API-Misuse Detection Driven by Fine-Grained API-Constraint Knowledge Graph
API misuses cause significant problem in software development. Existing methods detect API misuses against frequent API usage patterns mined from codebase. They make a naive assumption that API usage that deviates from the most-frequent API usage is a misuse. However, there is a big knowledge gap be...
Uložené v:
| Vydané v: | 2020 35th IEEE/ACM International Conference on Automated Software Engineering (ASE) s. 461 - 472 |
|---|---|
| Hlavní autori: | , , , , , , |
| Médium: | Konferenčný príspevok.. |
| Jazyk: | English |
| Vydavateľské údaje: |
ACM
01.09.2020
|
| Predmet: | |
| ISSN: | 2643-1572 |
| On-line prístup: | Získať plný text |
| Tagy: |
Pridať tag
Žiadne tagy, Buďte prvý, kto otaguje tento záznam!
|
| Abstract | API misuses cause significant problem in software development. Existing methods detect API misuses against frequent API usage patterns mined from codebase. They make a naive assumption that API usage that deviates from the most-frequent API usage is a misuse. However, there is a big knowledge gap between API usage patterns and API usage caveats in terms of comprehensiveness, explainability and best practices. In this work, we propose a novel approach that detects API misuses directly against the API caveat knowledge, rather than API usage patterns. We develop open information extraction methods to construct a novel API-constraint knowledge graph from API reference documentation. This knowledge graph explicitly models two types of API-constraint relations (call-order and condition-checking) and enriches return and throw relations with return conditions and exception triggers. It empowers the detection of three types of frequent API misuses - missing calls, missing condition checking and missing exception handling, while existing detectors mostly focus on only missing calls. As a proof-of-concept, we apply our approach to Java SDK API Specification. Our evaluation confirms the high accuracy of the extracted API-constraint relations. Our knowledge-driven API misuse detector achieves 0.60 (68/113) precision and 0.28 (68/239) recall for detecting Java API misuses in the API misuse benchmark MuBench. This performance is significantly higher than that of existing pattern-based API misused detectors. A pilot user study with 12 developers shows that our knowledge-driven API misuse detection is very promising in helping developers avoid API misuses and debug the bugs caused by API misuses. |
|---|---|
| AbstractList | API misuses cause significant problem in software development. Existing methods detect API misuses against frequent API usage patterns mined from codebase. They make a naive assumption that API usage that deviates from the most-frequent API usage is a misuse. However, there is a big knowledge gap between API usage patterns and API usage caveats in terms of comprehensiveness, explainability and best practices. In this work, we propose a novel approach that detects API misuses directly against the API caveat knowledge, rather than API usage patterns. We develop open information extraction methods to construct a novel API-constraint knowledge graph from API reference documentation. This knowledge graph explicitly models two types of API-constraint relations (call-order and condition-checking) and enriches return and throw relations with return conditions and exception triggers. It empowers the detection of three types of frequent API misuses - missing calls, missing condition checking and missing exception handling, while existing detectors mostly focus on only missing calls. As a proof-of-concept, we apply our approach to Java SDK API Specification. Our evaluation confirms the high accuracy of the extracted API-constraint relations. Our knowledge-driven API misuse detector achieves 0.60 (68/113) precision and 0.28 (68/239) recall for detecting Java API misuses in the API misuse benchmark MuBench. This performance is significantly higher than that of existing pattern-based API misused detectors. A pilot user study with 12 developers shows that our knowledge-driven API misuse detection is very promising in helping developers avoid API misuses and debug the bugs caused by API misuses. |
| Author | Zhu, Liming Ye, Xinyuan Sun, Jianling Xing, Zhenchang Xia, Xin Ren, Xiaoxue Xu, Xiwei |
| Author_xml | – sequence: 1 givenname: Xiaoxue surname: Ren fullname: Ren, Xiaoxue email: xxren@zju.edu.cn organization: PengCheng Laboratory – sequence: 2 givenname: Xinyuan surname: Ye fullname: Ye, Xinyuan email: u6296255@anu.edu.au organization: Australian National University,Australia – sequence: 3 givenname: Zhenchang surname: Xing fullname: Xing, Zhenchang email: zhenchang.Xing@anu.edu.au organization: Australian National University,Australia – sequence: 4 givenname: Xin surname: Xia fullname: Xia, Xin email: xin.xia@monash.edu organization: Monash University,Australia – sequence: 5 givenname: Xiwei surname: Xu fullname: Xu, Xiwei email: Xiwei.Xu@data61.csiro.au organization: Data61, CSIRO,Australia – sequence: 6 givenname: Liming surname: Zhu fullname: Zhu, Liming email: Liming.Zhu@data61.csiro.au organization: University of New South Wales – sequence: 7 givenname: Jianling surname: Sun fullname: Sun, Jianling email: sunjl@zju.edu.cn organization: Zhejiang University,China |
| BookMark | eNotjM1OAjEURqvRREDWLtz0BQb7N21nSQZBFKML9qTTe0drsEOmo4a3t0RXX07OyTcmF7GLSMgNZzPOVXknpVDWqplUXJclPyPTytgsmNRGW3VORkIrWfDSiCsyTumDsTKDGZHH-eu6eA7pKyFd4IB-CF2kiz58Y6TNkS5DxGLVuzxAT23dxTSceKBPsfvZI7whzcHh_Zpctm6fcPq_E7Jd3m_rh2LzslrX803hhDJDYZiX4EBzZlFX4EQlHPcttB4RTKNFdq2QrfPegwREzS0K0QBA1TQgJ-T27zYg4u7Qh0_XH3eVsPmxlL_MLk8Y |
| CODEN | IEEPAD |
| ContentType | Conference Proceeding |
| DBID | 6IE 6IL CBEJK RIE RIL |
| DOI | 10.1145/3324884.3416551 |
| DatabaseName | IEEE Electronic Library (IEL) Conference Proceedings IEEE Xplore POP ALL IEEE Xplore All Conference Proceedings IEEE Electronic Library (IEL) IEEE Proceedings Order Plans (POP All) 1998-Present |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: RIE name: IEEE Electronic Library (IEL) url: https://ieeexplore.ieee.org/ sourceTypes: Publisher |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Computer Science |
| EISBN | 9781450367684 1450367682 |
| EISSN | 2643-1572 |
| EndPage | 472 |
| ExternalDocumentID | 9286105 |
| Genre | orig-research |
| GrantInformation_xml | – fundername: National Key R&D Program of China grantid: 2019YFB1600700 funderid: 10.13039/501100013290 – fundername: Australian Research Council's Discovery Early Career Researcher Award (DECRA) grantid: 200100021 funderid: 10.13039/501100006670 – fundername: NSFC Program grantid: 61972339 funderid: 10.13039/501100001809 |
| GroupedDBID | 29I 6IE 6IF 6IH 6IK 6IL 6IM 6IN 6J9 AAJGR AAWTH ABLEC ACREN ADYOE ADZIZ AFYQB ALMA_UNASSIGNED_HOLDINGS AMTXH APO BEFXN BFFAM BGNUA BKEBE BPEOZ CBEJK CHZPO IEGSK IPLJI M43 OCL RIE RIL |
| ID | FETCH-LOGICAL-a247t-70c3dad6108e69da292a1cfdfceed7b62ad6f23facccd3dee618e22bddd9bbd3 |
| IEDL.DBID | RIE |
| ISICitedReferencesCount | 56 |
| ISICitedReferencesURI | http://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=Summon&SrcAuth=ProQuest&DestLinkType=CitingArticles&DestApp=WOS_CPL&KeyUT=000651313500040&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| IngestDate | Wed Aug 27 05:11:03 EDT 2025 |
| IsPeerReviewed | false |
| IsScholarly | true |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-a247t-70c3dad6108e69da292a1cfdfceed7b62ad6f23facccd3dee618e22bddd9bbd3 |
| PageCount | 12 |
| ParticipantIDs | ieee_primary_9286105 |
| PublicationCentury | 2000 |
| PublicationDate | 2020-Sept. |
| PublicationDateYYYYMMDD | 2020-09-01 |
| PublicationDate_xml | – month: 09 year: 2020 text: 2020-Sept. |
| PublicationDecade | 2020 |
| PublicationTitle | 2020 35th IEEE/ACM International Conference on Automated Software Engineering (ASE) |
| PublicationTitleAbbrev | ASE |
| PublicationYear | 2020 |
| Publisher | ACM |
| Publisher_xml | – name: ACM |
| SSID | ssj0051577 ssj0002871035 |
| Score | 2.4429746 |
| Snippet | API misuses cause significant problem in software development. Existing methods detect API misuses against frequent API usage patterns mined from codebase.... |
| SourceID | ieee |
| SourceType | Publisher |
| StartPage | 461 |
| SubjectTerms | Detectors Documentation Information retrieval Java Knowledge engineering Software Software engineering |
| Title | API-Misuse Detection Driven by Fine-Grained API-Constraint Knowledge Graph |
| URI | https://ieeexplore.ieee.org/document/9286105 |
| WOSCitedRecordID | wos000651313500040&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV1LTwIxEG6AePCECsZ3evBogW27bfdoVPBJOBDDjfQxm3BZDCwm_nvbsqwevHhr2h4m07TzdV4fQtdJYgOspoRbyAnnWpBAaU0gl5IJLgYuti9-f5XjsZrNskkD3dS1MAAQk8-gF4Yxlu-WdhNcZf2MKm_t0yZqSim2tVq1PyUg_wGroa8301JWrXwSnvaZBw5K8Z5_tEUaopK_uFSiKRm2_yfEAer-1OThSW1tDlEDiiPU3pEy4OqOdtDz7eSJvC3WmzXgeyhjplWB71fhVcPmCw89rCSjQAwBDoe9gbIzEkWU-GXnYMOj0Me6i6bDh-ndI6kIE4imXJZEDixz2nnxFIjMaZpRndjc5UE2aQT1azllubbWOuYARKKAUuOcy4xx7Bi1imUBJwhrpQ2VWoOljPtraixjCU04CJWCybJT1AmamX9sW2LMK6Wc_T19jvZp-KbG1KwL1CpXG7hEe_azXKxXV_EcvwGvG54Z |
| linkProvider | IEEE |
| linkToHtml | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV1LTwMhECa1muipamt8y8GjtF1ggT0aax_2kR4a01vDwmzSy9a0WxP_vYBr9eDFGwEOkyEwH_P6ELqPIuNhNSXcQEY414J4SmsCmZRMcNG2oX3x60hOJmo-T6YV9LCrhQGAkHwGTT8MsXy7MlvvKmslVDlrH--hfc-cVVZr7TwqHvu32Q78OkMtZdnMJ-JxiznooBRvumdbxD4u-YtNJRiTbu1_Yhyjxk9VHp7u7M0JqkB-imrftAy4vKV19PI4HZDxcrPdAO5AEXKtctxZ-3cNpx-464Al6XlqCLDY7_WknYEqosDDbxcb7vlO1g006z7PnvqkpEwgmnJZENk2zGrrxFMgEqtpQnVkMpt52WQqqFvLKMu0McYyCyAiBZSm1tokTS07Q9V8lcM5wlrplEqtwVDG3UVNDWMRjTgIFUOaJBeo7jWzePtqirEolXL59_QdOuzPxqPFaDAZXqEj6j-tIVHrGlWL9RZu0IF5L5ab9W04008a76Fi |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=proceeding&rft.title=2020+35th+IEEE%2FACM+International+Conference+on+Automated+Software+Engineering+%28ASE%29&rft.atitle=API-Misuse+Detection+Driven+by+Fine-Grained+API-Constraint+Knowledge+Graph&rft.au=Ren%2C+Xiaoxue&rft.au=Ye%2C+Xinyuan&rft.au=Xing%2C+Zhenchang&rft.au=Xia%2C+Xin&rft.date=2020-09-01&rft.pub=ACM&rft.eissn=2643-1572&rft.spage=461&rft.epage=472&rft_id=info:doi/10.1145%2F3324884.3416551&rft.externalDocID=9286105 |