How Bugs Are Born: A Model to Identify How Bugs Are Introduced in Software ComponentsJ1
When identifying the origin of software bugs, many studies assume that "a bug was introduced by the lines of code that were modified to fix it''. However, this assumption does not always hold and at least in some cases, these modified lines are not responsible for introducing the bug. For example, when the bug was caused by a change in an external API. The lack of empirical evidence makes it impossible to assess how important these cases are and therefore, to which extent the assumption is valid.
To advance in this direction, and better understand how bugs "are born'', we propose a model for defining criteria to identify the first snapshot of an evolving software system that exhibits a bug. This model, based on the \emph{perfect test} idea, decides whether a bug is observed after a change to the software. Furthermore, we studied the model’s criteria by carefully analyzing how 116 bugs were introduced in two different open source software projects. The manual analysis helped classify the root cause of those bugs and created manually curated datasets with bug-introducing changes and with bugs that were not introduced by any change in the source code. Finally, we used these datasets to evaluate the performance of four existing SZZ-based algorithms for detecting bug-introducing changes. We found that SZZ-based algorithms are not very accurate, especially when multiple commits are found; the F-Score varies from 0.44 to 0.77, while the percentage of true positives does not exceed 63%.
Our results show empirical evidence that the prevalent assumption, "a bug was introduced by the lines of code that were modified to fix it'', is just one case of how bugs are introduced in a software system. Finding what introduced a bug is not trivial: bugs can be introduced by the developers and be in the code, or be created irrespective of the code. Thus, further research towards a better understanding of the origin of bugs in software projects could help to improve design integration tests and to design other procedures to make software development more robust.
Wed 8 JulDisplayed time zone: (UTC) Coordinated Universal Time change
15:00 - 16:00 | A8-Machine Learning and ModelsJournal First / Technical Papers at Goguryeo Chair(s): Liliana Pasquale University College Dublin & Lero | ||
15:00 8mTalk | Improving Vulnerability Inspection Efficiency Using Active LearningJ1 Journal First Zhe Yu NORTH CAROLINA STATE UNIVERSITY, Chris Theisen Microsoft, Laurie Williams North Carolina State University, Tim Menzies North Carolina State University | ||
15:08 8mTalk | How Bugs Are Born: A Model to Identify How Bugs Are Introduced in Software ComponentsJ1 Journal First Gema Rodríguez-Pérez University of Waterloo, Canada, Gregorio Robles Universidad Rey Juan Carlos, Alexander Serebrenik Eindhoven University of Technology, Andy Zaidman TU Delft, Daniel M. German University of Victoria, Jesus M. Gonzalez-Barahona Universidad Rey Juan Carlos DOI Pre-print | ||
15:16 8mTalk | How to “DODGE” Complex Software AnalyticsJ1 Journal First Amritanshu Agrawal Wayfair, Wei Fu Landing AI, Di Chen North Carolina State University, USA, Xipeng Shen North Carolina State University, Tim Menzies North Carolina State University | ||
15:24 12mTalk | Importance-Driven Deep Learning System TestingTechnical Technical Papers Simos Gerasimou University of York, UK, Hasan Ferit Eniser MPI-SWS, Alper Sen Bogazici University, Turkey, Alper Çakan Bogazici University, Turkey | ||
15:36 12mTalk | Quickly Generating Diverse Valid Test Inputs with Reinforcement LearningTechnical Technical Papers Sameer Reddy University of California, Berkeley, Caroline Lemieux University of California, Berkeley, Rohan Padhye Carnegie Mellon University, Koushik Sen University of California, Berkeley | ||
15:48 8mTalk | Impact of Discretization Noise of the Dependent variable on Machine Learning Classifiers in Software EngineeringJ1 Journal First Gopi Krishnan Rajbahadur Queen's University, Shaowei Wang Mississippi State University, Yasutaka Kamei Kyushu University, Ahmed E. Hassan Queen's University |