SlideShare a Scribd company logo

Automatic Identification of Bug-Introducing Changes

ā€¢
ā€¢
Thomas Zimmermann
Thomas Zimmermann

The document discusses identifying bug-introducing changes by analyzing version control histories and fix changes. It presents the SZZ algorithm which uses commit annotations to identify the revision that likely introduced a bug based on the revision that fixed it. The algorithm can identify bug-introducing changes but has limitations as annotations may be insufficient and not all modifications are fixes, leading to false positives and negatives.

1 of 72
Download to read offline
Automatic Identiļ¬cation of Bug-Introducing Changes Sunghun Kim Kai Pan E. James Whitehead, Jr. University of California, Santa Cruz, USA Tom Zimmermann Saarland University, SaarbrĆ¼cken, Germany
Motivation Bugs
Motivation Statistics Bugs
Motivation Statistics Detection Bugs
Motivation Statistics Detection Bugs Prediction
Motivation Statistics Detection Bugs Prediction Analysis
Motivation Statistics Detection Bugs Observation Prediction Analysis
So far: Focus on ļ¬xes teicher 2003-10-29 16:11:01 ļ¬xes issues mentioned in bug 45635: [hovering] rollover hovers - mouse exit detection is safer and should not allow for loopholes any more, except for shell deactiviation - hovers behave like normal ones: - tooltips pop up below the control - they move with subjectArea - once a popup is showing, they will show up instantly
So far: Focus on ļ¬xes teicher 2003-10-29 16:11:01 ļ¬xes issues mentioned in bug 45635: [hovering] rollover hovers - mouse exit detection is safer and should not allow for loopholes any more, except for shell deactiviation - hovers behave like normal ones: - tooltips pop up below the control - they move with subjectArea - once a popup is showing, they will show up instantly Fixes give only the location of a defect, not when it was introduced.
Bug-introducing changes BUG-INTRODUCING ... if (foo==null) { foo.bar(); ...
Bug-introducing changes BUG-INTRODUCING FIX ... ... later ļ¬xed if (foo==null) { if (foo!=null) { foo.bar(); foo.bar(); ... ...
Bug-introducing changes BUG-INTRODUCING FIX ... ... later ļ¬xed if (foo==null) { if (foo!=null) { foo.bar(); foo.bar(); ... ... Bug-introducing changes are changes that lead to problems as indicated by later ļ¬xes.
Life-cycle of a ā€œbugā€
Life-cycle of a ā€œbugā€ BUG-INTRODUCING CHANGE
Life-cycle of a ā€œbugā€ BUG REPORT ļ¬xes issues mentioned in bug 45635: [hovering] rollover hovers - mouse exit detection is safer and should not allow for loopholes any more, except for shell deactiviation - hovers behave like normal ones: - tooltips pop up below the control - they move with subjectArea - once a popup is showing, they will show up instantly BUG-INTRODUCING CHANGE
Life-cycle of a ā€œbugā€ BUG REPORT ļ¬xes issues mentioned in bug 45635: [hovering] rollover hovers - mouse exit detection is safer and should not allow for loopholes any more, except for shell deactiviation - hovers behave like normal ones: - tooltips pop up below the control - they move with subjectArea - once a popup is showing, they will show up instantly BUG-INTRODUCING FIX CHANGE CHANGE
The SZZ algorithm 1.18 FIXED BUG 42233
The SZZ algorithm $ cvs annotate -r 1.17 Foo.java ... 20: 1.11 (john 12-Feb-03): return i/0; ... 40: 1.14 (kate 23-May-03): return 42; ... 60: 1.16 (mary 10-Jun-03): int i=0; 1.18 FIXED BUG 42233
The SZZ algorithm $ cvs annotate -r 1.17 Foo.java ... 20: 1.11 (john 12-Feb-03): return i/0; ... 40: 1.14 (kate 23-May-03): return 42; ... 60: 1.16 (mary 10-Jun-03): int i=0; 1.18 FIXED BUG 42233
The SZZ algorithm $ cvs annotate -r 1.17 Foo.java ... 20: 1.11 (john 12-Feb-03): return i/0; ... 40: 1.14 (kate 23-May-03): return 42; ... 60: 1.16 (mary 10-Jun-03): int i=0; 1.11 1.14 1.16 1.18 FIXED BUG 42233
The SZZ algorithm $ cvs annotate -r 1.17 Foo.java ... 20: 1.11 (john 12-Feb-03): return i/0; ... 40: 1.14 (kate 23-May-03): return 42; ... 60: 1.16 (mary 10-Jun-03): int i=0; 1.11 1.14 1.16 1.18 BUG FIXED BUG INTRO 42233
The SZZ algorithm $ cvs annotate -r 1.17 Foo.java ... 20: 1.11 (john 12-Feb-03): return i/0; ... 40: 1.14 (kate 23-May-03): return 42; ... 60: 1.16 (mary 10-Jun-03): int i=0; 1.11 1.14 1.16 1.18 BUG BUG FIXED BUG INTRO INTRO 42233
The SZZ algorithm $ cvs annotate -r 1.17 Foo.java ... 20: 1.11 (john 12-Feb-03): return i/0; ... 40: 1.14 (kate 23-May-03): return 42; ... 60: 1.16 (mary 10-Jun-03): int i=0; 1.11 1.14 1.16 1.18 BUG BUG BUG FIXED BUG INTRO INTRO INTRO 42233
The SZZ algorithm 1.11 1.14 1.16 1.18 BUG BUG BUG FIXED BUG INTRO INTRO INTRO 42233
The SZZ algorithm submitted closed BUG REPORT ļ¬xes issues mentioned in bug 45635: [hovering] rollover hovers - mouse exit detection is safer and should not allow for loopholes any more, except for shell deactiviation - hovers behave like normal ones: - tooltips pop up below the control - they move with subjectArea - once a popup is showing, they will show up instantly 1.11 1.14 1.16 1.18 BUG BUG BUG FIXED BUG INTRO INTRO INTRO 42233
The SZZ algorithm submitted closed BUG REPORT ļ¬xes issues mentioned in bug 45635: [hovering] rollover hovers - mouse exit detection is safer and should not allow for loopholes any more, except for shell deactiviation - hovers behave like normal ones: - tooltips pop up below the control - they move with subjectArea - once a popup is showing, they will show up instantly 1.11 1.14 1.16 1.18 BUGREMOVE BUG BUG FIXED BUG INTRO INTRO POSITIVES INTRO 42233 FALSE
Drawbacks of SZZ Annotation by SCMs is insufļ¬cient. (line number in bug-introducing revision is missing)
Drawbacks of SZZ Annotation by SCMs is insufļ¬cient. (line number in bug-introducing revision is missing) Not all modiļ¬cations are ļ¬xes. (blank lines, comments, etc.)
False negatives and positives Correct False negatives False positives BUG-INTRODUCING BUGS
An example BUG-INTRODUCING void bar() { if (val==null) { println(val); } ... Revision 7: tom - introduces the defects
An example BUG-INTRODUCING BUG FIX void bar() { void foo() { void foo() { if (val==null) { // print val // print value println(val); if (val==null) if (val!=null) } { { ... println(val); println(val); } } ... ... Revision 7: tom Revision 23: jim Revision 42: kim - introduces the defects - inserts a comment - changes comment - reformats if statement - corrects defect
An example BUG-INTRODUCING BUG FIX void bar() { void foo() { void foo() { if (val==null) { // print val // print valueval println(val); if (val==null) if (val!=null) } { { ... println(val); println(val); } } ... ... Revision 7: tom Revision 23: jim Revision 42: kim - introduces the defects - inserts a comment - changes comment - reformats if statement - corrects defect
An example BUG-INTRODUCING BUG FIX void bar() { void foo() { void foo() { if (val==null) { // print val // print valueval println(val); if (val==null) if (val!=null) } { { ... println(val); println(val); } } ... ... Revision 7: tom Revision 23: jim Revision 42: kim - introduces the defects - inserts a comment - changes comment - reformats if statement - corrects defect
An example BUG-INTRODUCING BUG FIX void bar() { void foo() { void foo() { if (val==null) { // print val // print valueval println(val); if (val==null) if (val!=null) } { { ... println(val); println(val); } } ... ... Revision 7: tom Revision 23: jim Revision 42: kim - introduces the defects - inserts a comment - changes comment - reformats if statement - corrects defect The originial SZZ algorithm has too many false positives (rev 23) and false negatives (rev 7).
Our study COLUMBA ECLIPSE (jdt.core) Project Software type Email client IDE Investigated period 11/2002-06/2003 06/2001-03/2002 Number of revisions 500 1000 Number of ļ¬xes 143 (29%) 158 (16%) Average LOC 48,135 111,059
Annotation graphs
Annotation graphs ļ¬xed revisions
Annotation graphs foo() ļ¬xed revisions
Annotation graphs bar() renamed to foo() foo() ļ¬xed revisions
Annotation graphs bar() bar() renamed to foo() foo() ļ¬xed revisions
Annotation graphs bar() bar() renamed to foo() foo() ļ¬xed revisions SZZ reports a bug-introducing change for foo (false positive) but not for bar (false negative).
Annotation graphs bar() bar() renamed to foo() foo() ļ¬xed revisions Using annotation graphs we can remove 2% as false positives and identiļ¬es further 1%~4%.
Comments & blank lines public void notifySourceElementRequestor() { - + if (reportReferenceInfo) { + notifyAllUnknownReferences(); +} // collect the top level ast nodes int length = 0;
Comments & blank lines public void notifySourceElementRequestor() { - + if (reportReferenceInfo) { + notifyAllUnknownReferences(); +} // collect the top level ast nodes int length = 0; Ignoring comments and blank lines removes 14%~20% as false positives.
Format changes BUG-INTRODUCING if ( a==true ) return;
Format changes BUG-INTRODUCING BUG FIX if ( a==true ) return; if (a==true) if (a==false) return; return;
Format changes BUG-INTRODUCING BUG FIX if ( a==true ) return; if (a==true) if (a==false) return; return; FALSE POSITIVE
Format changes BUG-INTRODUCING BUG FIX if ( a==true ) return; if (a==true) if (a==false) return; return; FALSE FALSE NEGATIVE POSITIVE
Format changes BUG-INTRODUCING BUG FIX if ( a==true ) return; if (a==true) if (a==false) return; return; FALSE FALSE NEGATIVE POSITIVE Ignoring format changes removes 18%~25% as false positives and identiļ¬es further 13%~14%.
Fixes that affect many ļ¬les Most large ļ¬xes are refactoring - public boolean visit(TypeDeclaration - typeDeclaration, BlockScope scope){ + public boolean visit(LocalTypeDeclaration + typeDeclaration, BlockScope scope){
Fixes that affect many ļ¬les Most large ļ¬xes are refactoring - public boolean visit(TypeDeclaration - typeDeclaration, BlockScope scope){ + public boolean visit(LocalTypeDeclaration + typeDeclaration, BlockScope scope){ Ignoring ļ¬xes that affect many ļ¬les (=more than ļ¬ve times the median) removes 7%~16% as false positives
Manual inspection of ļ¬xes Two judges check whether a ļ¬x is actually a ļ¬x. deleteResources(actualNonJavaResources,fForce); - IResource[] remaingFiles; + IResource[] remainingFiles;Ā  try { - remaingFiles=((IFolder)res).members(); + remainingFiles=((IFolder)res).members(); }
Manual inspection of ļ¬xes Two judges check whether a ļ¬x is actually a ļ¬x. deleteResources(actualNonJavaResources,fForce); - IResource[] remaingFiles; + IResource[] remainingFiles;Ā  try { - remaingFiles=((IFolder)res).members(); + remainingFiles=((IFolder)res).members(); } Manual inspection of ļ¬xes removes only 4%~5% as false positives.
Putting it together ASE SZZ BUGS
Putting it together False negatives of SZZ: 14% ASE SZZ BUGS
Putting it together False negatives of SZZ: 14% False positives of SZZ: 38%~51% ASE SZZ BUGS
Putting it together False negatives of SZZ: 14% False positives of SZZ: 38%~51% ASE SZZ Automatically we can remove 36%~48% as BUGS false positive.
Donā€™t program on Fridays ;-) Monday 11.3% Tuesday 10.4% Wednesday 11.1% Thursday 12.1% Friday 12.2% Saturday 11.7% Sunday 11.6% 0% 2.5% 5.0% 7.5% 10.0% 12.5% 15.0% Percentage of bug-introducing changes
Donā€™t program on Fridays ;-) Monday 11.3% Tuesday 10.4% Wednesday 11.1% Thursday 12.1% Friday 12.2% Saturday 11.7% Sunday 11.6% 0% 2.5% 5.0% 7.5% 10.0% 12.5% 15.0% Percentage of bug-introducing changes
Defect-prone authors Authors (anonymized) Fry Leela Bender Amy 0% 10% 20% 30% 40% 50% 60% 70% 80% Frequency Bug-Introducing changes Fix changes
Risk awareness ā€œSafeā€ Location (green) Risky Location (dark red)
Change classiļ¬cation
Change classiļ¬cation bug-introducing (ā€œbadā€) X X X X
Change classiļ¬cation BUILD A CLASSIFIER bug-introducing (ā€œbadā€) X X X X
Change classiļ¬cation BUILD A CLASSIFIER bug-introducing (ā€œbadā€) X X X X new change
Change classiļ¬cation BUILD A CLASSIFIER bug-introducing (ā€œbadā€) X X X X new change PREDICT QUALITY
Conclusions
Conclusions ā€¢ Bug-introducing changes tell when a defect was introduced, not only its location.
Conclusions ā€¢ Bug-introducing changes tell when a defect was introduced, not only its location. ā€¢ We can automatically identify ā€“ 36%~48% of SZZ as false positives and ā€“ further 14% of missed bug-introductions.
Conclusions ā€¢ Bug-introducing changes tell when a defect was introduced, not only its location. ā€¢ We can automatically identify ā€“ 36%~48% of SZZ as false positives and ā€“ further 14% of missed bug-introductions. ā€¢ Bug-introducing changes are useful for defect prediction and software evolution.
More minin g @A Frida SE: y mo Conclusions rning . ā€¢ Bug-introducing changes tell when a defect was introduced, not only its location. ā€¢ We can automatically identify ā€“ 36%~48% of SZZ as false positives and ā€“ further 14% of missed bug-introductions. ā€¢ Bug-introducing changes are useful for defect prediction and software evolution.

Recommended

Of class3
Of class3Of class3
Of class3Janet Huang
Ā 
Debugging: Or How I Learned To Stop Worrying and Love EXC_BAD_ACCESS
Debugging: Or How I Learned To Stop Worrying and Love EXC_BAD_ACCESSDebugging: Or How I Learned To Stop Worrying and Love EXC_BAD_ACCESS
Debugging: Or How I Learned To Stop Worrying and Love EXC_BAD_ACCESS
artgillespie
Ā 
The history of asynchronous JavaScript
The history of asynchronous JavaScriptThe history of asynchronous JavaScript
The history of asynchronous JavaScript
GreeceJS
Ā 
How to stop debugging asynchronous code and start living, Andrey Salomatin, B...
How to stop debugging asynchronous code and start living, Andrey Salomatin, B...How to stop debugging asynchronous code and start living, Andrey Salomatin, B...
How to stop debugging asynchronous code and start living, Andrey Salomatin, B...
MoscowJS
Ā 
Exceptions
ExceptionsExceptions
Exceptionsnotshoaib
Ā 
BSides algiers - Malware History - Sofiane Talmat
BSides algiers - Malware History - Sofiane TalmatBSides algiers - Malware History - Sofiane Talmat
BSides algiers - Malware History - Sofiane TalmatShellmates
Ā 
Openframworks x Mobile
Openframworks x MobileOpenframworks x Mobile
Openframworks x Mobile
Janet Huang
Ā 
Boost statechart library
Boost statechart libraryBoost statechart library
Boost statechart library
Jan RĆ¼egg
Ā 

Recommended

Of class3
Of class3Of class3
Of class3Janet Huang
Ā 
Debugging: Or How I Learned To Stop Worrying and Love EXC_BAD_ACCESS
Debugging: Or How I Learned To Stop Worrying and Love EXC_BAD_ACCESSDebugging: Or How I Learned To Stop Worrying and Love EXC_BAD_ACCESS
Debugging: Or How I Learned To Stop Worrying and Love EXC_BAD_ACCESS
artgillespie
Ā 
The history of asynchronous JavaScript
The history of asynchronous JavaScriptThe history of asynchronous JavaScript
The history of asynchronous JavaScript
GreeceJS
Ā 
How to stop debugging asynchronous code and start living, Andrey Salomatin, B...
How to stop debugging asynchronous code and start living, Andrey Salomatin, B...How to stop debugging asynchronous code and start living, Andrey Salomatin, B...
How to stop debugging asynchronous code and start living, Andrey Salomatin, B...
MoscowJS
Ā 
Exceptions
ExceptionsExceptions
Exceptionsnotshoaib
Ā 
BSides algiers - Malware History - Sofiane Talmat
BSides algiers - Malware History - Sofiane TalmatBSides algiers - Malware History - Sofiane Talmat
BSides algiers - Malware History - Sofiane TalmatShellmates
Ā 
Openframworks x Mobile
Openframworks x MobileOpenframworks x Mobile
Openframworks x Mobile
Janet Huang
Ā 
Boost statechart library
Boost statechart libraryBoost statechart library
Boost statechart library
Jan RĆ¼egg
Ā 
Dalvik Source Code Reading
Dalvik Source Code ReadingDalvik Source Code Reading
Dalvik Source Code Reading
kishima7
Ā 
5 Cool Things About PLSQL
5 Cool Things About PLSQL5 Cool Things About PLSQL
5 Cool Things About PLSQL
Connor McDonald
Ā 
BSides Algiers - Stuxnet - Sofiane Talmat
BSides Algiers - Stuxnet - Sofiane TalmatBSides Algiers - Stuxnet - Sofiane Talmat
BSides Algiers - Stuxnet - Sofiane TalmatShellmates
Ā 
openFrameworks ā€“ ćƒ‘ćƒ¼ćƒ†ć‚£ć‚Æćƒ«ć‚’å‹•ć‹ć™ć€é™ēš„配列ćØ動ēš„配列 - å¤šę‘©ē¾Žćƒ”ćƒ‡ć‚£ć‚¢ć‚¢ćƒ¼ćƒˆII
openFrameworks ā€“ ćƒ‘ćƒ¼ćƒ†ć‚£ć‚Æćƒ«ć‚’å‹•ć‹ć™ć€é™ēš„配列ćØ動ēš„配列 - å¤šę‘©ē¾Žćƒ”ćƒ‡ć‚£ć‚¢ć‚¢ćƒ¼ćƒˆIIopenFrameworks ā€“ ćƒ‘ćƒ¼ćƒ†ć‚£ć‚Æćƒ«ć‚’å‹•ć‹ć™ć€é™ēš„配列ćØ動ēš„配列 - å¤šę‘©ē¾Žćƒ”ćƒ‡ć‚£ć‚¢ć‚¢ćƒ¼ćƒˆII
openFrameworks ā€“ ćƒ‘ćƒ¼ćƒ†ć‚£ć‚Æćƒ«ć‚’å‹•ć‹ć™ć€é™ēš„配列ćØ動ēš„配列 - å¤šę‘©ē¾Žćƒ”ćƒ‡ć‚£ć‚¢ć‚¢ćƒ¼ćƒˆIIAtsushi Tadokoro
Ā 
Flappy bird
Flappy birdFlappy bird
Flappy bird
SantiagoYepesSerna
Ā 
I am the 100% [*] by Chris Evans & Natalie Silvanovich
I am the 100% [*] by Chris Evans & Natalie SilvanovichI am the 100% [*] by Chris Evans & Natalie Silvanovich
I am the 100% [*] by Chris Evans & Natalie Silvanovich
Shakacon
Ā 
Tetcon2016 160104
Tetcon2016 160104Tetcon2016 160104
Tetcon2016 160104
Bordeaux I
Ā 
Software Analytics = Sharing Information
Software Analytics = Sharing InformationSoftware Analytics = Sharing Information
Software Analytics = Sharing Information
Thomas Zimmermann
Ā 
MSR 2013 Preview
MSR 2013 PreviewMSR 2013 Preview
MSR 2013 Preview
Thomas Zimmermann
Ā 
Predicting Method Crashes with Bytecode Operations
Predicting Method Crashes with Bytecode OperationsPredicting Method Crashes with Bytecode Operations
Predicting Method Crashes with Bytecode Operations
Thomas Zimmermann
Ā 
Analytics for smarter software development
Analytics for smarter software development Analytics for smarter software development
Analytics for smarter software development
Thomas Zimmermann
Ā 
Characterizing and Predicting Which Bugs Get Reopened
Characterizing and Predicting Which Bugs Get ReopenedCharacterizing and Predicting Which Bugs Get Reopened
Characterizing and Predicting Which Bugs Get Reopened
Thomas Zimmermann
Ā 
Klingon Countdown Timer
Klingon Countdown TimerKlingon Countdown Timer
Klingon Countdown Timer
Thomas Zimmermann
Ā 
Data driven games user research
Data driven games user researchData driven games user research
Data driven games user research
Thomas Zimmermann
Ā 
Not my bug! Reasons for software bug report reassignments
Not my bug! Reasons for software bug report reassignmentsNot my bug! Reasons for software bug report reassignments
Not my bug! Reasons for software bug report reassignments
Thomas Zimmermann
Ā 
Empirical Software Engineering at Microsoft Research
Empirical Software Engineering at Microsoft ResearchEmpirical Software Engineering at Microsoft Research
Empirical Software Engineering at Microsoft Research
Thomas Zimmermann
Ā 
Security trend analysis with CVE topic models
Security trend analysis with CVE topic modelsSecurity trend analysis with CVE topic models
Security trend analysis with CVE topic models
Thomas Zimmermann
Ā 
Analytics for software development
Analytics for software developmentAnalytics for software development
Analytics for software developmentThomas Zimmermann
Ā 
Characterizing and predicting which bugs get fixed
Characterizing and predicting which bugs get fixedCharacterizing and predicting which bugs get fixed
Characterizing and predicting which bugs get fixed
Thomas Zimmermann
Ā 
Changes and Bugs: Mining and Predicting Development Activities
Changes and Bugs: Mining and Predicting Development ActivitiesChanges and Bugs: Mining and Predicting Development Activities
Changes and Bugs: Mining and Predicting Development Activities
Thomas Zimmermann
Ā 
Cross-project defect prediction
Cross-project defect predictionCross-project defect prediction
Cross-project defect prediction
Thomas Zimmermann
Ā 
Changes and Bugs: Mining and Predicting Development Activities
Changes and Bugs: Mining and Predicting Development ActivitiesChanges and Bugs: Mining and Predicting Development Activities
Changes and Bugs: Mining and Predicting Development Activities
Thomas Zimmermann
Ā 

More Related Content

What's hot

Dalvik Source Code Reading
Dalvik Source Code ReadingDalvik Source Code Reading
Dalvik Source Code Reading
kishima7
Ā 
5 Cool Things About PLSQL
5 Cool Things About PLSQL5 Cool Things About PLSQL
5 Cool Things About PLSQL
Connor McDonald
Ā 
BSides Algiers - Stuxnet - Sofiane Talmat
BSides Algiers - Stuxnet - Sofiane TalmatBSides Algiers - Stuxnet - Sofiane Talmat
BSides Algiers - Stuxnet - Sofiane TalmatShellmates
Ā 
openFrameworks ā€“ ćƒ‘ćƒ¼ćƒ†ć‚£ć‚Æćƒ«ć‚’å‹•ć‹ć™ć€é™ēš„配列ćØ動ēš„配列 - å¤šę‘©ē¾Žćƒ”ćƒ‡ć‚£ć‚¢ć‚¢ćƒ¼ćƒˆII
openFrameworks ā€“ ćƒ‘ćƒ¼ćƒ†ć‚£ć‚Æćƒ«ć‚’å‹•ć‹ć™ć€é™ēš„配列ćØ動ēš„配列 - å¤šę‘©ē¾Žćƒ”ćƒ‡ć‚£ć‚¢ć‚¢ćƒ¼ćƒˆIIopenFrameworks ā€“ ćƒ‘ćƒ¼ćƒ†ć‚£ć‚Æćƒ«ć‚’å‹•ć‹ć™ć€é™ēš„配列ćØ動ēš„配列 - å¤šę‘©ē¾Žćƒ”ćƒ‡ć‚£ć‚¢ć‚¢ćƒ¼ćƒˆII
openFrameworks ā€“ ćƒ‘ćƒ¼ćƒ†ć‚£ć‚Æćƒ«ć‚’å‹•ć‹ć™ć€é™ēš„配列ćØ動ēš„配列 - å¤šę‘©ē¾Žćƒ”ćƒ‡ć‚£ć‚¢ć‚¢ćƒ¼ćƒˆIIAtsushi Tadokoro
Ā 
Flappy bird
Flappy birdFlappy bird
Flappy bird
SantiagoYepesSerna
Ā 
I am the 100% [*] by Chris Evans & Natalie Silvanovich
I am the 100% [*] by Chris Evans & Natalie SilvanovichI am the 100% [*] by Chris Evans & Natalie Silvanovich
I am the 100% [*] by Chris Evans & Natalie Silvanovich
Shakacon
Ā 
Tetcon2016 160104
Tetcon2016 160104Tetcon2016 160104
Tetcon2016 160104
Bordeaux I
Ā 

What's hot (7)

Dalvik Source Code Reading
Dalvik Source Code ReadingDalvik Source Code Reading
Dalvik Source Code Reading
Ā 
5 Cool Things About PLSQL
5 Cool Things About PLSQL5 Cool Things About PLSQL
5 Cool Things About PLSQL
Ā 
BSides Algiers - Stuxnet - Sofiane Talmat
BSides Algiers - Stuxnet - Sofiane TalmatBSides Algiers - Stuxnet - Sofiane Talmat
BSides Algiers - Stuxnet - Sofiane Talmat
Ā 
openFrameworks ā€“ ćƒ‘ćƒ¼ćƒ†ć‚£ć‚Æćƒ«ć‚’å‹•ć‹ć™ć€é™ēš„配列ćØ動ēš„配列 - å¤šę‘©ē¾Žćƒ”ćƒ‡ć‚£ć‚¢ć‚¢ćƒ¼ćƒˆII
openFrameworks ā€“ ćƒ‘ćƒ¼ćƒ†ć‚£ć‚Æćƒ«ć‚’å‹•ć‹ć™ć€é™ēš„配列ćØ動ēš„配列 - å¤šę‘©ē¾Žćƒ”ćƒ‡ć‚£ć‚¢ć‚¢ćƒ¼ćƒˆIIopenFrameworks ā€“ ćƒ‘ćƒ¼ćƒ†ć‚£ć‚Æćƒ«ć‚’å‹•ć‹ć™ć€é™ēš„配列ćØ動ēš„配列 - å¤šę‘©ē¾Žćƒ”ćƒ‡ć‚£ć‚¢ć‚¢ćƒ¼ćƒˆII
openFrameworks ā€“ ćƒ‘ćƒ¼ćƒ†ć‚£ć‚Æćƒ«ć‚’å‹•ć‹ć™ć€é™ēš„配列ćØ動ēš„配列 - å¤šę‘©ē¾Žćƒ”ćƒ‡ć‚£ć‚¢ć‚¢ćƒ¼ćƒˆII
Ā 
Flappy bird
Flappy birdFlappy bird
Flappy bird
Ā 
I am the 100% [*] by Chris Evans & Natalie Silvanovich
I am the 100% [*] by Chris Evans & Natalie SilvanovichI am the 100% [*] by Chris Evans & Natalie Silvanovich
I am the 100% [*] by Chris Evans & Natalie Silvanovich
Ā 
Tetcon2016 160104
Tetcon2016 160104Tetcon2016 160104
Tetcon2016 160104
Ā 

More from Thomas Zimmermann

Software Analytics = Sharing Information
Software Analytics = Sharing InformationSoftware Analytics = Sharing Information
Software Analytics = Sharing Information
Thomas Zimmermann
Ā 
MSR 2013 Preview
MSR 2013 PreviewMSR 2013 Preview
MSR 2013 Preview
Thomas Zimmermann
Ā 
Predicting Method Crashes with Bytecode Operations
Predicting Method Crashes with Bytecode OperationsPredicting Method Crashes with Bytecode Operations
Predicting Method Crashes with Bytecode Operations
Thomas Zimmermann
Ā 
Analytics for smarter software development
Analytics for smarter software development Analytics for smarter software development
Analytics for smarter software development
Thomas Zimmermann
Ā 
Characterizing and Predicting Which Bugs Get Reopened
Characterizing and Predicting Which Bugs Get ReopenedCharacterizing and Predicting Which Bugs Get Reopened
Characterizing and Predicting Which Bugs Get Reopened
Thomas Zimmermann
Ā 
Klingon Countdown Timer
Klingon Countdown TimerKlingon Countdown Timer
Klingon Countdown Timer
Thomas Zimmermann
Ā 
Data driven games user research
Data driven games user researchData driven games user research
Data driven games user research
Thomas Zimmermann
Ā 
Not my bug! Reasons for software bug report reassignments
Not my bug! Reasons for software bug report reassignmentsNot my bug! Reasons for software bug report reassignments
Not my bug! Reasons for software bug report reassignments
Thomas Zimmermann
Ā 
Empirical Software Engineering at Microsoft Research
Empirical Software Engineering at Microsoft ResearchEmpirical Software Engineering at Microsoft Research
Empirical Software Engineering at Microsoft Research
Thomas Zimmermann
Ā 
Security trend analysis with CVE topic models
Security trend analysis with CVE topic modelsSecurity trend analysis with CVE topic models
Security trend analysis with CVE topic models
Thomas Zimmermann
Ā 
Analytics for software development
Analytics for software developmentAnalytics for software development
Analytics for software developmentThomas Zimmermann
Ā 
Characterizing and predicting which bugs get fixed
Characterizing and predicting which bugs get fixedCharacterizing and predicting which bugs get fixed
Characterizing and predicting which bugs get fixed
Thomas Zimmermann
Ā 
Changes and Bugs: Mining and Predicting Development Activities
Changes and Bugs: Mining and Predicting Development ActivitiesChanges and Bugs: Mining and Predicting Development Activities
Changes and Bugs: Mining and Predicting Development Activities
Thomas Zimmermann
Ā 
Cross-project defect prediction
Cross-project defect predictionCross-project defect prediction
Cross-project defect prediction
Thomas Zimmermann
Ā 
Changes and Bugs: Mining and Predicting Development Activities
Changes and Bugs: Mining and Predicting Development ActivitiesChanges and Bugs: Mining and Predicting Development Activities
Changes and Bugs: Mining and Predicting Development Activities
Thomas Zimmermann
Ā 
Predicting Defects using Network Analysis on Dependency Graphs
Predicting Defects using Network Analysis on Dependency GraphsPredicting Defects using Network Analysis on Dependency Graphs
Predicting Defects using Network Analysis on Dependency Graphs
Thomas Zimmermann
Ā 
Quality of Bug Reports in Open Source
Quality of Bug Reports in Open SourceQuality of Bug Reports in Open Source
Quality of Bug Reports in Open Source
Thomas Zimmermann
Ā 
Meet Tom and his Fish
Meet Tom and his FishMeet Tom and his Fish
Meet Tom and his Fish
Thomas Zimmermann
Ā 
Predicting Subsystem Defects using Dependency Graph Complexities
Predicting Subsystem Defects using Dependency Graph Complexities Predicting Subsystem Defects using Dependency Graph Complexities
Predicting Subsystem Defects using Dependency Graph Complexities
Thomas Zimmermann
Ā 
Got Myth? Myths in Software Engineering
Got Myth? Myths in Software EngineeringGot Myth? Myths in Software Engineering
Got Myth? Myths in Software Engineering
Thomas Zimmermann
Ā 

More from Thomas Zimmermann (20)

Software Analytics = Sharing Information
Software Analytics = Sharing InformationSoftware Analytics = Sharing Information
Software Analytics = Sharing Information
Ā 
MSR 2013 Preview
MSR 2013 PreviewMSR 2013 Preview
MSR 2013 Preview
Ā 
Predicting Method Crashes with Bytecode Operations
Predicting Method Crashes with Bytecode OperationsPredicting Method Crashes with Bytecode Operations
Predicting Method Crashes with Bytecode Operations
Ā 
Analytics for smarter software development
Analytics for smarter software development Analytics for smarter software development
Analytics for smarter software development
Ā 
Characterizing and Predicting Which Bugs Get Reopened
Characterizing and Predicting Which Bugs Get ReopenedCharacterizing and Predicting Which Bugs Get Reopened
Characterizing and Predicting Which Bugs Get Reopened
Ā 
Klingon Countdown Timer
Klingon Countdown TimerKlingon Countdown Timer
Klingon Countdown Timer
Ā 
Data driven games user research
Data driven games user researchData driven games user research
Data driven games user research
Ā 
Not my bug! Reasons for software bug report reassignments
Not my bug! Reasons for software bug report reassignmentsNot my bug! Reasons for software bug report reassignments
Not my bug! Reasons for software bug report reassignments
Ā 
Empirical Software Engineering at Microsoft Research
Empirical Software Engineering at Microsoft ResearchEmpirical Software Engineering at Microsoft Research
Empirical Software Engineering at Microsoft Research
Ā 
Security trend analysis with CVE topic models
Security trend analysis with CVE topic modelsSecurity trend analysis with CVE topic models
Security trend analysis with CVE topic models
Ā 
Analytics for software development
Analytics for software developmentAnalytics for software development
Analytics for software development
Ā 
Characterizing and predicting which bugs get fixed
Characterizing and predicting which bugs get fixedCharacterizing and predicting which bugs get fixed
Characterizing and predicting which bugs get fixed
Ā 
Changes and Bugs: Mining and Predicting Development Activities
Changes and Bugs: Mining and Predicting Development ActivitiesChanges and Bugs: Mining and Predicting Development Activities
Changes and Bugs: Mining and Predicting Development Activities
Ā 
Cross-project defect prediction
Cross-project defect predictionCross-project defect prediction
Cross-project defect prediction
Ā 
Changes and Bugs: Mining and Predicting Development Activities
Changes and Bugs: Mining and Predicting Development ActivitiesChanges and Bugs: Mining and Predicting Development Activities
Changes and Bugs: Mining and Predicting Development Activities
Ā 
Predicting Defects using Network Analysis on Dependency Graphs
Predicting Defects using Network Analysis on Dependency GraphsPredicting Defects using Network Analysis on Dependency Graphs
Predicting Defects using Network Analysis on Dependency Graphs
Ā 
Quality of Bug Reports in Open Source
Quality of Bug Reports in Open SourceQuality of Bug Reports in Open Source
Quality of Bug Reports in Open Source
Ā 
Meet Tom and his Fish
Meet Tom and his FishMeet Tom and his Fish
Meet Tom and his Fish
Ā 
Predicting Subsystem Defects using Dependency Graph Complexities
Predicting Subsystem Defects using Dependency Graph Complexities Predicting Subsystem Defects using Dependency Graph Complexities
Predicting Subsystem Defects using Dependency Graph Complexities
Ā 
Got Myth? Myths in Software Engineering
Got Myth? Myths in Software EngineeringGot Myth? Myths in Software Engineering
Got Myth? Myths in Software Engineering
Ā 

Recently uploaded

GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
Ā 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
KAMESHS29
Ā 
Dev Dives: Train smarter, not harder ā€“ active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder ā€“ active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder ā€“ active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder ā€“ active learning and UiPath LLMs for do...
UiPathCommunity
Ā 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
Ā 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
sonjaschweigert1
Ā 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
Thijs Feryn
Ā 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Sri Ambati
Ā 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
Ā 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
Ā 
The Metaverse and AI: how can decision-makers harness the Metaverse for their...
The Metaverse and AI: how can decision-makers harness the Metaverse for their...The Metaverse and AI: how can decision-makers harness the Metaverse for their...
The Metaverse and AI: how can decision-makers harness the Metaverse for their...
Jen Stirrup
Ā 
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofszkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
Alex Pruden
Ā 
Enhancing Performance with Globus and the Science DMZ
Enhancing Performance with Globus and the Science DMZEnhancing Performance with Globus and the Science DMZ
Enhancing Performance with Globus and the Science DMZ
Globus
Ā 
Quantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIsQuantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIs
Vlad Stirbu
Ā 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
mikeeftimakis1
Ā 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
Ā 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
Ralf Eggert
Ā 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
Ā 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
DianaGray10
Ā 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
Pierluigi Pugliese
Ā 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
BookNet Canada
Ā 

Recently uploaded (20)

GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
Ā 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
Ā 
Dev Dives: Train smarter, not harder ā€“ active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder ā€“ active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder ā€“ active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder ā€“ active learning and UiPath LLMs for do...
Ā 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
Ā 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
Ā 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
Ā 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Ā 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Ā 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
Ā 
The Metaverse and AI: how can decision-makers harness the Metaverse for their...
The Metaverse and AI: how can decision-makers harness the Metaverse for their...The Metaverse and AI: how can decision-makers harness the Metaverse for their...
The Metaverse and AI: how can decision-makers harness the Metaverse for their...
Ā 
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofszkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
Ā 
Enhancing Performance with Globus and the Science DMZ
Enhancing Performance with Globus and the Science DMZEnhancing Performance with Globus and the Science DMZ
Enhancing Performance with Globus and the Science DMZ
Ā 
Quantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIsQuantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIs
Ā 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
Ā 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Ā 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
Ā 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
Ā 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
Ā 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
Ā 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Ā 

Automatic Identification of Bug-Introducing Changes

  • 1. Automatic Identiļ¬cation of Bug-Introducing Changes Sunghun Kim Kai Pan E. James Whitehead, Jr. University of California, Santa Cruz, USA Tom Zimmermann Saarland University, SaarbrĆ¼cken, Germany
  • 4. Motivation Statistics Detection Bugs
  • 5. Motivation Statistics Detection Bugs Prediction
  • 6. Motivation Statistics Detection Bugs Prediction Analysis
  • 7. Motivation Statistics Detection Bugs Observation Prediction Analysis
  • 8. So far: Focus on ļ¬xes teicher 2003-10-29 16:11:01 ļ¬xes issues mentioned in bug 45635: [hovering] rollover hovers - mouse exit detection is safer and should not allow for loopholes any more, except for shell deactiviation - hovers behave like normal ones: - tooltips pop up below the control - they move with subjectArea - once a popup is showing, they will show up instantly
  • 9. So far: Focus on ļ¬xes teicher 2003-10-29 16:11:01 ļ¬xes issues mentioned in bug 45635: [hovering] rollover hovers - mouse exit detection is safer and should not allow for loopholes any more, except for shell deactiviation - hovers behave like normal ones: - tooltips pop up below the control - they move with subjectArea - once a popup is showing, they will show up instantly Fixes give only the location of a defect, not when it was introduced.
  • 11. Bug-introducing changes BUG-INTRODUCING FIX ... ... later ļ¬xed if (foo==null) { if (foo!=null) { foo.bar(); foo.bar(); ... ...
  • 12. Bug-introducing changes BUG-INTRODUCING FIX ... ... later ļ¬xed if (foo==null) { if (foo!=null) { foo.bar(); foo.bar(); ... ... Bug-introducing changes are changes that lead to problems as indicated by later ļ¬xes.
  • 13. Life-cycle of a ā€œbugā€
  • 14. Life-cycle of a ā€œbugā€ BUG-INTRODUCING CHANGE
  • 15. Life-cycle of a ā€œbugā€ BUG REPORT ļ¬xes issues mentioned in bug 45635: [hovering] rollover hovers - mouse exit detection is safer and should not allow for loopholes any more, except for shell deactiviation - hovers behave like normal ones: - tooltips pop up below the control - they move with subjectArea - once a popup is showing, they will show up instantly BUG-INTRODUCING CHANGE
  • 16. Life-cycle of a ā€œbugā€ BUG REPORT ļ¬xes issues mentioned in bug 45635: [hovering] rollover hovers - mouse exit detection is safer and should not allow for loopholes any more, except for shell deactiviation - hovers behave like normal ones: - tooltips pop up below the control - they move with subjectArea - once a popup is showing, they will show up instantly BUG-INTRODUCING FIX CHANGE CHANGE
  • 17. The SZZ algorithm 1.18 FIXED BUG 42233
  • 18. The SZZ algorithm $ cvs annotate -r 1.17 Foo.java ... 20: 1.11 (john 12-Feb-03): return i/0; ... 40: 1.14 (kate 23-May-03): return 42; ... 60: 1.16 (mary 10-Jun-03): int i=0; 1.18 FIXED BUG 42233
  • 19. The SZZ algorithm $ cvs annotate -r 1.17 Foo.java ... 20: 1.11 (john 12-Feb-03): return i/0; ... 40: 1.14 (kate 23-May-03): return 42; ... 60: 1.16 (mary 10-Jun-03): int i=0; 1.18 FIXED BUG 42233
  • 20. The SZZ algorithm $ cvs annotate -r 1.17 Foo.java ... 20: 1.11 (john 12-Feb-03): return i/0; ... 40: 1.14 (kate 23-May-03): return 42; ... 60: 1.16 (mary 10-Jun-03): int i=0; 1.11 1.14 1.16 1.18 FIXED BUG 42233
  • 21. The SZZ algorithm $ cvs annotate -r 1.17 Foo.java ... 20: 1.11 (john 12-Feb-03): return i/0; ... 40: 1.14 (kate 23-May-03): return 42; ... 60: 1.16 (mary 10-Jun-03): int i=0; 1.11 1.14 1.16 1.18 BUG FIXED BUG INTRO 42233
  • 22. The SZZ algorithm $ cvs annotate -r 1.17 Foo.java ... 20: 1.11 (john 12-Feb-03): return i/0; ... 40: 1.14 (kate 23-May-03): return 42; ... 60: 1.16 (mary 10-Jun-03): int i=0; 1.11 1.14 1.16 1.18 BUG BUG FIXED BUG INTRO INTRO 42233
  • 23. The SZZ algorithm $ cvs annotate -r 1.17 Foo.java ... 20: 1.11 (john 12-Feb-03): return i/0; ... 40: 1.14 (kate 23-May-03): return 42; ... 60: 1.16 (mary 10-Jun-03): int i=0; 1.11 1.14 1.16 1.18 BUG BUG BUG FIXED BUG INTRO INTRO INTRO 42233
  • 24. The SZZ algorithm 1.11 1.14 1.16 1.18 BUG BUG BUG FIXED BUG INTRO INTRO INTRO 42233
  • 25. The SZZ algorithm submitted closed BUG REPORT ļ¬xes issues mentioned in bug 45635: [hovering] rollover hovers - mouse exit detection is safer and should not allow for loopholes any more, except for shell deactiviation - hovers behave like normal ones: - tooltips pop up below the control - they move with subjectArea - once a popup is showing, they will show up instantly 1.11 1.14 1.16 1.18 BUG BUG BUG FIXED BUG INTRO INTRO INTRO 42233
  • 26. The SZZ algorithm submitted closed BUG REPORT ļ¬xes issues mentioned in bug 45635: [hovering] rollover hovers - mouse exit detection is safer and should not allow for loopholes any more, except for shell deactiviation - hovers behave like normal ones: - tooltips pop up below the control - they move with subjectArea - once a popup is showing, they will show up instantly 1.11 1.14 1.16 1.18 BUGREMOVE BUG BUG FIXED BUG INTRO INTRO POSITIVES INTRO 42233 FALSE
  • 27. Drawbacks of SZZ Annotation by SCMs is insufļ¬cient. (line number in bug-introducing revision is missing)
  • 28. Drawbacks of SZZ Annotation by SCMs is insufļ¬cient. (line number in bug-introducing revision is missing) Not all modiļ¬cations are ļ¬xes. (blank lines, comments, etc.)
  • 29. False negatives and positives Correct False negatives False positives BUG-INTRODUCING BUGS
  • 30. An example BUG-INTRODUCING void bar() { if (val==null) { println(val); } ... Revision 7: tom - introduces the defects
  • 31. An example BUG-INTRODUCING BUG FIX void bar() { void foo() { void foo() { if (val==null) { // print val // print value println(val); if (val==null) if (val!=null) } { { ... println(val); println(val); } } ... ... Revision 7: tom Revision 23: jim Revision 42: kim - introduces the defects - inserts a comment - changes comment - reformats if statement - corrects defect
  • 32. An example BUG-INTRODUCING BUG FIX void bar() { void foo() { void foo() { if (val==null) { // print val // print valueval println(val); if (val==null) if (val!=null) } { { ... println(val); println(val); } } ... ... Revision 7: tom Revision 23: jim Revision 42: kim - introduces the defects - inserts a comment - changes comment - reformats if statement - corrects defect
  • 33. An example BUG-INTRODUCING BUG FIX void bar() { void foo() { void foo() { if (val==null) { // print val // print valueval println(val); if (val==null) if (val!=null) } { { ... println(val); println(val); } } ... ... Revision 7: tom Revision 23: jim Revision 42: kim - introduces the defects - inserts a comment - changes comment - reformats if statement - corrects defect
  • 34. An example BUG-INTRODUCING BUG FIX void bar() { void foo() { void foo() { if (val==null) { // print val // print valueval println(val); if (val==null) if (val!=null) } { { ... println(val); println(val); } } ... ... Revision 7: tom Revision 23: jim Revision 42: kim - introduces the defects - inserts a comment - changes comment - reformats if statement - corrects defect The originial SZZ algorithm has too many false positives (rev 23) and false negatives (rev 7).
  • 35. Our study COLUMBA ECLIPSE (jdt.core) Project Software type Email client IDE Investigated period 11/2002-06/2003 06/2001-03/2002 Number of revisions 500 1000 Number of ļ¬xes 143 (29%) 158 (16%) Average LOC 48,135 111,059
  • 37. Annotation graphs ļ¬xed revisions
  • 38. Annotation graphs foo() ļ¬xed revisions
  • 39. Annotation graphs bar() renamed to foo() foo() ļ¬xed revisions
  • 40. Annotation graphs bar() bar() renamed to foo() foo() ļ¬xed revisions
  • 41. Annotation graphs bar() bar() renamed to foo() foo() ļ¬xed revisions SZZ reports a bug-introducing change for foo (false positive) but not for bar (false negative).
  • 42. Annotation graphs bar() bar() renamed to foo() foo() ļ¬xed revisions Using annotation graphs we can remove 2% as false positives and identiļ¬es further 1%~4%.
  • 43. Comments & blank lines public void notifySourceElementRequestor() { - + if (reportReferenceInfo) { + notifyAllUnknownReferences(); +} // collect the top level ast nodes int length = 0;
  • 44. Comments & blank lines public void notifySourceElementRequestor() { - + if (reportReferenceInfo) { + notifyAllUnknownReferences(); +} // collect the top level ast nodes int length = 0; Ignoring comments and blank lines removes 14%~20% as false positives.
  • 46. Format changes BUG-INTRODUCING BUG FIX if ( a==true ) return; if (a==true) if (a==false) return; return;
  • 47. Format changes BUG-INTRODUCING BUG FIX if ( a==true ) return; if (a==true) if (a==false) return; return; FALSE POSITIVE
  • 48. Format changes BUG-INTRODUCING BUG FIX if ( a==true ) return; if (a==true) if (a==false) return; return; FALSE FALSE NEGATIVE POSITIVE
  • 49. Format changes BUG-INTRODUCING BUG FIX if ( a==true ) return; if (a==true) if (a==false) return; return; FALSE FALSE NEGATIVE POSITIVE Ignoring format changes removes 18%~25% as false positives and identiļ¬es further 13%~14%.
  • 50. Fixes that affect many ļ¬les Most large ļ¬xes are refactoring - public boolean visit(TypeDeclaration - typeDeclaration, BlockScope scope){ + public boolean visit(LocalTypeDeclaration + typeDeclaration, BlockScope scope){
  • 51. Fixes that affect many ļ¬les Most large ļ¬xes are refactoring - public boolean visit(TypeDeclaration - typeDeclaration, BlockScope scope){ + public boolean visit(LocalTypeDeclaration + typeDeclaration, BlockScope scope){ Ignoring ļ¬xes that affect many ļ¬les (=more than ļ¬ve times the median) removes 7%~16% as false positives
  • 52.
  • 53. Manual inspection of ļ¬xes Two judges check whether a ļ¬x is actually a ļ¬x. deleteResources(actualNonJavaResources,fForce); - IResource[] remaingFiles; + IResource[] remainingFiles;Ā  try { - remaingFiles=((IFolder)res).members(); + remainingFiles=((IFolder)res).members(); }
  • 54. Manual inspection of ļ¬xes Two judges check whether a ļ¬x is actually a ļ¬x. deleteResources(actualNonJavaResources,fForce); - IResource[] remaingFiles; + IResource[] remainingFiles;Ā  try { - remaingFiles=((IFolder)res).members(); + remainingFiles=((IFolder)res).members(); } Manual inspection of ļ¬xes removes only 4%~5% as false positives.
  • 55. Putting it together ASE SZZ BUGS
  • 56. Putting it together False negatives of SZZ: 14% ASE SZZ BUGS
  • 57. Putting it together False negatives of SZZ: 14% False positives of SZZ: 38%~51% ASE SZZ BUGS
  • 58. Putting it together False negatives of SZZ: 14% False positives of SZZ: 38%~51% ASE SZZ Automatically we can remove 36%~48% as BUGS false positive.
  • 59. Donā€™t program on Fridays ;-) Monday 11.3% Tuesday 10.4% Wednesday 11.1% Thursday 12.1% Friday 12.2% Saturday 11.7% Sunday 11.6% 0% 2.5% 5.0% 7.5% 10.0% 12.5% 15.0% Percentage of bug-introducing changes
  • 60. Donā€™t program on Fridays ;-) Monday 11.3% Tuesday 10.4% Wednesday 11.1% Thursday 12.1% Friday 12.2% Saturday 11.7% Sunday 11.6% 0% 2.5% 5.0% 7.5% 10.0% 12.5% 15.0% Percentage of bug-introducing changes
  • 61. Defect-prone authors Authors (anonymized) Fry Leela Bender Amy 0% 10% 20% 30% 40% 50% 60% 70% 80% Frequency Bug-Introducing changes Fix changes
  • 62. Risk awareness ā€œSafeā€ Location (green) Risky Location (dark red)
  • 65. Change classiļ¬cation BUILD A CLASSIFIER bug-introducing (ā€œbadā€) X X X X
  • 66. Change classiļ¬cation BUILD A CLASSIFIER bug-introducing (ā€œbadā€) X X X X new change
  • 67. Change classiļ¬cation BUILD A CLASSIFIER bug-introducing (ā€œbadā€) X X X X new change PREDICT QUALITY
  • 69. Conclusions ā€¢ Bug-introducing changes tell when a defect was introduced, not only its location.
  • 70. Conclusions ā€¢ Bug-introducing changes tell when a defect was introduced, not only its location. ā€¢ We can automatically identify ā€“ 36%~48% of SZZ as false positives and ā€“ further 14% of missed bug-introductions.
  • 71. Conclusions ā€¢ Bug-introducing changes tell when a defect was introduced, not only its location. ā€¢ We can automatically identify ā€“ 36%~48% of SZZ as false positives and ā€“ further 14% of missed bug-introductions. ā€¢ Bug-introducing changes are useful for defect prediction and software evolution.
  • 72. More minin g @A Frida SE: y mo Conclusions rning . ā€¢ Bug-introducing changes tell when a defect was introduced, not only its location. ā€¢ We can automatically identify ā€“ 36%~48% of SZZ as false positives and ā€“ further 14% of missed bug-introductions. ā€¢ Bug-introducing changes are useful for defect prediction and software evolution.