首页 > 最新文献

2021 28th Asia-Pacific Software Engineering Conference (APSEC)最新文献

英文 中文
How Do Programmers Express High-Level Concepts using Primitive Data Types?
Pub Date : 2021-12-01 DOI: 10.1109/APSEC53868.2021.00043
Yusuke Shinyama, Yoshitaka Arahori, K. Gondow
We investigated how programmers express high-level concepts such as path names and coordinates using primitive data types. While relying too much on primitive data types is sometimes criticized as a bad smell, it is still a common practice among programmers. We propose a novel way to accurately identify expressions for certain predefined concepts by examining API calls. We defined twelve conceptual types used in the Java Standard API. We then obtained expressions for each conceptual type from 26 open source projects. Based on the expressions obtained, we trained a decision tree-based classifier. It achieved 83 % F -score for correctly predicting the conceptual type for a given expression. Our result indicates that it is possible to infer a conceptual type from a source code reasonably well once enough examples are given. The obtained classifier can be used for potential bug detection, test case generation and documentation.
我们研究了程序员如何使用基本数据类型表达高级概念,如路径名和坐标。虽然过分依赖原始数据类型有时被批评为一种不好的气味,但这仍然是程序员的常见做法。我们提出了一种新的方法,通过检查API调用来准确地识别某些预定义概念的表达式。我们定义了Java Standard API中使用的12种概念类型。然后,我们从26个开源项目中获得了每个概念类型的表达式。基于得到的表达式,我们训练了一个基于决策树的分类器。它在正确预测给定表达式的概念类型方面获得了83%的F分。我们的结果表明,只要给出足够多的例子,就有可能从源代码中很好地推断出概念类型。获得的分类器可用于潜在的错误检测、测试用例生成和文档。
{"title":"How Do Programmers Express High-Level Concepts using Primitive Data Types?","authors":"Yusuke Shinyama, Yoshitaka Arahori, K. Gondow","doi":"10.1109/APSEC53868.2021.00043","DOIUrl":"https://doi.org/10.1109/APSEC53868.2021.00043","url":null,"abstract":"We investigated how programmers express high-level concepts such as path names and coordinates using primitive data types. While relying too much on primitive data types is sometimes criticized as a bad smell, it is still a common practice among programmers. We propose a novel way to accurately identify expressions for certain predefined concepts by examining API calls. We defined twelve conceptual types used in the Java Standard API. We then obtained expressions for each conceptual type from 26 open source projects. Based on the expressions obtained, we trained a decision tree-based classifier. It achieved 83 % F -score for correctly predicting the conceptual type for a given expression. Our result indicates that it is possible to infer a conceptual type from a source code reasonably well once enough examples are given. The obtained classifier can be used for potential bug detection, test case generation and documentation.","PeriodicalId":143800,"journal":{"name":"2021 28th Asia-Pacific Software Engineering Conference (APSEC)","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126687066","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Literature Review on Log Anomaly Detection Approaches Utilizing Online Parsing Methodology* 利用在线解析方法进行日志异常检测的文献综述*
Pub Date : 2021-12-01 DOI: 10.1109/APSEC53868.2021.00068
Scott Lupton, H. Washizaki, Nobukazu Yoshioka, Y. Fukazawa
The use of anomaly detection for log monitoring requires parsing model input features from raw, unstructured data. Log parsing methods come in many forms, but are generally categorized as being either offline or online. In this study, a systematic literature review of anomaly detection approaches utilizing online parsing methods is performed. An inventory of these approaches is taken, research gaps are explored, and suggestions for future exploration and study are presented.
使用异常检测进行日志监控需要从原始的非结构化数据中解析模型输入特征。日志解析方法有多种形式,但通常分为离线和在线两类。在本研究中,对利用在线解析方法的异常检测方法进行了系统的文献综述。对这些方法进行了盘点,探讨了研究差距,并提出了对未来探索和研究的建议。
{"title":"Literature Review on Log Anomaly Detection Approaches Utilizing Online Parsing Methodology*","authors":"Scott Lupton, H. Washizaki, Nobukazu Yoshioka, Y. Fukazawa","doi":"10.1109/APSEC53868.2021.00068","DOIUrl":"https://doi.org/10.1109/APSEC53868.2021.00068","url":null,"abstract":"The use of anomaly detection for log monitoring requires parsing model input features from raw, unstructured data. Log parsing methods come in many forms, but are generally categorized as being either offline or online. In this study, a systematic literature review of anomaly detection approaches utilizing online parsing methods is performed. An inventory of these approaches is taken, research gaps are explored, and suggestions for future exploration and study are presented.","PeriodicalId":143800,"journal":{"name":"2021 28th Asia-Pacific Software Engineering Conference (APSEC)","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121480127","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
An Empirical Study on the Usage and Evolution of Identifier Styles in Practice 实践中标识语风格使用与演变的实证研究
Pub Date : 2021-12-01 DOI: 10.1109/APSEC53868.2021.00025
Jingxuan Zhang, W. Zou, Zhiqiu Huang
Identifiers play an important role in helping developers comprehend and maintain source code. In practice, developers usually employ two widely-used identifier styles, i.e., snake case and camel case, to format identifiers to make them understandable and informative. Despite researchers have empirically investigated the impacts of identifier styles on code comprehension activities, the usage and evolution of identifier styles, however, have not been fully explored. How are individual identifier styles formed in practice? How would identifier styles change and evolve? What are the potential impacts of identifier style-changes? Questions like these are important but have not been fully answered yet. In this paper, we conducted an empirical study on 9,792 GitHub projects to gain some insights into these problems. Specifically, we first analyzed how different identifier styles were formed in real software projects. Next, we explored the change patterns of identifier styles along with the project evolution. Finally, we investigated the potential impacts as well as categories of identifier style-changes. Our empirical results achieved some interesting findings. For example, we first reported some identifier style-change patterns (e.g., snake case →camel case → snake case), which could help developers resolve style-change problems in practice. Our study also provided some hints for researchers and developers when they use specific identifier styles in programs. For example, when researchers explore the impacts of identifier styles on code comprehension, they are suggested to consider the imbalanced distribution phenomenon of individual identifier styles. Besides, it is worthwhile for developers to build an identifier style-change prediction and propagation tool to reduce the style-change costs.
标识符在帮助开发人员理解和维护源代码方面发挥着重要作用。在实践中,开发人员通常使用两种广泛使用的标识符样式,即蛇形大小写和驼形大小写,来格式化标识符,使其易于理解和提供信息。尽管研究者们已经对标识符风格对代码理解活动的影响进行了实证研究,但标识符风格的使用和演变并没有得到充分的探讨。个人标识符风格在实践中是如何形成的?标识符样式将如何变化和发展?标识符样式更改的潜在影响是什么?这些问题很重要,但还没有得到充分的回答。在本文中,我们对9792个GitHub项目进行了实证研究,以期对这些问题有所了解。具体来说,我们首先分析了在实际的软件项目中不同的标识符样式是如何形成的。接下来,我们探讨了标识符样式随项目发展的变化模式。最后,我们调查了标识符风格变化的潜在影响和类别。我们的实证结果取得了一些有趣的发现。例如,我们首先报告了一些标识符样式更改模式(例如,蛇用例→骆驼用例→蛇用例),这可以帮助开发人员在实践中解决样式更改问题。我们的研究也为研究人员和开发人员在程序中使用特定的标识符样式提供了一些提示。例如,研究者在探索标识符风格对代码理解的影响时,建议考虑个体标识符风格的不平衡分布现象。此外,对于开发人员来说,构建标识符样式更改预测和传播工具以减少样式更改成本是值得的。
{"title":"An Empirical Study on the Usage and Evolution of Identifier Styles in Practice","authors":"Jingxuan Zhang, W. Zou, Zhiqiu Huang","doi":"10.1109/APSEC53868.2021.00025","DOIUrl":"https://doi.org/10.1109/APSEC53868.2021.00025","url":null,"abstract":"Identifiers play an important role in helping developers comprehend and maintain source code. In practice, developers usually employ two widely-used identifier styles, i.e., snake case and camel case, to format identifiers to make them understandable and informative. Despite researchers have empirically investigated the impacts of identifier styles on code comprehension activities, the usage and evolution of identifier styles, however, have not been fully explored. How are individual identifier styles formed in practice? How would identifier styles change and evolve? What are the potential impacts of identifier style-changes? Questions like these are important but have not been fully answered yet. In this paper, we conducted an empirical study on 9,792 GitHub projects to gain some insights into these problems. Specifically, we first analyzed how different identifier styles were formed in real software projects. Next, we explored the change patterns of identifier styles along with the project evolution. Finally, we investigated the potential impacts as well as categories of identifier style-changes. Our empirical results achieved some interesting findings. For example, we first reported some identifier style-change patterns (e.g., snake case →camel case → snake case), which could help developers resolve style-change problems in practice. Our study also provided some hints for researchers and developers when they use specific identifier styles in programs. For example, when researchers explore the impacts of identifier styles on code comprehension, they are suggested to consider the imbalanced distribution phenomenon of individual identifier styles. Besides, it is worthwhile for developers to build an identifier style-change prediction and propagation tool to reduce the style-change costs.","PeriodicalId":143800,"journal":{"name":"2021 28th Asia-Pacific Software Engineering Conference (APSEC)","volume":"89 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127603336","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Monitoring Negative Sentiment-Related Events in Open Source Software Projects 监控开源软件项目中的负面情绪相关事件
Pub Date : 2021-12-01 DOI: 10.1109/APSEC53868.2021.00017
Lingjia Li, Jian Cao, Qing Qi
Open source software (OSS) development is a highly collaborative process where individuals, groups and organizations interact to develop, operate and maintain software and related artifacts. The developers' sentiment in this process can have an impact on their working willingness and efficiency. Monitoring sentiment factors can help to improve OSS development and management. However, no method has been proposed to dynamically monitor the sentiment phenomena during the OSS development process. In this paper, an approach to detect Negative Sentiment-related Events (NSE) is proposed. It consists of two steps. The first step is to identify the burst interval of negative comments from open source projects, which corresponds to a NSE. The second step is to annotate this NSE with its event type. To support this approach, the types of NSEs in OSS projects are defined through an empirical study and classifiers are trained to annotate event types automatically. Moreover, conversation disentanglement techniques are employed to make the comments extracted more complete. Finally, the factors that have an influence on NSEs in the OSS project are studied.
开源软件(OSS)开发是一个高度协作的过程,在这个过程中,个人、团体和组织相互作用来开发、操作和维护软件及相关工件。在这个过程中,开发者的情绪会影响他们的工作意愿和效率。监视情绪因素可以帮助改进OSS的开发和管理。然而,目前还没有提出一种方法来动态监测OSS开发过程中的情绪现象。本文提出了一种检测负面情绪相关事件(NSE)的方法。它包括两个步骤。第一步是确定来自开源项目的负面评论的爆发间隔,这与NSE相对应。第二步是用它的事件类型注释这个NSE。为了支持这种方法,通过经验研究定义了OSS项目中的nse类型,并且训练了分类器来自动注释事件类型。此外,还采用了会话解纠缠技术,使提取的评论更加完整。最后,对影响OSS项目中nse的因素进行了研究。
{"title":"Monitoring Negative Sentiment-Related Events in Open Source Software Projects","authors":"Lingjia Li, Jian Cao, Qing Qi","doi":"10.1109/APSEC53868.2021.00017","DOIUrl":"https://doi.org/10.1109/APSEC53868.2021.00017","url":null,"abstract":"Open source software (OSS) development is a highly collaborative process where individuals, groups and organizations interact to develop, operate and maintain software and related artifacts. The developers' sentiment in this process can have an impact on their working willingness and efficiency. Monitoring sentiment factors can help to improve OSS development and management. However, no method has been proposed to dynamically monitor the sentiment phenomena during the OSS development process. In this paper, an approach to detect Negative Sentiment-related Events (NSE) is proposed. It consists of two steps. The first step is to identify the burst interval of negative comments from open source projects, which corresponds to a NSE. The second step is to annotate this NSE with its event type. To support this approach, the types of NSEs in OSS projects are defined through an empirical study and classifiers are trained to annotate event types automatically. Moreover, conversation disentanglement techniques are employed to make the comments extracted more complete. Finally, the factors that have an influence on NSEs in the OSS project are studied.","PeriodicalId":143800,"journal":{"name":"2021 28th Asia-Pacific Software Engineering Conference (APSEC)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133898679","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
An Exploration Study On the Dependency Among Vulnerabilities and Bugs 漏洞与bug依赖关系的探索性研究
Pub Date : 2021-12-01 DOI: 10.1109/APSEC53868.2021.00074
Shaikh Mostafa, Xiaoyin Wang
Security vulnerabilities are major defects in software implementation that allow malicious uses to undermine its integrity by triggering crashes, stealing information, or even taking control of the software and its underlying system. Despite the extensive research on vulnerabilities themselves, few studies have been performed on understanding the relations between security vulnerabilities and other bugs, which have attracted attention due to some recently found important vulnerabilities. In this paper, we present an exploration study on the vulnerability-bug relations in two important software projects: Firefox as the representative of browsers, and Red Hat as the representative of operating systems. In the study, we automatically extracted dependencies among vulnerability and bugs and manually investigated the character of such dependencies.
安全漏洞是软件实现中的主要缺陷,它允许恶意用户通过触发崩溃、窃取信息甚至控制软件及其底层系统来破坏其完整性。尽管对漏洞本身的研究非常广泛,但对安全漏洞与其他漏洞之间关系的研究却很少,最近发现的一些重要漏洞引起了人们的关注。本文对以Firefox为代表的浏览器和以Red Hat为代表的操作系统这两个重要软件项目中的漏洞-bug关系进行了探索性研究。在研究中,我们自动提取了漏洞和bug之间的依赖关系,并手工研究了这种依赖关系的特征。
{"title":"An Exploration Study On the Dependency Among Vulnerabilities and Bugs","authors":"Shaikh Mostafa, Xiaoyin Wang","doi":"10.1109/APSEC53868.2021.00074","DOIUrl":"https://doi.org/10.1109/APSEC53868.2021.00074","url":null,"abstract":"Security vulnerabilities are major defects in software implementation that allow malicious uses to undermine its integrity by triggering crashes, stealing information, or even taking control of the software and its underlying system. Despite the extensive research on vulnerabilities themselves, few studies have been performed on understanding the relations between security vulnerabilities and other bugs, which have attracted attention due to some recently found important vulnerabilities. In this paper, we present an exploration study on the vulnerability-bug relations in two important software projects: Firefox as the representative of browsers, and Red Hat as the representative of operating systems. In the study, we automatically extracted dependencies among vulnerability and bugs and manually investigated the character of such dependencies.","PeriodicalId":143800,"journal":{"name":"2021 28th Asia-Pacific Software Engineering Conference (APSEC)","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128954062","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Verification Assisted Gas Reduction for Smart Contracts 智能合约的验证辅助减气
Pub Date : 2021-12-01 DOI: 10.1109/APSEC53868.2021.00034
Bo Gao, Siyuan Shen, Ling Shi, Jiaying Li, Jun Sun, Lei Bu
Smart contracts are computerized transaction protocols built on top of blockchain networks. Users are charged with fees, a.k.a. gas in Ethereum, when they create, deploy or execute smart contracts. Since smart contracts may contain vulnerabilities which may result in huge financial loss, developers and smart contract compilers often insert codes for security checks. The trouble is that those codes consume gas every time they are executed. Many of the inserted codes are however redundant. In this work, we present sOptimize, a tool that optimizes smart contract gas consumption automatically without compromising functionality or security. sOptimize works on smart contract bytecode, statically identifies 3 kinds of code patterns, and further removes them through verification-assisted techniques. The resulting code is guaranteed to be equivalent to the original one and can be directly deployed on blockchain. We evaluate sOptimize on a collection of 1,152 real-world smart contracts and show that it optimizes 43% of them, and the reduction on gas consumption is about 2.0% while in deployment and 1.2% in transactions, the amount can be as high as 954,201 gas units per contract.
智能合约是建立在区块链网络之上的计算机化交易协议。当用户创建、部署或执行智能合约时,他们会被收取费用,也就是以太坊中的gas。由于智能合约可能包含可能导致巨大经济损失的漏洞,开发人员和智能合约编译器经常插入安全检查代码。问题是这些代码每次执行时都会消耗gas。然而,许多插入的代码是多余的。在这项工作中,我们提出了sOptimize,这是一种自动优化智能合约气体消耗而不影响功能或安全性的工具。优化工作在智能合约字节码上,静态识别三种代码模式,并通过验证辅助技术进一步删除它们。生成的代码保证与原始代码相同,并且可以直接部署在区块链上。我们在1152个真实智能合约的集合上对sOptimize进行了评估,结果表明它优化了43%的智能合约,在部署时减少了约2.0%的天然气消耗,在交易中减少了1.2%,每份合约的天然气消耗可高达954,201个天然气单位。
{"title":"Verification Assisted Gas Reduction for Smart Contracts","authors":"Bo Gao, Siyuan Shen, Ling Shi, Jiaying Li, Jun Sun, Lei Bu","doi":"10.1109/APSEC53868.2021.00034","DOIUrl":"https://doi.org/10.1109/APSEC53868.2021.00034","url":null,"abstract":"Smart contracts are computerized transaction protocols built on top of blockchain networks. Users are charged with fees, a.k.a. gas in Ethereum, when they create, deploy or execute smart contracts. Since smart contracts may contain vulnerabilities which may result in huge financial loss, developers and smart contract compilers often insert codes for security checks. The trouble is that those codes consume gas every time they are executed. Many of the inserted codes are however redundant. In this work, we present sOptimize, a tool that optimizes smart contract gas consumption automatically without compromising functionality or security. sOptimize works on smart contract bytecode, statically identifies 3 kinds of code patterns, and further removes them through verification-assisted techniques. The resulting code is guaranteed to be equivalent to the original one and can be directly deployed on blockchain. We evaluate sOptimize on a collection of 1,152 real-world smart contracts and show that it optimizes 43% of them, and the reduction on gas consumption is about 2.0% while in deployment and 1.2% in transactions, the amount can be as high as 954,201 gas units per contract.","PeriodicalId":143800,"journal":{"name":"2021 28th Asia-Pacific Software Engineering Conference (APSEC)","volume":"10 6 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114171386","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Effective Bug Triage Based on a Hybrid Neural Network 基于混合神经网络的有效Bug分类
Pub Date : 2021-12-01 DOI: 10.1109/APSEC53868.2021.00016
Hongbing Wang, Qi Li
With the increasing scale and complexity of open source software, the quality of software has become a focus to which repairers pay close attention. Due to the inevitable existence of some known or unknown bugs in software,under certain conditions, software bugs may directly cause program running errors, and then produce abnormal running results and wrong program behavior, which will cause huge economic losses. Therefore, software defect repair is an important part of software evolution and quality assurance. Quickly and efficiently assigning defect reports to the right repairer for repair,to ensure efficiency and reduce the cost of open-source software development is an important problem that must be solved in software quality improvement. In this study, we propose a new defect report repair recommendation algorithm, RCNN, which can effectively learn the features of the defect report and recommend the appropriate repairer according to the feature. The proposed algorithm uses a CNN convolution kernel to capture the local information of the text and RNN is used to capture the sequence information of the text. The attention mechanism is introduced to learn the contribution ratio of each part of the text to the overall semantic information of the text. Thus, to a certain extent, it makes up for the defect that RNN cannot effectively learn and monitor remote information. Through experiments on the Eclipse and Mozilla datasets, compared with NB (naive Bayes), SVM (support vector machines), LeeCNN and DBRNNA, the RCNN model can effectively find the appropriate bug repairer among many repairers, and achieve higher classification accuracy.
随着开源软件规模的不断扩大和复杂度的不断提高,软件的质量问题已经成为维修人员关注的焦点。由于软件中不可避免地存在一些已知或未知的bug,在一定条件下,软件bug可能直接导致程序运行错误,进而产生异常的运行结果和错误的程序行为,造成巨大的经济损失。因此,软件缺陷修复是软件进化和质量保证的重要组成部分。快速有效地将缺陷报告分配给合适的修复人员进行修复,以确保开源软件开发的效率和降低成本,是软件质量改进中必须解决的重要问题。在本研究中,我们提出了一种新的缺陷报告修复推荐算法RCNN,该算法可以有效地学习缺陷报告的特征,并根据特征推荐合适的修复人员。该算法使用CNN卷积核捕获文本的局部信息,使用RNN捕获文本的序列信息。引入注意机制,学习文本各部分对文本整体语义信息的贡献比例。从而在一定程度上弥补了RNN无法有效学习和监控远程信息的缺陷。通过在Eclipse和Mozilla数据集上的实验,与NB(朴素贝叶斯)、SVM(支持向量机)、LeeCNN和dbnna相比,RCNN模型可以有效地在众多修复器中找到合适的bug修复器,并达到更高的分类精度。
{"title":"Effective Bug Triage Based on a Hybrid Neural Network","authors":"Hongbing Wang, Qi Li","doi":"10.1109/APSEC53868.2021.00016","DOIUrl":"https://doi.org/10.1109/APSEC53868.2021.00016","url":null,"abstract":"With the increasing scale and complexity of open source software, the quality of software has become a focus to which repairers pay close attention. Due to the inevitable existence of some known or unknown bugs in software,under certain conditions, software bugs may directly cause program running errors, and then produce abnormal running results and wrong program behavior, which will cause huge economic losses. Therefore, software defect repair is an important part of software evolution and quality assurance. Quickly and efficiently assigning defect reports to the right repairer for repair,to ensure efficiency and reduce the cost of open-source software development is an important problem that must be solved in software quality improvement. In this study, we propose a new defect report repair recommendation algorithm, RCNN, which can effectively learn the features of the defect report and recommend the appropriate repairer according to the feature. The proposed algorithm uses a CNN convolution kernel to capture the local information of the text and RNN is used to capture the sequence information of the text. The attention mechanism is introduced to learn the contribution ratio of each part of the text to the overall semantic information of the text. Thus, to a certain extent, it makes up for the defect that RNN cannot effectively learn and monitor remote information. Through experiments on the Eclipse and Mozilla datasets, compared with NB (naive Bayes), SVM (support vector machines), LeeCNN and DBRNNA, the RCNN model can effectively find the appropriate bug repairer among many repairers, and achieve higher classification accuracy.","PeriodicalId":143800,"journal":{"name":"2021 28th Asia-Pacific Software Engineering Conference (APSEC)","volume":"6 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114341946","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
[Copyright notice] (版权)
Pub Date : 2021-12-01 DOI: 10.1109/apsec53868.2021.00003
{"title":"[Copyright notice]","authors":"","doi":"10.1109/apsec53868.2021.00003","DOIUrl":"https://doi.org/10.1109/apsec53868.2021.00003","url":null,"abstract":"","PeriodicalId":143800,"journal":{"name":"2021 28th Asia-Pacific Software Engineering Conference (APSEC)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116282717","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Improving Semantic Consistency of Variable Names with Use-Flow Graph Analysis 用用流图分析改进变量名的语义一致性
Pub Date : 2021-12-01 DOI: 10.1109/APSEC53868.2021.00030
Yusuke Shinyama, Yoshitaka Arahori, K. Gondow
Consistency is one of the keys to maintainable source code and hence a successful software project. We propose a novel method of extracting the intent of programmers from source code of a large project (~ 300 kLOC) and checking the semantic consistency of its variable names. Our system learns a project-specific naming convention for variables based on its role solely from source code, and suggest alternatives when it violates its internal consistency. The system can also show the reasoning why a certain variable should be named in a specific way. The system does not rely on any external knowledge. We applied our method to 12 open-source projects and evaluated its results with human reviewers. Our system proposed alternative variable names for 416 out of 1080 (39%) instances that are considered better than ones originally used by the developers. Based on the results, we created patches to correct the inconsistent names and sent them to its developers. Three open-source projects adopted it.
一致性是可维护源代码的关键之一,因此也是成功的软件项目的关键之一。我们提出了一种从大型项目(~ 300 kLOC)的源代码中提取程序员意图并检查其变量名语义一致性的新方法。我们的系统仅从源代码中学习基于变量角色的项目特定命名约定,并在违反其内部一致性时建议替代方案。该系统还可以显示为什么某个变量应该以特定的方式命名的原因。该系统不依赖于任何外部知识。我们将我们的方法应用于12个开源项目,并与人工审稿人一起评估其结果。我们的系统为1080个实例中的416个(39%)提出了替代变量名,这些变量名被认为比开发人员最初使用的更好。根据结果,我们创建了补丁来纠正不一致的名称并将其发送给其开发人员。三个开源项目采用了它。
{"title":"Improving Semantic Consistency of Variable Names with Use-Flow Graph Analysis","authors":"Yusuke Shinyama, Yoshitaka Arahori, K. Gondow","doi":"10.1109/APSEC53868.2021.00030","DOIUrl":"https://doi.org/10.1109/APSEC53868.2021.00030","url":null,"abstract":"Consistency is one of the keys to maintainable source code and hence a successful software project. We propose a novel method of extracting the intent of programmers from source code of a large project (~ 300 kLOC) and checking the semantic consistency of its variable names. Our system learns a project-specific naming convention for variables based on its role solely from source code, and suggest alternatives when it violates its internal consistency. The system can also show the reasoning why a certain variable should be named in a specific way. The system does not rely on any external knowledge. We applied our method to 12 open-source projects and evaluated its results with human reviewers. Our system proposed alternative variable names for 416 out of 1080 (39%) instances that are considered better than ones originally used by the developers. Based on the results, we created patches to correct the inconsistent names and sent them to its developers. Three open-source projects adopted it.","PeriodicalId":143800,"journal":{"name":"2021 28th Asia-Pacific Software Engineering Conference (APSEC)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130584540","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Message from the APSEC 2021 Chairs APSEC 2021届主席致辞
Pub Date : 2021-12-01 DOI: 10.1109/apsec53868.2021.00005
{"title":"Message from the APSEC 2021 Chairs","authors":"","doi":"10.1109/apsec53868.2021.00005","DOIUrl":"https://doi.org/10.1109/apsec53868.2021.00005","url":null,"abstract":"","PeriodicalId":143800,"journal":{"name":"2021 28th Asia-Pacific Software Engineering Conference (APSEC)","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134070659","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
期刊
2021 28th Asia-Pacific Software Engineering Conference (APSEC)
全部 Acc. Chem. Res. ACS Applied Bio Materials ACS Appl. Electron. Mater. ACS Appl. Energy Mater. ACS Appl. Mater. Interfaces ACS Appl. Nano Mater. ACS Appl. Polym. Mater. ACS BIOMATER-SCI ENG ACS Catal. ACS Cent. Sci. ACS Chem. Biol. ACS Chemical Health & Safety ACS Chem. Neurosci. ACS Comb. Sci. ACS Earth Space Chem. ACS Energy Lett. ACS Infect. Dis. ACS Macro Lett. ACS Mater. Lett. ACS Med. Chem. Lett. ACS Nano ACS Omega ACS Photonics ACS Sens. ACS Sustainable Chem. Eng. ACS Synth. Biol. Anal. Chem. BIOCHEMISTRY-US Bioconjugate Chem. BIOMACROMOLECULES Chem. Res. Toxicol. Chem. Rev. Chem. Mater. CRYST GROWTH DES ENERG FUEL Environ. Sci. Technol. Environ. Sci. Technol. Lett. Eur. J. Inorg. Chem. IND ENG CHEM RES Inorg. Chem. J. Agric. Food. Chem. J. Chem. Eng. Data J. Chem. Educ. J. Chem. Inf. Model. J. Chem. Theory Comput. J. Med. Chem. J. Nat. Prod. J PROTEOME RES J. Am. Chem. Soc. LANGMUIR MACROMOLECULES Mol. Pharmaceutics Nano Lett. Org. Lett. ORG PROCESS RES DEV ORGANOMETALLICS J. Org. Chem. J. Phys. Chem. J. Phys. Chem. A J. Phys. Chem. B J. Phys. Chem. C J. Phys. Chem. Lett. Analyst Anal. Methods Biomater. Sci. Catal. Sci. Technol. Chem. Commun. Chem. Soc. Rev. CHEM EDUC RES PRACT CRYSTENGCOMM Dalton Trans. Energy Environ. Sci. ENVIRON SCI-NANO ENVIRON SCI-PROC IMP ENVIRON SCI-WAT RES Faraday Discuss. Food Funct. Green Chem. Inorg. Chem. Front. Integr. Biol. J. Anal. At. Spectrom. J. Mater. Chem. A J. Mater. Chem. B J. Mater. Chem. C Lab Chip Mater. Chem. Front. Mater. Horiz. MEDCHEMCOMM Metallomics Mol. Biosyst. Mol. Syst. Des. Eng. Nanoscale Nanoscale Horiz. Nat. Prod. Rep. New J. Chem. Org. Biomol. Chem. Org. Chem. Front. PHOTOCH PHOTOBIO SCI PCCP Polym. Chem.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1