Xin Xia,David Lo,Emad Shihab,Xinyu Wang,Bo Zhou

DOI: https://doi.org/10.1007/s10515-014-0162-2

IF: 1.677

2014-01-01

Automated Software Engineering

Abstract:Bug fixing is one of the most time-consuming and costly activities of the software development life cycle. In general, bugs are reported in a bug tracking system, validated by a triage team, assigned for someone to fix, and finally verified and closed. However, in some cases bugs have to be reopened. Reopened bugs increase software maintenance cost, cause rework for already busy developers and in some cases even delay the future delivery of a software release. Therefore, a few recent studies focused on studying reopened bugs. However, these prior studies did not achieve high performance (in terms of precision and recall), required manual intervention, and used very simplistic techniques when dealing with this textual data, which leads us to believe that further improvements are possible. In this paper, we propose ReopenPredictor, which is an automatic, high accuracy predictor of reopened bugs. ReopenPredictor uses a number of features, including textual features, to achieve high accuracy prediction of reopened bugs. As part of ReopenPredictor, we propose two algorithms that are used to automatically estimate various thresholds to maximize the prediction performance. To examine the benefits of ReopenPredictor, we perform experiments on three large open source projects-namely Eclipse, Apache HTTP and OpenOffice. Our results show that ReopenPredictor outperforms prior work, achieving a reopened F-measure of 0.744, 0.770, and 0.860 for Eclipse, Apache HTTP and OpenOffice, respectively. These results correspond to an improvement in the reopened F-measure of the method proposed in the prior work by Shihab et al. by 33.33, 12.57 and 3.12% for Eclipse, Apache HTTP and OpenOffice, respectively.

Bo Zhou,Iulian Neamtiu,Rajiv Gupta

DOI: https://doi.org/10.1145/2745802.2745807

2015-01-01

Abstract:Concurrency bugs are difficult to find and fix. To help with finding and fixing concurrency bugs, prior research has mostly focused on static or dynamic analyses for finding specific classes of bugs. We present an approach whose focus is understanding the differences between concurrency and non-concurrency bugs, the differences among various concurrency bug classes, and predicting bug quantity, type, and location, from patches, bug reports and bug-fix metrics. First, we show that bug characteristics and bug-fixing processes vary significantly among different kinds of concurrency bugs and compared to non-concurrency bugs. Next, we build a quantitative predictor model to estimate concurrency bugs appearance in future releases. Then, we build a qualitative predictor that can predict the type of concurrency bug for a newly-filed bug report. Finally, we build a bug location predictor to indicate the likely source code location for newly-reported bugs. We validate the effectiveness of our approach on three popular projects, Mozilla, KDE, and Apache.

Yilin Yang,Tianxing He,Yang Feng,Shaoying Liu,Baowen Xu

DOI: https://doi.org/10.1007/s10664-021-10087-1

IF: 3.762

2022-01-28

Empirical Software Engineering

Abstract:Many code changes are inherently repetitive, and researchers employ repetitiveness of the code changes to generate bug fix patterns. Automatic Program Repair (APR) can automatically detect and fix bugs, thus helping developers to improve the quality of software products. As a critical component of APR, software bug fix patterns have been revealed by existing studies to be very effective in detecting and fixing bugs in different programming languages (e.g., Java/C++); yet the fix patterns proposed by these studies can not be directly applied to improve Python programs because of syntactic incompatibilities and lack of analysis of dynamic features. In this paper, we proposed a mining approach to identify fix patterns of Python programs by extracting fine-grained bug-fixing code changes. We first collected bug reports from GitHub repository and employed the abstract syntax tree edit distance to cluster similar bug-fixing code changes to generate fix patterns. We then evaluated the effectiveness of these fix patterns by applying them to single-hunk bugs in two benchmarks (BugsInPy and QuixBugs). The results show that 13 out of 101 real bugs can be fixed without human intervention; that is, the generated bug patch is identical or semantically equivalent with developer’s patches. Also, we evaluated the fix patterns in the wild. For each complex bug, 15% of the bug code could be fixed, and 37% of the bug code could be matched by fix patterns.

computer science, software engineering

Di Liu,Yang Feng,Yanyan Yan,Baowen Xu

DOI: https://doi.org/10.1007/s10664-022-10239-x

IF: 3.762

2022-01-01

Empirical Software Engineering

Abstract:Python has been widely used to develop large-scale software systems such as distributed systems, cloud computing, artificial intelligence, and Web platforms due to its flexibility and versatility. As a kind of complex software, Python interpreter could also suffer from software bugs and thus fundamentally threaten the quality of all Python program applications. Since the first release of Python, more than 30,000 bugs have been discovered. While modern interpreters often consist of many modules, built-in libraries, extensions, etc, they could reach millions of code lines. The large size and high complexity of interpreters bring substantial challenges to their quality assurance. To characterize the interpreter bugs and provide empirical supports, this paper conducts a large-scale empirical study on the two most popular Python interpreters – CPython and PyPy. We have comprehensively investigated the maintenance log information and collected 30,069 fixed bugs and 20,334 confirmed revisions. We further manually characterized and taxonomized 1200 bugs to investigate their representative symptoms and root causes deeply. Finally, we identified nine findings by comprehensively investigating bug locations, symptoms, root causes, and bug revealing & fixing time. The key findings include (for both interpreters): (1) the Library, object model, and interpreter back-end are the most buggy components; (2) unexpected behavior, crash, and performance are the most common symptoms; (3) incorrect algorithm logic, configuration, and internal call are the most common general root causes; incorrect object design is the most common Python-specific root cause; (4) some test-program triggering bugs are tiny (less than ten lines), and most bug fixes only involve slight modifications. Depending on these findings, we discuss the lessons learned and practical implications that can support the research on interpreters’ testing, debugging, and improvements.

Ziyuan Wang,Dexin Bu,Aiyue Sun,Shanyi Gou,Yong Wang,Lin Chen

DOI: https://doi.org/10.1109/tr.2022.3159812

IF: 5.883

2022-01-01

IEEE Transactions on Reliability

Abstract:Python is an interpreted programming language that has been widely used in many fields. The successful execution of a Python program depends on both the correctness of Python program and the correctness of Python interpreter. As an infrastructure software, there are many bugs in the Python interpreter. Exploring the bugs in Python interpreters can help developers and maintainers of Python interpreters detect and fix bugs and help users of Python avoid risks. In this article, we conduct an empirical study on the bugs in two mainstream Python interpreters: CPython and PyPy. By analyzing 25 958 fixed bugs, 18 824 revisions, 2 116 test cases, and root causes of randomly sampled 510 bugs, we have summarized the following findings. 1)The distribution of bugs in the Python interpreter is so uneven that the vast majority of bugs are distributed in a few components and source files. 2)The scales of the testing programs that reveal bugs are small. 3)The fixing works seem to be not complicated since the number of modified source files and lines of code are limited; however, most bugs need a long time to be fixed; nearly 15% of the bugs need more than one year to fix. 4)The priorities of bugs are independent of their locations, but they significantly correlate with duration of bugs. 5)Semantic bugs are the most frequent root causes of bugs, and their proportion exceeds other types of root causes. These results could indicate some potential problems during the detecting and fixing of Python interpreter's bugs, and provide some assistance to developers and maintainers of Python interpreters, users of Python, as well as researchers in related fields.

engineering, electrical & electronic,computer science, software engineering, hardware & architecture

Zhifei Chen,Wanwangying Ma,Wei Lin,Lin Chen,Baowen Xu

DOI: https://doi.org/10.1109/tsa.2016.19

2016-01-01

Abstract:Python, a typical dynamic programming language, is increasingly used in many application domains. Dynamic features in Python allow developers to change the code at runtime. Some dynamic features such as dynamic type checking play an active part in maintenance activities, thus dynamic feature code is often changed to cater to software evolution. The aim of this paper is exploring and validating the characteristics of feature changes in Python. We collected change occurrences in 85 open-source projects and discovered the relationship between feature changes and bug-fix activities. Furthermore, we went into 358 change occurrences to explore the causes and behaviors of feature changes. The results show that: (1) dynamic features are increasingly used and the code is changeable; (2) most dynamic features may behave that feature code is more likely to be changed in bug-fix activities than non-bugfix activities; (3) dynamic feature code plays both positive and negative roles in maintenance activities. Our results provide useful guidance and insights for improving automatic program repair and refactoring tools.

Hao Zhong,Xiaoyin Wang,Hong Mei

DOI: https://doi.org/10.1109/tse.2020.2996975

IF: 7.4

2022-01-01

IEEE Transactions on Software Engineering

Abstract:Static tools like Findbugs allow their users to manually define bug patterns, so they can detect more types of bugs, but due to the complexity and variety of programs, it is difficult to manually enumerate all bug patterns, especially for those related to API usages or project-specific rules. Therefore, existing bug-detection tools (e.g., Findbugs) based on manual bug patterns are insufficient in detecting many bugs. Meanwhile, with the rapid development of software, many past bug fixes accumulate in software version histories. These bug fixes contain valuable samples of illegal coding practices. The gap between existing bug samples and well-defined bug patterns motivates our research. In the literature, researchers have explored techniques on learning bug signatures from existing bugs, and a bug signature is defined as a set of program elements explaining the cause/effect of the bug. However, due to various limitations, existing approaches cannot analyze past bug fixes in large scale, and to the best of our knowledge, no previously unknown bugs were ever reported by their work. The major challenge to automatically analyze past bug fixes is that, bug-inducing inputs are typically not recorded, and many bug fixes are partial programs that have compilation errors. As a result, for most bugs in the version history, it is infeasible to reproduce them for dynamic analysis or to feed buggy/fixed code directly into static analysis tools which mostly depend on compilable complete programs. In this paper, we propose an approach, called DePa , that extracts bug signatures based on accurate partial-code analysis of bug fixes. With its support, we conduct the first large scale evaluation on 6,048 past bug fixes collected from four popular Apache projects. In particular, we use DePa to infer bug signatures from these fixes, and to check the latest versions of the four projects with the inferred bug signatures. Our results show that DePa detected 27 unique previously unknown bugs in total, including at least one bug from each project. These bugs are not detected by their developers nor other researchers. Among them, three of our reported bugs are already confirmed and repaired by their developers. Furthermore, our results show that the state-of-the-art tools detected only two of our found bugs, and our filtering techniques improve our precision from 25.5 to 51.5 percent.

Wenjie Xu,Lin Chen,Chenghao Su,Yimeng Guo,Yanhui Li,Yuming Zhou,Baowen Xu

DOI: https://doi.org/10.1109/icpc58990.2023.00039

2023-01-01

Abstract:Python has become increasingly popular and widely used in many fields. Dynamic features of Python provide much convenience for developers. However, they can also cause many type-related bugs undetected until runtime, which increases the cost of maintenance. Static type checking is essential to find bugs early, and the introduction of gradual typing and type annotations makes it easier to perform static type analysis. However, it remains to be investigated how well gradual typing improves real bug detection. Therefore, we conducted a comprehensive study on three widely used checkers: MyPy, PyRight, and PyType. We used a benchmark containing 10 popular Python projects with 40 real type-related bugs. First, we performed static type checking on the projects with and without type annotations to evaluate the effectiveness of finding real bugs. Second, we manually analyzed the missing bugs and investigated the reasons. The results show that the three tools can detect 29 of the 40 studied bugs after annotating, while only 14 bugs are detected before annotating. We also found that type annotations can substantially improve the ability of static type checkers to detect real bugs. A detailed analysis of bugs missed by the checkers shows that: (i) the accuracy of type analysis is challenged when it comes to programs with complicated dynamic features, such as dynamically changing object's attributes, even with annotations; (ii) the inaccurate type annotations can undermine the ability of static type checkers to detect real bugs; (iii) static type checkers have different checking strategies in some cases, which has an impact on real bug detection. Our study can not only enable developers to better understand static type checking and make better use of them but also guide future research.

Zhifei Chen,Lin Chen,Wanwangying Ma,Baowen Xu

DOI: https://doi.org/10.1109/sate.2016.10

2016-01-01

Abstract:As a traditional dynamic language, Python is increasingly used in various software engineering tasks. However, due to its flexibility and dynamism, Python is a particularly challenging language to write code in and maintain. Consequently, Python programs contain code smells which indicate potential comprehension and maintenance problems. With the aim of supporting refactoring strategies to enhance maintainability, this paper describes how to detect code smells in Python programs. We introduce 11 Python smells and describe the detection strategy. We also implement a smell detection tool named Pysmell and use it to identify code smells in five real world Python systems. The results show that Pysmell can detect 285 code smell instances in total with the average precision of 97.7%. It reveals that Large Class and Large Method are most prevalent. Our experiment also implies Python programs may be suffering code smells further.

Zhifei Chen,Yanhui Li,Bihuan Chen,Wanwangying Ma,Lin Chen,Baowen Xu

DOI: https://doi.org/10.1145/3387904.3389253

2020-01-01

Abstract:The dynamic typing discipline of Python allows developers to program at a high level of abstraction. However, type related bugs are commonly encountered in Python systems due to the lack of type declaration and static type checking. Especially, the misuse of dynamic typing discipline produces underlying bugs and increases maintenance efforts. In this paper, we introduce six types of dynamic typing related practices in Python programs, which are the common but potentially risky usage of dynamic typing discipline by developers. We also implement a tool named PYDYPE to detect them. Based on this tool, we conduct an empirical study on nine real-world Python systems (with the size of more than 460KLOC) to understand dynamic typing related practices. We investigate how widespread the dynamic typing related practices are, why they are introduced into the systems, whether their usage correlates with increased likelihood of bug occurring, and how developers fix dynamic typing related bugs. The results show that: (1) dynamic typing related practices exist inconsistently in different systems and Inconsistent Variable Types is most prevalent; (2) they are introduced into systems mainly during early development phase to promote development efficiency; (3) they have a significant positive correlation with bug occurring; (4) developers tend to add type checks or exception handling to fix dynamic typing related bugs. These results benefit future research in coding convention, language design, bug detection and fixing.

Ratnadira Widyasari,Sheng Qin Sim,Camellia Lok,Haodi Qi,Jack Phan,Qijin Tay,Constance Tan,Fiona Wee,Jodie Ethelda Tan,Yuheng Yieh,Brian Goh,Ferdian Thung,Hong Jin Kang,Thong Hoang,David Lo,Eng Lieh Ouh

DOI: https://doi.org/10.1145/3368089.3417943

2024-01-28

Abstract:The 2019 edition of Stack Overflow developer survey highlights that, for the first time, Python outperformed Java in terms of popularity. The gap between Python and Java further widened in the 2020 edition of the survey. Unfortunately, despite the rapid increase in Python's popularity, there are not many testing and debugging tools that are designed for Python. This is in stark contrast with the abundance of testing and debugging tools for Java. Thus, there is a need to push research on tools that can help Python developers. One factor that contributed to the rapid growth of Java testing and debugging tools is the availability of benchmarks. A popular benchmark is the Defects4J benchmark; its initial version contained 357 real bugs from 5 real-world Java programs. Each bug comes with a test suite that can expose the bug. Defects4J has been used by hundreds of testing and debugging studies and has helped to push the frontier of research in these directions. In this project, inspired by Defects4J, we create another benchmark database and tool that contain 493 real bugs from 17 real-world Python programs. We hope our benchmark can help catalyze future work on testing and debugging tools that work on Python programs.

Software Engineering

Jiawei Wang,Li,Kui Liu,Xiaoning Du

DOI: https://doi.org/10.1016/j.infsof.2024.107592

IF: 3.9

2025-01-01

Information and Software Technology

Abstract:Python has become one of the most popular programming languages nowadays but has not received enough attention from the software engineering community. Many errors, either fixed or not yet, have been scattered in the lifetime of Python projects, including popular Python libraries that have already been reused. NameError is among one of those errors that are widespread in the Python community, as confirmed in our empirical study. Yet, our community has not put effort into helping developers mitigate its introductions. To fill this gap, we propose in this work a static analysis-based approach called DENE (short for D etecting and E xplaining N ame E rrors) to automatically detect and explain name errors in Python projects. To this end, DENE builds control-flow graphs for Python projects and leverages a scope-aware reaching definition analysis to locate identifiers that may cause name errors at runtime and report their locations. Experimental results on carefully crafted ground truth demonstrate that DENE is effective in detecting name errors in real-world Python projects. The results also confirm that unknown name errors are still widely presented in popular Python projects and libraries, and the outputs of DENE can indeed help developers understand why the name errors are flagged as such.

Ruizhi Gao,W. Eric Wong,Zhenyu Chen,Yabin Wang

DOI: https://doi.org/10.1007/s11219-015-9295-1

2015-01-01

Software Quality Journal

Abstract:Software has become ubiquitous in our daily lives, and with its increasing functionality and complexity comes a frequently tedious and prolonged debugging process. Of the three activities in program debugging (failure detection, fault localization, and bug fixing), the focus of this paper is on the first, failure detection, under the condition that there is no test oracle that can be used to automatically determine the success or failure of all the executions. More precisely, the outputs for many executions have to be verified manually, or the expected outputs are not even available. We want to determine whether there is a solution to help programmers predict the execution results. How good are these predicted results when they are used to help programmers find the locations of bugs? A framework is proposed to reduce the effort on output verification using a strategy based on the Hamming distance or K-Means clustering to predict results of test executions. Such data and the statement coverage of each test case are used to compute the suspiciousness of each statement according to a fault localization technique and produce a ranking for examination to locate bugs. Case studies using 22 programs and seven fault localization techniques were conducted to evaluate the fault localization effectiveness of the proposed framework on 1203 faulty versions, some of which have a single bug and others with multiple bugs. A discussion on factors that may affect the accuracy of execution result prediction and the resulting fault localization effectiveness is also presented. Our data suggests that, in general, with respect to fault localization techniques using execution results verified against the expected outputs, those using predicted execution results can be even more effective than (by examining a smaller number of statements to locate the first faulty statement) or as good as the former (the verified).

Nicole Vavrová,Vadim Zaytsev

DOI: https://doi.org/10.22152/programming-journal.org/2017/1/11

2017-03-31

Abstract:The context of this work is specification, detection and ultimately removal of detectable harmful patterns in source code that are associated with defects in design and implementation of software. In particular, we investigate five code smells and four antipatterns previously defined in papers and books. Our inquiry is about detecting those in source code written in Python programming language, which is substantially different from all prior research, most of which concerns Java or C-like languages. Our approach was that of software engineers: we have processed existing research literature on the topic, extracted both the abstract definitions of nine design defects and their concrete implementation specifications, implemented them all in a tool we have programmed and let it loose on a huge test set obtained from open source code from thousands of GitHub projects. When it comes to knowledge, we have found that more than twice as many methods in Python can be considered too long (statistically extremely longer than their neighbours within the same project) than in Java, but long parameter lists are seven times less likely to be found in Python code than in Java code. We have also found that Functional Decomposition, the way it was defined for Java, is not found in the Python code at all, and Spaghetti Code and God Classes are extremely rare there as well. The grounding and the confidence in these results comes from the fact that we have performed our experiments on 32'058'823 lines of Python code, which is by far the largest test set for a freely available Python parser. We have also designed the experiment in such a way that it aligned with prior research on design defect detection in Java in order to ease the comparison if we treat our own actions as a replication. Thus, the importance of the work is both in the unique open Python grammar of highest quality, tested on millions of lines of code, and in the design defect detection tool which works on something else than Java.

Software Engineering,Programming Languages

Bailin Lu,Wei Dong,Liangze Yin,Li Zhang

DOI: https://doi.org/10.1007/978-3-030-04272-1_4

2018-01-01

Abstract:Many static analysis methods and tools have been developed for program bug detection. They are based on diverse theoretical principles, such as pattern matching, abstract interpretation, model checking and symbolic execution. Unfortunately, none of them can meet most requirements for bug finding. Individual tool always faces high false negatives and/or false positives, which is the main obstacle for using them in practice. A direct and promising way to improve the capability of static analysis is to integrate diverse bug finders. In this paper, we first selected five state-of-the-art C/C++ static analysis tools implemented with different theories. We then evaluated them over different defect types and code structures in detail. To increase the precision and recall for tool integration, we studied how to properly employ machine learning algorithms based on features of programs and tools. Evaluation results show that: (1) the abilities of diverse tools are quite different for defect types and code structures, and their overlaps are quite small; (2) the integration based on machine learning can obviously improve the overall performance of static analysis. Finally, we investigated the defect types and code structures which are still challenging for existing tools. They should be addressed in future research on static analysis.

Ping CHEN,Hao HAN,Xiao-bing SHEN,Xin-chun YIN,Bing MAO,Li XIE

2010-01-01

Tien Tzu Hsueh Pao/Acta Electronica Sinica

Abstract:In recent years, Integer bugs have been rising sharply and become a potential threat as it is often hidden behind other bugs. In this paper, we propose a tool which can automatically detect Integer bugs. We implement the tool based on static and dynamic program analysis. In the static phase, the tool decompiles a binary and creates the suspect instruction set. In the dynamic phase, it monitors the instructions in the suspect set and generates the test cases to further detect which instructions are real Integer bugs. Our tool has two advantages. First, it provides more accurate and sufficient type information. Second, static analysis reduces the instructions which are monitored at runtime. Experimental results shows that our tool can efficiently detect the Integer bugs in several real-world programs. In addition, our tool has no false negatives and low false positives.

Zhifei Chen,Wanwangying Ma,Wei Lin,Lin Chen,Yanhui Li,Baowen Xu

DOI: https://doi.org/10.1007/s11432-017-9153-3

2017-01-01

Science China Information Sciences

Abstract:Dynamic features in programming languages support the modification of the execution status at runtime, which is often considered helpful in rapid development and prototyping. However, it was also reported that some dynamic feature code tends to be change-prone or error-prone. We present the first study that analyzes the changes of dynamic feature code and the roles of dynamic features in bug-fix activities for the Python language. We used an AST-based differencing tool to capture fine-grained source code changes from 17926 bug-fix commits in 17 Python projects. Using this data, we conducted an empirical study on the changes of dynamic feature code when fixing bugs in Python. First, we investigated the characteristics of dynamic feature code changes, by comparing the changes between dynamic feature code and non-dynamic feature code when fixing bugs, and comparing dynamic feature changes between bug-fix and non-bugfix activities. Second, we explored 226 bug-fix commits to investigate the motivation and behaviors of dynamic feature changes when fixing bugs. The study results reveal that(1) the changes of dynamic feature code are significantly related to bug-fix activities rather than non-bugfix activities;(2) compared with non-dynamic feature code, dynamic feature code is inserted or updated more frequently when fixing bugs;(3) developers often insert dynamic feature code as type checks or attribute checks to fix type errors and attribute errors;(4) the misuse of dynamic features introduces bugs in dynamic feature code, and the bugs are often fixed by adding a check or adding an exception handling. As a benefit of this paper, we gain insights into the manner in which developers and researchers handle the changes of dynamic feature code when fixing bugs.

Xiaoyan Zhu,Chenyu Yan,E. James Whitehead,Binbin Niu,Lei Zhu,Long Pan

DOI: https://doi.org/10.1002/spe.3001

2022-01-01

Abstract:Just-in-time defect prediction can remind software developers and managers to verify and fix bugs at the moment they appeared, thus improving the effectiveness and validity of bug fixing. Existing studies mainly focus on just-in-time prediction for software files (JIT-F). JIT-F is a binary classification problem, which classifies (hence predicts) a file change as buggy or clean. This article provides a detailed analysis of just-in-time defect prediction for software hunks (JIT-H), which predicts bugs at a finer level of granularity, and hence further improves the efficiency of bug fixing. Classification is performed using the ensemble technique of bagging-aggregated combinations of random under sampling plus multiple classifiers (J48 and Random Forest). An empirical study with 10 open source projects was conducted to validate the effectiveness of JIT-H. Experimental results show that JIT-H is effective at predicting defects in software hunk changes. Compared with JIT-F, JIT-H is more cost effective. Additionally, analysis on the change features indicates that Text Vector features and hunk change level features are of more importance than features in other groups and levels.

Xinli Yang,David Lo,Xin Xia,Yun Zhang,Jianling Sun

DOI: https://doi.org/10.1109/qrs.2015.14

2015-01-01

Abstract:Defect prediction is a very meaningful topic, particularly at change-level. Change-level defect prediction, which is also referred as just-in-time defect prediction, could not only ensure software quality in the development process, but also make the developers check and fix the defects in time. Nowadays, deep learning is a hot topic in the machine learning literature. Whether deep learning can be used to improve the performance of just-in-time defect prediction is still uninvestigated. In this paper, to bridge this research gap, we propose an approach Deeper which leverages deep learning techniques to predict defect-prone changes. We first build a set of expressive features from a set of initial change features by leveraging a deep belief network algorithm. Next, a machine learning classifier is built on the selected features. To evaluate the performance of our approach, we use datasets from six large open source projects, i.e., Bugzilla, Columba, JDT, Platform, Mozilla, and PostgreSQL, containing a total of 137,417 changes. We compare our approach with the approach proposed by Kamei et al. The experimental results show that on average across the 6 projects, Deeper could discover 32.22% more bugs than Kamei et al's approach (51.04% versus 18.82% on average). In addition, Deeper can achieve F1-scores of 0.22-0.63, which are statistically significantly higher than those of Kamei et al.'s approach on 4 out of the 6 projects.

Pan Bian,Bin Liang,Yan Zhang,Chaoqun Yang,Wenchang Shi,Yan Cai

DOI: https://doi.org/10.1109/tse.2018.2816639

IF: 7.4

2019-01-01

IEEE Transactions on Software Engineering

Abstract:Code mining has been proven to be a promising approach to inferring implicit programming rules for finding software bugs. However, existing methods may report large numbers of false positives and false negatives. In this paper, we propose a novel approach called EAntMiner to improve the effectiveness of code mining. EAntMiner elaborately reduces noises from statements irrelevant to interesting rules and different implementation forms of the same logic. During preprocessing, we employ program slicing to decompose the original source repository into independent sub-repositories. In each sub-repository, statements irrelevant to critical operations (automatically extracted from source code) are excluded and various semantics-equivalent implementations are normalized into a canonical form as far as possible. Moreover, to tackle the challenge that some bugs are difficult to be detected by mining frequent patterns as rules, we further developed a kNN-based method to identify them. We have implemented EAntMiner and evaluated it on four large-scale C systems. EAntMiner successfully detected 105 previously unknown bugs that have been confirmed by corresponding development communities. A set of comparative evaluations also demonstrate that EAntMiner can effectively improve the precision of code mining.