Xin Xia,David Lo,Emad Shihab,Xinyu Wang,Bo Zhou

DOI: https://doi.org/10.1007/s10515-014-0162-2

IF: 1.677

2014-01-01

Automated Software Engineering

Abstract:Bug fixing is one of the most time-consuming and costly activities of the software development life cycle. In general, bugs are reported in a bug tracking system, validated by a triage team, assigned for someone to fix, and finally verified and closed. However, in some cases bugs have to be reopened. Reopened bugs increase software maintenance cost, cause rework for already busy developers and in some cases even delay the future delivery of a software release. Therefore, a few recent studies focused on studying reopened bugs. However, these prior studies did not achieve high performance (in terms of precision and recall), required manual intervention, and used very simplistic techniques when dealing with this textual data, which leads us to believe that further improvements are possible. In this paper, we propose ReopenPredictor, which is an automatic, high accuracy predictor of reopened bugs. ReopenPredictor uses a number of features, including textual features, to achieve high accuracy prediction of reopened bugs. As part of ReopenPredictor, we propose two algorithms that are used to automatically estimate various thresholds to maximize the prediction performance. To examine the benefits of ReopenPredictor, we perform experiments on three large open source projects-namely Eclipse, Apache HTTP and OpenOffice. Our results show that ReopenPredictor outperforms prior work, achieving a reopened F-measure of 0.744, 0.770, and 0.860 for Eclipse, Apache HTTP and OpenOffice, respectively. These results correspond to an improvement in the reopened F-measure of the method proposed in the prior work by Shihab et al. by 33.33, 12.57 and 3.12% for Eclipse, Apache HTTP and OpenOffice, respectively.

Xiaoqiong Zhao,Xin Xia,Pavneet Singh Kochhar,David Lo,Shanping Li

DOI: https://doi.org/10.1145/2554850.2555142

2014-01-01

Abstract:Software build process translates source codes into executable programs, packages the programs, generates documents, and distributes products. In this paper, we perform an empirical study to characterize build process bugs. We analyze bugs in build process in 5 open-source systems under Apache namely CXF, Camel, Felix, Struts, and Tuscany. We compare build process bugs and other bugs across 3 different dimensions, i.e., bug severity, bug fix time, and the number of files modified to fix a bug. Our results show that the fraction of build process bugs which are above major severity level is lower than that of other bugs. However, the time effort required to fix a build process bug is around 2.03 times more than that of a non-build process bug, and the number of source files modified to fix a build process bug is around 2.34 times more than that modified for a non-build bug.

Jing Wang,Patrick C. Shih,John M. Carroll

DOI: https://doi.org/10.1016/j.ijhcs.2015.01.005

IF: 4.866

2015-01-01

International Journal of Human-Computer Studies

Abstract:Open source projects leverage a large number of people to review products and improve code quality. Differences among participants are inevitable and important to this collaborative review process—participants with different expertise, experience, resources, and values approach the problems differently, increasing the likelihood of finding more bugs and fixing the particularly difficult ones. To understand the impacts of member differences on the open source software peer review process, we examined bug reports of Mozilla Firefox. These analyses show that the various types of member differences increase workload as well as frustration and conflicts. However, they facilitate situated learning, problem characterization, design review, and boundary spanning. We discuss implications for work performance and community engagement, and suggest several ways to leverage member differences in the open source software peer review process.

Xin Xia,David Lo,Xinyu Wang,Xiaohu Yang,Shanping Li,Jianling Sun

DOI: https://doi.org/10.1109/csmr.2013.43

2013-01-01

Abstract:Bug fixing is a time-consuming and costly job which is performed in the whole life cycle of software development and maintenance. For many systems, bugs are managed in bug management systems such as Bugzilla. Generally, the status of a typical bug report in Bugzilla changes from new to assigned, verified and closed. However, some bugs have to be reopened. Reopened bugs increase the software development and maintenance cost, increase the workload of bug fixers, and might even delay the future delivery of a software. Only a few studies investigate the phenomenon of reopened bug reports. In this paper, we evaluate the effectiveness of various supervised learning algorithms to predict if a bug report would be reopened. We choose 7 state-of-the-art classical supervised learning algorithm in machine learning literature, i.e., kNN, SVM, Simple Logistic, Bayesian Network, Decision Table, CART and LWL, and 3 ensemble learning algorithms, i.e., AdaBoost, Bagging and Random Forest, and evaluate their performance in predicting reopened bug reports. The experiment results show that among the 10 algorithms, Bagging and Decision Table (IDTM) achieve the best performance. They achieve accuracy scores of 92.91% and 92.80%, respectively, and reopened bug reports F-Measure scores of 0.735 and 0.732, respectively. These results improve the reopened bug reports F-Measure of the state-of-the-art approaches proposed by Shihab et al. by up to 23.53%.

Xin Xia,David Lo,Ming Wen,Emad Shihab,Bo Zhou

DOI: https://doi.org/10.1109/csmr-wcre.2014.6747167

2014-01-01

Abstract:A bug report contains many fields, such as product, component, severity, priority, fixer, operating system (OS), platform, etc., which provide important information for the bug triaging and fixing process. It is important to make sure that bug information is correct since previous studies showed that the wrong assignment of bug report fields could increase the bug fixing time, and even delay the delivery of the software. In this paper, we perform an empirical study on bug report field reassignments in open-source software projects. To better understand why bug report fields are reassigned, we manually collect 99 recent bug reports that had their fields reassigned and emailed their reporters and developers asking why these fields got reassigned. Then, we perform a large-scale empirical study on 8 types of bug report field reassignments in 4 open-source software projects containing a total of 190,558 bug reports. In particular, we investigate 1) the number of bug reports whose fields get reassigned, 2) the difference in bug fixing time between bug reports whose fields get reassigned and those whose fields are not reassigned, 3) the duration a field in a bug report gets reassigned, 4) the number of fields in a bug report that get reassigned, 5) the number of times a field in a bug report gets reassigned, and 6) whether the experience of bug reporters affect the reassignment of bug report fields. We find that a large number (approximately 80%) of bug reports have their fields reassigned, and the bug reports whose fields get reassigned require more time to be fixed than those without field reassignments.

Xiao Xuan,Xiaoqiong Zhao,Ye Wang,Shanping Li

DOI: https://doi.org/10.1587/transinf.2015edl8084

2015-01-01

IEICE Transactions on Information and Systems

Abstract:Bugs in industrial financial systems have not been extensively studied. To address this gap, we focused on the empirical study of bugs in three systems, PMS, beta-Analyzer, and OrderPro. Results showed the 3 most common types of bugs in industrial financial systems to be internal interface (19.00%), algorithm/ method (17.67%), and logic (15.00%).

Jing Wang,John M. Carroll

DOI: https://doi.org/10.1145/2069618.2069714

2011-01-01

Abstract:ABSTRACTBug fixing is an important collaborative practice of open source software development. Creative collaborative bug fixing---collectively generating new and useful solutions to improve software quality---is important especially when bugs are difficult to fix. We find bug fixing practices are unavoidably creative by studying Mozilla and Python. We characterize their bug fixing process as four common subprocesses, problem identification, preparation, solution generation, and solution evaluation. We discuss the key challenges of creative collaboration during each subprocess, and recommend design implications to enhance creative collaborative bug fixing processes, including support for establishment of common ground, externalization of social networks, awareness of resolving progress, and articulation of design rationale.

Weiqin Zou,Xin Xia,Weiqiang Zhang,Zhenyu Chen,David Lo

DOI: https://doi.org/10.1109/compsac.2015.57

2015-01-01

Abstract:Bug fixing is one of the most important activities in software development and maintenance. A software project often employs an issue tracking system such as Bugzilla to store and manage their bugs. In the issue tracking system, many bugs are invalid but take unnecessary efforts to identify them. In this paper, we mainly focus on bug fixing rate, i.e., The proportion of the fixed bugs in the reported closed bugs. In particular, we study the characteristics of bug fixing rate and investigate the impact of a reporter's different contribution behaviors to the bug fixing rate. We perform an empirical study on all reported bugs of two large open source software communities Eclipse and Mozilla. We find (1) the bug fixing rates of both projects are not high, (2) there exhibits a negative correlation between a reporter's bug fixing rate and the average time cost to close the bugs he/she reports, (3) the amount of bugs a reporter ever fixed has a strong positive impact on his/her bug fixing rate, (4) reporters' bug fixing rates have no big difference, whether their contribution behaviors concentrate on a few products or across many products, (5) reporters' bug fixing rates tend to increase as time goes on, i.e., Developers become more experienced at reporting bugs.

Jing Wang,John M. Carroll

DOI: https://doi.org/10.1109/CTS.2011.5928673

2011-01-01

Abstract:Open source is an important model of collaborative knowledge work and virtual organizations. One of its work practices, peer review, is considered critical to its success, as Linus's law highlights. Thus, understanding open source peer review, particular effective review practices, will improve the understanding of how to support collaborative work in new ways. Therefore, we conduct case studies in two open source communities that are well recognized as effective and successful, Mozilla and Python. In this paper, we present the preliminary results of our analysis on data from the bug tracking systems of those two organizations. We identify four common activities critical to open source software peer review, submission, identification, resolution and evaluation. Differences between communities indicate factors, such as reporter expertise, product type and structure, and organization size, affect review activities. We also discuss features of open source software peer review distinct from traditional review, as well as reconsiderations of Linus's law.

Hao Zhong,Zhendong Su

DOI: https://doi.org/10.1109/icse.2015.101

2015-01-01

Abstract:Software bugs can cause significant financial loss and even the loss of human lives. To reduce such loss, developers devote substantial efforts to fixing bugs, which generally requires much expertise and experience. Various approaches have been proposed to aid debugging. An interesting recent research direction is automatic program repair , which achieves promising results, and attracts much academic and industrial attention. However, people also cast doubt on the effectiveness and promise of this direction. A key criticism is to what extent such approaches can fix real bugs. As only research prototypes for these approaches are available, it is infeasible to address the criticism by evaluating them directly on real bugs. Instead, in this paper, we design and develop BugStat, a tool that extracts and analyzes bug fixes. With BugStat's support, we conduct an empirical study on more than 9,000 real-world bug fixes from six popular Java projects. Comparing the nature of manual fixes with automatic program repair, we distill 15 findings, which are further summarized into four insights on the two key ingredients of automatic program repair: fault localization and faulty code fix. In addition, we provide indirect evidence on the size of the search space to fix real bugs and find that bugs may also reside in non-source files. Our results provide useful guidance and insights for improving the state-of-the-art of automatic program repair.

Hao Ren,Yanhui Li,Lin Chen

DOI: https://doi.org/10.1145/3387904.3389267

2020-01-01

Abstract:Blocking bugs are a severe type of bugs that prevent other bugs from being fixed. As software becomes increasingly complex and large, blocking bugs occur in many large-scale software, especially in software ecosystems. Blocking bugs may have a high negative impact on software development and maintenance. Usually, blocking bugs preventing more bugs should be more concerned. In this paper, we focus on a special type of blocking bugs that block at least two bugs, which we call Critical Blocking Bugs (CBBs). We study CBBs from the following five aspects: the importance, the repair time, the scale of repair, the experience of developers who repair CBBs, and the circumstance why CBBs block multiple bugs. We build a dataset containing five open source projects and classify bugs into three types (i.e., critical blocking bugs, normal blocking bugs and other bugs, which block at least two, just one and zero bugs, respectively) to compare the differences between CBBs and other types of bugs. The experimental results show that CBBs are more important with longer repair time and larger repair scale, and CBBs are concentrated on parts of components of the project. These results highlight that CBBs are different from other types of bugs in many aspects, and we should pay more attention to such bugs in the future software maintenance process.

Daito Nakano,Mingyang Yin,Ryosuke Sato,Abram Hindle,Yasutaka Kamei,Naoyasu Ubayashi

DOI: https://doi.org/10.48550/arXiv.2012.08053

2020-12-15

Abstract:Software is prone to bugs and failures. Security bugs are those that expose or share privileged information and access in violation of the software's requirements. Given the seriousness of security bugs, there are centralized mechanisms for supporting and tracking these bugs across multiple products, one such mechanism is the Common Vulnerabilities and Exposures (CVE) ID description. When a bug gets a CVE, it is referenced by its CVE ID. Thus we explore thousands of Free/Libre Open Source Software (FLOSS) projects, on Github, to determine if developers reference or discuss CVEs in their code, commits, and issues. CVEs will often refer to 3rd party software dependencies of a project and thus the bug will not be in the actual product itself. We study how many of these references are intentional CVE references, and how many are relevant bugs within the projects themselves. We investigate how the bugs that reference CVEs are fixed and how long it takes to fix these bugs. The results of our manual classification for 250 bug reports show that 88 (35%), 32 (13%), and 130 (52%) are classified into "Version Update", "Fixing Code", and "Discussion". To understand how long it takes to fix those bugs, we compare two periods, Reporting Period, a period between the disclosure date of vulnerability information in CVE repositories and the creation date of the bug report in a project, and Fixing Period, a period between the creation date of the bug report and the fixing date of the bug report. We find that 44% of bug reports that are classified into "Version Update" or "Fixing Code" have longer Reporting Period than Fixing Period. This suggests that those who submit CVEs should notify affected projects more directly.

Software Engineering

Ferdian Thung,Shaowei Wang,David Lo,Lingxiao Jiang

DOI: https://doi.org/10.1109/issre.2012.22

2012-01-01

Abstract:Many machine learning systems that include various data mining, information retrieval, and natural language processing code and libraries are used in real world applications. Search engines, internet advertising systems, product recommendation systems are sample users of these algorithm-intensive code and libraries. Machine learning code and toolkits have also been used in many recent studies on software mining and analytics that aim to automate various software engineering tasks. With the increasing number of important applications of machine learning systems, the reliability of such systems is also becoming increasingly important. A necessary step for ensuring reliability of such systems is to understand the features and characteristics of bugs occurred in the systems. A number of studies have investigated bugs and fixes in various software systems, but none focuses on machine learning systems. Machine learning systems are unique due to their algorithm-intensive nature and applications to potentially large-scale data, and thus deserve a special consideration. In this study, we fill the research gap by performing an empirical study on the bugs in machine learning systems. We analyze three systems, Apache Mahout, Lucene, and OpenNLP, which are data mining, information retrieval, and natural language processing tools respectively. We look into their bug databases and code repositories, analyze a sample set of bugs and corresponding fixes, and label the bugs into various categories. Our study finds that 22.6% of the bugs belong to the algorithm/method category, 15.6% of the bugs belong to the non-functional category, and 13% of the bugs belong to the assignment/initialization category. We also report the relationship between bug categories and bug severities, the time and effort needed to fix the bugs, and bug impacts. We highlight several bug categories that deserve attention in future research.

Haibo Wang,Zhuolin Xu,Huaien Zhang,Nikolaos Tsantalis,Shin Hwei Tan

2024-09-23

Abstract:Refactoring is a critical process in software development, aiming at improving the internal structure of code while preserving its external behavior. Refactoring engines are integral components of modern Integrated Development Environments (IDEs) and can automate or semi-automate this process to enhance code readability, reduce complexity, and improve the maintainability of software products. Like traditional software systems, refactoring engines can generate incorrect refactored programs, resulting in unexpected behaviors or even crashes. In this paper, we present the first systematic study of refactoring engine bugs by analyzing bugs arising in three popular refactoring engines (i.e., Eclipse, IntelliJ IDEA, and Netbeans). We analyzed these bugs according to their refactoring types, symptoms, root causes, and triggering conditions. We obtained 12 findings and provided a series of valuable guidelines for future work on refactoring bug detection and debugging. Furthermore, our transferability study revealed 130 new bugs in the latest version of those refactoring engines. Among the 21 bugs we submitted, 10 bugs are confirmed by their developers, and seven of them have already been fixed.

Software Engineering

Aoyang Yan,Hao Zhong,Daohan Song,Li Jia

DOI: https://doi.org/10.1007/s10664-023-10318-7

IF: 3.762

2023-01-01

Empirical Software Engineering

Abstract:In software development, issue tracker systems are widely used to manage bug reports. In such a system, a bug report can be filed, diagnosed, assigned, and fixed. In the standard process, a bug can be resolved as fixed , invalid , duplicated , or won’t fix . Although the above resolutions are well-defined and easy to understand, a bug report can end with a less -known resolution, i.e., a workaround . Compared with other resolutions, the definition of workarounds is more ambiguous. Besides the problem that is reported in a bug report, the resolution of a workaround raises more questions. Some questions are important for users, especially those programmers who build their projects upon others (e.g., libraries). Although some early studies have been conducted to analyze API workarounds, many research questions on workarounds are still open. For example, which bugs are resolved as workarounds? Why is a bug report resolved as a workaround? What are the repairs and impacts of workarounds? In this paper, we conduct the first empirical study to explore the above research questions. In particular, we analyzed 200 real workarounds that were collected from 81 Apache projects. Our results lead to eight findings and answers to all the above questions. For example, if bug reports are resolved as workarounds, their problems often either arise in external projects (40%) or reside in programming environments (23.5%). Although the problems of some workarounds (38.5%) reside in the project where they are reported, it is difficult to fix them fully and perfectly. Our findings are useful to understand workarounds, and to improve software projects and issue trackers.

Bingchang Liu,Guozhu Meng,Wei Zou,Qi Gong,Feng Li,Min Lin,Dandan Sun,Wei Huo,Chao Zhang

DOI: https://doi.org/10.1145/3377811.3380923

2020-01-01

Abstract:The number of vulnerabilities increases rapidly in recent years, due to advances in vulnerability discovery solutions. It enables a thorough analysis on the vulnerability distribution and provides support for correlation analysis and prediction of vulnerabilities. Previous research either focuses on analyzing bugs rather than vulnerabilities, or only studies general vulnerability distribution among projects rather than the distribution within each project. In this paper, we collected a large vulnerability dataset, consisting of all known vulnerabilities associated with five representative open source projects, by utilizing automated crawlers and spending months of manual efforts. We then analyzed the vulnerability distribution within each project over four dimensions, including files, functions, vulnerability types and responsible developers. Based on the results analysis, we presented 12 practical insights on the distribution of vulnerabilities. Finally, we applied such insights on several vulnerability discovery solutions (including static analysis and dynamic fuzzing), and helped them find 10 zero-day vulnerabilities in target projects, showing that our insights are useful.

Hao Ren,Yanhui Li,Lin Chen,Yuming Zhou,Changhai Nie

DOI: https://doi.org/10.1016/j.infsof.2023.107354

IF: 3.9

2024-01-01

Information and Software Technology

Abstract:Blocking bugs prevents other bugs from being fixed, which is difficult to repair and negatively impacts software quality. During software maintenance, developers usually try to break the blocking relationship between blocking and blocked bugs, e.g., propose a temporary fix. However, to our knowledge, no studies have investigated why and how blocking relations between bugs are breakable. In this study, we aim to construct an empirical analysis to explore breakable blocking bugs (BBBs). Specifically, we employ quantitative and qualitative analysis to study these BBBs from two aspects. One is to investigate the characteristics of these bugs, and the other is to explore why and how developers break the blocking relationship between bugs during software maintenance. We build a dataset on five large-scale open-source projects and classify bugs into three types (BBBs, normal blocking bugs, and other bugs) to compare the differences between BBBs and other types of bugs. We observe that BBBs have higher levels of involvement, take longer to fix, and involve more complex source code than other bugs. Moreover, we summarize four reasons blocking relationships between bugs are broken, i.e., partial association (41.87%), serious influence (26.40%), time pressure (19.73%), and flawed blocking (12.21%), and three measures developers adopt to break these blocking relationships, i.e., quick patch for blocking bugs (41.33%), quick patch for blocked bugs (38.67%), and ignore the blocking relation and fix blocked bugs directly (20.00%). Through these analyses, it is meaningful for software maintainers to have a deeper understanding of the characteristics and repair practices of BBBs, which will help solve these BBBs effectively in the future.

Xiaochen Zou,Guoren Li,Weiteng Chen,Hang Zhang,Zhiyun Qian

DOI: https://doi.org/10.48550/arXiv.2111.06002

2021-11-11

Cryptography and Security

Abstract:Fuzzing has become one of the most effective bug finding approach for software. In recent years, 24*7 continuous fuzzing platforms have emerged to test critical pieces of software, e.g., Linux kernel. Though capable of discovering many bugs and providing reproducers (e.g., proof-of-concepts), a major problem is that they neglect a critical function that should have been built-in, i.e., evaluation of a bug's security impact. It is well-known that the lack of understanding of security impact can lead to delayed bug fixes as well as patch propagation. In this paper, we develop SyzScope, a system that can automatically uncover new "high-risk" impacts given a bug with seemingly "low-risk" impacts. From analyzing over a thousand low-risk bugs on syzbot, SyzScope successfully determined that 183 low-risk bugs (more than 15%) in fact contain high-risk impacts, e.g., control flow hijack and arbitrary memory write, some of which still do not have patches available yet.

Geng Sijia,Li Yuekang,Du Yunlan,Xu Jun,Liu Yang,Mao Bing

2020-01-01

Abstract: Recently, various techniques (e.g., fuzzing) have been developed for vulnerability detection. To evaluate those techniques, the community has been developing benchmarks of artificial vulnerabilities because of a shortage of ground-truth. However, people have concerns that such vulnerabilities cannot represent reality and may lead to unreliable and misleading results. Unfortunately, there lacks research on handling such concerns. In this work, to understand how close these benchmarks mirror reality, we perform an empirical study on three artificial vulnerability benchmarks - LAVA-M, Rode0day and CGC (2669 bugs) and various real-world memory-corruption vulnerabilities (80 CVEs). Furthermore, we propose a model to depict the properties of memory-corruption vulnerabilities. Following this model, we conduct intensive experiments and data analyses. Our analytic results reveal that while artificial benchmarks attempt to approach the real world, they still significantly differ from reality. Based on the findings, we propose a set of strategies to improve the quality of artificial benchmarks.

Jiaxin Yu,Liming Fu,Peng Liang,Amjed Tahir,Mojtaba Shahin

2023-07-05

Abstract:Background: Despite the widespread use of automated security defect detection tools, software projects still contain many security defects that could result in serious damage. Such tools are largely context-insensitive and may not cover all possible scenarios in testing potential issues, which makes them susceptible to missing complex security defects. Hence, thorough detection entails a synergistic cooperation between these tools and human-intensive detection techniques, including code review. Code review is widely recognized as a crucial and effective practice for identifying security defects. Aim: This work aims to empirically investigate security defect detection through code review. Method: To this end, we conducted an empirical study by analyzing code review comments derived from four projects in the OpenStack and Qt communities. Through manually checking 20,995 review comments obtained by keyword-based search, we identified 614 comments as security-related. Results: Our results show that (1) security defects are not prevalently discussed in code review, (2) more than half of the reviewers provided explicit fixing strategies/solutions to help developers fix security defects, (3) developers tend to follow reviewers' suggestions and action the changes, (4) Not worth fixing the defect now and Disagreement between the developer and the reviewer are the main causes for not resolving security defects. Conclusions: Our research results demonstrate that (1) software security practices should combine manual code review with automated detection tools, achieving a more comprehensive coverage to identifying and addressing security defects, and (2) promoting appropriate standardization of practitioners' behaviors during code review remains necessary for enhancing software security.

Software Engineering