Deep just-in-time defect localization

Author

Fangcheng QIU
Zhipeng GAO
Xin XIA
David LO, Singapore Management UniversityFollow
John GRUNDY
Xinyu WANG

Publication Type

Journal Article

Version

acceptedVersion

Publication Date

12-2022

Abstract

During software development and maintenance, defect localization is an essential part of software quality assurance. Even though different techniques have been proposed for defect localization, i.e., information retrieval (IR)-based techniques and spectrum-based techniques, they can only work after the defect has been exposed, which can be too late and costly to adapt to the newly introduced bugs in the daily development. There are also many JIT defect prediction tools that have been proposed to predict the buggy commit. But these tools do not locate the suspicious buggy positions in the buggy commit. To assist developers to detect bugs in time and avoid introducing them, just-in-time (JIT) bug localization techniques have been proposed, which is targeting to locate suspicious buggy code after a change commit has been submitted. In this paper, we propose a novel JIT defect localization approach, named DEEPDL (Deep Learning-based defect localization), to locate defect code lines within a defect introducing change. DEEPDL employs a neural language model to capture the semantics of the code lines, in this way, the naturalness of each code line can be learned and converted to a suspiciousness score. The core of our DEEPDL is a deep learning-based neural language model. We train the neural language model with previous snapshots (history versions) of a project so that it can calculate the naturalness of a piece of code. In its application, for a given new code change, DEEPDL automatically assigns a suspiciousness score to each code line and sorts these code lines in descending order of this score. The code lines at the top of the list are considered as potential defect locations. Our tool can assist developers efficiently check buggy lines at an early stage, which is able to reduce the risk of introducing bugs in time and improve the developers’ confidence in the reliability of their software. We conducted an extensive experiment on 14 open source Java projects with a total of 11,615 buggy changes. We evaluate the experimental results considering four evaluation metrics. The experimental results show that our method outperforms the state-of-the-art by a substantial margin

Discipline

Databases and Information Systems | Software Engineering

Research Areas

Software and Cyber-Physical Systems

Publication

IEEE Transactions on Software Engineering

Volume

48

Issue

12

First Page

5068

Last Page

5086

ISSN

0098-5589

Identifier

10.1109/TSE.2021.3135875

Publisher

Institute of Electrical and Electronics Engineers

Citation

QIU, Fangcheng; GAO, Zhipeng; XIA, Xin; LO, David; GRUNDY, John; and WANG, Xinyu. Deep just-in-time defect localization. (2022). IEEE Transactions on Software Engineering. 48, (12), 5068-5086.
Available at: https://ink.library.smu.edu.sg/sis_research/7666

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.

Additional URL

https://doi.org/10.1109/TSE.2021.3135875