Skip to main content
SpringerLink
Log in

Towards characterizing bug fixes through dependency-level changes in Apache Java open source projects

  • Research Paper
  • Published:
Science China Information Sciences Aims and scope Submit manuscript

Abstract

The complexity and diversity of bug fixes require developers to understand bug fixes from multiple perspectives in addition to fine-grained code changes. The dependencies among files in a software system are an important dimension to inform software quality. Recent studies have revealed that most bug-prone files are always architecturally connected with dependencies, and as one of the best practices in the industry, changes in dependencies should be avoided or carefully made during bug fixing. Hence, in this paper, we take the first attempt to understand bug fixes from the dependencies perspective, which can complement existing code change perspectives. Based on this new perspective, we conducted a systematic and comprehensive study on bug fixes collected from 157 Apache open source projects, involving 140456 bug reports and 182621 bug fixes in total. Our study results show that a relatively high proportion of bug fixes (30%) introduce dependency-level changes when fixing the corresponding 33% bugs. The bugs, whose fixes introduce dependency-level changes, have a strong correlation with high priority, large fixing churn, long fixing time, frequent bug reopening, and bug inducing. More importantly, patched files with dependency-level changes in their fixes, consume much more maintenance costs compared with those without these changes. We further summarized three representative patch patterns to explain the reasons for the increasing costs. Our study unveils useful findings based on qualitative and quantitative analysis and also provides new insights that might benefit existing bug prediction techniques. We release a large set of benchmarks and also implement a prototype tool to automatically detect dependency-level changes from bug fixes, which can warn developers and remind them to design a better fix.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Bachmann A, Bird C, Rahman F, et al. The missing links: bugs and bug-fix commits. In: Proceedings of the 18th ACM SIGSOFT International Symposium on Foundations of Software Engineering, 2010. 97–106

  2. Martinez M, Monperrus M. Mining software repair models for reasoning on the search space of automated program fixing. Empir Softw Eng, 2015, 20: 176–205

    Article  Google Scholar 

  3. Wang Y, Meng N, Zhong H. An empirical study of multi-entity changes in real bug fixes. In: Proceedings of IEEE International Conference on Software Maintenance and Evolution (ICSME), 2018. 287–298

  4. Zhong H, Su Z D. An empirical study on real bug fixes. In: Proceedings of the 37th International Conference on Software Engineering, 2015. 913–923

  5. Falleri J R, Morandat F, Blanc X, et al. Fine-grained and accurate source code differencing. In: Proceedings of the 29th ACM/IEEE International Conference on Automated Software Engineering, 2014. 313–324

  6. Huang K F, Chen B H, Peng X, et al. Cldiff: generating concise linked code differences. In: Proceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering, 2018. 679–690

  7. Hassan A E. Predicting faults using the complexity of code changes. In: Proceedings of the 31st International Conference on Software Engineering, 2009. 78–88

  8. Cui D, Liu T, Cai Y F, et al. Investigating the impact of multiple dependency structures on software defects. In: Proceedings of the 41st International Conference on Software Engineering, 2019. 584–595

  9. Xiao L, Cai Y F, Kazman R. Design rule spaces: a new form of architecture insight. In: Proceedings of the 36th International Conference on Software Engineering, 2014. 967–977

  10. Williams B J, Carver J C. Characterizing software architecture changes: a systematic review. Inf Softw Tech, 2010, 52: 31–51

    Article  Google Scholar 

  11. Bass L, Clements P, Kazman R. Software Architecture in Practice. Boston: Addison-Wesley Professional, 2003

    Google Scholar 

  12. Mo R, Cai Y F, Kazman R, Xiao L. Hotspot patterns: the formal definition and automatic detection of architecture smells. In: Proceedings of the 12th Working IEEE/IFIP Conference on Software Architecture, 2015. 51–60

  13. Park J, Kim M, Ray B, et al. An empirical study of supplementary bug fixes. In: Proceedings of the 9th IEEE Working Conference on Mining Software Repositories, 2012. 40–49

  14. Fan L L, Su T, Chen S, et al. Large-scale analysis of framework-specific exceptions in Android apps. In: Proceedings of the 40th International Conference on Software Engineering, 2018. 408–419

  15. Wu R X, Zhang H Y, Kim S, et al. Relink: recovering links between bugs and changes. In: Proceedings of the 19th ACM SIGSOFT Symposium and the 13th European Conference on Foundations of Software Engineering, 2011. 15–25

  16. Kinable J, Kostakis O. Malware classification based on call graph clustering. J Comput Virol, 2011, 7: 233–245

    Article  Google Scholar 

  17. da Costa D A, McIntosh S, Shang W, et al. A framework for evaluating the results of the SZZ approach for identifying bug-introducing changes. IEEE Trans Softw Eng, 2017, 43: 641–657

    Article  Google Scholar 

  18. Kim S, Zimmermann T, Jr E J W, et al. Predicting faults from cached history. In: Proceedings of the 29th International Conference on Software Engineering, 2007. 489–498

  19. Chen T H, Nagappan M, Shihab E, et al. An empirical study of dormant bugs. In: Proceedings of the 11th Working Conference on Mining Software Repositories, 2014. 82–91

  20. Zaman S, Adams B, Hassan A E. Security versus performance bugs: a case study on firefox. In: Proceedings of the 8th Working Conference on Mining Software Repositories, 2011. 93–102

  21. Garcia J, Ivkovic I, Medvidovic N. A comparative analysis of software architecture recovery techniques. In: Proceedings of the 28th IEEE/ACM International Conference on Automated Software Engineering, 2013. 486–496

  22. Garcia J, Krka I, Mattmann C, et al. Obtaining ground-truth software architectures. In: Proceedings of International Conference on Software Engineering, 2013. 901–910

  23. Lutellier T, Chollak D, Garcia J, et al. Comparing software architecture recovery techniques using accurate dependencies. In: Proceedings of the 37th IEEE International Conference on Software Engineering, 2015. 69–78

  24. Paixao M, Krinke J, Han D, et al. Are developers aware of the architectural impact of their changes? In: Proceedings of the 32nd IEEE/ACM International Conference on Automated Software Engineering, 2017. 95–105

  25. Wen M, Wu R X, Liu Y P, et al. Exploring and exploiting the correlations between bug-inducing and bug-fixing commits. In: Proceedings of the 27th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, 2019. 326–337

  26. Mi Q, Keung J. An empirical analysis of reopened bugs based on open source projects. In: Proceedings of the 20th International Conference on Evaluation and Assessment in Software Engineering, 2016

  27. Yin Z N, Yuan D, Zhou Y Y, et al. How do fixes become bugs? In: Proceedings of the 19th ACM SIGSOFT Symposium and the 13th European Conference on Foundations of Software Engineering, 2011. 26–36

  28. Zimmermann T, Nagappan N, Guo P J, et al. Characterizing and predicting which bugs get reopened. In: Proceedings of the 34th International Conference on Software Engineering (ICSE), 2012. 1074–1083

  29. Shihab E, Hassan A E, Adams B, et al. An industrial study on the risk of software changes. In: Proceedings of the 20th International Symposium on the Foundations of Software Engineering, 1991. 1–11

  30. Eyolfson J, Tan L, Lam P. Do time of day and developer experience affect commit bugginess? In: Proceedings of the 8th Working Conference on Mining Software Repositories, 2011. 153–162

  31. Kim S, Whitehead, E J, Zhang Y. Classifying software changes: clean or buggy? IEEE Trans Softw Eng, 2008, 34: 181–196

    Article  Google Scholar 

  32. Le D M, Behnamghader P, Garcia J, et al. An empirical study of architectural change in open-source software systems. In: Proceedings of the 12th Working Conference on Mining Software Repositories, 2015. 235–245

  33. Le D M, Link D, Shahbazian A, et al. An empirical study of architectural decay in open-source software. In: Proceedings of IEEE International Conference on Software Architecture (ICSA), 2018

  34. Lanza M, Marinescu R. Object-oriented Metrics in Practice: Using Software Metrics to Characterize, Evaluate, and Improve the Design of Object-Oriented Systems. Berlin: Springer, 2007

    MATH  Google Scholar 

  35. Hoang T, Dam H K, Kamei Y, et al. DeepJIT: an end-to-end deep learning framework for just-in-time defect prediction. In: Proceedings of the 16th International Conference on Mining Software Repositories (MSR), 2019. 34–45

  36. Kamei Y, Fukushima T, McIntosh S, et al. Studying just-in-time defect prediction using cross-project models. Empir Softw Eng, 2016, 21: 2072–2106

    Article  Google Scholar 

  37. Kondo M, German D M, Mizuno O, et al. The impact of context metrics on just-in-time defect prediction. Empir Softw Eng, 2020, 25: 890–939

    Article  Google Scholar 

  38. McIntosh S, Kamei Y. Are fix-inducing changes a moving target? A longitudinal case study of just-in-time defect prediction. IEEE Trans Softw Eng, 2018, 44: 412–428

    Article  Google Scholar 

  39. Pascarella L, Palomba F, Bacchelli A. Fine-grained just-in-time defect prediction. J Syst Softw, 2019, 150: 22–36

    Article  Google Scholar 

  40. Herzig K. The impact of tangled code changes. In: Proceedings of Working Conference on Mining Software Repositories, 2013

  41. Herzig K, Just S, Zeller A. It’s not a bug, it’s a feature: how misclassification impacts bug prediction. In: Proceedings of Working Conference on Mining Software Repositories, 2013

  42. Fan L L, Su T, Chen S, et al. Efficiently manifesting asynchronous programming errors in Android apps. In: Proceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering, 2018. 486–497

  43. Lou Y L, Chen Z P, Cao Y B, et al. Understanding build issue resolution in practice: symptoms and fix patterns. In: Proceedings of the 28th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, 2020. 617–628

  44. Chen Z P, Yao H H, Lou Y L, et al. An empirical study on deployment faults of deep learning based mobile applications. In: Proceedings of the 43rd International Conference on Software Engineering (ICSE), 2021

  45. Selby R W, Basili V R. Analyzing error-prone system structure. IEEE Trans Softw Eng, 1991, 17: 141–152

    Article  Google Scholar 

  46. Zimmermann T, Nagappan N. Predicting defects using network analysis on dependency graphs. In: Proceedings of the 30th International Conference on Software Engineering, 2008. 531–540

Download references

Acknowledgements

This work was supported by National Key R&D Program of China (Grant No. 2020AAA0108800), National Natural Science Foundation of China (Grant Nos. 61632015, 61772408, U1766215, 61721002, 61532015, 61833015, 61902306, 62072351), China Postdoctoral Science Foundation (Grant Nos. 2019TQ0251, 2020M673439), Youth Talent Support Plan of Xi’an Association for Science and Technology (Grant No. 095920201303), Ministry of Education Innovation Research Team (Grant No. IRT 17R86), and Project of China Knowledge Center for Engineering Science and Technology.

Author information

Authors and Affiliations

  1. School of Computer Science and Technology, Xi’an Jiaotong University, Xi’an, 710049, China

    Di Cui & Qinghua Zheng

  2. School of Cyber Science and Engineering, Xi’an Jiaotong University, Xi’an, 710049, China

    Ting Liu

  3. College of Cyber Science, Nankai University, Tianjin, 300350, China

    Lingling Fan

  4. College of Intelligence and Computing, Tianjin University, Tianjin, 300350, China

    Sen Chen

  5. Department of Computer Science, Drexel University, Philadelphia, 19104, USA

    Yuanfang Cai

  6. School of Computer Science and Engineering, Nanyang Technological University, Singapore, 639798, Singapore

    Yang Liu

Authors
  1. Di Cui
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Lingling Fan
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sen Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Yuanfang Cai
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Qinghua Zheng
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Yang Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Ting Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ting Liu.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Cui, D., Fan, L., Chen, S. et al. Towards characterizing bug fixes through dependency-level changes in Apache Java open source projects. Sci. China Inf. Sci. 65, 172101 (2022). https://doi.org/10.1007/s11432-020-3317-2

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s11432-020-3317-2

Keywords

Search

Navigation