Abstract:Background. Code-line-level bugginess identification (CLBI) is a vital technique that can facilitate developers to identify buggy lines without expending a large amount of human effort. Most of the existing studies tried to mine the characteristics of source codes to train supervised prediction models, which have been reported to be able to discriminate buggy code lines amongst others in a target program. Problem. However, several simple and clear code characteristics, such as complexity of code lines, have been disregarded in the current literature. Such characteristics can be acquired and applied easily in an unsupervised way to conduct more accurate CLBI, which also can decrease the application cost of existing CLBI approaches by a large margin. Objective. We aim to investigate the status quo in the field of CLBI from the perspective of 1) how far we have really come in the literature, and 2) how far we have yet to go in industry, by analyzing the performance of state-of-the art (SOTA) CLBI approaches and tools, respectively. Method. We propose a simple heuristic baseline solution GLANCE (aimin G at contro L - AN d C ompl E x-statements) with three implementations (i.e., GLANCE-MD, GLANCE-EA, and GLANCE-LR). GLANCE is a two-stage CLBI framework: first, use a simple model to predict the potentially defective files; second, leverage simple code characteristics to identify buggy code lines in the predicted defective files. We use GLANCE as the baseline to investigate the effectiveness of the SOTA CLBI approaches, including natural language processing (NLP) based, model interpretation techniques (MIT) based, and popular static analysis tools (SAT). Result. Based on 19 open-source projects with 142 different releases, the experimental results show that GLANCE framework has a prediction performance comparable or even superior to the existing SOTA CLBI approaches and tools in terms of 8 different performance indicators. Conclusion. The results caution us that, if the identification performance is the goal, the real progress in CLBI is not being achieved as it might have been envisaged in the literature and there is still a long way to go to really promote the effectiveness of static analysis tools in industry. In addition, we suggest using GLANCE as a baseline in future studies to demonstrate the usefulness of any newly proposed CLBI approach.

Code-line-level bugginess identification: How far have we come, and how far have we yet to go?

Just-In-Time Defect Identification and Localization: A Two-Phase Framework.

Enhancing Bug-Inducing Commit Identification: A Fine-Grained Semantic Analysis Approach

Code Clone Detection: A Literature Review

Automatically Inspecting Thousands of Static Bug Warnings with Large Language Model: How Far Are We?

Deep learning or classical machine learning? An empirical study on line‐level software defect prediction

High-Impact Bug Report Identification with Imbalanced Learning Strategies

Sclabel: Finding Performance Bugs Through Clone Detection Based on Labeled Code Templates

Deep Just-In-Time Defect Localization

Detecting Exception Handling Bugs in C++ Programs.

Evaluating and Integrating Diverse Bug Finders for Effective Program Analysis

Bug In the Code Stack: Can LLMs Find Bugs in Large Python Code Stacks

Nuances are the Key: Unlocking ChatGPT to Find Failure-Inducing Tests with Differential Prompting

What's Wrong with Your Code Generated by Large Language Models? An Extensive Study

Enhancing Static Analysis for Practical Bug Detection: An LLM-Integrated Approach

Utilizing Precise and Complete Code Context to Guide LLM in Automatic False Positive Mitigation

SkipAnalyzer: A Tool for Static Code Analysis with Large Language Models

The Hitchhiker's Guide to Program Analysis: A Journey with Large Language Models

Method-Level Bug Prediction: Problems and Promises

BLAZE: Cross-Language and Cross-Project Bug Localization via Dynamic Chunking and Hard Example Learning

A Critical Review of Large Language Model on Software Engineering: An Example from ChatGPT and Automated Program Repair