SlideShare a Scribd company logo

Do Bugs Reside in Complex Code?

CISPA Helmholtz Center for Information Security
CISPA Helmholtz Center for Information Security

The document discusses various myths and misconceptions in software engineering. It summarizes research that analyzed large codebases to determine factors correlated with defects. Metrics like lines of code and complexity metrics correlated with defects, but the relationship depended on the project. Defect-prone modules could be predicted by combining metrics. Other factors like developer experience, prior defects, language features, and dependencies also influenced bugs. While some properties were project-specific, others like the role of requirements, design, coding and testing were universal defect sources.

Technology
1 of 79
Myths in Software Engineering “Bugs Reside in Complex Code” Andreas Zeller Saarland University
Obtaining Data
Models Specs Code Traces Profiles Tests e-mail Bugs Effort Navigation Changes Chats
Models Specs Code Traces Profiles Tests e-mail Bugs Effort Navigation Changes Chats
Bugs Changes
Bugs Changes
Bugs Changes
Bugs Changes
Bugs Changes
Bugs Changes
Map bugs to code locations Bugs Changes
Eclipse Bugs
What is the cause Eclipse Bugs of these errors?
Code complexity Past defects
Code complexity Past defects #Lines #Vars #Classes Metrics #Params #Reads #Writes #Arcs #Blocks McCabe Fan In Fan Out …
Projects researched • Internet Explorer 6 • IIS Server • Windows Process Messaging • DirectX • NetMeeting >1,000,000 Lines of Code
Projects researched >1,000,000 Lines of Code
Projects researched ABCDE >1,000,000 Lines of Code
Do metrics correlate with defect density?
Do metrics correlate with defect density? Project Metrics correlated w/ defects A #Classes and 5 derived B almost all C all except MaxInheritanceDepth D only #Lines E #Functions, #Arcs, Complexity
Do metrics correlate with defect density? Project Metrics correlated w/ defects A #Classes and 5 derived B almost all C all except MaxInheritanceDepth D only #Lines E #Functions, #Arcs, Complexity
Do metrics correlate with defect density? Project Metrics correlated w/ defects A #Classes and 5 derived B almost all C all except MaxInheritanceDepth D only #Lines E #Functions, #Arcs, Complexity
Do metrics correlate with defect density? Project Metrics correlated w/ defects A #Classes and 5 derived B almost all C all except MaxInheritanceDepth D only #Lines E #Functions, #Arcs, Complexity
Do metrics correlate with defect density? Project Metrics correlated w/ defects A #Classes and 5 derived B almost all C all except MaxInheritanceDepth D only #Lines E #Functions, #Arcs, Complexity
Do metrics correlate with defect density? Project Metrics correlated w/ defects A #Classes and 5 derived B almost all C all except MaxInheritanceDepth D only #Lines E #Functions, #Arcs, Complexity
Do metrics correlate with defect density? YES Project Metrics correlated w/ defects A #Classes and 5 derived B almost all C all except MaxInheritanceDepth D only #Lines E #Functions, #Arcs, Complexity
Is there a set of metrics that fits all projects? Project Metrics correlated w/ defects A #Classes and 5 derived B almost all C all except MaxInheritanceDepth D only #Lines E #Functions, #Arcs, Complexity
Is there a set of metrics that fits all projects? NO Project Metrics correlated w/ defects A #Classes and 5 derived B almost all C all except MaxInheritanceDepth D only #Lines E #Functions, #Arcs, Complexity
Can we predict defect-prone modules?
Can we predict defect-prone modules? • Basic idea: Combine metrics
Can we predict defect-prone modules? • Basic idea: Combine metrics • Give most weight to most predictive metrics
Can we predict defect-prone modules? • Basic idea: Combine metrics • Give most weight to most predictive metrics • Successful prediction in all five projects –
Can we predict defect-prone modules? • Basic idea: Combine metrics • Give most weight to most predictive metrics • Successful prediction in all five projects – • – but requires history to calibrate
Assistance
Eclipse Bugs
What is the cause Eclipse Bugs of these errors?
Is it the developers?
Is it the developers? Does experience matter?
Is it the developers? Bug density Does experience correlates with matter? experience!
Is it history?
Is it history? I found lots of bugs here. Will there be more?
Is it history? I found lots of Yes! (But where bugs here. Will did these come there be more? from?)
How about metrics?
How about metrics? Do code metrics correlate with bug density?
How about metrics? Do code metrics Sometimes! correlate with bug density?
Uh. Coverage?
Uh. Coverage? Does test coverage correlate with bug density?
Uh. Coverage? Yes – Does test coverage correlate with bug the more coverage, density? the more bugs!
Ah! Language features?
Ah! Language features? Are gotos harmful?
Ah! Language features? Are gotos No correlation! harmful?
Ok. Problem domain?
Ok. Problem domain? Which tokens do matter?
Ok. Problem domain? Which tokens import • extends • implements do matter?
Eclipse imports Joint work with Adrian Schröter • Tom Zimmermann
Eclipse imports import org.eclipse.jdt.internal.compiler.lookup.*; import org.eclipse.jdt.internal.compiler.*; import org.eclipse.jdt.internal.compiler.ast.*; import org.eclipse.jdt.internal.compiler.util.*; ... import org.eclipse.pde.core.*; import org.eclipse.jface.wizard.*; import org.eclipse.ui.*; Joint work with Adrian Schröter • Tom Zimmermann
Eclipse imports 71% of all components importing compiler show a post-release defect import org.eclipse.jdt.internal.compiler.lookup.*; import org.eclipse.jdt.internal.compiler.*; import org.eclipse.jdt.internal.compiler.ast.*; import org.eclipse.jdt.internal.compiler.util.*; ... import org.eclipse.pde.core.*; import org.eclipse.jface.wizard.*; import org.eclipse.ui.*; Joint work with Adrian Schröter • Tom Zimmermann
Eclipse imports 71% of all components importing compiler show a post-release defect import org.eclipse.jdt.internal.compiler.lookup.*; import org.eclipse.jdt.internal.compiler.*; import org.eclipse.jdt.internal.compiler.ast.*; import org.eclipse.jdt.internal.compiler.util.*; ... import org.eclipse.pde.core.*; import org.eclipse.jface.wizard.*; import org.eclipse.ui.*; 14% of all components importing ui show a post-release defect Joint work with Adrian Schröter • Tom Zimmermann
Mozilla Vulnerabilities
And what else?
And what else? So all of this requires earlier defects, right?
And what else? So all of this requires earlier Yes! defects, right?
And what else?
And what else? But are there universal properties?
And what else? ? But are there universal properties?
Defect sources
Defect sources Coding
Defect sources Coding Quality Assurance
Defect sources Design Coding Quality Assurance
Defect sources Design Requirements Coding Quality Assurance
Defect sources • Which properties Design Requirements should we look at? • Which properties can we look at? Coding Quality Assurance
bug density Plugin.java had 5 failures ) before and one failure after release (``post''). The package contains 43 files (``points'') and encountered 16 failures before and one failure after release; on average each file in this package had 0.609 failures before and 0.022 failures after release (``avg'') Bugs • Fixes • Changes
bug density Plugin.java had 5 failures ) before and one failure after release (``post''). The package contains 43 files (``points'') and encountered 16 failures before and one failure after release; on average each file in this package had 0.609 failures before and 0.022 failures after release (``avg'') Bugs • Fixes • Changes
<?xml version=quot;1.0quot; encoding=quot;UTF-8quot;?> <defects project=quot;eclipsequot; release=quot;3.0quot;> <package name=quot;org.eclipse.core.runtimequot;> <counts> <count id=quot;prequot; value=quot;16quot; avg=quot;0.609quot; points=quot;43quot; max=quot;5quot;> <count id=quot;postquot; value=quot;1quot; avg=quot;0.022quot; points=quot;43quot; max=quot;1quot;> </counts> <compilationunit name=quot;Plugin.javaquot;> <counts> <count id=quot;prequot; value=quot;5quot;> Plugin.java had 5 failures ) before and one failure after <count id=quot;postquot; value=quot;1quot;> release (``post''). The package contains 43 files (``points'') and encountered 16 failures before and one failure after release; on average each file in this package had 0.609 failures before and 0.022 failures after release (``avg'') Bugs • Fixes • Changes
Defect sources • Which properties Design Requirements should we look at? • Which properties can we look at? Coding Quality Assurance
Defect sources • Which properties Design Requirements should we look at? • Which properties can we look at? Coding Quality Assurance
Defect sources • Which properties Design Requirements should we look at? • Which properties can we look at? Coding Quality Assurance

Recommended

Proactive Empirical Assessment of New Language Feature Adoption via Automated...
Proactive Empirical Assessment of New Language Feature Adoption via Automated...Proactive Empirical Assessment of New Language Feature Adoption via Automated...
Proactive Empirical Assessment of New Language Feature Adoption via Automated...Raffi Khatchadourian
 
Illustrated Code (ASE 2021)
Illustrated Code (ASE 2021)Illustrated Code (ASE 2021)
Illustrated Code (ASE 2021)CISPA Helmholtz Center for Information Security
 
About Dewey Hong
About Dewey HongAbout Dewey Hong
About Dewey HongDewey Hong
 
My life as a cyborg
My life as a cyborg My life as a cyborg
My life as a cyborg Alexander Serebrenik
 
Understanding, measuring and improving code quality in JavaScript
Understanding, measuring and improving code quality in JavaScriptUnderstanding, measuring and improving code quality in JavaScript
Understanding, measuring and improving code quality in JavaScriptMark Daggett
 
Beyond Unit Testing
Beyond Unit TestingBeyond Unit Testing
Beyond Unit TestingSøren Lund
 
TDD Workshop UTN 2012
TDD Workshop UTN 2012TDD Workshop UTN 2012
TDD Workshop UTN 2012Facundo Farias
 
Documenting Code - Patterns and Anti-patterns - NLPW 2016
Documenting Code - Patterns and Anti-patterns - NLPW 2016Documenting Code - Patterns and Anti-patterns - NLPW 2016
Documenting Code - Patterns and Anti-patterns - NLPW 2016Søren Lund
 

Recommended

Proactive Empirical Assessment of New Language Feature Adoption via Automated...
Proactive Empirical Assessment of New Language Feature Adoption via Automated...Proactive Empirical Assessment of New Language Feature Adoption via Automated...
Proactive Empirical Assessment of New Language Feature Adoption via Automated...Raffi Khatchadourian
 
Illustrated Code (ASE 2021)
Illustrated Code (ASE 2021)Illustrated Code (ASE 2021)
Illustrated Code (ASE 2021)CISPA Helmholtz Center for Information Security
 
About Dewey Hong
About Dewey HongAbout Dewey Hong
About Dewey HongDewey Hong
 
My life as a cyborg
My life as a cyborg My life as a cyborg
My life as a cyborg Alexander Serebrenik
 
Understanding, measuring and improving code quality in JavaScript
Understanding, measuring and improving code quality in JavaScriptUnderstanding, measuring and improving code quality in JavaScript
Understanding, measuring and improving code quality in JavaScriptMark Daggett
 
Beyond Unit Testing
Beyond Unit TestingBeyond Unit Testing
Beyond Unit TestingSøren Lund
 
TDD Workshop UTN 2012
TDD Workshop UTN 2012TDD Workshop UTN 2012
TDD Workshop UTN 2012Facundo Farias
 
Documenting Code - Patterns and Anti-patterns - NLPW 2016
Documenting Code - Patterns and Anti-patterns - NLPW 2016Documenting Code - Patterns and Anti-patterns - NLPW 2016
Documenting Code - Patterns and Anti-patterns - NLPW 2016Søren Lund
 
A Brief Introduction to Test-Driven Development
A Brief Introduction to Test-Driven DevelopmentA Brief Introduction to Test-Driven Development
A Brief Introduction to Test-Driven DevelopmentShawn Jones
 
Test driven development
Test driven developmentTest driven development
Test driven developmentDennis Ahaus
 
Working Effectively With Legacy Code
Working Effectively With Legacy CodeWorking Effectively With Legacy Code
Working Effectively With Legacy CodeExcella
 
Source code comprehension on evolving software
Source code comprehension on evolving softwareSource code comprehension on evolving software
Source code comprehension on evolving softwareSung Kim
 
On Impact in Software Engineering Research
On Impact in Software Engineering ResearchOn Impact in Software Engineering Research
On Impact in Software Engineering ResearchCISPA Helmholtz Center for Information Security
 
HotSoS16 Tutorial "Text Analytics for Security" by Tao Xie and William Enck
HotSoS16 Tutorial "Text Analytics for Security" by Tao Xie and William EnckHotSoS16 Tutorial "Text Analytics for Security" by Tao Xie and William Enck
HotSoS16 Tutorial "Text Analytics for Security" by Tao Xie and William EnckTao Xie
 
Automated Unit Testing and TDD
Automated Unit Testing and TDDAutomated Unit Testing and TDD
Automated Unit Testing and TDDGreg Sohl
 
The Professional Programmer
The Professional ProgrammerThe Professional Programmer
The Professional ProgrammerDave Cross
 
IDEAL: An Open-Source Identifier Name Appraisal Tool
IDEAL: An Open-Source Identifier Name Appraisal ToolIDEAL: An Open-Source Identifier Name Appraisal Tool
IDEAL: An Open-Source Identifier Name Appraisal ToolAnthony Peruma
 
On Impact in Software Engineering Research (HU Berlin 2021)
On Impact in Software Engineering Research (HU Berlin 2021)On Impact in Software Engineering Research (HU Berlin 2021)
On Impact in Software Engineering Research (HU Berlin 2021)CISPA Helmholtz Center for Information Security
 
Software Analytics - Achievements and Challenges
Software Analytics - Achievements and ChallengesSoftware Analytics - Achievements and Challenges
Software Analytics - Achievements and ChallengesTao Xie
 
АНТОН МУЖАЙЛО «Test Team Development and Management Techniques»
АНТОН МУЖАЙЛО «Test Team Development and Management Techniques»АНТОН МУЖАЙЛО «Test Team Development and Management Techniques»
АНТОН МУЖАЙЛО «Test Team Development and Management Techniques»GoQA
 
Documenting code yapceu2016
Documenting code yapceu2016Documenting code yapceu2016
Documenting code yapceu2016Søren Lund
 
Working with Legacy Code
Working with Legacy CodeWorking with Legacy Code
Working with Legacy CodeEyal Golan
 
Agile Programming Systems # TDD intro
Agile Programming Systems # TDD introAgile Programming Systems # TDD intro
Agile Programming Systems # TDD introVitaliy Kulikov
 
Dependency Injection in iOS
Dependency Injection in iOSDependency Injection in iOS
Dependency Injection in iOSPablo Villar
 
ProspectusPresentationPrinterFriendly
ProspectusPresentationPrinterFriendlyProspectusPresentationPrinterFriendly
ProspectusPresentationPrinterFriendlymartijnetje
 
Cross-project Defect Prediction Using A Connectivity-based Unsupervised Class...
Cross-project Defect Prediction Using A Connectivity-based Unsupervised Class...Cross-project Defect Prediction Using A Connectivity-based Unsupervised Class...
Cross-project Defect Prediction Using A Connectivity-based Unsupervised Class...Feng Zhang
 
Review Participation in Modern Code Review: An Empirical Study of the Android...
Review Participation in Modern Code Review: An Empirical Study of the Android...Review Participation in Modern Code Review: An Empirical Study of the Android...
Review Participation in Modern Code Review: An Empirical Study of the Android...The University of Adelaide
 
On Impact in Software Engineering Research (Dagstuhl 2020)
On Impact in Software Engineering Research (Dagstuhl 2020)On Impact in Software Engineering Research (Dagstuhl 2020)
On Impact in Software Engineering Research (Dagstuhl 2020)CISPA Helmholtz Center for Information Security
 
Learning from 6,000 projects mining specifications in the large
Learning from 6,000 projects mining specifications in the largeLearning from 6,000 projects mining specifications in the large
Learning from 6,000 projects mining specifications in the largeCISPA Helmholtz Center for Information Security
 
Seeding Bugs To Find Bugs
Seeding Bugs To Find BugsSeeding Bugs To Find Bugs
Seeding Bugs To Find BugsCISPA Helmholtz Center for Information Security
 

More Related Content

What's hot

A Brief Introduction to Test-Driven Development
A Brief Introduction to Test-Driven DevelopmentA Brief Introduction to Test-Driven Development
A Brief Introduction to Test-Driven DevelopmentShawn Jones
 
Test driven development
Test driven developmentTest driven development
Test driven developmentDennis Ahaus
 
Working Effectively With Legacy Code
Working Effectively With Legacy CodeWorking Effectively With Legacy Code
Working Effectively With Legacy CodeExcella
 
Source code comprehension on evolving software
Source code comprehension on evolving softwareSource code comprehension on evolving software
Source code comprehension on evolving softwareSung Kim
 
HotSoS16 Tutorial "Text Analytics for Security" by Tao Xie and William Enck
HotSoS16 Tutorial "Text Analytics for Security" by Tao Xie and William EnckHotSoS16 Tutorial "Text Analytics for Security" by Tao Xie and William Enck
HotSoS16 Tutorial "Text Analytics for Security" by Tao Xie and William EnckTao Xie
 
Automated Unit Testing and TDD
Automated Unit Testing and TDDAutomated Unit Testing and TDD
Automated Unit Testing and TDDGreg Sohl
 
The Professional Programmer
The Professional ProgrammerThe Professional Programmer
The Professional ProgrammerDave Cross
 
IDEAL: An Open-Source Identifier Name Appraisal Tool
IDEAL: An Open-Source Identifier Name Appraisal ToolIDEAL: An Open-Source Identifier Name Appraisal Tool
IDEAL: An Open-Source Identifier Name Appraisal ToolAnthony Peruma
 
Software Analytics - Achievements and Challenges
Software Analytics - Achievements and ChallengesSoftware Analytics - Achievements and Challenges
Software Analytics - Achievements and ChallengesTao Xie
 
АНТОН МУЖАЙЛО «Test Team Development and Management Techniques»
АНТОН МУЖАЙЛО «Test Team Development and Management Techniques»АНТОН МУЖАЙЛО «Test Team Development and Management Techniques»
АНТОН МУЖАЙЛО «Test Team Development and Management Techniques»GoQA
 
Documenting code yapceu2016
Documenting code yapceu2016Documenting code yapceu2016
Documenting code yapceu2016Søren Lund
 
Working with Legacy Code
Working with Legacy CodeWorking with Legacy Code
Working with Legacy CodeEyal Golan
 
Agile Programming Systems # TDD intro
Agile Programming Systems # TDD introAgile Programming Systems # TDD intro
Agile Programming Systems # TDD introVitaliy Kulikov
 
Dependency Injection in iOS
Dependency Injection in iOSDependency Injection in iOS
Dependency Injection in iOSPablo Villar
 
ProspectusPresentationPrinterFriendly
ProspectusPresentationPrinterFriendlyProspectusPresentationPrinterFriendly
ProspectusPresentationPrinterFriendlymartijnetje
 
Cross-project Defect Prediction Using A Connectivity-based Unsupervised Class...
Cross-project Defect Prediction Using A Connectivity-based Unsupervised Class...Cross-project Defect Prediction Using A Connectivity-based Unsupervised Class...
Cross-project Defect Prediction Using A Connectivity-based Unsupervised Class...Feng Zhang
 
Review Participation in Modern Code Review: An Empirical Study of the Android...
Review Participation in Modern Code Review: An Empirical Study of the Android...Review Participation in Modern Code Review: An Empirical Study of the Android...
Review Participation in Modern Code Review: An Empirical Study of the Android...The University of Adelaide
 

What's hot (20)

A Brief Introduction to Test-Driven Development
A Brief Introduction to Test-Driven DevelopmentA Brief Introduction to Test-Driven Development
A Brief Introduction to Test-Driven Development
 
Test driven development
Test driven developmentTest driven development
Test driven development
 
Working Effectively With Legacy Code
Working Effectively With Legacy CodeWorking Effectively With Legacy Code
Working Effectively With Legacy Code
 
Source code comprehension on evolving software
Source code comprehension on evolving softwareSource code comprehension on evolving software
Source code comprehension on evolving software
 
On Impact in Software Engineering Research
On Impact in Software Engineering ResearchOn Impact in Software Engineering Research
On Impact in Software Engineering Research
 
HotSoS16 Tutorial "Text Analytics for Security" by Tao Xie and William Enck
HotSoS16 Tutorial "Text Analytics for Security" by Tao Xie and William EnckHotSoS16 Tutorial "Text Analytics for Security" by Tao Xie and William Enck
HotSoS16 Tutorial "Text Analytics for Security" by Tao Xie and William Enck
 
Automated Unit Testing and TDD
Automated Unit Testing and TDDAutomated Unit Testing and TDD
Automated Unit Testing and TDD
 
The Professional Programmer
The Professional ProgrammerThe Professional Programmer
The Professional Programmer
 
IDEAL: An Open-Source Identifier Name Appraisal Tool
IDEAL: An Open-Source Identifier Name Appraisal ToolIDEAL: An Open-Source Identifier Name Appraisal Tool
IDEAL: An Open-Source Identifier Name Appraisal Tool
 
On Impact in Software Engineering Research (HU Berlin 2021)
On Impact in Software Engineering Research (HU Berlin 2021)On Impact in Software Engineering Research (HU Berlin 2021)
On Impact in Software Engineering Research (HU Berlin 2021)
 
Software Analytics - Achievements and Challenges
Software Analytics - Achievements and ChallengesSoftware Analytics - Achievements and Challenges
Software Analytics - Achievements and Challenges
 
АНТОН МУЖАЙЛО «Test Team Development and Management Techniques»
АНТОН МУЖАЙЛО «Test Team Development and Management Techniques»АНТОН МУЖАЙЛО «Test Team Development and Management Techniques»
АНТОН МУЖАЙЛО «Test Team Development and Management Techniques»
 
Documenting code yapceu2016
Documenting code yapceu2016Documenting code yapceu2016
Documenting code yapceu2016
 
Working with Legacy Code
Working with Legacy CodeWorking with Legacy Code
Working with Legacy Code
 
Agile Programming Systems # TDD intro
Agile Programming Systems # TDD introAgile Programming Systems # TDD intro
Agile Programming Systems # TDD intro
 
Dependency Injection in iOS
Dependency Injection in iOSDependency Injection in iOS
Dependency Injection in iOS
 
ProspectusPresentationPrinterFriendly
ProspectusPresentationPrinterFriendlyProspectusPresentationPrinterFriendly
ProspectusPresentationPrinterFriendly
 
Cross-project Defect Prediction Using A Connectivity-based Unsupervised Class...
Cross-project Defect Prediction Using A Connectivity-based Unsupervised Class...Cross-project Defect Prediction Using A Connectivity-based Unsupervised Class...
Cross-project Defect Prediction Using A Connectivity-based Unsupervised Class...
 
Review Participation in Modern Code Review: An Empirical Study of the Android...
Review Participation in Modern Code Review: An Empirical Study of the Android...Review Participation in Modern Code Review: An Empirical Study of the Android...
Review Participation in Modern Code Review: An Empirical Study of the Android...
 
On Impact in Software Engineering Research (Dagstuhl 2020)
On Impact in Software Engineering Research (Dagstuhl 2020)On Impact in Software Engineering Research (Dagstuhl 2020)
On Impact in Software Engineering Research (Dagstuhl 2020)
 

Viewers also liked

Effective debugging
Effective debuggingEffective debugging
Effective debuggingAndy Dawson
 
The Art Of Debugging
The Art Of DebuggingThe Art Of Debugging
The Art Of Debuggingsvilen.ivanov
 
Advanced Production Debugging
Advanced Production DebuggingAdvanced Production Debugging
Advanced Production DebuggingTakipi
 
Test Driven Development (TDD)
Test Driven Development (TDD)Test Driven Development (TDD)
Test Driven Development (TDD)David Ehringer
 

Viewers also liked (10)

Learning from 6,000 projects mining specifications in the large
Learning from 6,000 projects mining specifications in the largeLearning from 6,000 projects mining specifications in the large
Learning from 6,000 projects mining specifications in the large
 
Seeding Bugs To Find Bugs
Seeding Bugs To Find BugsSeeding Bugs To Find Bugs
Seeding Bugs To Find Bugs
 
Effective debugging
Effective debuggingEffective debugging
Effective debugging
 
Notes on Debugging
Notes on DebuggingNotes on Debugging
Notes on Debugging
 
Debugging
DebuggingDebugging
Debugging
 
Debugging Debugging
Debugging DebuggingDebugging Debugging
Debugging Debugging
 
The Art Of Debugging
The Art Of DebuggingThe Art Of Debugging
The Art Of Debugging
 
Debugging
DebuggingDebugging
Debugging
 
Advanced Production Debugging
Advanced Production DebuggingAdvanced Production Debugging
Advanced Production Debugging
 
Test Driven Development (TDD)
Test Driven Development (TDD)Test Driven Development (TDD)
Test Driven Development (TDD)
 

Similar to Do Bugs Reside in Complex Code?

Quality of Bug Reports in Open Source
Quality of Bug Reports in Open SourceQuality of Bug Reports in Open Source
Quality of Bug Reports in Open SourceThomas Zimmermann
 
Scaling Continuous Integration Practices to Teams with Parallel Development
Scaling Continuous Integration Practices to Teams with Parallel DevelopmentScaling Continuous Integration Practices to Teams with Parallel Development
Scaling Continuous Integration Practices to Teams with Parallel DevelopmentIBM UrbanCode Products
 
Quality Assurance 1: Why Quality Matters
Quality Assurance 1: Why Quality MattersQuality Assurance 1: Why Quality Matters
Quality Assurance 1: Why Quality MattersMarc Miquel
 
Continuous Delivery of (y)our infrastructure.
Continuous Delivery of (y)our infrastructure.Continuous Delivery of (y)our infrastructure.
Continuous Delivery of (y)our infrastructure.Kris Buytaert
 
Pipeline as code for your infrastructure as Code
Pipeline as code for your infrastructure as CodePipeline as code for your infrastructure as Code
Pipeline as code for your infrastructure as CodeKris Buytaert
 
Cracking OCA and OCP Java 8 Exams
Cracking OCA and OCP Java 8 ExamsCracking OCA and OCP Java 8 Exams
Cracking OCA and OCP Java 8 ExamsGanesh Samarthyam
 
App sec and quality london - may 2016 - v0.5
App sec and quality london - may 2016 - v0.5App sec and quality london - may 2016 - v0.5
App sec and quality london - may 2016 - v0.5Dinis Cruz
 
Duplicate Bug Reports Considered Harmful ... Really?
Duplicate Bug Reports Considered Harmful ... Really?Duplicate Bug Reports Considered Harmful ... Really?
Duplicate Bug Reports Considered Harmful ... Really?Nicolas Bettenburg
 
The Ember.js Framework - Everything You Need To Know
The Ember.js Framework - Everything You Need To KnowThe Ember.js Framework - Everything You Need To Know
The Ember.js Framework - Everything You Need To KnowAll Things Open
 
Different phases of accessibility testing
Different phases of accessibility testing Different phases of accessibility testing
Different phases of accessibility testing SAGAR BARBHAYA
 
Different phases of accessibility testing
Different phases of accessibility testingDifferent phases of accessibility testing
Different phases of accessibility testingPoonam Tathavadkar
 
Алексей Ященко и Ярослав Волощук "False simplicity of front-end applications"
Алексей Ященко и Ярослав Волощук "False simplicity of front-end applications"Алексей Ященко и Ярослав Волощук "False simplicity of front-end applications"
Алексей Ященко и Ярослав Волощук "False simplicity of front-end applications"Fwdays
 
Changes and Bugs: Mining and Predicting Development Activities
Changes and Bugs: Mining and Predicting Development ActivitiesChanges and Bugs: Mining and Predicting Development Activities
Changes and Bugs: Mining and Predicting Development ActivitiesThomas Zimmermann
 
Static Analysis Techniques For Testing Application Security - Houston Tech Fest
Static Analysis Techniques For Testing Application Security - Houston Tech FestStatic Analysis Techniques For Testing Application Security - Houston Tech Fest
Static Analysis Techniques For Testing Application Security - Houston Tech FestDenim Group
 
Cross-project defect prediction
Cross-project defect predictionCross-project defect prediction
Cross-project defect predictionThomas Zimmermann
 
[RHFSeoul2017]6 Steps to Transform Enterprise Applications
[RHFSeoul2017]6 Steps to Transform Enterprise Applications[RHFSeoul2017]6 Steps to Transform Enterprise Applications
[RHFSeoul2017]6 Steps to Transform Enterprise ApplicationsDaniel Oh
 
Distributed Version Control Systems
Distributed Version Control SystemsDistributed Version Control Systems
Distributed Version Control SystemsMark van Lent
 
javabasics_ programming development chapter01
javabasics_ programming development chapter01javabasics_ programming development chapter01
javabasics_ programming development chapter01Udeshg90
 
Machine programming
Machine programmingMachine programming
Machine programmingDESMOND YUEN
 

Similar to Do Bugs Reside in Complex Code? (20)

Quality of Bug Reports in Open Source
Quality of Bug Reports in Open SourceQuality of Bug Reports in Open Source
Quality of Bug Reports in Open Source
 
Scaling Continuous Integration Practices to Teams with Parallel Development
Scaling Continuous Integration Practices to Teams with Parallel DevelopmentScaling Continuous Integration Practices to Teams with Parallel Development
Scaling Continuous Integration Practices to Teams with Parallel Development
 
Ionic debugger
Ionic debuggerIonic debugger
Ionic debugger
 
Quality Assurance 1: Why Quality Matters
Quality Assurance 1: Why Quality MattersQuality Assurance 1: Why Quality Matters
Quality Assurance 1: Why Quality Matters
 
Continuous Delivery of (y)our infrastructure.
Continuous Delivery of (y)our infrastructure.Continuous Delivery of (y)our infrastructure.
Continuous Delivery of (y)our infrastructure.
 
Pipeline as code for your infrastructure as Code
Pipeline as code for your infrastructure as CodePipeline as code for your infrastructure as Code
Pipeline as code for your infrastructure as Code
 
Cracking OCA and OCP Java 8 Exams
Cracking OCA and OCP Java 8 ExamsCracking OCA and OCP Java 8 Exams
Cracking OCA and OCP Java 8 Exams
 
App sec and quality london - may 2016 - v0.5
App sec and quality london - may 2016 - v0.5App sec and quality london - may 2016 - v0.5
App sec and quality london - may 2016 - v0.5
 
Duplicate Bug Reports Considered Harmful ... Really?
Duplicate Bug Reports Considered Harmful ... Really?Duplicate Bug Reports Considered Harmful ... Really?
Duplicate Bug Reports Considered Harmful ... Really?
 
The Ember.js Framework - Everything You Need To Know
The Ember.js Framework - Everything You Need To KnowThe Ember.js Framework - Everything You Need To Know
The Ember.js Framework - Everything You Need To Know
 
Different phases of accessibility testing
Different phases of accessibility testing Different phases of accessibility testing
Different phases of accessibility testing
 
Different phases of accessibility testing
Different phases of accessibility testingDifferent phases of accessibility testing
Different phases of accessibility testing
 
Алексей Ященко и Ярослав Волощук "False simplicity of front-end applications"
Алексей Ященко и Ярослав Волощук "False simplicity of front-end applications"Алексей Ященко и Ярослав Волощук "False simplicity of front-end applications"
Алексей Ященко и Ярослав Волощук "False simplicity of front-end applications"
 
Changes and Bugs: Mining and Predicting Development Activities
Changes and Bugs: Mining and Predicting Development ActivitiesChanges and Bugs: Mining and Predicting Development Activities
Changes and Bugs: Mining and Predicting Development Activities
 
Static Analysis Techniques For Testing Application Security - Houston Tech Fest
Static Analysis Techniques For Testing Application Security - Houston Tech FestStatic Analysis Techniques For Testing Application Security - Houston Tech Fest
Static Analysis Techniques For Testing Application Security - Houston Tech Fest
 
Cross-project defect prediction
Cross-project defect predictionCross-project defect prediction
Cross-project defect prediction
 
[RHFSeoul2017]6 Steps to Transform Enterprise Applications
[RHFSeoul2017]6 Steps to Transform Enterprise Applications[RHFSeoul2017]6 Steps to Transform Enterprise Applications
[RHFSeoul2017]6 Steps to Transform Enterprise Applications
 
Distributed Version Control Systems
Distributed Version Control SystemsDistributed Version Control Systems
Distributed Version Control Systems
 
javabasics_ programming development chapter01
javabasics_ programming development chapter01javabasics_ programming development chapter01
javabasics_ programming development chapter01
 
Machine programming
Machine programmingMachine programming
Machine programming
 

More from CISPA Helmholtz Center for Information Security

More from CISPA Helmholtz Center for Information Security (12)

Language-Based Testing and Debugging.pdf
Language-Based Testing and Debugging.pdfLanguage-Based Testing and Debugging.pdf
Language-Based Testing and Debugging.pdf
 
Digital Networking and Community
Digital Networking and CommunityDigital Networking and Community
Digital Networking and Community
 
Fuzzing - A Tale of Two Cultures
Fuzzing - A Tale of Two CulturesFuzzing - A Tale of Two Cultures
Fuzzing - A Tale of Two Cultures
 
Fast and Effective Fuzz Testing (Facebook TAV 2019)
Fast and Effective Fuzz Testing (Facebook TAV 2019)Fast and Effective Fuzz Testing (Facebook TAV 2019)
Fast and Effective Fuzz Testing (Facebook TAV 2019)
 
Software-Tests automatisch erzeugen: Frische Ansätze für Forschung, Praxis un...
Software-Tests automatisch erzeugen: Frische Ansätze für Forschung, Praxis un...Software-Tests automatisch erzeugen: Frische Ansätze für Forschung, Praxis un...
Software-Tests automatisch erzeugen: Frische Ansätze für Forschung, Praxis un...
 
On impact in Software Engineering Research (ICSE 2018 New Faculty Symposium)
On impact in Software Engineering Research (ICSE 2018 New Faculty Symposium)On impact in Software Engineering Research (ICSE 2018 New Faculty Symposium)
On impact in Software Engineering Research (ICSE 2018 New Faculty Symposium)
 
Twelve tips on how to prepare an ERC grant proposal
Twelve tips on how to prepare an ERC grant proposalTwelve tips on how to prepare an ERC grant proposal
Twelve tips on how to prepare an ERC grant proposal
 
Getting your work funded
Getting your work fundedGetting your work funded
Getting your work funded
 
Mining Processes
Mining ProcessesMining Processes
Mining Processes
 
Mining Programs
Mining ProgramsMining Programs
Mining Programs
 
Getting your paper accepted (at ISSTA 2008)
Getting your paper accepted (at ISSTA 2008)Getting your paper accepted (at ISSTA 2008)
Getting your paper accepted (at ISSTA 2008)
 
Woher kommen Software-Fehler?
Woher kommen Software-Fehler?Woher kommen Software-Fehler?
Woher kommen Software-Fehler?
 

Recently uploaded

The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Strongerpanagenda
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesThousandEyes
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demoHarshalMandlekar2
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...panagenda
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
Manual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditManual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditSkynet Technologies
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 

Recently uploaded (20)

The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
Manual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditManual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance Audit
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 

Do Bugs Reside in Complex Code?

  • 1. Myths in Software Engineering “Bugs Reside in Complex Code” Andreas Zeller Saarland University
  • 2.
  • 3.
  • 5. Models Specs Code Traces Profiles Tests e-mail Bugs Effort Navigation Changes Chats
  • 6. Models Specs Code Traces Profiles Tests e-mail Bugs Effort Navigation Changes Chats
  • 7. Bugs Changes
  • 8. Bugs Changes
  • 9. Bugs Changes
  • 10. Bugs Changes
  • 11. Bugs Changes
  • 12. Bugs Changes
  • 13. Map bugs to code locations Bugs Changes
  • 15. What is the cause Eclipse Bugs of these errors?
  • 17. Code complexity Past defects #Lines #Vars #Classes Metrics #Params #Reads #Writes #Arcs #Blocks McCabe Fan In Fan Out …
  • 18. Projects researched • Internet Explorer 6 • IIS Server • Windows Process Messaging • DirectX • NetMeeting >1,000,000 Lines of Code
  • 19. Projects researched >1,000,000 Lines of Code
  • 20. Projects researched ABCDE >1,000,000 Lines of Code
  • 21. Do metrics correlate with defect density?
  • 22. Do metrics correlate with defect density? Project Metrics correlated w/ defects A #Classes and 5 derived B almost all C all except MaxInheritanceDepth D only #Lines E #Functions, #Arcs, Complexity
  • 23. Do metrics correlate with defect density? Project Metrics correlated w/ defects A #Classes and 5 derived B almost all C all except MaxInheritanceDepth D only #Lines E #Functions, #Arcs, Complexity
  • 24. Do metrics correlate with defect density? Project Metrics correlated w/ defects A #Classes and 5 derived B almost all C all except MaxInheritanceDepth D only #Lines E #Functions, #Arcs, Complexity
  • 25. Do metrics correlate with defect density? Project Metrics correlated w/ defects A #Classes and 5 derived B almost all C all except MaxInheritanceDepth D only #Lines E #Functions, #Arcs, Complexity
  • 26. Do metrics correlate with defect density? Project Metrics correlated w/ defects A #Classes and 5 derived B almost all C all except MaxInheritanceDepth D only #Lines E #Functions, #Arcs, Complexity
  • 27. Do metrics correlate with defect density? Project Metrics correlated w/ defects A #Classes and 5 derived B almost all C all except MaxInheritanceDepth D only #Lines E #Functions, #Arcs, Complexity
  • 28. Do metrics correlate with defect density? YES Project Metrics correlated w/ defects A #Classes and 5 derived B almost all C all except MaxInheritanceDepth D only #Lines E #Functions, #Arcs, Complexity
  • 29. Is there a set of metrics that fits all projects? Project Metrics correlated w/ defects A #Classes and 5 derived B almost all C all except MaxInheritanceDepth D only #Lines E #Functions, #Arcs, Complexity
  • 30. Is there a set of metrics that fits all projects? NO Project Metrics correlated w/ defects A #Classes and 5 derived B almost all C all except MaxInheritanceDepth D only #Lines E #Functions, #Arcs, Complexity
  • 32. Can we predict defect-prone modules? • Basic idea: Combine metrics
  • 33. Can we predict defect-prone modules? • Basic idea: Combine metrics • Give most weight to most predictive metrics
  • 34. Can we predict defect-prone modules? • Basic idea: Combine metrics • Give most weight to most predictive metrics • Successful prediction in all five projects –
  • 35. Can we predict defect-prone modules? • Basic idea: Combine metrics • Give most weight to most predictive metrics • Successful prediction in all five projects – • – but requires history to calibrate
  • 38. What is the cause Eclipse Bugs of these errors?
  • 39. Is it the developers?
  • 40. Is it the developers? Does experience matter?
  • 41. Is it the developers? Bug density Does experience correlates with matter? experience!
  • 43. Is it history? I found lots of bugs here. Will there be more?
  • 44. Is it history? I found lots of Yes! (But where bugs here. Will did these come there be more? from?)
  • 46. How about metrics? Do code metrics correlate with bug density?
  • 47. How about metrics? Do code metrics Sometimes! correlate with bug density?
  • 49. Uh. Coverage? Does test coverage correlate with bug density?
  • 50. Uh. Coverage? Yes – Does test coverage correlate with bug the more coverage, density? the more bugs!
  • 52. Ah! Language features? Are gotos harmful?
  • 53. Ah! Language features? Are gotos No correlation! harmful?
  • 55. Ok. Problem domain? Which tokens do matter?
  • 56. Ok. Problem domain? Which tokens import • extends • implements do matter?
  • 57. Eclipse imports Joint work with Adrian Schröter • Tom Zimmermann
  • 58. Eclipse imports import org.eclipse.jdt.internal.compiler.lookup.*; import org.eclipse.jdt.internal.compiler.*; import org.eclipse.jdt.internal.compiler.ast.*; import org.eclipse.jdt.internal.compiler.util.*; ... import org.eclipse.pde.core.*; import org.eclipse.jface.wizard.*; import org.eclipse.ui.*; Joint work with Adrian Schröter • Tom Zimmermann
  • 59. Eclipse imports 71% of all components importing compiler show a post-release defect import org.eclipse.jdt.internal.compiler.lookup.*; import org.eclipse.jdt.internal.compiler.*; import org.eclipse.jdt.internal.compiler.ast.*; import org.eclipse.jdt.internal.compiler.util.*; ... import org.eclipse.pde.core.*; import org.eclipse.jface.wizard.*; import org.eclipse.ui.*; Joint work with Adrian Schröter • Tom Zimmermann
  • 60. Eclipse imports 71% of all components importing compiler show a post-release defect import org.eclipse.jdt.internal.compiler.lookup.*; import org.eclipse.jdt.internal.compiler.*; import org.eclipse.jdt.internal.compiler.ast.*; import org.eclipse.jdt.internal.compiler.util.*; ... import org.eclipse.pde.core.*; import org.eclipse.jface.wizard.*; import org.eclipse.ui.*; 14% of all components importing ui show a post-release defect Joint work with Adrian Schröter • Tom Zimmermann
  • 63. And what else? So all of this requires earlier defects, right?
  • 64. And what else? So all of this requires earlier Yes! defects, right?
  • 66. And what else? But are there universal properties?
  • 67. And what else? ? But are there universal properties?
  • 69. Defect sources Coding
  • 70. Defect sources Coding Quality Assurance
  • 71. Defect sources Design Coding Quality Assurance
  • 72. Defect sources Design Requirements Coding Quality Assurance
  • 73. Defect sources • Which properties Design Requirements should we look at? • Which properties can we look at? Coding Quality Assurance
  • 74. bug density Plugin.java had 5 failures ) before and one failure after release (``post''). The package contains 43 files (``points'') and encountered 16 failures before and one failure after release; on average each file in this package had 0.609 failures before and 0.022 failures after release (``avg'') Bugs • Fixes • Changes
  • 75. bug density Plugin.java had 5 failures ) before and one failure after release (``post''). The package contains 43 files (``points'') and encountered 16 failures before and one failure after release; on average each file in this package had 0.609 failures before and 0.022 failures after release (``avg'') Bugs • Fixes • Changes
  • 76. <?xml version=quot;1.0quot; encoding=quot;UTF-8quot;?> <defects project=quot;eclipsequot; release=quot;3.0quot;> <package name=quot;org.eclipse.core.runtimequot;> <counts> <count id=quot;prequot; value=quot;16quot; avg=quot;0.609quot; points=quot;43quot; max=quot;5quot;> <count id=quot;postquot; value=quot;1quot; avg=quot;0.022quot; points=quot;43quot; max=quot;1quot;> </counts> <compilationunit name=quot;Plugin.javaquot;> <counts> <count id=quot;prequot; value=quot;5quot;> Plugin.java had 5 failures ) before and one failure after <count id=quot;postquot; value=quot;1quot;> release (``post''). The package contains 43 files (``points'') and encountered 16 failures before and one failure after release; on average each file in this package had 0.609 failures before and 0.022 failures after release (``avg'') Bugs • Fixes • Changes
  • 77. Defect sources • Which properties Design Requirements should we look at? • Which properties can we look at? Coding Quality Assurance
  • 78. Defect sources • Which properties Design Requirements should we look at? • Which properties can we look at? Coding Quality Assurance
  • 79. Defect sources • Which properties Design Requirements should we look at? • Which properties can we look at? Coding Quality Assurance