Successfully reported this slideshow.
Your SlideShare is downloading. ×

Evaluating SZZ Implementations Through a Developer-informed Oracle (ICSE 2021)

Sep. 16, 2021
0 likes 86 views
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Upcoming SlideShare
Detecting Bad Smells in Source Code using Change History Information
Detecting Bad Smells in Source Code using Change History Information
Loading in …3
×

Check these out next

A Textual-based Technique for Smell Detection
Fabio Palomba
Exploiting Semantics-Based Plagiarism Detection Methods
IJSRED
Investigating Code Review Practices in Defective Files
The University of Adelaide
Review Participation in Modern Code Review: An Empirical Study of the Android...
The University of Adelaide
A Method to Detect License Inconsistencies for Large-Scale Open Source Projects
Yuhao Wu
Enhancing Developer Productivity with Code Forensics
TechWell
Do software developers understand open source licenses?
Daniel Almeida
Msr17a.ppt
Yann-Gaël Guéhéneuc
1 of 42 Ad

Evaluating SZZ Implementations Through a Developer-informed Oracle (ICSE 2021)

Sep. 16, 2021
0 likes 86 views

Download to read offline

Software

The SZZ algorithm for identifying bug-inducing changes has been widely used to evaluate defect prediction techniques and to empirically investigate when, how, and by whom bugs are introduced. Over the years, researchers have proposed several heuristics to improve the SZZ accuracy, providing various implementations of SZZ. However, fairly evaluating those implementations on a reliable oracle is an open problem: SZZ evaluations usually rely on (i) the manual analysis of the SZZ output to classify the identified bug-inducing commits as true or false positives; or (ii) a golden set linking bug-fixing and bug-inducing commits. In both cases, these manual evaluations are performed by researchers with limited knowledge of the studied subject systems. Ideally, there should be a golden set created by the original developers of the studied systems.
We propose a methodology to build a "developer-informed" oracle for the evaluation of SZZ variants. We use Natural Language Processing (NLP) to identify bug-fixing commits in which developers explicitly reference the commit(s) that introduced a fixed bug. This was followed by a manual filtering step aimed at ensuring the quality and accuracy of the oracle. Once built, we used the oracle to evaluate several variants of the SZZ algorithm in terms of their accuracy. Our evaluation helped us to distill a set of lessons learned to further improve the SZZ algorithm.

Giovanni Rosa (University of Molise), Luca Pascarella (Università della Svizzera italiana), Simone Scalabrino (University of Molise), Rosalia Tufano (Università della Svizzera Italiana), Gabriele Bavota (Software Institute, USI Università della Svizzera italiana), Michele Lanza (Software Institute, USI Università della Svizzera italiana), Rocco Oliveto (University of Molise),

* Live Presentation: https://www.youtube.com/watch?v=ZiuAaysj_Sk

* IEEE Digital Library: https://www.computer.org/csdl/proceedings-article/icse/2021/029600a436/1sEXo2zV4OI

The SZZ algorithm for identifying bug-inducing changes has been widely used to evaluate defect prediction techniques and to empirically investigate when, how, and by whom bugs are introduced. Over the years, researchers have proposed several heuristics to improve the SZZ accuracy, providing various implementations of SZZ. However, fairly evaluating those implementations on a reliable oracle is an open problem: SZZ evaluations usually rely on (i) the manual analysis of the SZZ output to classify the identified bug-inducing commits as true or false positives; or (ii) a golden set linking bug-fixing and bug-inducing commits. In both cases, these manual evaluations are performed by researchers with limited knowledge of the studied subject systems. Ideally, there should be a golden set created by the original developers of the studied systems.
We propose a methodology to build a "developer-informed" oracle for the evaluation of SZZ variants. We use Natural Language Processing (NLP) to identify bug-fixing commits in which developers explicitly reference the commit(s) that introduced a fixed bug. This was followed by a manual filtering step aimed at ensuring the quality and accuracy of the oracle. Once built, we used the oracle to evaluate several variants of the SZZ algorithm in terms of their accuracy. Our evaluation helped us to distill a set of lessons learned to further improve the SZZ algorithm.

Giovanni Rosa (University of Molise), Luca Pascarella (Università della Svizzera italiana), Simone Scalabrino (University of Molise), Rosalia Tufano (Università della Svizzera Italiana), Gabriele Bavota (Software Institute, USI Università della Svizzera italiana), Michele Lanza (Software Institute, USI Università della Svizzera italiana), Rocco Oliveto (University of Molise),

* Live Presentation: https://www.youtube.com/watch?v=ZiuAaysj_Sk

* IEEE Digital Library: https://www.computer.org/csdl/proceedings-article/icse/2021/029600a436/1sEXo2zV4OI

Software
Advertisement

Recommended

Detecting Bad Smells in Source Code using Change History Information
Fabio Palomba
13.5k views
37 slides
Social Debt Analytics for Improving the Management of Software Evolution Tasks
Fabio Palomba
485 views
41 slides
Smells Like Teen Spirit: Improving Bug Prediction Performance using the Inten...
Fabio Palomba
657 views
56 slides
Do They Really Smell Bad? A Study on Developers' Perception of Bad Code Smells
Fabio Palomba
1.1k views
58 slides
PhD Symposium 2014
Fabio Palomba
954 views
75 slides
When and Why Your Code Starts to Smell Bad
Fabio Palomba
2.4k views
75 slides
Code Smell, Software Engineering
Anshul Vinayak
955 views
16 slides
On the Diffusion of Test Smells in Automatically Generated Test Code: An Empi...
Fabio Palomba
352 views
48 slides
Advertisement

More Related Content

Slideshows for you (20)

A Textual-based Technique for Smell Detection
Fabio Palomba
694 views
Exploiting Semantics-Based Plagiarism Detection Methods
IJSRED
8 views
Investigating Code Review Practices in Defective Files
The University of Adelaide
1.6k views
Review Participation in Modern Code Review: An Empirical Study of the Android...
The University of Adelaide
935 views
A Method to Detect License Inconsistencies for Large-Scale Open Source Projects
Yuhao Wu
434 views
Enhancing Developer Productivity with Code Forensics
TechWell
361 views
Do software developers understand open source licenses?
Daniel Almeida
325 views
Msr17a.ppt
Yann-Gaël Guéhéneuc
21 views
Saner16b.ppt
Yann-Gaël Guéhéneuc
17 views
Put Your Hands in the Mud: What Technique, Why, and How
Massimiliano Di Penta
1.4k views
Icsm20.ppt
Yann-Gaël Guéhéneuc
58 views
Opinion Mining for Software Engineering
Alexander Serebrenik
205 views
Proactive Empirical Assessment of New Language Feature Adoption via Automated...
Raffi Khatchadourian
523 views
03. HAMS - Project Scheduling
HAMSproject
216 views
Plagiarism introduction
Merin Paul
1.1k views
Early Detection of Collaboration Conflicts & Risks in Software Development
Roopesh Jhurani
393 views
QuaP2P Kickoff Slides 2006
Kalman Graffi
984 views
The Use of Development History in Software Refactoring Using a Multi-Objectiv...
Ali Ouni
366 views
Big(ger) Data in Software Engineering
Mehdi Mirakhorli
1.4k views
MAVIS: A Visualization Tool for Cohesion-based Bad Smell Inspection
立偉 馬
571 views
A Textual-based Technique for Smell Detection
Fabio Palomba
694 views
39 slides
Exploiting Semantics-Based Plagiarism Detection Methods
IJSRED
8 views
5 slides
Investigating Code Review Practices in Defective Files
The University of Adelaide
1.6k views
72 slides
Review Participation in Modern Code Review: An Empirical Study of the Android...
The University of Adelaide
935 views
38 slides
A Method to Detect License Inconsistencies for Large-Scale Open Source Projects
Yuhao Wu
434 views
12 slides
Enhancing Developer Productivity with Code Forensics
TechWell
361 views
28 slides

Similar to Evaluating SZZ Implementations Through a Developer-informed Oracle (ICSE 2021) (20)

Mining Software Defects: Should We Consider Affected Releases?
Chakkrit (Kla) Tantithamthavorn
310 views
Potential Biases in Bug Localization: Do They Matter?
Pavneet Singh Kochhar
263 views
SZZ Unleashed: An Open Implementation of the SZZ Algorithm
Markus Borg
2.7k views
When do software issues get reported in large open source software
RAKESH RANA
352 views
A Tale of Experiments on Bug Prediction
Martin Pinzger
755 views
When do software issues get reported in large open source software - Rakesh Rana
IWSM Mensura
511 views
DevOps: Find Solutions, Not More Defects
TechWell
363 views
Explainable Artificial Intelligence (XAI) 
to Predict and Explain Future Soft...
Chakkrit (Kla) Tantithamthavorn
5.7k views
Empirical evaluation in 2020: how big, how beautiful?
Massimiliano Di Penta
183 views
A tale of bug prediction in software development
Martin Pinzger
1.1k views
A tale of experiments on bug prediction
Martin Pinzger
818 views
JSconf JP - Analysis of an exploited npm package. Event-stream's role in a su...
Jarrod Overson
1.4k views
Software Analytics: Data Analytics for Software Engineering and Security
Tao Xie
601 views
poster_3.0
Stefano Sansone
218 views
Parasoft .TEST, Write better C# Code Using Data Flow Analysis
Engineering Software Lab
2k views
Debug me
Noha Elprince
963 views
Finding Zero-Days Before The Attackers: A Fortune 500 Red Team Case Study
DevOps.com
187 views
Metrics-Driven Devops: Delivering High Quality Software Faster!
Dynatrace
820 views
Finding Bugs, Fixing Bugs, Preventing Bugs — Exploiting Automated Tests to In...
University of Antwerp
172 views
L'impatto della sicurezza su DevOps
Giulio Vian
92 views
Mining Software Defects: Should We Consider Affected Releases?
Chakkrit (Kla) Tantithamthavorn
310 views
50 slides
Potential Biases in Bug Localization: Do They Matter?
Pavneet Singh Kochhar
263 views
33 slides
SZZ Unleashed: An Open Implementation of the SZZ Algorithm
Markus Borg
2.7k views
28 slides
When do software issues get reported in large open source software
RAKESH RANA
352 views
18 slides
A Tale of Experiments on Bug Prediction
Martin Pinzger
755 views
45 slides
When do software issues get reported in large open source software - Rakesh Rana
IWSM Mensura
511 views
18 slides
Advertisement

Recently uploaded (20)

Real-time Machine Learning with Hopsworks
AlbaTorrado
0 views
Software Reliability_CS-3059_VISHAL_PADME.pptx
VishalPadme2
3 views
App Proposal - EDDY.pptx
Aaronwhite635537
0 views
Intro to computer.pdf
MuazzamaAbdulMajeed
3 views
PM SIMPL_OP1511_FPS02.pdf
Simon Alex
3 views
Steps for creating a cost-plan.pptx
PrabKar
1 view
Jenkins_K8s (2).pptx
khalil Ismail
2 views
ch7.ppt
DrMajidMumtaz
0 views
Kick+Off+Presentation.pptx
Ajinkya Vaze
3 views
Mago-Profile-EN.pdf
MohammedWagih5
2 views
Workhome.pptx
TonyRamirez53
6 views
Presentation1.pptx
narmeen11
3 views
8 Database Paradigms
Hossein Zahed
9 views
Python.pptx
YASHJAIN579460
0 views
1. Introduction.ppt
DineshFernando19
1 view
Firebase Cloud Functions V2
Aviv Laufer
58 views
Comment développer une application mobile en 8 semaines - Meetup PAUG 24-01-2023
Nicolas HAAN
0 views
ERP for Wholesale Distribution Carousel.pdf
DhimantNayak1
3 views
Main task
TonyRamirez53
4 views
FASTechnologies Corp - CNC programming & CAM support - Excellon DNC
NeerajMudgil1
3 views
Real-time Machine Learning with Hopsworks
AlbaTorrado
0 views
19 slides
Software Reliability_CS-3059_VISHAL_PADME.pptx
VishalPadme2
3 views
29 slides
App Proposal - EDDY.pptx
Aaronwhite635537
0 views
7 slides
Intro to computer.pdf
MuazzamaAbdulMajeed
3 views
30 slides
PM SIMPL_OP1511_FPS02.pdf
Simon Alex
3 views
4 slides
Steps for creating a cost-plan.pptx
PrabKar
1 view
3 slides

Evaluating SZZ Implementations Through a Developer-informed Oracle (ICSE 2021)

  1. 1. Evaluating SZZ Implementations Through a Developer-informed Oracle Giovanni Rosa, Luca Pascarella, Simone Scalabrino, Rosalia Tufano, Gabriele Bavota, Michele Lanza, Rocco Oliveto
  2. 2. Where do bugs come from?
  3. 3. Find out changes that can lead to a problem and avoid them in future Understanding where bugs are introduced allows to…
  4. 4. Estimate how much a program is error-prone Understanding where bugs are introduced allows to…
  5. 5. Better allocate resources in testing activities Understanding where bugs are introduced allows to…
  6. 6. Śliwerski Zimmermann Zeller @ MSR 2005
  7. 7. Step 1 SZZ in a nutshell bug report analysis
  8. 8. Step 1 (A) Bug-fixing commit (B) git blame (C) Buggy commit SZZ in a nutshell bug report analysis
  9. 9. Step 1 Step 2 Filtering of resulting commits SZZ in a nutshell (A) Bug-fixing commit (B) git blame (C) Buggy commit bug report analysis
  10. 10. Step 1 bug-inducing commit Step 2 Step 3 SZZ in a nutshell Filtering of resulting commits (A) Bug-fixing commit (B) git blame (C) Buggy commit bug report analysis
  11. 11. Different SZZ variants proposed
  12. 12. There is a problem
  13. 13. Evaluating and comparing the SZZ variants Da Costa et al. @ TSE 2016
  14. 14. Evaluating and comparing the SZZ variants Da Costa et al. @ TSE 2016 Small datasets used for evaluation
  15. 15. Evaluating and comparing the SZZ variants Da Costa et al. @ TSE 2016 Small datasets used for evaluation Validation manually performed by researchers
  16. 16. Define a dataset validated by the developers The way
  17. 17. fixes a search bug introduced by 2508e12 and fixes a typo in the README.md
  18. 18. Developer-informed dataset
  19. 19. Mining of commits 2011 2020
  20. 20. Heuristic approach 1 keyword-based filter AI-powered syntax analysis Duplicate commits removal
  21. 21. Heuristic approach 2 keyword-based filter AI-powered syntax analysis Duplicate commits removal
  22. 22. 3 Heuristic approach keyword-based filter AI-powered syntax analysis duplicate commits removal
  23. 23. Manual validation False positives Bug report data
  24. 24. Bug report data fixes #1740 quote pov-ray binary on windows this fixes a bug introduced by #3523741… URL Date when the issue is reported https://tracker.freecadweb.org/view.php?id=1740 Commit message
  25. 25. 19,6M 3,6k 1,9k Analyzed commits: Extracted commits: After manual validation:
  26. 26. Top programming languages 0 185 370 C P y t h o n C + + J S J a v a P H P R u b y C #
  27. 27. 1,1k 129 Final number of commits: Commits with issue report:
  28. 28. How do different variants of SZZ perform in identifying bug-inducing changes?
  29. 29. B-SZZ Śliwerski et al. @ MSR 2005
  30. 30. R-SZZ e L-SZZ B-SZZ AG-SZZ DJ-SZZ Śliwerski et al. @ MSR 2005 Williams and Spacco @ ISSTA 2008 Kim et al. @ ASE 2006 Davies et al. @ JSE 2013
  31. 31. R-SZZ e L-SZZ B-SZZ AG-SZZ MA-SZZ DJ-SZZ RA-SZZ Śliwerski et al. @ MSR 2005 Williams and Spacco @ ISSTA 2008 Da Costa et al. @ TSE 2016 Kim et al. @ ASE 2006 Davies et al. @ JSE 2013 Neto et al. @ SANER 2018
  32. 32. Open-Source implementations SZZ Unleashed (DJ-SZZ) OpenSZZ (B-SZZ) PyDriller (AG-SZZ) RA-SZZ (RA-SZZ)
  33. 33. Step 1 bug-inducing commit Step 2 Step 3 Our experiment Filtering of resulting commits (A) Bug-fixing commit (B) git blame (C) Buggy commit bug report analysis
  34. 34. Results 0.66 (R-SZZ) Precision Recall F1-score 0.72 (SZZ@UNL) 0.61 (R-SZZ)
  35. 35. Results 0.66 (R-SZZ) Precision Recall F1-score 0.72 (SZZ@UNL) 0.61 (R-SZZ) 0.09 (SZZ@UNL) 0.19 (SZZ@OPN) Java only 0.16 (SZZ@UNL)
  36. 36. Qualitative Analysis
  37. 37. What have we learned?
  38. 38. “ The buggy line is not always impacted in the bug-fix „ Lesson 1
  39. 39. “ SZZ is sensible to history rewritings „ Lesson 2
  40. 40. “ Looking at the big picture in code changes „ Lesson 3
  41. 41. Summary
  42. 42. Take a look at our SZZ implementation! https://github.com/grosa1/pyszz

×