Detalhes bibliográficos
| Ano de defesa: |
2017 |
| Autor(a) principal: |
BARROS FILHO, Roberto Souto Maior de |
| Orientador(a): |
BORBA, Paulo Henrique Monteiro |
| Banca de defesa: |
Não Informado pela instituição |
| Tipo de documento: |
Dissertação
|
| Tipo de acesso: |
Acesso aberto |
| Idioma: |
eng |
| Instituição de defesa: |
Universidade Federal de Pernambuco
|
| Programa de Pós-Graduação: |
Programa de Pos Graduacao em Ciencia da Computacao
|
| Departamento: |
Não Informado pela instituição
|
| País: |
Brasil
|
| Palavras-chave em Português: |
|
| Link de acesso: |
https://repositorio.ufpe.br/handle/123456789/24884
|
Resumo: |
In a collaborative software development environment, developers often implement their contributions (or tasks) independently using local versions of the files of a system. However, contributions from different developers need to be integrated (merged) to a central version of the system, which may lead to different types of conflicts such as syntactic, static semantic or even dynamic semantic conflicts. The first two types are more easily identifiable as they lead to syntactically incorrect programs and to programs with compilations problems, respectively. On the other hand, dynamic semantic conflicts, which may be caused by subtle dependencies between contributions, may not be noticed during the integration process. This type of conflict alters the expected behaviour of a system, leading to bugs. Thus, failing to detect dynamic semantic conflicts may affect a system’s quality. Hence, this work’s main goal is to understand if Information Flow Control (IFC), a security technique used for discovering leaks in software, could be used to indicate the presence of dynamic semantic conflicts between developers contributions in merge scenarios. However, as defining if a dynamic semantic conflict exists involves understanding the expected behaviour of a system, and as such behavioural specifications are often hard to capture, formalize and reason about, we instead try to detect a code level adaptation of the notion of interference from Goguen and Meseguer. Actually, we limit our scope to interference caused by developers contributions on the same method. More specifically, we want to answer if the existence of information flow between developers same-method contributions of a merge scenario can be used to estimate the existence of interference. Therefore, we conduct an evaluation to understand if information flow may be used to estimate interference. In particular, we use Java Object-sensitive ANAlysis (JOANA) to do the IFC for Java programs. JOANA does the IFC of Java programs by using a System Dependence Graph (SDG), a directed graph representing the information flow through a program. As JOANA accepts different options of SDG, we first establish which of these SDG options (instance based without exceptions) is the most appropriate to our context. Additionally, we bring evidence that information flow between developers same-method contributions occurred for around 64% of the scenarios we evaluated. Finally, we conducted a manual analysis, on 35 scenarios with information flow between developers same-method contributions, to understand the limitations of using information flow to estimate interference between same-method contributions. From the 35 analysed scenarios, for only 15 we considered that an interference in fact existed. We found three different major reasons for detecting information flow and no interference: cases related to the nature of changes, to excessive annotation from our strategy and to the conservativeness of the flows identified by JOANA. We conclude that information flow may be used to estimate interference, but, ideally, the number of false positives should be reduced. In particular, we envisage room for solving around three quarters of the obtained false positives. |
