Um Estudo sobre a Correlação entre Defeitos de Campo e Warnings Reportados por uma Ferramenta de Ánalise Estática
Resumo
Apesar do interesse e do número crescente de ferramentas de análise estática para detecção de defeitos, ainda não existe clareza sobre os ganhos efetivos de qualidade que tais ferramentas podem introduzir em projetos de desenvolvimento de software. Assim, neste artigo relata-se um estudo desenvolvido com o objetivo de avaliar o nível de correlação existente entre defeitos reportados por usuários finais (isto é, defeitos de campo) e warnings gerados pela ferramenta de análise estática FindBugs, largamente utilizada em sistemas Java. No estudo, procurou-se avaliar a existencia de dois tipos de correlação: correlação direta (quando warnings podem contribuir para localizar e remover defeitos de campo) e correlação indireta (quando warnings são capazes de servir como indícios de futuros defeitos de campo). Como resultado, observou-se que não existe correlação direta entre defeitos de campo e warnings. No entanto, testes estatísticos mostraram que existe um nível significativo de correlação indireta entre warnings e tais tipos de defeitos.
Palavras-chave:
Correlação, Defeitos de Campo, Warnings Reportados, Análise Estática
Referências
Nathaniel Ayewah, David Hovemeyer, J. David Morgenthaler, John Penix, and William Pugh. Using static analysis to find bugs. IEEE Software, 25(5), 2008.
Simon Butler, Michel Wermelinger, Yijun Yu, and Helen Sharp. Relating identifier naming flaws and code quality: An empirical study. In 16th Working Conference on Reverse Engineering (WCRE), pages 31–35, 2009.
Tom Copeland. PMD Applied. Centennial Books, 2005.
Microsoft Corporation. FxCop home page. http://msdn.microsoft.com/en-us/library/bb429476 (VS.80).aspx.
Valentin Dallmeier and Thomas Zimmermann. Extraction of bug localization benchmarks from history. In 22th Conference on Automated Software Engineering (ASE), pages 433–436, 2007.
Jeffrey S. Foster, Michael W. Hicks, and William Pugh. Improving software quality with static analysis. In 7th Workshop on Program Analysis for Software Tools and Engineering (PASTE), pages 83–84, 2007.
David Hovemeyer and William Pugh. Finding bugs is easy. SIGPLAN Notices, 39(12):92–106, 2004.
S. C. Johnson. Lint: A C program checker. Technical Report 65, Bell Laboratories, 1977.
Sunghun Kim and Michael D. Ernst. Which warnings should I fix first? In 15th International Symposium on Foundations of Software Engineering (FSE), pages 45–54, 2007.
James R. Larus, Thomas Ball, Manuvir Das, Robert DeLine, Manuel Fahndrich, Jon Pincus, Sriram K. Rajamani, and Ramanathan Venkatapathy. Righting software. IEEE Software, 21(3):92–100, 2004.
Panagiotis Louridas. Static code analysis. IEEE Software, 23(4):58–61, 2006.
Nachiappan Nagappan and Thomas Ball. Static analysis tools as early indicators of pre-release defect density. In 27th International Conference on Software Engineering (ICSE), pages 580–586, 2005
Dewayne E. Perr, Adam A. Porter, and Lawrence G. Votta. A primer on empirical studies (tutorial). In Tutorial presented at 19th International Conference on Software Engineering (ICSE), pages 657– 58, 1997.
Shari Lawrence Pfleeger. Experimental design and analysis in software engineering, part 5: analyzing the data. Software Engineering Notes, 20(5):14–17, 1995.
Peter Sprent and Nigel C. Smeeton. Applied Nonparametric Statistical Methods. Chapman & Hall, 2007.
Ramanath Subramanyam and M. S. Krishnan. Empirical analysis of CK metrics for object-oriented design complexity: Implications for software defects. IEEE Transaction on Soft ware Engineering, 29(4):297–310, 2003.
Stefan Wagner, Michael Aichner, Johann Wimmer, and Markus Schwalb. An evaluation of two bug pattern tools for Java. In 1st International Conference on Software Testing, Verification, and Validation (ICST), pages 248–257, 2008.
Stefan Wagner, Jan Jurjens, Claudia Koller, and Peter Trischberger. Comparing bug finding to - ols with reviews and tests. In 17th International Conference on Testing of Communicating Systems (TestCom), volume 3502 of LNCS, pages 40–55. Springer, 2005.
Simon Butler, Michel Wermelinger, Yijun Yu, and Helen Sharp. Relating identifier naming flaws and code quality: An empirical study. In 16th Working Conference on Reverse Engineering (WCRE), pages 31–35, 2009.
Tom Copeland. PMD Applied. Centennial Books, 2005.
Microsoft Corporation. FxCop home page. http://msdn.microsoft.com/en-us/library/bb429476 (VS.80).aspx.
Valentin Dallmeier and Thomas Zimmermann. Extraction of bug localization benchmarks from history. In 22th Conference on Automated Software Engineering (ASE), pages 433–436, 2007.
Jeffrey S. Foster, Michael W. Hicks, and William Pugh. Improving software quality with static analysis. In 7th Workshop on Program Analysis for Software Tools and Engineering (PASTE), pages 83–84, 2007.
David Hovemeyer and William Pugh. Finding bugs is easy. SIGPLAN Notices, 39(12):92–106, 2004.
S. C. Johnson. Lint: A C program checker. Technical Report 65, Bell Laboratories, 1977.
Sunghun Kim and Michael D. Ernst. Which warnings should I fix first? In 15th International Symposium on Foundations of Software Engineering (FSE), pages 45–54, 2007.
James R. Larus, Thomas Ball, Manuvir Das, Robert DeLine, Manuel Fahndrich, Jon Pincus, Sriram K. Rajamani, and Ramanathan Venkatapathy. Righting software. IEEE Software, 21(3):92–100, 2004.
Panagiotis Louridas. Static code analysis. IEEE Software, 23(4):58–61, 2006.
Nachiappan Nagappan and Thomas Ball. Static analysis tools as early indicators of pre-release defect density. In 27th International Conference on Software Engineering (ICSE), pages 580–586, 2005
Dewayne E. Perr, Adam A. Porter, and Lawrence G. Votta. A primer on empirical studies (tutorial). In Tutorial presented at 19th International Conference on Software Engineering (ICSE), pages 657– 58, 1997.
Shari Lawrence Pfleeger. Experimental design and analysis in software engineering, part 5: analyzing the data. Software Engineering Notes, 20(5):14–17, 1995.
Peter Sprent and Nigel C. Smeeton. Applied Nonparametric Statistical Methods. Chapman & Hall, 2007.
Ramanath Subramanyam and M. S. Krishnan. Empirical analysis of CK metrics for object-oriented design complexity: Implications for software defects. IEEE Transaction on Soft ware Engineering, 29(4):297–310, 2003.
Stefan Wagner, Michael Aichner, Johann Wimmer, and Markus Schwalb. An evaluation of two bug pattern tools for Java. In 1st International Conference on Software Testing, Verification, and Validation (ICST), pages 248–257, 2008.
Stefan Wagner, Jan Jurjens, Claudia Koller, and Peter Trischberger. Comparing bug finding to - ols with reviews and tests. In 17th International Conference on Testing of Communicating Systems (TestCom), volume 3502 of LNCS, pages 40–55. Springer, 2005.
Publicado
07/06/2010
Como Citar
ARAÚJO FILHO, João Eduardo de; COUTO, César Francisco de Moura; SOUZA, Sílvio José de; VALENTE, Marco Túlio.
Um Estudo sobre a Correlação entre Defeitos de Campo e Warnings Reportados por uma Ferramenta de Ánalise Estática. In: SIMPÓSIO BRASILEIRO DE QUALIDADE DE SOFTWARE (SBQS), 9. , 2010, Belém.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2010
.
p. 9-23.
DOI: https://doi.org/10.5753/sbqs.2010.15418.