How Bugs Are Born: A Model to Identify How Bugs Are Introduced in Software ComponentsJ1
When identifying the origin of software bugs, many studies assume that "a bug was introduced by the lines of code that were modified to fix it''. However, this assumption does not always hold and at least in some cases, these modified lines are not responsible for introducing the bug. For example, when the bug was caused by a change in an external API. The lack of empirical evidence makes it impossible to assess how important these cases are and therefore, to which extent the assumption is valid.
To advance in this direction, and better understand how bugs "are born'', we propose a model for defining criteria to identify the first snapshot of an evolving software system that exhibits a bug. This model, based on the \emph{perfect test} idea, decides whether a bug is observed after a change to the software. Furthermore, we studied the model’s criteria by carefully analyzing how 116 bugs were introduced in two different open source software projects. The manual analysis helped classify the root cause of those bugs and created manually curated datasets with bug-introducing changes and with bugs that were not introduced by any change in the source code. Finally, we used these datasets to evaluate the performance of four existing SZZ-based algorithms for detecting bug-introducing changes. We found that SZZ-based algorithms are not very accurate, especially when multiple commits are found; the F-Score varies from 0.44 to 0.77, while the percentage of true positives does not exceed 63%.
Our results show empirical evidence that the prevalent assumption, "a bug was introduced by the lines of code that were modified to fix it'', is just one case of how bugs are introduced in a software system. Finding what introduced a bug is not trivial: bugs can be introduced by the developers and be in the code, or be created irrespective of the code. Thus, further research towards a better understanding of the origin of bugs in software projects could help to improve design integration tests and to design other procedures to make software development more robust.
Wed 8 Jul Times are displayed in time zone: (UTC) Coordinated Universal Time change
15:00 - 16:00: Paper Presentations - A8-Machine Learning and Models at Goguryeo Chair(s): Liliana PasqualeUniversity College Dublin & Lero | ||||||||||||||||||||||||||||||||||||||||||
| 15:00 - 15:08 Talk | Zhe YuNORTH CAROLINA STATE UNIVERSITY, Chris TheisenMicrosoft, Laurie WilliamsNorth Carolina State University, Tim MenziesNorth Carolina State University | |||||||||||||||||||||||||||||||||||||||||
| 15:08 - 15:16 Talk | Gema Rodríguez-PérezUniversity of Waterloo, Canada, Gregorio RoblesUniversidad Rey Juan Carlos, Alexander SerebrenikEindhoven University of Technology, Andy ZaidmanTU Delft, Daniel M. GermanUniversity of Victoria, Jesus M. Gonzalez-BarahonaUniversidad Rey Juan Carlos DOI Pre-print | |||||||||||||||||||||||||||||||||||||||||
| 15:16 - 15:24 Talk | Amritanshu AgrawalWayfair, Wei FuLanding AI, Di ChenNorth Carolina State University, USA, Xipeng ShenNorth Carolina State University, Tim MenziesNorth Carolina State University | |||||||||||||||||||||||||||||||||||||||||
| 15:24 - 15:36 Talk | Simos GerasimouUniversity of York, UK, Hasan Ferit EniserMPI-SWS, Alper SenBogazici University, Turkey, Alper ÇakanBogazici University, Turkey | |||||||||||||||||||||||||||||||||||||||||
| 15:36 - 15:48 Talk | Sameer ReddyUniversity of California, Berkeley, Caroline LemieuxUniversity of California, Berkeley, Rohan PadhyeCarnegie Mellon University, Koushik SenUniversity of California, Berkeley | |||||||||||||||||||||||||||||||||||||||||
| 15:48 - 15:56 Talk | Gopi Krishnan RajbahadurQueen's University, Shaowei WangMississippi State University, Yasutaka KameiKyushu University, Ahmed E. HassanQueen's University | |||||||||||||||||||||||||||||||||||||||||