No Strings Attached: An Empirical Study of String-related Software Bugs
Strings play many roles in programming because they often contain complex and semantically rich information. For example, programmers use strings to filter inputs via regular expression matching, to express the names of program elements access through some form of reflection, to embed code written in another formal language, and to assemble textual output produced by a program. The omnipresence of strings leads to a wide range of mistakes that developers may make, yet little is currently known about these mistakes. The lack of knowledge about string-related bugs leads to developers repeating the same mistakes again and again, and to poor support for finding and fixing such bugs. This paper presents the first empirical study of the root causes, consequences, and other properties of string-related bugs. We systematically study a diverse set of projects written in JavaScript, a language where strings play a particularly important role. Our findings include (i) that many string-related mistakes are caused by a recurring set of root cause patterns, such as incorrect string literals and regular expressions, (ii) that string-related bugs have a diverse set of consequences, including incorrect output or silent omission of expected behavior, (iii) that string-related bugs occur across all parts of applications, including the core components, and (iv) that almost none of these bugs are detected by existing static analyzers. Our findings not only show the importance and prevalence of string-related bugs, but they help developers to avoid common mistakes and tool builders to tackle the challenge of finding and fixing string-related bugs.
Presentation Slides (ase20-main-403-Eghbali.pdf) | 2.91MiB |
Thu 24 Sep Times are displayed in time zone: (UTC) Coordinated Universal Time
08:00 - 09:00: Bugs and Automated RepairResearch Papers at Kangaroo Chair(s): Jifeng XuanWuhan University | |||
08:00 - 08:20 Talk | No Strings Attached: An Empirical Study of String-related Software Bugs Research Papers Pre-print File Attached | ||
08:20 - 08:40 Research paper | Automated Patch Correctness Assessment: How Far are We? Research Papers Shangwen WangNational University of Defense Technology, Ming WenHuazhong University of Science and Technology, China, Bo LinNational University of Defense Technology, Hongjun WuNational University of Defense Technology, Yihao QinNational University of Defense Technology, Deqing ZouHuazhong University of Science and Technology, Xiaoguang MaoNational University of Defense Technology, Hai JinHuazhong University of Science and Technology DOI Pre-print Media Attached | ||
08:40 - 09:00 Research paper | Evaluating Representation Learning of Code Changes for Predicting Patch Correctness in Program Repair Research Papers Haoye TianUniversity of Luxembourg, Kui LiuUniversity of Luxembourg, Luxembourg, Abdoul Kader KaboréUniversity of Luxembourg, Anil KoyuncuUniversity of Luxembourg, Luxembourg, Li LiMonash University, Australia, Jacques KleinUniversity of Luxembourg, Luxembourg, Tegawendé F. BissyandéUniversity of Luxembourg, Luxembourg |