Out of Sight, Out of Place: Detecting and Assessing Swapped Arguments
This addresses a specific bug detection problem for programmers using static analysis tools, though it is incremental in leveraging existing natural language information.
The paper tackled the problem of detecting mistakenly-swapped arguments in code by developing SwapD, a static analysis checker that uses natural language information, and found 154 real-world cases in a large corpus of 417 million lines of C/C++ code.
Programmers often add meaningful information about program semantics when naming program entities such as variables, functions, and macros. However, static analysis tools typically discount this information when they look for bugs in a program. In this work, we describe the design and implementation of a static analysis checker called SwapD, which uses the natural language information in programs to warn about mistakenly-swapped arguments at call sites. SwapD combines two independent detection strategies to improve the effectiveness of the overall checker. We present the results of a comprehensive evaluation of SwapD over a large corpus of C and C++ programs totaling 417 million lines of code. In this evaluation, SwapD found 154 manually-vetted real-world cases of mistakenly-swapped arguments, suggesting that such errors, while not pervasive in released code, are a real problem and a worthwhile target for static analysis.