Reevaluating the Defect Proneness of Atoms of Confusion in Java Systems
Background: Code confusion concerns source code characteristics that make code harder for authors and reviewers to comprehend. Atoms of Confusion (AoC) are a set of low-level programming idioms for C-like languages that have been proposed as a potential source of code confusion; previous studies have empirically evaluated the extent to which they (i) are confusing to developers and (ii) introduce risk to software products.
Aims: In this study, we further explore Atoms of Confusion and question the assumptions associating them with defects, and associating their removal with defect-fixing activities.
Method: We mine 76,610 pull requests from six Java open-source projects, extracting and analyzing changes relating to AoC.
Results: First, we find no relation between the existence of AoCs and defect-fixing activity. Second, we observe that for some types of AoC–such as infix operator precedence and conditional operator–although quantitative analysis suggests a relation between their removal and fixes for defects, removing them does not contribute to the defect-fixing process. Finally, we find that project- and language-specific factors can affect the prevalence of AoC types, such as pre-increment/decrement and type conversion AoC.
Conclusion: While prior work reported that AoC impact defect proneness in systems written in C and C++, we find that the presence of AoC did not affect defect proneness in open-source Java projects. Our results suggest that future work is needed to investigate project- and language-specific factors such as project style guide and implicit type conversion that may impact the defect proneness of AoC.
Thu 24 OctDisplayed time zone: Brussels, Copenhagen, Madrid, Paris change
16:00 - 17:30 | Software vulnerabilities and defectsESEM Technical Papers / ESEM Emerging Results, Vision and Reflection Papers Track / ESEM Journal-First Papers at Sala de graus (C4 Building) Chair(s): Daniela Cruzes Norwegian University of Science and Technology | ||
16:00 20mFull-paper | Automated Code-centric Software Vulnerability Assessment: How Far Are We? An Empirical Study in C/C++ ESEM Technical Papers Anh Nguyen The , Triet Le The University of Adelaide, Muhammad Ali Babar School of Computer Science, The University of Adelaide DOI Pre-print | ||
16:20 20mFull-paper | Empirical Evaluation of Frequency Based Statistical Models for Estimating Killable Mutants ESEM Technical Papers Konstantin Kuznetsov Saarland University, CISPA, Alessio Gambi Austrian Institute of Technology (AIT), Saikrishna Dhiddi Passau University, Julia Hess Saarland University, Rahul Gopinath University of Sydney | ||
16:40 20mFull-paper | Reevaluating the Defect Proneness of Atoms of Confusion in Java Systems ESEM Technical Papers Guoshuai Shi University of Waterloo, Farshad Kazemi University of Waterloo, Michael W. Godfrey University of Waterloo, Canada, Shane McIntosh University of Waterloo Pre-print | ||
17:00 15mVision and Emerging Results | DetectBERT: Towards Full App-Level Representation Learning to Detect Android Malware ESEM Emerging Results, Vision and Reflection Papers Track Tiezhu Sun University of Luxembourg, Nadia Daoudi Luxembourg Institute of Science and Technology, Kisub Kim Singapore Management University, Singapore, Kevin Allix Independent Researcher, Tegawendé F. Bissyandé University of Luxembourg, Jacques Klein University of Luxembourg | ||
17:15 15mJournal Early-Feedback | Identifying concerns when specifying machine learning-enabled systems: A perspective-based approach ESEM Journal-First Papers Hugo Villamizar fortiss GmbH, Marcos Kalinowski Pontifical Catholic University of Rio de Janeiro (PUC-Rio), Helio Côrtes Vieira Lopes PUC-Rio, Daniel Mendez Blekinge Institute of Technology and fortiss DOI | ||