Write a Blog >>
Wed 12 Oct 2022 10:20 - 10:40 at Banquet B - Technical Session 12 - Builds and Versions Chair(s): Yi Li

To enhance the compatibility in the version control of Java Third-party Libraries (TPLs), Maven adopts Semantic Versioning (SemVer) to standardize the underlying meaning of versions, but users could still confront abnormal execution and crash after upgrades even if compilation and linkage succeed. It is caused by semantic breaking (SemB) issues, such that APIs directly used by users have identical signatures but inconsistent semantics across upgrades. To strengthen compliance with SemVer rules, developers and users should be alerted of such issues. Unfortunately, it is challenging to detect them statically, because semantic changes in the internal methods of APIs are hard to be captured. Dynamic testing can confirmingly uncover some, but it is limited by inadequate coverage.

To detect SemB issues over compatible upgrades (Patch and Minor) by SemVer rules, we conducted an empirical study on 180 SemB issues to understand the root causes, inspired by which, we propose Sembid (Semantic Breaking Issue Detector) to statically detect such issues of TPLs for developers and users. Since APIs are directly used by users, Sembid detects and reports SemB issues based on APIs. For a pair of APIs, Sembid walks through the call chains originating from the API to locate breaking changes by measuring semantic diff. Then, Sembid checks if the breaking changes can affect API’s output along call chains. The evaluation showed Sembid achieved 90.26% recall and 81.29% precision and outperformed other API checkers on SemB API detection. We also revealed Sembid detected over 3 times more SemB APIs with better coverage than unit tests, the commonly used solution. Furthermore, we carried out an empirical study on 1, 629, 589 APIs from 546 version pairs of top Java libraries and found there were 2-4 times more SemB APIs than those with signature-based issues. Due to various version release strategies, 33.83% of Patch version pairs and 64.42% of Minor version pairs had at least one API affected by any breaking.

Wed 12 Oct

Displayed time zone: Eastern Time (US & Canada) change

10:00 - 12:00
Technical Session 12 - Builds and VersionsResearch Papers at Banquet B
Chair(s): Yi Li Nanyang Technological University
10:00
20m
Research paper
HyperAST: Enabling Efficient Analysis of Software Histories at ScaleACM SIGSOFT Distinguished Paper Award
Research Papers
Quentin Le-dilavrec Univ. Rennes, IRISA, INRIA, Djamel Eddine Khelladi CNRS, France, Arnaud Blouin Univ Rennes, INSA Rennes, Inria, CNRS, IRISA, Jean-Marc Jézéquel Univ Rennes - IRISA
10:20
20m
Research paper
Has My Release Disobeyed Semantic Versioning? Static Detection Based On Semantic DifferencingACM SIGSOFT Distinguished Paper Award
Research Papers
Lyuye Zhang Nanyang Technological University, Chengwei Liu Nanyang Technological University, Singapore, Zhengzi Xu Nanyang Technological University, Sen Chen Tianjin University, Lingling Fan Nankai University, Bihuan Chen Fudan University, China, Yang Liu Nanyang Technological University
10:40
20m
Research paper
Detecting Build Conflicts in Software Merge for Java Programs via Static Analysis
Research Papers
Sheikh Shadab Towqir Virginia Tech, Bowen Shen Virginia Tech, Muhammad Ali Gulzar Virginia Tech, USA, Na Meng Virginia Tech
11:00
20m
Research paper
SmartPip: A Smart Approach to Resolving Python Dependency Conflict IssuesVirtual
Research Papers
Chao Wang School of Informatics, Xiamen University, Rongxin Wu Xiamen University, Haohao Song School of Informatics, Xiamen University, Jiwu Shu School of Informatics, Xiamen University, Guoqing Li Xiamen Meiya Pico Information Co., Ltd.
11:20
20m
Research paper
Accelerating Build Dependency Error Detection via Virtual BuildVirtual
Research Papers
Rongxin Wu Xiamen University, Minglei Chen School of Informatics, Xiamen University, Chengpeng Wang The Hong Kong University of Science and Technology, Gang Fan Ant Group, Jiguang Qiu Xiamen Meiya Pico Information Co., Ltd., Charles Zhang Hong Kong University of Science and Technology
11:40
20m
Research paper
BuildSonic: Detecting and Repairing Performance-Related Configuration Smells for Continuous Integration BuildsVirtual
Research Papers
Chen Zhang Fudan University, Bihuan Chen Fudan University, China, Junhao Hu Fudan University, Xin Peng Fudan University, Wenyun Zhao Fudan University, China