缺陷理解研究:现状、问题与发展
作者:
作者简介:

李晓卓(1992-),女,北京人,硕士,主要研究领域为程序分析,软件缺陷定位;贺也平(1962-),男,博士,研究员,博士生导师,主要研究领域为系统安全,隐私保护;马恒太(1970-),男,博士,副研究员,主要研究领域为软件安全分析,操作系统安全.

通讯作者:

李晓卓,E-mail:xiaozhuo@nfs.iscas.ac.cn;贺也平,E-mail:yeping@iscas.ac.cn

中图分类号:

TP311

基金项目:

核高基国家科技重大专项(2014ZX01029101-002);中国科学院战略性先导科技专项(XDA-Y01-01)


Defect Comprehension Research: Present, Problem and Prospect
Author:
Fund Project:

CHB National Science and Technology Major Project of China (2014ZX01029101-002); Strategic PriorityResearch Program of Chinese Academy of Sciences (XDA-Y01-01)

  • 摘要
  • | |
  • 访问统计
  • |
  • 参考文献 [154]
  • |
  • 相似文献 [20]
  • |
  • 引证文献
  • | |
  • 文章评论
    摘要:

    缺陷理解是针对缺陷本身及衍生产物建立完整认知过程的研究.由于调试的连贯性及完美缺陷理解假设不合理性,深入分析缺陷传播过程及缺陷间关系、研究关键信息检测及理解信息表达方式,提取及表达面向缺陷研究不同场景不同需求下的可理解性信息,最终达到优化缺陷分析结果及辅助调试各过程缺陷知识复用及积累的目的成为必然.由定位与修复之间存在的知识割裂问题出发,思考缺陷理解研究的本质,明确缺陷处理过程中缺乏知识挖掘及互用问题.通过工程实例分析及文献成果梳理,提炼总结缺陷理解领域的研究方向及技术方法,探讨缺陷理解研究中的特点及难点,思考缺陷理解研究中存在的问题及未来的研究方向,对缺陷理解的研究趋势进行了展望.

    Abstract:

    Defect comprehension is the study of establishing a complete cognitive process for the defect itself and its derivatives. Because of the coherence of debugging and the incomprehensibility of information under the assumption of perfect bug understanding, through analysis of defect propagation process and the relationship between defects, research on key information detection and understanding information expression, extraction, and expression of understandable information for different scenarios and different needs of defect research, ultimately achieving the goal of optimizing defect analysis results and assisting the reuse and accumulation of defect knowledge in debugging process becomes inevitable. This study starts from the problem of knowledge fragmentation between location and repair, considers the essence of defect understanding research, clarifies the lack of knowledge mining and interoperability in the process of defect handling. Through the summary of engineering examples and the analysis of literature results, the research directions and technical methods in the field of defect comprehension are summarized, the characteristics and difficulties in the study of defect comprehension are discussed, the existing problems in the study and the future research directions are considered, and the research trend of defect comprehension is prospected.

    参考文献
    [1] Jones JA. Semiautomatic fault location[Ph.D. Thesis]. Georgia Institute of Technology, 2008.
    [2] Mei H, Wang QX, Zhang L, Wang J. Software analysis:A road map. Chinese Journal of Computers, 2009,32(9):1697-1710(in Chinese with English abstract).[doi:10.11897/SP.J.1016.2015.02203]
    [3] Wang KC, Wang TT, Su XH, Ma PJ. Key scientific isues and state-art of automatic software fault localization. Chinese Journal of Computers, 2015,38(11):2262-2278(in Chinese with English abstract).[doi:10.11897/SP.J.1016.2015.02262]
    [4] Xu X, Debroy V, Wong WE, Guo D. Ties within fault localization rankings:Exposing and addressing the problem. Int'l Journal of Software Engineering and Knowledge Engineering, 2011,21(6):803-827.[doi:10.1142/S0218194011005505]
    [5] Wong WE, Gao RZ, Li YH, Abreu R, Wotawa F. A survey on software fault localization. IEEE Trans. on Software Engineering, 2016,42(8):707-740.[doi:10.1109/TSE.2016.2521368]
    [6] Yoo S, Moon S, Kim Y, Shin Y. Ask the mutants:Mutating faulty programs for fault localization. In:Proc. of the 7th IEEE Int'l Conf. on Software Testing. IEEE, 2014. 153-162.[doi:10.1109/ICST.2014.28]
    [7] Lei Y, Mao X, Zhang M, Ren J, Jiang Y. Toward understanding information models of fault localization:Elaborate is not always better. In:Proc. of the Computer Software & Applications Conf. IEEE, 2017. 57-66.[doi:10.1109/COMPSAC.2017.246]
    [8] Le TDB, Thung F, Lo D. Will this localization tool be effective for this bug? Mitigating the impact of unreliability of information retrieval based bug localization tools. Empirical Software Engineering, 2017,22(4):2237-2279.
    [9] Pearson S, Campos J, Just R, Fraser G, Abreu R, Ernst M, Pang D, Keller B. Evaluating and improving fault localization. In:Proc. of the 39th IEEE/ACM Int'l Conf. on Software Engineering (ICSE). IEEE Computer Society, 2017. 609-620.[doi:10.1109/ICSE.2017.62]
    [10] Le TDB, Lo D, Thung F. Should I follow this fault localization tool's output? Empirical Software Engineering, 2015,20(5):1237-1274.
    [11] Lucia L, Thung F, Lo D, Jiang L. Are faults localizable? In:Proc. of the Mining Software Repositories. IEEE, 2012. 74-77.[doi:10.1109/MSR.2012.6224302]
    [12] Parnin C, Orso A. Are automated debugging techniques actually helping programmers? In:Proc. of the Int'l Symp. on Software Testing & Analysis. ACM Press, 2011. 199-209.[doi:10.1145/2001420.2001445]
    [13] Motwani M, Sankaranarayanan S, Just R, Brun Y. Do automated program repair techniques repair hard and important bugs? Empirical Software Engineering, 2018,23:2901-2947.
    [14] Lam AN, Nguyen AT, Nguyen HA, Nguyen TN. Combining deep learning with information retrieval to localize buggy files for bug reports. In:Proc. of the 30th IEEE/ACM Int'l Conf. on Automated Software Engineering. Lincoln, 2015. 476-481.
    [15] Xiao Y, Jacky K, Kwabena B, Mi Q. Machine translation-based bug localization technique for bridging lexical gap. In:Proc. of the Information and Software Technology. 2018. 58-61.
    [16] Huo X, Li M, Zhou ZH. Learning unified features from natural and programming languages for locating buggy source code. In:Proc. of the 25th Int'l Joint Conf. on Artificial Intelligence. New York, 2016. 1606-1612.
    [17] Saha RK, Khurshid S, Perry DE. Understanding the triaging and fixing processes of long lived bugs. Information and Software Technology, 2015,65:114-128.[doi:10.1016/j.infsof.2015.03.002]
    [18] Zhou J, Zhang HY. Learning to rank duplicate bug reports. In:Proc. of the 21st ACM Int'l Conf. on Information and Knowledge Management (CIKM). New York:ACM Press, 2012. 852-861.[doi:10.1145/2396761.2396869]
    [19] Yu K, Lin MX. Advances in automatic fault localization techniques. Chinese Journal of Computers, 2011,34(8):1411-1422(in Chinese with English abstract).[doi:10.3724/SP.J.1016.2011.01411]
    [20] Goues CL, Nguyen T, Forrest S, Weimer W. GenProg:A generic method for automatic software repair. IEEE Trans. on Software Engineering, 2012,38(1):54-72.
    [21] Kim D, Nam J, Song J, Kim S. Automatic patch generation learned from human-written patches. In:Proc. of the 35th Int'l Conf. on Software Engineering. San Francisco, 2013. 802-811.
    [22] Avizienis A, Laprie JC, Randell B, Landwehr CE. Basic concepts and taxonomy of dependable and secure computing. IEEE Trans. on Dependable and Secure Computing, 2004. 11-33.[doi:10.1109/TDSC.2004.2]
    [23] Binkley D. Source code analysis:A road map. In:Proc. of the 2007 Future of Software Engineering (FOSE). Washington:IEEE Computer Society, 2007. 104-119.
    [24] Jin Z, Liu F, Li G. Program comprehension:Present and future. Ruan Jian Xue Bao/Journal of Software. 2019,30(1):110-126(in Chinese with English abstract). http://www.jos.org.cn/1000-9825/5643.htm[doi:10.13328/j.cnki.jos.005643]
    [25] Weiser M. Programmers use slices when debugging. Communications of the ACM, 1982,25(7):446-452.
    [26] Li XY, Zhu SW, d'Amorim M, Orso A. Enlightened debugging. In:Proc. of the 40th Int'l Conf. on Software Engineering (ICSE). New York:ACM Press, 2018. 82-92.
    [27] Woo M, Cha SK, Gottlieb S, Brumley D. Scheduling black-box mutational fuzzing. In:Proc. of the 2013 ACM SIGSAC Conf. on Computer & Communications Security. New York:ACM Press, 2013. 511-522.
    [28] Wang J, Chen B, Wei L, Liu Y. Skyfire:Data-driven seed generation for fuzzing. In:Proc. of the IEEE Symp. on Security and Privacy (SP). San Jose, 2017. 579-594.[doi:10.1109/SP.2017.23]
    [29] Kang M, Mccamant S, Poosankam P, Song D. DTA++:Dynamic taint analysis with targeted control-flow propagation. In:Proc. of the Network and Distributed System Security Symp. (NDSS 2011). San Diego:DBLP, 2011. 1-14.
    [30] Tian S, Liang HL. Survey of static analysis methods for binary code vulnerability. Computer Science, 2009,36(7):8-14.
    [31] Zhang T, Chen J, Jiang H, Luo X, Xia X. Bug report enrichment with application of automated fixer recommendation. In:Proc. of the 25th IEEE/ACM Int'l Conf. on Program Comprehension (ICPC). IEEE, 2017. 230-240.[doi:10.1109/ICPC.2017.28]
    [32] Groce A. Error explanation with distance metrics. In:Jensen K, Podelski A, eds. Proc. of the Tools and Algorithms for the Construction and Analysis of Systems (TACAS). Berlin, 2004. 108-122.
    [33] Zhang J, Zhang C, Xuan J, Xiong Y, Wang Q, Liang B, Li L, Dou W, Chen Z, Chen L, Cai Y. Recent progress in program analysis. Ruan Jian Xue Bao/Journal of Software, 2019,30(1):80-109(in Chinese with English abstract). http://www.jos.org.cn/1000-9825/5651.htm[doi:10.13328/j.cnki.jos.005651]
    [34] Souza HAD, Chaim ML. Adding context to fault localization with integration coverage. In:Proc. of the IEEE/ACM Int'l Conf. on Automated Software Engineering. IEEE Press, 2013. 628-633.[doi:10.1109/ASE.2013.6693124]
    [35] Lucia L, David L, Jiang L, Thung F, Budi A. Data from:Extended comprehensive study of association measures for fault localization. Journal of Software Maintenance & Evolution Research & Practice, 2014,26(2):172-219.
    [36] Jin GL, Song LH, Shi XM, Scherpelz J, Lu S. Understanding and detecting real-world performance bugs. In:Proc. of the 33rd ACM SIGPLAN Conf. on Programming Language Design and Implementation (PLDI). New York:ACM Press, 2012. 77-88.
    [37] Zaman S, Adams B, Hassan A. A qualitative study on performance bugs. Mining software repositories. In:Proc. of the 9th IEEE Working Conf. on Mining Software Repositories (MSR). Piscataway:IEEE Press, 2012. 199-208.
    [38] Zuo ZQ, Khoo SC, Sun CN. Efficient predicated bug signature mining via hierarchical instrumentation. In:Proc. of the 2014 Int'l Symp. on Software Testing and Analysis (ISSTA). New York:ACM Press, 2014. 215-224.
    [39] Lo D, Cheng H, Wang X. Bug signature minimization and fusion. In:Proc. of the 13th IEEE Int'l Symp. on High-assurance Systems Engineering. Boca Raton, 2011. 340-347.[doi:10.1109/HASE.2011.36]
    [40] Kong X, Zhang L, Wong WE, Li B. Experience report:How do techniques, programs, and tests impact automated program repair? In:Proc. of the 26th IEEE Int'l Symp. on Software Reliability Engineering. IEEE Computer Society, 2015. 194-204.
    [41] Inozemtseva L. Understanding the software fault introduction process. In:Proc. of the IEEE/ACM Int'l Conf. on Software Engineering. IEEE, 2015. 843-846.[doi:10.1109/ICSE.2015.274]
    [42] Schwartz-Narbonne D, Oh C, Schäf M, Wies T. VERMEER:A tool for tracing and explaining faulty C programs. In:Proc. of the IEEE/ACM Int'l Conf. on Software Engineering. IEEE, 2015. 737-740.[doi:10.1109/ICSE.2015.236]
    [43] Yi QP, Yang ZJ, Liu J, et al. A synergistic analysis method for explaining failed regression tests. In:Proc. of the 37th IEEE/ACM Int'l Conf. on Software Engineering. Florence, 2015. 257-267.[doi:10.1109/ICSE.2015.46]
    [44] Rahman MM, Roy CK. Improving IR-based bug localization with context-aware query reformulation. In:Proc. of the 26th ACM Joint Meeting on European Software Engineering Conf. and Symp. on the Foundations of Software Engineering (ESEC/FSE). New York:ACM Press, 2018. 621-632.
    [45] Davies S, Roper M. What's in a bug report? In:Proc. of the 8th ACM/IEEE Int'l Symp. on Empirical Software Engineering and Measurement (ESEM). New York:ACM Press, 2014. 10.
    [46] Wang SW, Lo D. Version history, similar report, and structure:Putting them together for improved bug localization. In:Proc. of the 22nd Int'l Conf. on Program Comprehension (ICPC). New York:ACM Press, 2014. 53-63.
    [47] Romo BA, Capiluppi A. Towards an automation of the traceability of bugs from development logs-A study based on open source software. In:Proc. of the 19th Int'l Conf. on Evaluation and Assessment in Software Engineering (EASE). New York:ACM Press, 2015.
    [48] Rastkar S, Murphy GC, Murray G. Automatic summarization of bug reports. IEEE Trans. on Software Engineering, 2014,40(4):366-380.
    [49] Ye X, Bunescu R, Liu C. Learning to rank relevant files for bug reports using domain knowledge. In:Proc. of the 22nd ACM SIGSOFT Int'l Symp. on Foundations of Software Engineering (FSE). New York:ACM Press, 2014. 689-699.
    [50] Kochhar PS, Tian Y, Lo D. Potential biases in bug localization:Do they matter? In:Proc. of the 29th ACM/IEEE Int'l Conf. on Automated Software Engineering (ASE). New York:ACM Press, 2014. 803-814.
    [51] Zuddas D, Jin W, Pastore F, Leonardo M, Alessandro O. MIMIC:Locating and understanding bugs by analyzing mimicked executions. In:Proc. of the ACM/IEEE Int'l Conf. on Automated Software Engineering (ASE). ACM Press, 2014. 815-825.
    [52] Liu P, Tripp O, Zhang CC. Grail:Context-aware fixing of concurrency bugs. In:Proc. of the 22nd ACM SIGSOFT Int'l Symp. on Foundations of Software Engineering (FSE). New York:ACM Press, 2014. 318-329.
    [53] Perez A, Abreu R. Cues for scent intensification in debugging. In:Proc. of the 2013 IEEE Int'l Symp. on Software Reliability Engineering Workshops (ISSREW). Pasadena, 2013. 120-125.[doi:10.1109/ISSREW.2013.6688890]
    [54] Ma P, Wang Y, Su X, Wang T. A novel fault localization method with fault propagation context analysis. In:Proc. of the 3rd Int'l Conf. on Instrumentation, Measurement, Computer, Communication and Control. Shenyang, 2013. 1194-1199.[doi:10.1109/IMCCC.2013.265]
    [55] Sun CN. Software bug management[Ph. D. Thesis]. Singapore:National University of Singapore, 2013.
    [56] Pastore F, Mariani L. AVA:Supporting debugging with failure interpretations. In:Proc. of the 6th IEEE Int'l Conf. on Software Testing, Verification and Validation. Luxembourg. 2013. 416-421.[doi:10.1109/ICST.2013.58]
    [57] Chen R, Liu Y, Jia Z, Gao J. Isolating and understanding program errors using probabilistic dispute model. In:Proc. of the IEEE 37th Annual Computer Software and Applications Conf. Kyoto, 2013. 633-638.[doi:10.1109/COMPSAC.2013.102]
    [58] Thung F, Lo D, Jiang L. Automatic recovery of root causes from bug-fixing changes. In:Proc. of the 20th Working Conf. on Reverse Engineering (WCRE). Koblenz, 2013. 92-101.[doi:10.1109/WCRE.2013.6671284]
    [59] Park S, Harrold MJ, Vuduc R. Griffin:Grouping suspicious memory-access patterns to improve understanding of concurrency bugs. In:Proc. of the 2013 Int'l Symp. on Software Testing and Analysis (ISSTA). New York:ACM Press, 2013. 134-144.
    [60] Sukkerd R, Beschastnikh I, Wuttke J, Zhang S, Bruri Y. Understanding regression failures through test-passing and test-failing code changes. In:Proc. of the 35th Int'l Conf. on Software Engineering (ICSE). San Francisco, 2013. 1177-1180.[doi:10.1109/ICSE.2013.6606672]
    [61] Park S. Fault comprehension for concurrent programs. In:Proc. of the 2013 Int'l Conf. on Software Engineering (ICSE). Piscataway:IEEE Press, 2013. 1444-1446.
    [62] Sumner WN. Automated failure explanation through execution comparison[Ph.D. Thesis]. West Lafayette:Purdue University, 2013.
    [63] Gao Z, Chen Z, Feng Y, Luo B. Mining sequential patterns of predicates for fault localization and understanding. In:Proc. of the IEEE Int'l Conf. on Software Security & Reliability. Gaithersburg, 2013. 109-118.[doi:10.1109/SERE.2013.33]
    [64] Li XC, Jiang H, Liu D, Ren ZL, Li G. Unsupervised deep bug report summarization. In:Proc. of the 26th Conf. on Program Comprehension (ICPC). New York:ACM Press, 2018. 144-155.
    [65] Saha RK, Lawall J, Khurshid S, Perry DE. Are these bugs really "normal"? In:Proc. of the 12th IEEE/ACM Working Conf. on Mining Software Repositories. Florence, 2015. 258-268.[doi:10.1109/MSR.2015.31]
    [66] Zhou J, Zhang H, David LO. Where should the bugs be fixed? More accurate information retrieval-based bug localization based on bug reports. In:Proc. of the 34th Int'l Conf. on Software Engineering (ICSE). Zurich, 2012. 14-24.[doi:10.1109/ICSE.2012. 6227210]
    [67] Digiuseppe N, Jones JA. Semantic fault diagnosis:Automatic natural-language fault descriptions. In:Proc. of the ACM SIGSOFT the 20th Int'l Symp. on the Foundations of Software Engineering (FSE). New York:ACM Press, 2012.
    [68] Wang Y, Zhong H. An empirical study of multi-entity changes in real bug fixes. In:Proc. of the 2018 IEEE Int'l Conf. on Software Maintenance and Evolution (ICSME). 2018. 287-298.[doi:10.1109/ICSME.2018.00038]
    [69] Zhang Y, Lo D, Xia X, Jiang J, Sun JL. Recommending frequently encountered bugs. In:Proc. of the 26th Conf. on Program Comprehension (ICPC). New York:ACM Press, 2018. 120-131.
    [70] Digiuseppe N, Jones JA. Fault interaction and its repercussions. In:Proc. of the 27th IEEE Int'l Conf. on Software Maintenance (ICSM). Williamsburg, 2011. 3-12.[doi:10.1109/ICSM.2011.6080767]
    [71] Deng F, Jones JA. Inferred dependence coverage to support fault contextualization. In:Proc. of the 26th IEEE/ACM Int'l Conf. on Automated Software Engineering (ASE). Lawrence, 2011. 512-515.[doi:10.1109/ASE.2011.6100112]
    [72] Wang TT, Su XH, Ma PJ, et al. Comprehension oriented software fault location. In:Proc. of the 2011 Int'l Conf. on Computer Science and Network Technology. Harbin, 2011. 340-343.[doi:10.1109/ICCSNT.2011.6181971]
    [73] Sun J, Pham LH, Thi LT, Wang JY, Peng X. Learning likely invariants to explain why a program fails. In:Proc. of the 22nd Int'l Conf. on Engineering of Complex Computer Systems. 2017. 70-79.[doi:10.1109/ICECCS.2017.12]
    [74] Banerjee A, Roychoudhury A, Harlie JA, Liang Z. Golden implementation driven software debugging. In:Proc. of the 18th ACM SIGSOFT Int'l Symp. on Foundations of Software Engineering (FSE). Santa Fe, 2010. 177-186.
    [75] Nie C, Zeng D, Zheng X, Wang F, Zhao H. Modeling open source software bugs with complex networks. In:Proc. of the 2010 IEEE Int'l Conf. on Service Operations and Logistics, and Informatics. Qingdao, 2010. 375-379.[doi:10.1109/SOLI.2010. 5551550]
    [76] Debroy V, Wong WE. Insights on fault interference for programs with multiple bugs. In:Proc. of the 20th Int'l Symp. on Software Reliability Engineering. Mysuru, 2009. 165-174.[doi:10.1109/ISSRE.2009.14]
    [77] Cheng H, Lo D, Zhou Y, Wang XY, Yan XF. Identifying bug signatures using discriminative graph mining. In:Proc. of the 18th Int'l Symp. on Software Testing and Analysis (ISSTA). New York:ACM Press, 2009. 141-152.
    [78] Leonardo Mariani FP. A toolset for automated failure analysis. In:Proc. of the 31st IEEE Int'l Conf. on Software Engineering. Vancouver, 2009. 563-566.[doi:10.1109/ICSE.2009.5070556]
    [79] Hsu HY, Jones JA, Orso A. Rapid:Identifying bug signatures to support debugging activities. In:Proc. of the 23rd IEEE/ACM Int'l Conf. on Automated Software Engineering (ASE). Washington:IEEE Computer Society, 2008. 439-442.
    [80] Xiong YF, Liu XY, Zeng MH, Zhang L, Huang G. Identifying patch correctness in test-based program repair. In:Proc. of the 40th Int'l Conf. on Software Engineering. New York:ACM Press, 2018. 789-799.
    [81] Ji T, Pan J, Chen L, Mao X. Identifying supplementary bug-fix commits. In:Proc. of the 42nd IEEE Annual Computer Software and Applications Conf. (COMPSAC). Tokyo, 2018. 184-193.
    [82] Yan XB, Liu B, Li JX. The failure behaviors of multi-faults programs:An empirical study. In:Proc. of the 2017 IEEE Int'l Conf. on Software Quality, Reliability and Security Companion. IEEE, 2017. 320-330.[doi:10.1109/QRS-C.2017.11]
    [83] Baltes S, Moseler O, Beck F, Diehl S. Navigate, understand, communicate:How developers locate performance bugs. In:Proc. of the 2015 ACM/IEEE Int'l Symp. on Empirical Software Engineering and Measurement (ESEM). Beijing, 2015. 1-10.[doi:10. 1109/ESEM.2015.7321208]
    [84] Dao T, Zhang L, Meng N. How does execution information help with information-retrieval based bug localization? In:Proc. of the 25th IEEE/ACM Int'l Conf. on Program Comprehension (ICPC). Buenos Aires, 2017. 241-250.[doi:10.1109/ICPC.2017.29]
    [85] Zhou C, Li B, Sun XB, Guo HJ. Recognizing software bug-specific named entity in software bug repository. In:Proc. of the 26th Conf. on Program Comprehension (ICPC). New York:ACM Press, 2018. 108-119.
    [86] Ang A, Perez A, Deursen AV, Abreu R. Revisiting the practical use of automated software fault localization techniques. In:Proc. of the 2017 IEEE Int'l Symp. on Software Reliability Engineering Workshops (ISSREW). Toulouse, 2017. 175-182.[doi:10.1109/ISSREW.2017.68]
    [87] Xu ZG, Ma SQ, Zhang XY, Zhu SF, Xu BW. Debugging with intelligence via probabilistic inference. In:Proc. of the 40th Int'l Conf. on Software Engineering (ICSE). New York:ACM Press, 2018. 1171-1181.
    [88] Baah GK, Podgurski A, Harrold MJ. The probabilistic program dependence graph and its application to fault diagnosis. IEEE Trans. on Software Engineering, 2010,36(4):528-545.
    [89] Shin D, Bae DH. A theoretical framework for understanding mutation-based testing methods. In:Proc. of the IEEE Int'l Conf. on Software Testing. IEEE, 2016. 299-308.[doi:10.1109/ICST.2016.22]
    [90] Rodríguez-Pérez G, Zaidman A, Serebrenik A, Robles G, González-Barahona JM. What if a bug has a different origin? Making sense of bugs without an explicit bug introducing change. In:Proc. of the 12th ACM/IEEE Int'l Symp. on Empirical Software Engineering and Measurement. New York:ACM Press, 2018.
    [91] Chen R, Chen S, Zhang N. Iterative path clustering for software fault localization. In:Proc. of the IEEE Int'l Conf. on Software Quality, Reliability and Security Companion. IEEE, 2016. 292-297.[doi:10.1109/QRS-C.2016.85]
    [92] Liu M, Liu P, Yang X, Zhao L. Fault localization guided execution comparison for failure comprehension. In:Proc. of the IEEE Int'l Conf. on Software Quality, Reliability and Security Companion. IEEE, 2016. 163-166.[doi:10.1109/QRS-C.2016.87]
    [93] Tu JX, Xie XY, Zhou YM, Xu BW, Chen L. A search based context-aware approach for understanding and localizing the fault via weighted call graph. In:Proc. of the 3rd Int'l Conf. on Trustworthy Systems and their Applications (TSA). Wuhan, 2016. 64-72.[doi:10.1109/TSA.2016.20]
    [94] Wang Y, Huang ZQ. Weighted control flow subgraph to support debugging activities. In:Proc. of the 2016 IEEE Int'l Conf. on Software Quality, Reliability and Security Companion. Vienna, 2016. 131-134.[doi:10.1109/QRS-C.2016.21]
    [95] Yi QP, Yang ZJ, Liu J, Zhao C, Wang C. Explaining software failures by cascade fault localization. ACM Trans. on Design Automation of Electronic Systems, 2015,20(3):1-28.[doi:10.1145/2738038]
    [96] Xie XY, Liu ZC, Song S, Chen ZY, Xuan JF, Xu BW. Revisit of automatic debugging via human focus-tracking analysis. In:Proc. of the 38th IEEE/ACM Int'l Conf. on Software Engineering (ICSE). Austin, 2016. 808-819.
    [97] Le TDB, Linares-Vasquez M, Lo D, Poshyvanyk D. RCLinker:Automated linking of issue reports and commits leveraging rich contextual information. In:Proc. of the 23rd IEEE Int'l Conf. on Program Comprehension. IEEE, 2015. 36-47.
    [98] Jonsson L, Broman D, Magnusson M, Sandahl K, Villani M, Eldh S. Automatic localization of bugs to faulty components in large scale software systems using bayesian classification. In:Proc. of the 2016 IEEE Int'l Conf. on Software Quality, Reliability and Security (QRS). IEEE, 2016. 423-430.[doi:10.1109/QRS.2016.54]
    [99] Wang XY, Liu YM. Fault localization using disparities of dynamic invariants. Journal of Systems & Software, 2016,122:144-154.[doi:10.1016/j.jss.2016.09.014]
    [100] Wen M, Wu R, Cheung SC. Locus:Locating bugs from software changes. In:Proc. of the 31st IEEE/ACM Int'l Conf. on Automated Software Engineering. ACM Press, 2016. 262-273.[doi:10.1145/2970276.2970359]
    [101] Jiang L, Su Z. Context-aware statistical debugging:From bug predictors to faulty control flow paths. In:Proc. of the IEEE/ACM Int'l Conf. on Automated Software Engineering. New York:ACM Press, 2007. 184-193.
    [102] He H, Gupta N. Automated debugging using path-based weakest preconditions. In:Wermelinger M., Margaria-Steffen T, eds. Proc. of the Fundamental Approaches to Software Engineering. LNCS 2984, Berlin, Heidelberg:Springer-Verlag, 2004. 267-280.
    [103] Cleve H. Locating causes of program failures. In:Proc. of the 27th Int'l Conf. on Software Engineering (ICSE). New York:ACM Press, 2005. 342-351.
    [104] Feng M, Gupta R. Learning universal probabilistic models for fault localization. In:Proc. of the ACM SIGPLAN-SIGSOFT Workshop on Program Analysis for Software Tools & Engineering. New York:ACM Press, 2010. 81-88.
    [105] Parsa S, Naree SA, Koopaei NE. Software fault localization via mining execution graphs. In:Murgante B, Gervasi O, Iglesias A, Taniar D, Apduhan BO, eds. Proc. of the Computational Science and Its Applications (ICCSA 2011). LNCS 6783, Berlin, Heidelberg:Springer-Verlag, 2011. 610-623.
    [106] Jones JA, Harrold MJ. Empirical evaluation of the tarantula automatic fault-localization technique. In:Proc. of the IEEE/ACM Int'l Conf. on Automated Software Engineering. New York:ACM Press, 2005. 273-282.
    [107] Zuo Z. Efficient statistical debugging via hierarchical instrumentation. In:Proc. of the Int'l Symp. on Software Testing & Analysis. New York:ACM Press, 2014. 457-460.
    [108] Nipkow T. Isabelle/Hol a Proof Assistant for Higher-Order Logic. Berlin, Heidelberg:Springer-Verlag, 2002. 53-64.
    [109] Cruz J. Constraint reasoning for differential models. In:Cruz J, ed. Proc. of the 2005 Conf. on Constraint Reasoning for Differential Models. Amsterdam:IOS Press, 2005. 1-216.
    [110] Clarke EM, Grumberg O, Long DE. Model checking and abstraction. In:Proc. of the NATO Advanced Study Institute on Deductive Program Design. Marktoberdorf, 1992.
    [111] Yang K, He YP, Ma HT, Wang XF. Precise execution reachability analysis:Theory and application. Ruan Jian Xue Bao/Journal of Software, 2018,29(1):1-22(in Chinese with English abstract). http://www.jos.org.cn/1000-9825/5375.htm[doi:10.13328/j.cnki.jos. 005375]
    [112] Dijkstra EW. A Discipline of Programming. Upper Saddle River:Prentice Hall PTR, 1997. 10-23.
    [113] Qi D, Roychoudhury A, Liang Z, Vaswani K. Darwin:An approach for debugging evolving programs. ACM Trans. on Software Engineering and Methodology, 2012.
    [114] Nan YH, Yang M, Yang ZM, et al. UIPicker:User-input privacy identification in mobile applications. In:Jung J, ed. Proc. of the 24th USENIX Conf. on Security Symp. (SEC). Berkeley:USENIX Association, 2015. 993-1008.
    [115] Han X, Yu TT, Lo D. PerfLearner:Learning from bug reports to understand and generate performance test frames. In:Proc. of the 33rd ACM/IEEE Int'l Conf. on Automated Software Engineering. New York:ACM Press, 2018. 17-28.
    [116] Jiang S, Armaly A, Mcmillan C. Automatically generating commit messages from diffs using neural machine translation. In:Proc. of the 32nd IEEE/ACM Int'l Conf. on Automated Software Engineering (ASE). ACM Press, 2017. 135-146.
    [117] Palomba F, Panichella A, Zaidman A, Oliveto R, Lucia AD. The scent of a smell:An extensive comparison between textual and structural smells. IEEE Trans. on Software Engineering, 2017,44(10):977-1000.[doi:10.1109/TSE.2017.2752171]
    [118] Zhou Y, Gu RH, Cheny T, et al. Analyzing APIs documentation and code to detect directive defects. In:Proc. of the IEEE/ACM Int'l Conf. on Software Engineering. IEEE, 2017. 27-37.
    [119] Thung F, Le XD, Lo D, Lawall J. Recommending code changes for automatic backporting of linux device drivers. In:Proc. of the 2016 IEEE Int'l Conf. on Software Maintenance and Evolution (ICSME). Raleigh, 2016. 222-232.
    [120] Renieres M, Reiss SP. Fault localization with nearest neighbor queries. In:Proc. of the IEEE Int'l Conf. on Automated Software Engineering. IEEE, 2003. 30-39.
    [121] Jones JA, Harrold MJ, Stasko J. Visualization of test information to assist fault localization. In:Proc. of the 24th Int'l Conf. on Software Engineering. ACM Press, 2002. 467-477.
    [122] Wong WE, Wei TT, Qi Y, Zhao L. A crosstab-based statistical method for effective fault localization. In:Proc. of the Int'l Conf. on Software Testing. IEEE, 2008. 42-51.
    [123] Kleer JD. Diagnosing multiple persistent and intermittent faults. In:Kitano H, ed. Proc. of the 21st Int'l Jont Conf. on Artifical Intelligence (IJCAI). San Francisco:Morgan Kaufmann Publishers Inc., 2009. 733-738.
    [124] Abreu R, Cardoso N. A kernel density estimate-based approach to component goodness modeling. In:Proc. of the 27th AAAI Conf. on Artificial Intelligence. AAAI Press, 2013. 152-158.
    [125] Jones JA, Bowring JF, Harrold MJ. Debugging in parallel. In:Proc. of the 2007 Int'l Symp. on Software Testing and Analysis (ISSTA). New York:ACM Press, 2007. 16-26.
    [126] Zheng Y, Wang Z, Fan XY, Chen X, Yang ZJ. Localizing multiple software faults based on evolution algorithm. Journal of Systems and Software, 2018,(139):107-123.
    [127] Gao R, Wong WE. Mseer-An advanced technique for locating multiple bugs in parallel. IEEE Trans. on Software Engineering, 2017. 1-21.[doi:10.1109/TSE.2017.2776912]
    [128] Shimomura T, Ikeda K. Two types of deadlock detection:Cyclic and acyclic. In:Chen L, Kapoor S, Bhatia R, eds. Proc. of the Intelligent Systems for Science and Information, Studies in Computational Intelligence, Vol.542. Cham:Springer-Verlag, 2014. 233-259.
    [129] Naik M, Aiken A, Whaley J. Effective static race detection for Java. In:Proc. of the 27th ACM SIGPLAN Conf. on Programming Language Design and Implementation (PLDI). New York:ACM Press, 2006. 308-319.
    [130] Engler D, Ashcraft K. RacerX:Effective, static detection of race conditions and deadlocks. ACM SIGOPS Operating Systems Review, 2003,37(5):237-252.
    [131] Cai Y, Cao L. Fixing deadlocks via lock pre-acquisitions. In:Proc. of the 38th IEEE/ACM Int'l Conf. on Software Engineering (ICSE). Austin, 2016. 1109-1120.
    [132] Nir D, Tyszberowicz S, Yehudai A. Locating regression bugs. In:Yorav K, ed. Proc. of the 3rd Int'l Haifa Verification Conf. on Hardware and Software:Verification and Testing (HVC). Berlin, Heidelberg:Springer-Verlag, 2007. 218-234.
    [133] Liu ML, Yang XS, Zhao L, Wang LN. Discrete characteristic-based test execution selection for software fault localization and understanding. Computer Science, 2016,43(3):179-187(in Chinese with English abstract).[doi:10.11896/j.issn.1002-137X.2016. 3.034]
    [134] Yu Y, Jones J, Harrold MJ. An empirical study of the effects of test-suite reduction on fault localization. In:Proc. of the 30th ACM/IEEE Int'l Conf. on Software Engineering. Leipzig, 2008. 201-210.
    [135] Carmine V, Sebastian P, Timothy Z, Gall HC. Un-break my build:Assisting developers with build repair hints. In:Proc. of the 26th IEEE/ACM Int'l Conf. on Program Comprehension. 2018. 41-51.
    [136] Lawall J, Palinski D, Gnirke L, Muller G. Fast and precise retrieval of forward and back porting information for Linux device drivers. In:Proc. of the Usenix Conf. on Usenix Technical Conf. USENIX Association, 2017. 15-26.
    [137] Xiao Y, Keung J, Mi Q, Bennin KE. Bug localization with semantic and structural features using convolutional neural network and cascade forest. In:Proc. of the 22nd Int'l Conf. on Evaluation and Assessment in Software Engineering. New York:ACM Press, 2018. 101-111.
    [138] Böhme M, Pham VT, Nguyen MD, Roychoudhury A. Directed greybox fuzzing. In:Proc. of the 2017 ACM SIGSAC Conf. on Computer and Communications Security. ACM Press, 2017. 2329-2344.
    [139] Chen H, Xue Y, Li Y, Chen B, Xie X, Wu X, Liu Y. Hawkeye:Towards a desired directed grey-box fuzzer. In:Proc. of the 2018 ACM SIGSAC Conf. on Computer and Communications Security. ACM Press, 2018. 2095-2108.
    [140] Mills C. Towards the automatic classification of traceability links. In:Proc. of the IEEE/ACM Int'l Conf. on Automated Software Engineering. Urbana, 2017. 1018-1021.[doi:10.1109/ASE.2017.8115723]
    [141] Rempel P, Mader P. Preventing defects:The impact of requirements traceability completeness on software quality. IEEE Trans. on Software Engineering, 2017,43(8):777-797.[doi:10.1109/TSE.2016.2622264]
    [142] Li B, He YP, Ma HT. Automatic program repair:Key problems and technologies. Ruan Jian Xue Bao/Journal of Software, 2019, 30(2):244-265(in Chinese with English abstract). http://www.jos.org.cn/1000-9825/5657.htm[doi:10.13328/j.cnki.jos.005657]
    [143] Mens T, Claes M, Grosjean P, Serebrenik A. Studying evolving software ecosystems based on ecological models. In:Mens T, Serebrenik A, Cleve A, eds. Proc. of the Evolving Software Systems. Berlin, Heidelberg:Springer-Verlag, 2014. 297-326.
    [144] Hoving R, Slot G, Jansen S. Python:Characteristics identification of a free open source software ecosystem. In:Proc. of the IEEE Int'l Conf. on Digital Ecosystems & Technologies. Menlo Park, 2013. 13-18.[doi:10.1109/DEST.2013.6611322]
    附中文参考文献:
    [2] 梅宏,王千祥,张路,王戟.软件分析技术进展.计算机学报,2009,32(9):1697-1710.[doi:10.11897/SP.J.1016.2015.02203]
    [3] 王克朝,王甜甜,苏小红,马培军.软件错误自动定位关键科学问题及研究进展.计算机学报,2015,38(11):2262-2278.[doi:10. 11897/SP.J.1016.2015.02262]
    [19] 虞凯,林梦香.自动化软件错误定位技术研究进展.计算机学报,2011,34(8):1411-1422.[doi:10.3724/SP.J.1016.2011.01411]
    [24] 金芝,刘芳,李戈.程序理解:现状与未来.软件学报,2019,30(1):110-126. http://www.jos.org.cn/1000-9825/5643.htm[doi:10.13328/j.cnki.jos.005643]
    [30] 田硕,梁洪亮.二进制程序安全缺陷静态分析方法的研究综述.计算机科学,2009,36(7):8-14.
    [33] 张健,张超,玄跻峰,熊英飞,王千祥,梁彬,李炼,窦文生,陈振邦,陈立前,蔡彦.程序分析研究进展.软件学报,2019,30(1):80-109. http://www.jos.org.cn/1000-9825/5651.htm[doi:10.13328/j.cnki.jos.005651]
    [111] 杨克,贺也平,马恒太,王雪飞.精准执行可达性分析:理论与应用.软件学报,2018,29(1):1-22. http://www.jos.org.cn/1000-9825/5375.htm[doi:10.13328/j.cnki.jos.005375]
    [133] 刘梦冷,杨小双,赵磊,王丽娜.面向软件错误定位与理解的测试执行离散特征筛选.计算机科学,2016,43(3):179-187.[doi:10. 11896/j.issn.1002-137X.2016.3.034]
    [142] 李斌,贺也平,马恒太.程序自动修复:关键问题及技术.软件学报,2019,30(2):244-265. http://www.jos.org.cn/1000-9825/5657.htm[doi:10.13328/j.cnki.jos.005657]
    引证文献
    网友评论
    网友评论
    分享到微博
    发 布
引用本文

李晓卓,贺也平,马恒太.缺陷理解研究:现状、问题与发展.软件学报,2020,31(1):20-46

复制
分享
文章指标
  • 点击次数:4424
  • 下载次数: 8288
  • HTML阅读次数: 4919
  • 引用次数: 0
历史
  • 收稿日期:2019-03-20
  • 最后修改日期:2019-07-21
  • 在线发布日期: 2019-11-07
  • 出版日期: 2020-01-06
文章二维码
您是第19892660位访问者
版权所有:中国科学院软件研究所 京ICP备05046678号-3
地址:北京市海淀区中关村南四街4号,邮政编码:100190
电话:010-62562563 传真:010-62562533 Email:jos@iscas.ac.cn
技术支持:北京勤云科技发展有限公司

京公网安备 11040202500063号