Validation of Static Program Analysis Tools by Self-Application: A Case Study

Static program analysis tools process source code of computer programs in order to extract information that can help software engineers in a variety of tasks ranging from program understanding to fault detection [Binkley 2007]. The automated extraction of information in static program analysis is done without executing program and relies only on source code or some intermediate representation. Software validation refers to the process of evaluation of a software system in order to check whether it works properly and according to its specification. The validation of static program analysis tools is an extremely important task since those tools are used to understand and improve software systems. On the other hand, real-world software systems are usually extremely large and hard to comprehend making the validation hard and time consuming. The identification of dependencies between source code entities (functions, classes, modules, etc.) is one of fundamental problems in static program analysis. We use the generic term “software network” to denote directed graphs of dependencies between source code entities. The importance of software networks extraction spans multiple fields such as empirical analysis of complexity of software systems, their reverse engineering and computation of software design metrics [Savic et al. 2014]. In our previous works [Savic et al. 2012b; 2014] we introduced SNEIPL – a language-independent approach

[1]  Zoran Budimac,et al.  Introducing Enriched Concrete Syntax Trees , 2013, ArXiv.

[2]  Hausi A. Müller,et al.  Rigi - An environment for software reverse engineering, exploration, visualization, and redocumentation , 2010, Sci. Comput. Program..

[3]  Ying-Cheng Lai,et al.  Signatures of small-world and scale-free properties in large computer programs , 2003, Physical review. E, Statistical, nonlinear, and soft matter physics.

[4]  Erhard Plödereder,et al.  Bauhaus - A Tool Suite for Program Analysis and Reverse Engineering , 2006, Ada-Europe.

[5]  Fabrizio Silvestri,et al.  The social network of Java classes , 2006, SAC.

[6]  Ian H. Witten,et al.  Can We Avoid High Coupling? , 2011, ECOOP.

[7]  Mirjana Ivanović,et al.  Extractor of software networks from enriched concrete syntax trees , 2012 .

[8]  Alexandru Telea,et al.  Extraction and visualization of call dependencies for large C/C++ code bases: A comparative study , 2009, 2009 5th IEEE International Workshop on Visualizing Software for Understanding and Analysis.

[9]  Sergi Valverde,et al.  Hierarchical Small Worlds in Software Architecture , 2003 .

[10]  Samantha Jenkins,et al.  Software architecture graphs as complex networks: A novel partitioning scheme to measure stability and evolution , 2007, Inf. Sci..

[11]  Jürgen Ebert,et al.  GUPRO - Generic Understanding of Programs , 2002, Electron. Notes Theor. Comput. Sci..

[12]  Steve Counsell,et al.  Power law distributions in class relationships , 2003, Proceedings Third IEEE International Workshop on Source Code Analysis and Manipulation.

[13]  Mirjana Ivanovic,et al.  Community detection and analysis of community evolution in Apache Ant class collaboration networks , 2012, BCI '12.

[14]  Wang Lei,et al.  On the evolution of Linux kernels , 2013 .

[15]  Zoran Budimac,et al.  A language-independent approach to the extraction of dependencies between source code entities , 2014, Inf. Softw. Technol..

[16]  Diomidis Spinellis,et al.  Power laws in software , 2008, TSEM.

[17]  Juan Ángel Pastor Franco,et al.  A systematic approach to developing safe tele-operated robots , 2006 .

[18]  David Notkin,et al.  An empirical study of static call graph extractors , 1998, TSEM.

[19]  Zoran Budimac,et al.  SSQSA architecture , 2012, BCI '12.

[20]  David W. Binkley,et al.  Source Code Analysis: A Road Map , 2007, Future of Software Engineering (FOSE '07).

[21]  Stéphane Ducasse,et al.  Moose: an Extensible Language-Independent Environment for Reengineering Object-Oriented Systems , 2000 .

[22]  Chen Yang,et al.  On the evolution of Linux kernels: a complex network perspective , 2013, J. Softw. Evol. Process..

[23]  Zoran Budimac,et al.  Language independent framework for static code analysis , 2013, BCI '13.

[24]  Mirjana Ivanovic,et al.  Characteristics of Class Collaboration Networks in Large Java Software Projects , 2011, Inf. Technol. Control..

[25]  David F. Bacon,et al.  Fast static analysis of C++ virtual function calls , 1996, OOPSLA '96.