Yanming Yang,Xing Hu,Xin Xia,Xiaohu Yang

DOI: https://doi.org/10.1145/3631973

IF: 3.685

2023-01-01

ACM Transactions on Software Engineering and Methodology

Abstract:Test smell refers to poor programming and design practices in testing and widely spreads throughout software projects. Considering test smells have negative impacts on the comprehension and maintenance of test code and even make code-under-test more defect-prone, it thus has great importance in mining, detecting, and refactoring them. Since Deursen et al. introduced the definition of “test smell”, several studies worked on discovering new test smells from test specifications and software practitioners’ experience. Indeed, many bad testing practices are “observed” by software developers during creating test scripts rather than through academic research and are widely discussed in the software engineering community (e.g., Stack Overflow) [ 70 , 94 ]. However, no prior studies explored new bad testing practices from software practitioners’ discussions, formally defined them as new test smell types, and analyzed their characteristics, which plays a bad role for developers in knowing these bad practices and avoiding using them during test code development. Therefore, we pick up those challenges and act by working on systematic methods to explore new test smell types from one of the most mainstream developers’ Q&A platforms, i.e., Stack Overflow. We further investigate the harmfulness of new test smells and analyze possible solutions for eliminating them. We find that some test smells make it hard for developers to fix failed test cases and trace their failing reasons. To exacerbate matters, we have identified two types of test smells that pose a risk to the accuracy of test cases. Next, we develop a detector to detect test smells from software. The detector is composed of six detection methods for different smell types. These detection methods are both wrapped with a set of syntactic rules based on the code patterns extracted from different test smells and developers’ code styles. We manually construct a test smell dataset from seven popular Java projects and evaluate the effectiveness of our detector on it. The experimental results show that our detector achieves high performance in precision, recall, and F1 score. Then, we utilize our detector to detect smells from 919 real-world Java projects to explore whether the six test smells are prevalent in practice. We observe that these test smells are widely spread in 722 out of 919 Java projects, which demonstrates that they are prevalent in real-world projects. Finally, to validate the usefulness of test smells in practice, we submit 56 issue reports to 53 real-world projects with different smells. Our issue reports achieve 76.4% acceptance by conducting sentiment analysis on developers’ replies. These evaluations confirm the effectiveness of our detector and the prevalence and practicality of new test smell types on real-world projects.

Abbas Javan Jafari,Diego Elias Costa,Rabe Abdalkareem,Emad Shihab,Nikolaos Tsantalis

DOI: https://doi.org/10.1109/TSE.2021.3106247

2021-08-19

Abstract:Dependency management in modern software development poses many challenges for developers who wish to stay up to date with the latest features and fixes whilst ensuring backwards compatibility. Project maintainers have opted for varied, and sometimes conflicting, approaches for maintaining their dependencies. Opting for unsuitable approaches can introduce bugs and vulnerabilities into the project, introduce breaking changes, cause extraneous installations, and reduce dependency understandability, making it harder for others to contribute effectively. In this paper, we empirically examine evidence of recurring dependency management issues (dependency smells). We look at the commit data for a dataset of 1,146 active JavaScript repositories to catalog, quantify and understand dependency smells. Through a series of surveys with practitioners, we identify and quantify seven dependency smells with varying degrees of popularity and investigate why they are introduced throughout project history. Our findings indicate that dependency smells are prevalent in JavaScript projects with two or more distinct smells appearing in 80% of the projects, but they generally infect a minority of a project's dependencies. Our observations show that the number of dependency smells tend to increase over time. Practitioners agree that dependency smells bring about many problems including security threats, bugs, dependency breakage, runtime errors, and other maintenance issues. These smells are generally introduced as developers react to dependency misbehaviour and the shortcomings of the npm ecosystem.

Software Engineering

Xiaoqiong Zhao,Xiao Xuan,Shanping Li

DOI: https://doi.org/10.1109/ASEW.2015.15

2015-01-01

Abstract:Code smell is any symptom in the source code of a program that possibly indicates a deeper problem. Though code smells are usually not proper bugs which are defined as technically incorrect and functionality block, they indicate poor programming practices in code level which increases risk of bugs in the future. Long method smell is identified as a kind of methods which are have large number of executable statements, at the same time God method smell is identified as a kind of methods which is doing too much. On the previous research and practice, people treat these 2 concepts equivalently. However, the definition of \"large number of executable statements\" shows us the size of the method, and at the same time definition of \"doing too much\" shows us the complexity of the logic which is implemented and nested in this method. Though intuitively the two definitions are equivalent -- methods with large number of statement means it nests much business logic so that the complexity of these methods is high, a dearth of studies suggest the research of difference between these two definitions. In this paper, present 2 research questions to study these 2 definitions. We choose one release of 11 java based web application projects which is in maintenance period respectively. In these releases, we ask the developers to analysis the bug reports and related code, then collect all 125 bugs which is caused by code smell and the related code for fixing these bugs. We get 45 bugs caused by the Long method smell and the related 31 methods, and we analyzed the data compared with the longest methods in these projects. The study highlights the need for a clearer definition of this kind of code smell, and there are many factors not only length which is affecting the code quality. So the real thing which is affecting the code quality is beyond the definition of \"large number of executable statement\", and at the same time the definition of \"doing too much\" should be modeling to illuminate this kind of code smell.

Ying Wang,Ming Wen,Zhenwei Liu,Rongxin Wu,Rui Wang,Bo Yang,Hai Yu,Zhiliang Zhu,Shing-Chi Cheung

DOI: https://doi.org/10.1145/3236024.3236056

2018-01-01

Abstract:Intensive dependencies of a Java project on third-party libraries can easily lead to the presence of multiple library or class versions on its classpath. When this happens, JVM will load one version and shadows the others. Dependency conflict (DC) issues occur when the loaded version fails to cover a required feature (e.g., method) referenced by the project, thus causing runtime exceptions. However, the warnings of duplicate classes or libraries detected by existing build tools such as Maven can be benign since not all instances of duplication will induce runtime exceptions, and hence are often ignored by developers. In this paper, we conducted an empirical study on real-world DC issues collected from large open source projects. We studied the manifestation and fixing patterns of DC issues. Based on our findings, we designed Decca, an automated detection tool that assesses DC issues' severity and filters out the benign ones. Our evaluation results on 30 projects show that Decca achieves a precision of 0.923 and recall of 0.766 in detecting high-severity DC issues. Decca also detected new DC issues in these projects. Subsequently, 20 DC bug reports were filed, and 11 of them were confirmed by developers. Issues in 6 reports were fixed with our suggested patches.

Wuxia Jin,Yuanfang Cai,Rick Kazman,Gang Zhang,Qinghua Zheng,Ting Liu

DOI: https://doi.org/10.1145/3324884.3416619

2020-01-01

Abstract:Dependencies among software entities are the basis for many software analytic research and architecture analysis tools. Dynamically typed languages, such as Python, JavaScript and Ruby, tolerate the lack of explicit type references, making certain syntactic dependencies indiscernible in source code. We call these possible dependencies, in contrast with the explicit dependencies that are directly referenced in source code. Type inference techniques have been widely studied and applied, but existing architecture analytic research and tools have not taken possible dependencies into consideration. The fundamental question is, to what extent will these missing possible dependencies impact the architecture analysis? To answer this question, we conducted an empirical study with 105 Python projects, using type inference techniques to manifest possible dependencies. Our study revealed that the architectural impact of possible dependencies is substantial-higher than that of explicit dependencies: (1) file-level possible dependencies account for at least 27.93% of all file-level dependencies, and create different dependency structures than that of explicit dependencies only, with an average difference of 30.71%; (2) adding possible dependencies significantly improves the precision (0.52%~14.18%), recall(31.73%~39.12%), and F1 scores (22.13%~32.09%) of capturing co-change relations; (3) on average, a file involved in possible dependencies influences 28% more files and 42% more dependencies within architectural sub-spaces than a file involved in just explicit dependencies; (4) on average, a file involved in possible dependencies consumes 32% more maintenance effort. Consequently, maintainability scores reported by existing tools make a system written in these dynamic languages appear to be better modularized than it actually is. This evidence stronglysuggests that possible dependencies have a more significant impact than explicit dependencies on architecture quality, that architecture analysis and tools should assess and even emphasize the architectural impact of possible dependencies due to dynamic typing.

Yun Peng,Ruida Hu,Ruoke Wang,Cuiyun Gao,Shuqing Li,Michael R. Lyu

2024-01-05

Abstract:Python is widely used in the open-source community, largely owing to the extensive support from diverse third-party libraries within the PyPI ecosystem. Nevertheless, the utilization of third-party libraries can potentially lead to conflicts in dependencies, prompting researchers to develop dependency conflict detectors. Moreover, endeavors have been made to automatically infer dependencies. These approaches focus on version-level checks and inference, based on the assumption that configurations of libraries in the PyPI ecosystem are correct. However, our study reveals that this assumption is not universally valid, and relying solely on version-level checks proves inadequate in ensuring compatible run-time environments. In this paper, we conduct an empirical study to comprehensively study the configuration issues in the PyPI ecosystem. Specifically, we propose PyConf, a source-level detector, for detecting potential configuration issues. PyConf employs three distinct checks, targeting the setup, packing, and usage stages of libraries, respectively. To evaluate the effectiveness of the current automatic dependency inference approaches, we build a benchmark called VLibs, comprising library releases that pass all three checks of PyConf. We identify 15 kinds of configuration issues and find that 183,864 library releases suffer from potential configuration issues. Remarkably, 68% of these issues can only be detected via the source-level check. Our experiment results show that the most advanced automatic dependency inference approach, PyEGo, can successfully infer dependencies for only 65% of library releases. The primary failures stem from dependency conflicts and the absence of required libraries in the generated configurations. Based on the empirical results, we derive six findings and draw two implications for open-source developers and future research in automatic dependency inference.

Software Engineering

Zhifei Chen,Lin Chen,Wanwangying Ma,Baowen Xu

DOI: https://doi.org/10.1109/sate.2016.10

2016-01-01

Abstract:As a traditional dynamic language, Python is increasingly used in various software engineering tasks. However, due to its flexibility and dynamism, Python is a particularly challenging language to write code in and maintain. Consequently, Python programs contain code smells which indicate potential comprehension and maintenance problems. With the aim of supporting refactoring strategies to enhance maintainability, this paper describes how to detect code smells in Python programs. We introduce 11 Python smells and describe the detection strategy. We also implement a smell detection tool named Pysmell and use it to identify code smells in five real world Python systems. The results show that Pysmell can detect 285 code smell instances in total with the average precision of 97.7%. It reveals that Large Class and Large Method are most prevalent. Our experiment also implies Python programs may be suffering code smells further.

Wuxia Jin,Dinghong Zhong,Yuanfang Cai,Rick Kazman,Ting Liu

DOI: https://doi.org/10.1109/tse.2022.3171288

IF: 7.4

2022-01-01

IEEE Transactions on Software Engineering

Abstract:Dependencies among software entities are the foundation for much of the research on software architecture analysis and architecture analysis tools. Dynamically typed languages, such as Python, JavaScript and Ruby, tolerate the lack of explicit type references, making certain dependencies indiscernible by a purely syntactic analysis of source code. We call these possible dependencies, in contrast with the explicit dependencies that are directly manifested in source code. We find that existing architecture analysis tools have not taken possible dependencies into consideration. An important question therefore is: to what extent will these missing possible dependencies impact architecture analysis?To answer this question, we conducted a study of 499 open-source Python projects, employing type inference techniques and type hint practices to discern possible dependencies. We investigated the consequences of possible dependencies in three software maintenance contexts, including capturing co-change relations recorded in revision history, measuring architectural maintainability, and detecting architecture anti-patterns that violate design principles and impact maintainability. Our study revealed that the impact of possible dependencies on architecture-level maintainability is substantial—higher than that of explicit dependencies. Our findings suggest that architecture analysis and tools should take into account, assess, and highlight the impacts of possible dependencies caused by dynamic typing.

Chen Zhifei,Chen Lin,Ma Wanwangying,Zhou Xiaoyu,Zhou Yuming,Xu Baowen

DOI: https://doi.org/10.1016/j.infsof.2017.09.011

IF: 3.9

2017-01-01

Information and Software Technology

Abstract:ContextCode smells are supposed to cause potential comprehension and maintenance problems in software development. Although code smells are studied in many languages, e.g. Java and C#, there is a lack of technique or tool support addressing code smells in Python. ObjectiveDue to the great differences between Python and static languages, the goal of this study is to define and detect code smells in Python programs and to explore the effects of Python smells on software maintainability. MethodIn this paper, we introduced ten code smells and established a metric-based detection method with three different filtering strategies to specify metric thresholds (Experience-Based Strategy, Statistics-Based Strategy, and Tuning Machine Strategy). Then, we performed a comparative study to investigate how three detection strategies perform in detecting Python smells and how these smells affect software maintainability with different detection strategies. This study utilized a corpus of 106 Python projects with most stars on GitHub. ResultsThe results showed that: (1) the metric-based detection approach performs well in detecting Python smells and Tuning Machine Strategy achieves the best accuracy; (2) the three detection strategies discover some different smell occurrences, and Long Parameter List and Long Method are more prevalent than other smells; (3) several kinds of code smells are more significantly related to changes or faults in Python modules. ConclusionThese findings reveal the key features of Python smells and also provide a guideline for the choice of detection strategy in detecting and analyzing Python smells.

Nicole Vavrová,Vadim Zaytsev

DOI: https://doi.org/10.22152/programming-journal.org/2017/1/11

2017-03-31

Abstract:The context of this work is specification, detection and ultimately removal of detectable harmful patterns in source code that are associated with defects in design and implementation of software. In particular, we investigate five code smells and four antipatterns previously defined in papers and books. Our inquiry is about detecting those in source code written in Python programming language, which is substantially different from all prior research, most of which concerns Java or C-like languages. Our approach was that of software engineers: we have processed existing research literature on the topic, extracted both the abstract definitions of nine design defects and their concrete implementation specifications, implemented them all in a tool we have programmed and let it loose on a huge test set obtained from open source code from thousands of GitHub projects. When it comes to knowledge, we have found that more than twice as many methods in Python can be considered too long (statistically extremely longer than their neighbours within the same project) than in Java, but long parameter lists are seven times less likely to be found in Python code than in Java code. We have also found that Functional Decomposition, the way it was defined for Java, is not found in the Python code at all, and Spaghetti Code and God Classes are extremely rare there as well. The grounding and the confidence in these results comes from the fact that we have performed our experiments on 32'058'823 lines of Python code, which is by far the largest test set for a freely available Python parser. We have also designed the experiment in such a way that it aligned with prior research on design defect detection in Java in order to ease the comparison if we treat our own actions as a replication. Thus, the importance of the work is both in the unique open Python grammar of highest quality, tested on millions of lines of code, and in the design defect detection tool which works on something else than Java.

Software Engineering,Programming Languages

Di Cui,Ting Liu,Yuanfang Cai,Qinghua Zheng,Qiong Feng,Wuxia Jin,Jiaqi Guo,Yu Qu

DOI: https://doi.org/10.1109/ICSE.2019.00069

2019-01-01

Abstract:Over the past decades, numerous approaches were proposed to help practitioner to predict or locate defective files. These techniques often use syntactic dependency, history co-change relation, or semantic similarity. The problem is that, it remains unclear whether these different dependency relations will present similar accuracy in terms of defect prediction and localization. In this paper, we present our systematic investigation of this question from the perspective of software architecture. Considering files involved in each dependency type as an individual design space, we model such a design space using one DRSpace. We derived 3 DRSpaces for each of the 117 Apache open source projects, with 643,079 revision commits and 101,364 bug reports in total, and calculated their interactions with defective files. The experiment results are surprising: the three dependency types present significantly different architectural views, and their interactions with defective files are also drastically different. Intuitively, they play completely different roles when used for defect prediction/localization. The good news is that the combination of these structures has the potential to improve the accuracy of defect prediction/localization. In summary, our work provides a new perspective regarding to which type(s) of relations should be used for the task of defect prediction/localization. These quantitative and qualitative results also advance our knowledge of the relationship between software quality and architectural views formed using different dependency types.

Haolin Yang,Lin Chen,Yulu Cao,Yanhui Li,Yuming Zhou

DOI: https://doi.org/10.1145/3609437.3609447

2023-01-01

Abstract:The emergence of build automation tools with dependency management features has significantly impacted software development. However, in the configuration process, improper settings of some configuration items, such as the dependency scope setting, may cause severe problems in the development process. Improper setting of dependency scope may cause problems such as missing dependencies and redundant dependencies, and may even spread the problem to the downstream of the software ecosystem. We conduct the first comprehensive empirical study of dependency scope settings in Maven projects to investigate the current state of dependency scope settings. We collect 5,433 commits from 65 popular open-source projects on GitHub, including 20,076 dependency scope settings. We also manually analyze 124 improper scope setting issues sampled from 2,609 Java projects. By analyzing these data, we reveal the typical symptoms and root causes of problems caused by improper dependency scope settings, and summarize 5 patterns of dependency scope modification. We provide suggestions for developers to better set and manage the dependency scope, and provide some ideas and experiences for the development of tools related to dependency scope setting.

Wuxia Jin,Shuo Xu,Dawei Chen,Jiajun He,Dinghong Zhong,Ming Fan,Hongxu Chen,Huijia Zhang,Ting Liu

DOI: https://doi.org/10.1145/3597503.3640325

2024-01-01

Abstract:Dependency extraction based on static analysis lays the ground-work for a wide range of applications. However, dynamic language features in Python make code behaviors obscure and nondeter-ministic; consequently, it poses huge challenges for static analyses to resolve symbol-level dependencies. Although prosperous techniques and tools are adequately available, they still lack sufficient capabilities to handle object changes, first-class citizens, varying call sites, and library dependencies. To address the fundamental difficulty for dynamic languages, this work proposes an effective and practical method namely PyAnalyzer for dependency extraction. PyAnalyzer uniformly models functions, classes, and modules into first-class heap objects, propagating the dynamic changes of these objects and class inheritance. This manner better simulates dynamic features like duck typing, object changes, and first-class citizens, resulting in high recall results without compromising pre-cision. Moreover, PyAnalyzer leverages optional type annotations as a shortcut to express varying call sites and resolve library depen-dencies on demand. We collected two micro-benchmarks (278 small programs), two macro-benchmarks (59 real-world applications), and 191 real-world projects (10MSLOC) for comprehensive comparisons with 7 advanced techniques (i.e., Understand, Sourcetrail, Depends, ENRE19, PySonar2, PyCG, and Type4Py). The results demonstrated that PyAnalyzer achieves a high recall and hence improves the F 1 by 24.7% on average, at least 1.4x faster without an obvious compromise of memory efficiency. Our work will benefit diverse client applications.

Denivan Campos,Larissa Rocha,Ivan Machado

DOI: https://doi.org/10.48550/arXiv.2107.13902

2021-07-29

Abstract:Unit testing is an essential component of the software development life-cycle. A developer could easily and quickly catch and fix software faults introduced in the source code by creating and running unit tests. Despite their importance, unit tests are subject to bad design or implementation decisions, the so-called test smells. These might decrease software systems quality from various aspects, making it harder to understand, more complex to maintain, and more prone to errors and bugs. Many studies discuss the likely effects of test smells on test code. However, there is a lack of studies that capture developers perceptions of such issues. This study empirically analyzes how developers perceive the severity of test smells in the test code they develop. Severity refers to the degree to how a test smell may negatively impact the test code. We selected six open-source software projects from GitHub and interviewed their developers to understand whether and how the test smells affected the test code. Although most of the interviewed developers considered the test smells as having a low severity to their code, they indicated that test smells might negatively impact the project, particularly in test code maintainability and evolution. Also, detecting and removing test smells from the test code may be positive for the project.

Software Engineering

Di Cui

DOI: https://doi.org/10.1109/access.2021.3054472

IF: 3.9

2021-01-01

IEEE Access

Abstract:During software evolution, complex structural dependencies between source files pose a great challenge on maintenance activities. Some of these dependencies propagate defects among files, incurring frequent bugs or changes, and consuming significant maintenance costs. They can be referred to as flawed structural dependencies. In this paper, we proposed a method to identify these potential problematic dependencies at an early stage during software evolution, by combing structural and semantic dependencies, so that developers can save maintenance costs by fixing these issues in time. Our method works as follows: First, we extract structural dependencies from the source code syntax and semantic dependencies from the source code lexicon. Second, we collect suspect file pairs by calculating the difference between structural and semantic dependencies. Next, we exhaustively examine each source file in the system and locate the interaction of its impacted subordinated files and suspect file pairs (SFP) as suspect dependencies. Finally, we gather all the suspect dependencies as flawed structural dependencies candidates. We evaluate our method using 838 releases of 15 open source projects, including 33353 bug reports and 86690 revision commits. The detection result shows that our identified dependencies use 14% of all the files to capture almost 70% of top 10% bug-prone files or change-prone files with enough high precision: 92%. Moreover, our identified dependencies also incur 957% of bug frequencies and 1050% of change frequencies than average in future versions. In summary, our method can effectively and efficiently detect flawed structural dependencies in time during software evolution.

Wei Tang,Zhengzi Xu,Chengwei Liu,Jiahui Wu,Shouguo Yang,Yi Li,Ping Luo,Yang Liu

DOI: https://doi.org/10.1145/3551349.3560432

2022-09-20

Abstract:Third-party libraries (TPLs) are frequently reused in software to reduce development cost and the time to market. However, external library dependencies may introduce vulnerabilities into host applications. The issue of library dependency has received considerable critical attention. Many package managers, such as Maven, Pip, and NPM, are proposed to manage TPLs. Moreover, a significant amount of effort has been put into studying dependencies in language ecosystems like Java, Python, and JavaScript except C/C++. Due to the lack of a unified package manager for C/C++, existing research has only few understanding of TPL dependencies in the C/C++ ecosystem, especially at large scale. Towards understanding TPL dependencies in the C/C++ecosystem, we collect existing TPL databases, package management tools, and dependency detection tools, summarize the dependency patterns of C/C++ projects, and construct a comprehensive and precise C/C++ dependency detector. Using our detector, we extract dependencies from a large-scale database containing 24K C/C++ repositories from GitHub. Based on the extracted dependencies, we provide the results and findings of an empirical study, which aims at understanding the characteristics of the TPL dependencies. We further discuss the implications to manage dependency for C/C++ and the future research directions for software engineering researchers and developers in fields of library development, software composition analysis, and C/C++package manager.

Software Engineering

Chao Wang,Rongxin Wu,Haohao Song,Jiwu Shu,Guoqing Li

DOI: https://doi.org/10.1145/3551349.3560437

2022-01-01

Abstract:As one of the representative software ecosystems, PyPI, together with the Python package management tool pip, greatly facilitates Python developers to automatically manage the reuse of third-party libraries, thus saving development time and cost. Despite its great success in practice, a recent empirical study revealed the risks of dependency conflict (DC) issues and then summarized the characteristics of DC issues. However, the dependency resolving strategy, which is the foundation of the prior study, has evolved to a new one, namely the backtracking strategy. To understand how the evolution of this dependency resolving strategy affects the prior findings, we conducted an empirical study to revisit the characteristics of DC issues under the new strategy. Our study revealed that, of the two previously discovered DC issue manifestation patterns, one has significantly changed (Pattern A), while the other remained the same (Pattern B). We also observed, the resolving strategy for the DC issues of Pattern A suffers from the efficiency issue, while the one for the DC issues of Pattern B would lead to a waste of time and space. Based on our findings, we propose a tool smartPip to overcome the limitations of the resolving strategies. To resolve the DC issues of Pattern A, instead of iteratively verifying each candidate dependency library, we leverage a pre-built knowledge base of library dependencies to collect version constraints for concerned libraries, and then convert the version constraints into the SMT expressions for solving. To resolve the DC issues of Pattern B, we improve the existing virtual environment solution to reuse the local libraries as far as possible. Finally, we evaluated smartPip in three benchmark datasets of open source projects. The results showed that, smartPip can outperform the existing Python package management tools including pip with the new strategy and Conda in resolving DC issues of Pattern A, and achieve 1.19X - 1.60X speedups over the best baseline approach. Compared with the built-in Python virtual environment (venv), smartPip reduced 34.55% - 80.26% of storage space and achieved up to 2.26X - 6.53X speedups in resolving the DC issues of Pattern B.

Qiong Feng,Shuwen Liu,Huan Ji,Xiaotian Ma,Peng Liang

2023-12-17

Abstract:Dependency cycles pose a significant challenge to software quality and maintainability. However, there is limited understanding of how practitioners resolve dependency cycles in real-world scenarios. This paper presents an empirical study investigating the recurring patterns employed by software developers to resolve dependency cycles between two classes in practice. We analyzed the data from 38 open-source projects across different domains and manually inspected hundreds of cycle untangling cases. Our findings reveal that developers tend to employ five recurring patterns to address dependency cycles. The chosen patterns are not only determined by dependency relations between cyclic classes, but also highly related to their design context, i.e., how cyclic classes depend on or are depended by their neighbor classes. Through this empirical study, we also discovered three common counterintuitive solutions developers usually adopted during cycles' handling. These recurring patterns and common counterintuitive solutions observed in dependency cycles' practice can serve as a taxonomy to improve developers' awareness and also be used as learning materials for students in software engineering and inexperienced developers. Our results also suggest that, in addition to considering the internal structure of dependency cycles, automatic tools need to consider the design context of cycles to provide better support for refactoring dependency cycles.

Software Engineering

Xiaofang Zhang,Yida Zhou,Can Zhu

DOI: https://doi.org/10.1109/sate.2017.9

2017-01-01

Abstract:To reduce loss from software defects, in the past decades, a number of software engineering researchers have proposed many software defect prediction techniques, which mainly focus on predicting the defect prone software modules, source code files, or code changes. Prior research have identified software design has significant impacts on software quality, especially the bad designs, e.g., anti-patterns, high dependency design, and large source code files, have made various software engineering tasks more difficult. Given these prior works, various bad designs indicators have been widely considered as the fundamental defect prediction metrics in various defect prediction models. Even though the performance of these techniques have been investigated empirically, researchers have not yet gained a clear understanding of correlation between these design metrics and defects proneness. To bridge this gap, in this paper, we investigate the impact of the three kinds of bad design indicators on software defect proneness by conducting a comprehensive empirical study on 18 release versions of the Apache Commons series. In details, we discuss the defect proneness on the file level of three kinds of bad designs, corresponding to seven defect proneness metrics, including various types of well defined code smells, high method dependency, and the files of large size. Furthermore, we investigate the performance of each defect proneness metrics and the overlap between the file sets involved in the bad designs. The experiment results indicate that the three types of bad designs do have impact on defect proneness, the files participating in some special code smell, the large number of code calls to other modules and the large number of lines of code are significantly more likely to be faulty. Moreover, the overlaps of three types of bad designs are relatively small, which means that each group of defect proneness metrics is independent of each other.

Can Zhu,Xiaofang Zhang,Yang Feng,Lin Chen

DOI: https://doi.org/10.1109/QRS.2018.00037

2018-01-01

Abstract:Code smells are considered to have negative impacts on software evolution and maintenance. Many researchers have conducted studies to investigate these effects and correlations. However, because code smells constantly change in the evolution, understanding these changes and the correlation between them and the operations of source code files is helpful for developers in maintenance. In this paper, on four popular Java projects with 58 release versions, we conduct an extensive empirical study to investigate the correlation between code smells and basic operations of source code files. We find that, the density of code smells decreases with the software evolution. The files containing smells have a higher likelihood to be modified while smells are not strongly correlated with adding or removing files. Furthermore, some certain smells have significant impact on file changes. These findings are helpful for developers to understand the evolution of code smells and better focus on quality assurance.