StaticTracker: A Diff Tool for Static Code Warnings

被引:0
|
作者
Li, Junjie [1 ]
Yang, Jinqiu [1 ]
机构
[1] Concordia Univ, Montreal, PQ, Canada
来源
2023 IEEE INTERNATIONAL CONFERENCE ON SOFTWARE MAINTENANCE AND EVOLUTION, ICSME | 2023年
关键词
static analysis; empirical study; code refactoring; software evolution; ALGORITHM;
D O I
10.1109/ICSME58846.2023.00074
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
Static bug detectors help improve software quality by detecting code issues (e.g., code smells or bugs). However, static bug detectors are underutilized in practice due to various reasons. One primary reason is that static bug detectors often report an overwhelming number of static warnings for one software revision. To facilitate better adoption of static bug detectors in software development, we propose a tool, namely StaticTracker, that specializes in tracking the evolution of static code warnings. StaticTracker analyzes each commit and produces the changes of static code warnings caused by the commit, i.e., a diff for static code warnings. We integrate StaticTracker in continuous integration through Git Hooks. Whenever developers push code to a git repository, StaticTracker is automatically activated to identify disappeared and newly-introduced warnings by the commit. We implement StaticTracker for two static bug detectors (Spotbugs and PMD) and evaluate StaticTracker on the recent commits of two open-source projects (Druid and Jedis). Our evaluation shows that StaticTracker is effective in reducing the overwhelming static code warnings that developers need to investigate and achieves an accuracy of 89.8%, which outperforms the state-of-the-art tracking approach with an accuracy of 68.5%. We open source the tool at https://github.com/ljj430/tracking-static-warnings tool demo, and the demo video is at https://www.youtube.com/watch?v=2WMOjoq1Nbs.
引用
收藏
页码:568 / 573
页数:6
相关论文
共 50 条
  • [31] Review Efforts Reduction by Partitioning of Static Analysis Warnings
    Muske, Tukaram B.
    Baid, Ankit
    Sanas, Tushar
    2013 IEEE 13TH INTERNATIONAL WORKING CONFERENCE ON SOURCE CODE ANALYSIS AND MANIPULATION (SCAM), 2013, : 106 - 115
  • [32] Evaluating Static Analysis Defect Warnings On Production Software
    Ayewah, Nathaniel
    Pugh, William
    Morgenthaler, J. David
    Penix, John
    Zhou, YuQian
    PASTE'07 PROCEEDINGS OF THE 2007 ACM SIGPLAN- SIGSOFT WORKSHOP ON PROGRAM ANALYSIS FOR SOFTWARE TOOLS & ENGINEERING, 2007, : 1 - +
  • [33] αDiff: Cross-Version Binary Code Similarity Detection with DNN
    Liu, Bingchang
    Huo, Wei
    Zhang, Chao
    Li, Wenchao
    Li, Feng
    Piao, Aihua
    Zou, Wei
    PROCEEDINGS OF THE 2018 33RD IEEE/ACM INTERNATIONAL CONFERENCE ON AUTOMTED SOFTWARE ENGINEERING (ASE' 18), 2018, : 667 - 678
  • [34] DiffViz: A Diff Algorithm Independent Visualization Tool for Edit Scripts
    Frick, Veit
    Wedenig, Christoph
    Pinzger, Martin
    PROCEEDINGS 2018 IEEE INTERNATIONAL CONFERENCE ON SOFTWARE MAINTENANCE AND EVOLUTION (ICSME), 2018, : 705 - 709
  • [35] Ratings checklist for warnings: a prototype tool to aid experts in the adequacy evaluation of proposed or existing warnings
    Lenorovitz, David R.
    Leonard, S. David
    Karnes, Edward W.
    WORK-A JOURNAL OF PREVENTION ASSESSMENT & REHABILITATION, 2012, 41 : 3616 - 3623
  • [36] How different are different diff algorithms in Git? Use --histogram for code changes
    Nugroho, Yusuf Sulistyo
    Hata, Hideaki
    Matsumoto, Kenichi
    EMPIRICAL SOFTWARE ENGINEERING, 2020, 25 (01) : 790 - 823
  • [37] Directed Dynamic Symbolic Execution for Static Analysis Warnings Confirmation
    Gerasimov, A. Yu
    PROGRAMMING AND COMPUTER SOFTWARE, 2018, 44 (05) : 316 - 323
  • [38] Static Analysis of ROP Code
    D'Elia, Daniele Cono
    Coppa, Emilio
    Salvati, Andrea
    Demetrescu, Camil
    PROCEEDINGS OF THE 12TH EUROPEAN WORKSHOP ON SYSTEMS SECURITY (EUROSEC 2019), 2019,
  • [39] Applying Static Code Analysis on Industrial Controller Code
    Stattelmann, Stefan
    Biallas, Sebastian
    Schlich, Bastian
    Kowalewski, Stefan
    2014 IEEE EMERGING TECHNOLOGY AND FACTORY AUTOMATION (ETFA), 2014,
  • [40] Directed Dynamic Symbolic Execution for Static Analysis Warnings Confirmation
    A. Yu. Gerasimov
    Programming and Computer Software, 2018, 44 : 316 - 323