Abstract
The complexity and diversity of bug fixes require developers to understand bug fixes from multiple perspectives in addition to fine-grained code changes. The dependencies among files in a software system are an important dimension to inform software quality. Recent studies have revealed that most bug-prone files are always architecturally connected with dependencies, and as one of the best practices in the industry, changes in dependencies should be avoided or carefully made during bug fixing. Hence, in this paper, we take the first attempt to understand bug fixes from the dependencies perspective, which can complement existing code change perspectives. Based on this new perspective, we conducted a systematic and comprehensive study on bug fixes collected from 157 Apache open source projects, involving 140456 bug reports and 182621 bug fixes in total. Our study results show that a relatively high proportion of bug fixes (30%) introduce dependency-level changes when fixing the corresponding 33% bugs. The bugs, whose fixes introduce dependency-level changes, have a strong correlation with high priority, large fixing churn, long fixing time, frequent bug reopening, and bug inducing. More importantly, patched files with dependency-level changes in their fixes, consume much more maintenance costs compared with those without these changes. We further summarized three representative patch patterns to explain the reasons for the increasing costs. Our study unveils useful findings based on qualitative and quantitative analysis and also provides new insights that might benefit existing bug prediction techniques. We release a large set of benchmarks and also implement a prototype tool to automatically detect dependency-level changes from bug fixes, which can warn developers and remind them to design a better fix.
Similar content being viewed by others
References
Bachmann A, Bird C, Rahman F, et al. The missing links: bugs and bug-fix commits. In: Proceedings of the 18th ACM SIGSOFT International Symposium on Foundations of Software Engineering, 2010. 97–106
Martinez M, Monperrus M. Mining software repair models for reasoning on the search space of automated program fixing. Empir Softw Eng, 2015, 20: 176–205
Wang Y, Meng N, Zhong H. An empirical study of multi-entity changes in real bug fixes. In: Proceedings of IEEE International Conference on Software Maintenance and Evolution (ICSME), 2018. 287–298
Zhong H, Su Z D. An empirical study on real bug fixes. In: Proceedings of the 37th International Conference on Software Engineering, 2015. 913–923
Falleri J R, Morandat F, Blanc X, et al. Fine-grained and accurate source code differencing. In: Proceedings of the 29th ACM/IEEE International Conference on Automated Software Engineering, 2014. 313–324
Huang K F, Chen B H, Peng X, et al. Cldiff: generating concise linked code differences. In: Proceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering, 2018. 679–690
Hassan A E. Predicting faults using the complexity of code changes. In: Proceedings of the 31st International Conference on Software Engineering, 2009. 78–88
Cui D, Liu T, Cai Y F, et al. Investigating the impact of multiple dependency structures on software defects. In: Proceedings of the 41st International Conference on Software Engineering, 2019. 584–595
Xiao L, Cai Y F, Kazman R. Design rule spaces: a new form of architecture insight. In: Proceedings of the 36th International Conference on Software Engineering, 2014. 967–977
Williams B J, Carver J C. Characterizing software architecture changes: a systematic review. Inf Softw Tech, 2010, 52: 31–51
Bass L, Clements P, Kazman R. Software Architecture in Practice. Boston: Addison-Wesley Professional, 2003
Mo R, Cai Y F, Kazman R, Xiao L. Hotspot patterns: the formal definition and automatic detection of architecture smells. In: Proceedings of the 12th Working IEEE/IFIP Conference on Software Architecture, 2015. 51–60
Park J, Kim M, Ray B, et al. An empirical study of supplementary bug fixes. In: Proceedings of the 9th IEEE Working Conference on Mining Software Repositories, 2012. 40–49
Fan L L, Su T, Chen S, et al. Large-scale analysis of framework-specific exceptions in Android apps. In: Proceedings of the 40th International Conference on Software Engineering, 2018. 408–419
Wu R X, Zhang H Y, Kim S, et al. Relink: recovering links between bugs and changes. In: Proceedings of the 19th ACM SIGSOFT Symposium and the 13th European Conference on Foundations of Software Engineering, 2011. 15–25
Kinable J, Kostakis O. Malware classification based on call graph clustering. J Comput Virol, 2011, 7: 233–245
da Costa D A, McIntosh S, Shang W, et al. A framework for evaluating the results of the SZZ approach for identifying bug-introducing changes. IEEE Trans Softw Eng, 2017, 43: 641–657
Kim S, Zimmermann T, Jr E J W, et al. Predicting faults from cached history. In: Proceedings of the 29th International Conference on Software Engineering, 2007. 489–498
Chen T H, Nagappan M, Shihab E, et al. An empirical study of dormant bugs. In: Proceedings of the 11th Working Conference on Mining Software Repositories, 2014. 82–91
Zaman S, Adams B, Hassan A E. Security versus performance bugs: a case study on firefox. In: Proceedings of the 8th Working Conference on Mining Software Repositories, 2011. 93–102
Garcia J, Ivkovic I, Medvidovic N. A comparative analysis of software architecture recovery techniques. In: Proceedings of the 28th IEEE/ACM International Conference on Automated Software Engineering, 2013. 486–496
Garcia J, Krka I, Mattmann C, et al. Obtaining ground-truth software architectures. In: Proceedings of International Conference on Software Engineering, 2013. 901–910
Lutellier T, Chollak D, Garcia J, et al. Comparing software architecture recovery techniques using accurate dependencies. In: Proceedings of the 37th IEEE International Conference on Software Engineering, 2015. 69–78
Paixao M, Krinke J, Han D, et al. Are developers aware of the architectural impact of their changes? In: Proceedings of the 32nd IEEE/ACM International Conference on Automated Software Engineering, 2017. 95–105
Wen M, Wu R X, Liu Y P, et al. Exploring and exploiting the correlations between bug-inducing and bug-fixing commits. In: Proceedings of the 27th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, 2019. 326–337
Mi Q, Keung J. An empirical analysis of reopened bugs based on open source projects. In: Proceedings of the 20th International Conference on Evaluation and Assessment in Software Engineering, 2016
Yin Z N, Yuan D, Zhou Y Y, et al. How do fixes become bugs? In: Proceedings of the 19th ACM SIGSOFT Symposium and the 13th European Conference on Foundations of Software Engineering, 2011. 26–36
Zimmermann T, Nagappan N, Guo P J, et al. Characterizing and predicting which bugs get reopened. In: Proceedings of the 34th International Conference on Software Engineering (ICSE), 2012. 1074–1083
Shihab E, Hassan A E, Adams B, et al. An industrial study on the risk of software changes. In: Proceedings of the 20th International Symposium on the Foundations of Software Engineering, 1991. 1–11
Eyolfson J, Tan L, Lam P. Do time of day and developer experience affect commit bugginess? In: Proceedings of the 8th Working Conference on Mining Software Repositories, 2011. 153–162
Kim S, Whitehead, E J, Zhang Y. Classifying software changes: clean or buggy? IEEE Trans Softw Eng, 2008, 34: 181–196
Le D M, Behnamghader P, Garcia J, et al. An empirical study of architectural change in open-source software systems. In: Proceedings of the 12th Working Conference on Mining Software Repositories, 2015. 235–245
Le D M, Link D, Shahbazian A, et al. An empirical study of architectural decay in open-source software. In: Proceedings of IEEE International Conference on Software Architecture (ICSA), 2018
Lanza M, Marinescu R. Object-oriented Metrics in Practice: Using Software Metrics to Characterize, Evaluate, and Improve the Design of Object-Oriented Systems. Berlin: Springer, 2007
Hoang T, Dam H K, Kamei Y, et al. DeepJIT: an end-to-end deep learning framework for just-in-time defect prediction. In: Proceedings of the 16th International Conference on Mining Software Repositories (MSR), 2019. 34–45
Kamei Y, Fukushima T, McIntosh S, et al. Studying just-in-time defect prediction using cross-project models. Empir Softw Eng, 2016, 21: 2072–2106
Kondo M, German D M, Mizuno O, et al. The impact of context metrics on just-in-time defect prediction. Empir Softw Eng, 2020, 25: 890–939
McIntosh S, Kamei Y. Are fix-inducing changes a moving target? A longitudinal case study of just-in-time defect prediction. IEEE Trans Softw Eng, 2018, 44: 412–428
Pascarella L, Palomba F, Bacchelli A. Fine-grained just-in-time defect prediction. J Syst Softw, 2019, 150: 22–36
Herzig K. The impact of tangled code changes. In: Proceedings of Working Conference on Mining Software Repositories, 2013
Herzig K, Just S, Zeller A. It’s not a bug, it’s a feature: how misclassification impacts bug prediction. In: Proceedings of Working Conference on Mining Software Repositories, 2013
Fan L L, Su T, Chen S, et al. Efficiently manifesting asynchronous programming errors in Android apps. In: Proceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering, 2018. 486–497
Lou Y L, Chen Z P, Cao Y B, et al. Understanding build issue resolution in practice: symptoms and fix patterns. In: Proceedings of the 28th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, 2020. 617–628
Chen Z P, Yao H H, Lou Y L, et al. An empirical study on deployment faults of deep learning based mobile applications. In: Proceedings of the 43rd International Conference on Software Engineering (ICSE), 2021
Selby R W, Basili V R. Analyzing error-prone system structure. IEEE Trans Softw Eng, 1991, 17: 141–152
Zimmermann T, Nagappan N. Predicting defects using network analysis on dependency graphs. In: Proceedings of the 30th International Conference on Software Engineering, 2008. 531–540
Acknowledgements
This work was supported by National Key R&D Program of China (Grant No. 2020AAA0108800), National Natural Science Foundation of China (Grant Nos. 61632015, 61772408, U1766215, 61721002, 61532015, 61833015, 61902306, 62072351), China Postdoctoral Science Foundation (Grant Nos. 2019TQ0251, 2020M673439), Youth Talent Support Plan of Xi’an Association for Science and Technology (Grant No. 095920201303), Ministry of Education Innovation Research Team (Grant No. IRT 17R86), and Project of China Knowledge Center for Engineering Science and Technology.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Cui, D., Fan, L., Chen, S. et al. Towards characterizing bug fixes through dependency-level changes in Apache Java open source projects. Sci. China Inf. Sci. 65, 172101 (2022). https://doi.org/10.1007/s11432-020-3317-2
Received:
Revised:
Accepted:
Published:
DOI: https://doi.org/10.1007/s11432-020-3317-2