Linux Kernel Developer Responses to Static Analysis Bug Reports

We present a study of how Linux kernel developers respond to bug reports issued by a static analysis tool. We found that developers prefer to triage reports in younger, smaller, and more actively-maintained files (§2), first address easy-to-fix bugs and defer difficult (but possibly critical) bugs (§3), and triage bugs in batches rather than individually (§4). Also, although automated tools cannot find many types of bugs, they can be effective at directing developers' attentions towards parts of the codebase that contain up to 3X more user-reported bugs (§5). Our insights into developer attitudes towards static analysis tools allow us to make suggestions for improving their usability and effectiveness. We feel that it could be effective to run static analysis tools continuously while programming and before committing code, to rank reports so that those most likely to be triaged are shown to developers first, to show the easiest reports to new developers, to perform deeper analysis on more actively-maintained code, and to use reports as indirect indicators of code quality and importance.

[1]  Junfeng Yang,et al.  Correlation exploitation in error ranking , 2004, SIGSOFT '04/FSE-12.

[2]  N. Nagappan,et al.  Static analysis tools as early indicators of pre-release defect density , 2005, Proceedings. 27th International Conference on Software Engineering, 2005. ICSE 2005..

[3]  David Hovemeyer,et al.  Using Static Analysis to Find Bugs , 2008, IEEE Software.

[4]  Michael D. Ernst,et al.  Which warnings should I fix first? , 2007, ESEC-FSE '07.

[5]  Junfeng Yang,et al.  An empirical study of operating systems errors , 2001, SOSP.

[6]  Gail C. Murphy,et al.  Who should fix this bug? , 2006, ICSE.

[7]  Vibha Sazawal,et al.  Path projection for user-centered static analysis tools , 2008, PASTE '08.

[8]  J. David Morgenthaler,et al.  Predicting accurate and actionable static analysis warnings , 2008, 2008 ACM/IEEE 30th International Conference on Software Engineering.

[9]  Philip J. Guo,et al.  Using logistic regression to predict developer responses to Coverity Scan bug reports , 2008 .