugs that cause significant performance degradation, thereby losing their competitive edge. Unfortunately, people have little understanding of these performance bugs. They also lack effective techniques to fight with such bugs. To bridge this gap, we conducted a study of 70 real-world performance bugs collected from eight large-scale and popular Android applications. We studied the characteristics (e.g., bug types and how they manifested) of these bugs and identified their common patterns. These findings can support follow-up research on performance bug avoidance, testing, debugging and analysis for smartphone applications. To demonstrate the usefulness of our findings, we implemented a static code analyzer, PerfChecker, to detect our identified performance bug patterns. We experimentally evaluated PerfChecker by applying it to 29 popular Android applications, which comprise 1.1 million lines of Java code. PerfChecker successfully detected 126 matching instances of our performance bug patterns. Among them, 68 were quickly confirmed by developers as previouslynunknown issues that affect application performance, and 20 were fixed soon afterwards by following our optimization suggestions.