SlideShare a Scribd company logo

Characterizing and Predicting Which Bugs Get Reopened

Thomas Zimmermann
Thomas Zimmermann

This document summarizes a study characterizing and predicting which software bugs get reopened. Through a qualitative survey, researchers identified six main causes of bug reopens: bugs being difficult to reproduce, misunderstood root causes, insufficient bug information, increased bug priority later on, regression bugs, and process-related issues. A quantitative analysis using logistic regression found that bugs found through code analysis tools or human review were less likely to reopen, while bugs found through system or customer testing were more likely to reopen. The analysis also found that bugs opened by people with higher reputations based on past bugs were less likely to reopen.

TechnologyBusiness
1 of 32
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
Characterizing and Predicting Which Bugs Get Reopened Thomas Zimmermann Nachiappan Nagappan Microsoft Research Philip J. Guo Stanford University Brendan Murphy Microsoft Research © Microsoft Corporation
A bug’s life Picture on the right via http://www.bugzilla.org/docs/2.18/html/lifecycle.html © Microsoft Corporation
Final part of a trilogy… Which bugs are fixed? Bug reassignments Bug reopens (this paper) ICSE 2010 CSCW 2011 ICSE 2012 SEIP © Microsoft Corporation
…and partly a remake Emad Shihab, Akinori Ihara, Yasutaka Kamei, Walid M. Ibrahim, Masao Ohira, Bram Adams, Ahmed E. Hassan, Ken-ichi Matsumoto: Predicting Re-opened Bugs: A Case Study on the Eclipse Project. WCRE 2010: 249-258 © Microsoft Corporation
Shihab et. al: Predicting Reopened Bugs This paper: Characterizing Reopened Bugs (WCRE 2010) Four dimensions: work habits, bug report, bug fix and team Predicted reopened bugs with a precision of 62.9% and a recall of 84.5% (d-trees) Top node analysis found that bug report dimension was most influential | © Microsoft Corporation
Shihab et. al: Predicting Reopened Bugs This paper: Characterizing Reopened Bugs (WCRE 2010) Four dimensions: work habits, bug report, Partial replication of Shihab et al. bug fix and team New measurements: organizational and Predicted reopened bugs with a precision geographic distance, reputation, how found of 62.9% and a recall of 84.5% (d-trees) Qualitative component on the causes of Top node analysis found that bug report bug reopens (identified with a survey) dimension was most influential Descriptive models (logistic regression) | | © Microsoft Corporation
Methodology Qualitative • “In your experience, what are reasons why a bug would be reopened multiple times” survey • 358 out of 1,773 responded. Card sort. Quantitative • All bug reports for Windows Vista and Windows 7 analysis • Logistic regression model for reopened bugs Manual • Random sample of reopened bugs inspection • 20 bug reports © Microsoft Corporation
What are reasons for bug report reopens? © Microsoft Corporation
Causes of bug reopens Not FIXED Related to Root Cause  Bugs difficult to reproduce  Developers misunderstood root cause  Bug had insufficient information Related to Priority  Priority of the bug increased FIXED  Regression bugs Process-related  Process © Microsoft Corporation
#1: Difficult to reproduce “The bug is hard to reproduce and so the fix was made without being able to fully verify it. A good example is a customer who reports something. We think we see the issue in house and fix that. It turns out we saw something different…” “Bugs which are difficult to reproduce generally get re-activated multiple times. At first, developers will give a simple repro attempt before resolving bugs 'Not repro'. But if the bug opener is able to reproduce the issue again, or perhaps comes up with better repro instructions, then the developer will pay more attention the second time the bug is activated.” “Heisenbugs” © Microsoft Corporation
#2: Misunderstood root cause “The bug is tracking an unidentified symptom and it takes a while to fully root cause. This comes up a lot with memory leaks: there will be an unknown memory leak in a component and the owning team plays whack-a-mole with the code defects to remove memory issues one-by-one.” “Not fixing the root cause and only addressing symptoms. Without root cause understood for the bug a patch/hack can often be done that will then be reactivated.” © Microsoft Corporation
#3: Insufficient information “Poor bug quality. If the bug wasn't described well enough, or not enough diagnostic info was there, the dev will guess and fix *something* in order to make the bug go away. What they fix isn't always what the person who filed the bug ran into.” “If a bug report does not accurately convey enough information about what is actually wrong (i.e. it describes incorrect behavior but neglects to mention data loss) or if the bug does not convey a dependency (such as another team relying on a fix), a bug may be de-prioritized and resolved without fixing.” © Microsoft Corporation
#4: Increased priority “Bugs are closed because one person or triage team believes the bug is not worthy of fixing (i.e. too risky, don't care, etc.), but then a few days later a VP or external customer reports the same issue, then the bug has a higher priority.” “Other reason is lack of business justification or too late in product cycle; reopened when sufficient justification exists or new cycle begins.” “One team may feel an issue is critical while the other does not see it as important enough, and instead of carrying a discussion, the bug is bounced around.” © Microsoft Corporation
#5: Regression bugs “First attempt at fix was flawed in some way, and wasn't caught because of lack of testing or unknown related scenario regression.” “I've seen cases in the past where it was thought that a bug was fixed only to find that a corner case had been missed.” “I've also seen cases where the bug was only being hit due to a timing issue and something changed that affected the timing and the bug disappeared again.” © Microsoft Corporation
#6: Process-related bugs “Sometimes bugs are reopened due to a misunderstanding of process. e.g. dev resolves bug when fix is submitted, but tester reactivates because bug still repros (because fix has not yet reached tester).” “Bug is verified fixed in a feature of developer’s branch and the fix takes too long to hit the main branch.” © Microsoft Corporation
#6: Process-related bugs “First of all, I don’t like the model where we reactivate bugs that were Fixed but the issue was not resolved. Logically it makes sense, but tracking the thread of the issue through multiple checkins & reactivates can be hell if it happens more than once or twice. I would prefer a model where once a checkin has been made for a bug, that bug is done! New issues, or issues that linger despite a previous fix, should/ would be tracked in a new bug.” © Microsoft Corporation
What factors correlate with bug reopens? © Microsoft Corporation
Does the source of a bug (how it was found) influence the likelihood of bug reopens? Bug Sources Vista Win7 Reopen rate for all bugs P Q Code analysis tools 0.52P 0.73Q less likely to be reopened Human review 0.85P 0.66Q Ad-hoc testing 0.87P 0.99Q Internal user 1.12P 0.97Q Component testing 1.13P 0.81Q System testing 1.21P 1.46Q more likely to be reopened Customer 1.33P 1.12Q © Microsoft Corporation
Does opener reputation influence the likelihood of bug reopens? For each bug, calculate opener’s reputation by aggregating over all bugs in the past. Hooimeijer and Weimer: Modeling bug report quality. ASE 2007. © Microsoft Corporation
Does opener reputation influence the likelihood of bug reopens? more likely to be reopened less likely to be reopened © Microsoft Corporation
Does organizational and geographic distance influence the likelihood of bug reopens? Vista Win7 Organizational Opened by and initially assigned to … distance … the same person X R … someone with the same manager 1.13X 0.96R … someone with a different manager 1.37X 1.07R Geographic Opened by and initially assigned to … distance … the same person X R … someone in the same building 1.27X 0.93R … someone in a different building but in the same country 1.45X 1.00R … someone in a different country 1.52X 1.14R © Microsoft Corporation
Does organizational and geographic distance influence the likelihood of bug reopens? Vista Win7 Assigned to opener at some point in time Y S Never assigned to opener, but assigned to 0.54Y 0.39S someone with the same manager as opener Never assigned to anyone with same manager 0.27Y 0.34S Never assigned to opener, but assigned to 0.41Y 0.37S someone in the same building Never assigned to anyone in same building, but 0.31Y 0.43S assigned to someone in the same country Never assigned to anyone in the same country 0.20Y 0.20S © Microsoft Corporation
Descriptive statistical analysis • All pre- and post-release bug reports for Windows Vista and Windows 7 until July 2009 • Logistic regression model to characterize – Probability that a bug will be reopened • Logistic regression model to characterize – Probability that a bug will be fixed after the bug has been reopened – Probability that a bug will be fixed (Guo et al., ICSE 2010) • Same factors as in Guo et al., ICSE 2010 © Microsoft Corporation
Factor Reopen (Vista) Human review not significant Code analysis tool -0.503 Bug source: Component testing 0.238 (categorical) Ad-hoc testing  (baseline) System testing 0.204 Customer 0.239 Internal user not significant Reputation of bug opener -0.266 Reputation of 1st assignee not significant Opened by temporary employee 0.178 Initial severity level 0.127 Severity upgraded? 0.331 Opener / any assignee same manager? 0.721 Opener / any assignee same building? 0.468 Num. editors 0.236 Num. assignee building 0.090 Num. component path changes -0.160 © Microsoft Corporation
Factor Reopen (Vista) Human review not significant Code analysis tool decrease (-0.503) Bug source: Component testing increase (0.238) (categorical) Ad-hoc testing  (baseline) System testing increase (0.204) Customer increase (0.239) Internal user not significant Reputation of bug opener -0.266 Reputation of 1st assignee not significant Opened by temporary employee 0.178 Initial severity level 0.127 Severity upgraded? 0.331 Opener / any assignee same manager? 0.721 Opener / any assignee same building? 0.468 Num. editors 0.236 Num. assignee building 0.090 Num. component path changes -0.160 © Microsoft Corporation
Factor Reopen (Vista) Human review not significant Code analysis tool decrease (-0.503) Bug source: Component testing increase (0.238) (categorical) Ad-hoc testing  (baseline) System testing increase (0.204) Customer increase (0.239) Internal user not significant Reputation of bug opener decrease Reputation of 1st assignee not significant Opened by temporary employee increase Initial severity level increase Severity upgraded? increase Opener / any assignee same manager? increase Opener / any assignee same building? increase Num. editors increase Num. assignee building increase Num. component path changes decrease © Microsoft Corporation
Which *reopened* bugs get fixed? vs. Which bugs get fixed? © Microsoft Corporation
Fixed When Fixed (Vista) Factor Reopened (Vista) [Guo, ICSE 2010] Human review 0.377 0.511 Code analysis tool not significant 0.357 Bug source: Component testing -0.160 0.065 (categorical) Ad-hoc testing   System testing not significant -0.129 Customer -0.498 -0.347 Internal user -0.465 -0.454 Reputation of bug opener 1.632 2.193 Reputation of 1st assignee 1.651 2.463 Opened by temporary employee -0.144 -0.125 Initial severity level not significant 0.033 Severity upgraded? not significant 0.256 Opener / any assignee same manager? not significant 0.676 Opener / any assignee same building? not significant 0.270 Num. editors 0.127 0.240 Num. assignee building -0.213 -0.257 Num. component path changes -0.162 -0.232 Num. re-opens n/a -0.135 © Microsoft Corporation
Fixed When Fixed (Vista) Factor Reopened (Vista) [Guo, ICSE 2010] Human review 0.377 0.511 Code analysis tool not significant 0.357 Bug source: Component testing -0.160 0.065 (categorical) Ad-hoc testing   System testing not significant -0.129 Customer -0.498 -0.347 Internal user -0.465 -0.454 Reputation of bug opener 1.632 2.193 Reputation of 1st assignee 1.651 2.463 Opened by temporary employee -0.144 -0.125 Initial severity level not significant 0.033 Severity upgraded? not significant 0.256 Opener / any assignee same manager? not significant 0.676 Opener / any assignee same building? not significant 0.270 Num. editors 0.127 0.240 Num. assignee building -0.213 -0.257 Num. component path changes -0.162 -0.232 Num. re-opens n/a -0.135 © Microsoft Corporation
Fixed When Fixed (Vista) Factor Reopened (Vista) [Guo, ICSE 2010] Human review 0.377 0.511 Code analysis tool not significant 0.357 Bug source: Component testing -0.160 0.065 (categorical) Ad-hoc testing   System testing not significant -0.129 Customer -0.498 -0.347 Internal user -0.465 -0.454 Reputation of bug opener 1.632 2.193 Reputation of 1st assignee 1.651 2.463 Opened by temporary employee -0.144 -0.125 Initial severity level not significant 0.033 Severity upgraded? not significant 0.256 Opener / any assignee same manager? not significant 0.676 Opener / any assignee same building? not significant 0.270 Num. editors 0.127 0.240 Num. assignee building -0.213 -0.257 Num. component path changes -0.162 -0.232 Num. re-opens n/a -0.135 © Microsoft Corporation
Lessons learned • Improve reproducibility of bug reports • Provide better tools to identify root cause • Better estimate initial priorities • Reduce the complexity of branching (bugs were “verified” in the wrong branch) © Microsoft Corporation
Thank you! Partial replication of Shihab et al. New measurements:  organizational and geographic distance, reputation, how found Qualitative component on the causes of bug reopens (survey):  root cause, priority, process Descriptive models based on logistic regression http://research.microsoft.com/ese © Microsoft Corporation

More Related Content

What's hot (19)

PPTX
Software testability slide share
BeBo Technology
 
PDF
AV-Comparatives Performance Test
Herbert Rodriguez
 
PPT
SW Engineering Management
Robert Sayegh
 
PDF
Dtl 2012 kl-app_ctl1.2
Комсс Файквэе
 
PDF
Protecting Enterprise - An examination of bugs, major vulnerabilities and exp...
ESET Middle East
 
PDF
Bill of-rights-white-paper-final-012312
Cristiano Caetano
 
PDF
Alm 4 Azure with screenshots
Clemens Reijnen
 
DOCX
Online exa-syste
Anand Bavarava
 
PDF
Soffront Defect tracking
Soffront Software
 
PDF
Automatic Proactive Troubleshooting with IBM Rational Build Forge
Bill Duncan
 
PDF
Cross-project defect prediction
Thomas Zimmermann
 
PDF
Magenic-White-Paper-Continuous-Inegration-for-QA-Teams
Aaron Humerickhouse
 
PDF
RSA 2015 Blending the Automated and the Manual: Making Application Vulnerabil...
Denim Group
 
PPSX
Software Testing Basics
sachinmistry786
 
PDF
Open Source tools in Continuous Integration environment (case study for agil...
suwalki24.pl
 
PDF
San Jose Selenium Meetup 22 Mar 2012: The Restless Are Getting Native
Dante Briones
 
PDF
Real Cost of Software Remediation
Denim Group
 
PDF
Attacking antivirus
UltraUploader
 
PDF
Quality Assurance 1: Why Quality Matters
Marc Miquel
 
Software testability slide share
BeBo Technology
 
AV-Comparatives Performance Test
Herbert Rodriguez
 
SW Engineering Management
Robert Sayegh
 
Dtl 2012 kl-app_ctl1.2
Комсс Файквэе
 
Protecting Enterprise - An examination of bugs, major vulnerabilities and exp...
ESET Middle East
 
Bill of-rights-white-paper-final-012312
Cristiano Caetano
 
Alm 4 Azure with screenshots
Clemens Reijnen
 
Online exa-syste
Anand Bavarava
 
Soffront Defect tracking
Soffront Software
 
Automatic Proactive Troubleshooting with IBM Rational Build Forge
Bill Duncan
 
Cross-project defect prediction
Thomas Zimmermann
 
Magenic-White-Paper-Continuous-Inegration-for-QA-Teams
Aaron Humerickhouse
 
RSA 2015 Blending the Automated and the Manual: Making Application Vulnerabil...
Denim Group
 
Software Testing Basics
sachinmistry786
 
Open Source tools in Continuous Integration environment (case study for agil...
suwalki24.pl
 
San Jose Selenium Meetup 22 Mar 2012: The Restless Are Getting Native
Dante Briones
 
Real Cost of Software Remediation
Denim Group
 
Attacking antivirus
UltraUploader
 
Quality Assurance 1: Why Quality Matters
Marc Miquel
 

Similar to Characterizing and Predicting Which Bugs Get Reopened (20)

PDF
Characterizing and predicting which bugs get fixed
Thomas Zimmermann
 
PDF
Not my bug! Reasons for software bug report reassignments
Thomas Zimmermann
 
DOC
Software Bugs A Software Architect Point Of View
Shahzad
 
PDF
Software Security Engineering (Learnings from the past to fix the future) - B...
DebasisMohanty43
 
PDF
Patterns for Cleaning Up Bug Data
Rodrigo Rocha
 
PPTX
When do software issues get reported in large open source software
RAKESH RANA
 
PDF
When do software issues get reported in large open source software - Rakesh Rana
IWSM Mensura
 
PDF
The Bug Backlog - An Evergrowing Mountain
Johan Hoberg
 
PDF
Practical use of defect detection and prediction
gregoryg
 
PPT
Bug Reporting
yousufaziz
 
PPTX
SAD15 - Maintenance
Michael Heron
 
PDF
Software bug prediction
Muthukumaran Kasinathan
 
PPTX
Wcre2010 shihab
SAIL_QU
 
PPTX
How to fix bug or defects in software
Rajasekar Subramanian
 
PPTX
Software Analytics: Towards Software Mining that Matters (2014)
Tao Xie
 
PPTX
SYSNGS BUGS - definition, lifecycle and what can I do with them as a developer
Hanokh Aloni
 
PPTX
Automated bug localization
Xin Ye
 
PPTX
ReLink: Recovering Links between Bugs and Changes (ESEC/FSE 2011)
Sung Kim
 
PPTX
Reversing Microsoft patches to reveal vulnerable code
Harsimran Walia
 
PDF
Open vs Closed - Which is more secure?
SYNAQ
 
Characterizing and predicting which bugs get fixed
Thomas Zimmermann
 
Not my bug! Reasons for software bug report reassignments
Thomas Zimmermann
 
Software Bugs A Software Architect Point Of View
Shahzad
 
Software Security Engineering (Learnings from the past to fix the future) - B...
DebasisMohanty43
 
Patterns for Cleaning Up Bug Data
Rodrigo Rocha
 
When do software issues get reported in large open source software
RAKESH RANA
 
When do software issues get reported in large open source software - Rakesh Rana
IWSM Mensura
 
The Bug Backlog - An Evergrowing Mountain
Johan Hoberg
 
Practical use of defect detection and prediction
gregoryg
 
Bug Reporting
yousufaziz
 
SAD15 - Maintenance
Michael Heron
 
Software bug prediction
Muthukumaran Kasinathan
 
Wcre2010 shihab
SAIL_QU
 
How to fix bug or defects in software
Rajasekar Subramanian
 
Software Analytics: Towards Software Mining that Matters (2014)
Tao Xie
 
SYSNGS BUGS - definition, lifecycle and what can I do with them as a developer
Hanokh Aloni
 
Automated bug localization
Xin Ye
 
ReLink: Recovering Links between Bugs and Changes (ESEC/FSE 2011)
Sung Kim
 
Reversing Microsoft patches to reveal vulnerable code
Harsimran Walia
 
Open vs Closed - Which is more secure?
SYNAQ
 
Ad

More from Thomas Zimmermann (20)

PDF
Software Analytics = Sharing Information
Thomas Zimmermann
 
PDF
MSR 2013 Preview
Thomas Zimmermann
 
PPT
Klingon Countdown Timer
Thomas Zimmermann
 
PDF
Data driven games user research
Thomas Zimmermann
 
PDF
Empirical Software Engineering at Microsoft Research
Thomas Zimmermann
 
PDF
Security trend analysis with CVE topic models
Thomas Zimmermann
 
PDF
Analytics for software development
Thomas Zimmermann
 
PDF
Changes and Bugs: Mining and Predicting Development Activities
Thomas Zimmermann
 
PDF
Changes and Bugs: Mining and Predicting Development Activities
Thomas Zimmermann
 
PDF
Predicting Defects using Network Analysis on Dependency Graphs
Thomas Zimmermann
 
PDF
Quality of Bug Reports in Open Source
Thomas Zimmermann
 
PDF
Meet Tom and his Fish
Thomas Zimmermann
 
PDF
Predicting Subsystem Defects using Dependency Graph Complexities
Thomas Zimmermann
 
PDF
Got Myth? Myths in Software Engineering
Thomas Zimmermann
 
PDF
Mining Workspace Updates in CVS
Thomas Zimmermann
 
PDF
Mining Software Archives to Support Software Development
Thomas Zimmermann
 
PDF
Unit testing with JUnit
Thomas Zimmermann
 
PPT
esolang: Esoterische Programmiersprachen
Thomas Zimmermann
 
PPT
TA-RE: An Exchange Language for Mining Software Repositories
Thomas Zimmermann
 
PDF
Fine-grained Processing of CVS Archives with APFEL
Thomas Zimmermann
 
Software Analytics = Sharing Information
Thomas Zimmermann
 
MSR 2013 Preview
Thomas Zimmermann
 
Klingon Countdown Timer
Thomas Zimmermann
 
Data driven games user research
Thomas Zimmermann
 
Empirical Software Engineering at Microsoft Research
Thomas Zimmermann
 
Security trend analysis with CVE topic models
Thomas Zimmermann
 
Analytics for software development
Thomas Zimmermann
 
Changes and Bugs: Mining and Predicting Development Activities
Thomas Zimmermann
 
Changes and Bugs: Mining and Predicting Development Activities
Thomas Zimmermann
 
Predicting Defects using Network Analysis on Dependency Graphs
Thomas Zimmermann
 
Quality of Bug Reports in Open Source
Thomas Zimmermann
 
Meet Tom and his Fish
Thomas Zimmermann
 
Predicting Subsystem Defects using Dependency Graph Complexities
Thomas Zimmermann
 
Got Myth? Myths in Software Engineering
Thomas Zimmermann
 
Mining Workspace Updates in CVS
Thomas Zimmermann
 
Mining Software Archives to Support Software Development
Thomas Zimmermann
 
Unit testing with JUnit
Thomas Zimmermann
 
esolang: Esoterische Programmiersprachen
Thomas Zimmermann
 
TA-RE: An Exchange Language for Mining Software Repositories
Thomas Zimmermann
 
Fine-grained Processing of CVS Archives with APFEL
Thomas Zimmermann
 
Ad

Recently uploaded (20)

PDF
Unlocking FME Flow’s Potential: Architecture Design for Modern Enterprises
Safe Software
 
PDF
Python Conference Singapore - 19 Jun 2025
ninefyi
 
PDF
Hello I'm "AI" Your New _________________
Dr. Tathagat Varma
 
PDF
LLM Search Readiness Audit - Dentsu x SEO Square - June 2025.pdf
Nick Samuel
 
PPTX
Simplifica la seguridad en la nube y la detección de amenazas con FortiCNAPP
Cristian Garcia G.
 
PDF
The Growing Value and Application of FME & GenAI
Safe Software
 
PPTX
CapCut Pro Crack For PC Latest Version {Fully Unlocked} 2025
pcprocore
 
PPTX
MARTSIA: A Tool for Confidential Data Exchange via Public Blockchain - Poster...
Michele Kryston
 
PDF
Redefining Work in the Age of AI - What to expect? How to prepare? Why it mat...
Malinda Kapuruge
 
PDF
“MPU+: A Transformative Solution for Next-Gen AI at the Edge,” a Presentation...
Edge AI and Vision Alliance
 
PPTX
Paycifi - Programmable Trust_Breakfast_PPTXT
FinTech Belgium
 
PDF
Darley - FIRST Copenhagen Lightning Talk (2025-06-26) Epochalypse 2038 - Time...
treyka
 
PDF
How to Visualize the ​Spatio-Temporal Data Using CesiumJS​
SANGHEE SHIN
 
PDF
Open Source Milvus Vector Database v 2.6
Zilliz
 
PDF
Optimizing the trajectory of a wheel loader working in short loading cycles
Reno Filla
 
PDF
EIS-Webinar-Engineering-Retail-Infrastructure-06-16-2025.pdf
Earley Information Science
 
PDF
Database Benchmarking for Performance Masterclass: Session 2 - Data Modeling ...
ScyllaDB
 
PDF
Database Benchmarking for Performance Masterclass: Session 1 - Benchmarking F...
ScyllaDB
 
PPTX
Practical Applications of AI in Local Government
OnBoard
 
PDF
Kubernetes - Architecture & Components.pdf
geethak285
 
Unlocking FME Flow’s Potential: Architecture Design for Modern Enterprises
Safe Software
 
Python Conference Singapore - 19 Jun 2025
ninefyi
 
Hello I'm "AI" Your New _________________
Dr. Tathagat Varma
 
LLM Search Readiness Audit - Dentsu x SEO Square - June 2025.pdf
Nick Samuel
 
Simplifica la seguridad en la nube y la detección de amenazas con FortiCNAPP
Cristian Garcia G.
 
The Growing Value and Application of FME & GenAI
Safe Software
 
CapCut Pro Crack For PC Latest Version {Fully Unlocked} 2025
pcprocore
 
MARTSIA: A Tool for Confidential Data Exchange via Public Blockchain - Poster...
Michele Kryston
 
Redefining Work in the Age of AI - What to expect? How to prepare? Why it mat...
Malinda Kapuruge
 
“MPU+: A Transformative Solution for Next-Gen AI at the Edge,” a Presentation...
Edge AI and Vision Alliance
 
Paycifi - Programmable Trust_Breakfast_PPTXT
FinTech Belgium
 
Darley - FIRST Copenhagen Lightning Talk (2025-06-26) Epochalypse 2038 - Time...
treyka
 
How to Visualize the ​Spatio-Temporal Data Using CesiumJS​
SANGHEE SHIN
 
Open Source Milvus Vector Database v 2.6
Zilliz
 
Optimizing the trajectory of a wheel loader working in short loading cycles
Reno Filla
 
EIS-Webinar-Engineering-Retail-Infrastructure-06-16-2025.pdf
Earley Information Science
 
Database Benchmarking for Performance Masterclass: Session 2 - Data Modeling ...
ScyllaDB
 
Database Benchmarking for Performance Masterclass: Session 1 - Benchmarking F...
ScyllaDB
 
Practical Applications of AI in Local Government
OnBoard
 
Kubernetes - Architecture & Components.pdf
geethak285
 

Characterizing and Predicting Which Bugs Get Reopened

  • 1. Characterizing and Predicting Which Bugs Get Reopened Thomas Zimmermann Nachiappan Nagappan Microsoft Research Philip J. Guo Stanford University Brendan Murphy Microsoft Research © Microsoft Corporation
  • 2. A bug’s life Picture on the right via http://www.bugzilla.org/docs/2.18/html/lifecycle.html © Microsoft Corporation
  • 3. Final part of a trilogy… Which bugs are fixed? Bug reassignments Bug reopens (this paper) ICSE 2010 CSCW 2011 ICSE 2012 SEIP © Microsoft Corporation
  • 4. …and partly a remake Emad Shihab, Akinori Ihara, Yasutaka Kamei, Walid M. Ibrahim, Masao Ohira, Bram Adams, Ahmed E. Hassan, Ken-ichi Matsumoto: Predicting Re-opened Bugs: A Case Study on the Eclipse Project. WCRE 2010: 249-258 © Microsoft Corporation
  • 5. Shihab et. al: Predicting Reopened Bugs This paper: Characterizing Reopened Bugs (WCRE 2010) Four dimensions: work habits, bug report, bug fix and team Predicted reopened bugs with a precision of 62.9% and a recall of 84.5% (d-trees) Top node analysis found that bug report dimension was most influential | © Microsoft Corporation
  • 6. Shihab et. al: Predicting Reopened Bugs This paper: Characterizing Reopened Bugs (WCRE 2010) Four dimensions: work habits, bug report, Partial replication of Shihab et al. bug fix and team New measurements: organizational and Predicted reopened bugs with a precision geographic distance, reputation, how found of 62.9% and a recall of 84.5% (d-trees) Qualitative component on the causes of Top node analysis found that bug report bug reopens (identified with a survey) dimension was most influential Descriptive models (logistic regression) | | © Microsoft Corporation
  • 7. Methodology Qualitative • “In your experience, what are reasons why a bug would be reopened multiple times” survey • 358 out of 1,773 responded. Card sort. Quantitative • All bug reports for Windows Vista and Windows 7 analysis • Logistic regression model for reopened bugs Manual • Random sample of reopened bugs inspection • 20 bug reports © Microsoft Corporation
  • 8. What are reasons for bug report reopens? © Microsoft Corporation
  • 9. Causes of bug reopens Not FIXED Related to Root Cause  Bugs difficult to reproduce  Developers misunderstood root cause  Bug had insufficient information Related to Priority  Priority of the bug increased FIXED  Regression bugs Process-related  Process © Microsoft Corporation
  • 10. #1: Difficult to reproduce “The bug is hard to reproduce and so the fix was made without being able to fully verify it. A good example is a customer who reports something. We think we see the issue in house and fix that. It turns out we saw something different…” “Bugs which are difficult to reproduce generally get re-activated multiple times. At first, developers will give a simple repro attempt before resolving bugs 'Not repro'. But if the bug opener is able to reproduce the issue again, or perhaps comes up with better repro instructions, then the developer will pay more attention the second time the bug is activated.” “Heisenbugs” © Microsoft Corporation
  • 11. #2: Misunderstood root cause “The bug is tracking an unidentified symptom and it takes a while to fully root cause. This comes up a lot with memory leaks: there will be an unknown memory leak in a component and the owning team plays whack-a-mole with the code defects to remove memory issues one-by-one.” “Not fixing the root cause and only addressing symptoms. Without root cause understood for the bug a patch/hack can often be done that will then be reactivated.” © Microsoft Corporation
  • 12. #3: Insufficient information “Poor bug quality. If the bug wasn't described well enough, or not enough diagnostic info was there, the dev will guess and fix *something* in order to make the bug go away. What they fix isn't always what the person who filed the bug ran into.” “If a bug report does not accurately convey enough information about what is actually wrong (i.e. it describes incorrect behavior but neglects to mention data loss) or if the bug does not convey a dependency (such as another team relying on a fix), a bug may be de-prioritized and resolved without fixing.” © Microsoft Corporation
  • 13. #4: Increased priority “Bugs are closed because one person or triage team believes the bug is not worthy of fixing (i.e. too risky, don't care, etc.), but then a few days later a VP or external customer reports the same issue, then the bug has a higher priority.” “Other reason is lack of business justification or too late in product cycle; reopened when sufficient justification exists or new cycle begins.” “One team may feel an issue is critical while the other does not see it as important enough, and instead of carrying a discussion, the bug is bounced around.” © Microsoft Corporation
  • 14. #5: Regression bugs “First attempt at fix was flawed in some way, and wasn't caught because of lack of testing or unknown related scenario regression.” “I've seen cases in the past where it was thought that a bug was fixed only to find that a corner case had been missed.” “I've also seen cases where the bug was only being hit due to a timing issue and something changed that affected the timing and the bug disappeared again.” © Microsoft Corporation
  • 15. #6: Process-related bugs “Sometimes bugs are reopened due to a misunderstanding of process. e.g. dev resolves bug when fix is submitted, but tester reactivates because bug still repros (because fix has not yet reached tester).” “Bug is verified fixed in a feature of developer’s branch and the fix takes too long to hit the main branch.” © Microsoft Corporation
  • 16. #6: Process-related bugs “First of all, I don’t like the model where we reactivate bugs that were Fixed but the issue was not resolved. Logically it makes sense, but tracking the thread of the issue through multiple checkins & reactivates can be hell if it happens more than once or twice. I would prefer a model where once a checkin has been made for a bug, that bug is done! New issues, or issues that linger despite a previous fix, should/ would be tracked in a new bug.” © Microsoft Corporation
  • 17. What factors correlate with bug reopens? © Microsoft Corporation
  • 18. Does the source of a bug (how it was found) influence the likelihood of bug reopens? Bug Sources Vista Win7 Reopen rate for all bugs P Q Code analysis tools 0.52P 0.73Q less likely to be reopened Human review 0.85P 0.66Q Ad-hoc testing 0.87P 0.99Q Internal user 1.12P 0.97Q Component testing 1.13P 0.81Q System testing 1.21P 1.46Q more likely to be reopened Customer 1.33P 1.12Q © Microsoft Corporation
  • 19. Does opener reputation influence the likelihood of bug reopens? For each bug, calculate opener’s reputation by aggregating over all bugs in the past. Hooimeijer and Weimer: Modeling bug report quality. ASE 2007. © Microsoft Corporation
  • 20. Does opener reputation influence the likelihood of bug reopens? more likely to be reopened less likely to be reopened © Microsoft Corporation
  • 21. Does organizational and geographic distance influence the likelihood of bug reopens? Vista Win7 Organizational Opened by and initially assigned to … distance … the same person X R … someone with the same manager 1.13X 0.96R … someone with a different manager 1.37X 1.07R Geographic Opened by and initially assigned to … distance … the same person X R … someone in the same building 1.27X 0.93R … someone in a different building but in the same country 1.45X 1.00R … someone in a different country 1.52X 1.14R © Microsoft Corporation
  • 22. Does organizational and geographic distance influence the likelihood of bug reopens? Vista Win7 Assigned to opener at some point in time Y S Never assigned to opener, but assigned to 0.54Y 0.39S someone with the same manager as opener Never assigned to anyone with same manager 0.27Y 0.34S Never assigned to opener, but assigned to 0.41Y 0.37S someone in the same building Never assigned to anyone in same building, but 0.31Y 0.43S assigned to someone in the same country Never assigned to anyone in the same country 0.20Y 0.20S © Microsoft Corporation
  • 23. Descriptive statistical analysis • All pre- and post-release bug reports for Windows Vista and Windows 7 until July 2009 • Logistic regression model to characterize – Probability that a bug will be reopened • Logistic regression model to characterize – Probability that a bug will be fixed after the bug has been reopened – Probability that a bug will be fixed (Guo et al., ICSE 2010) • Same factors as in Guo et al., ICSE 2010 © Microsoft Corporation
  • 24. Factor Reopen (Vista) Human review not significant Code analysis tool -0.503 Bug source: Component testing 0.238 (categorical) Ad-hoc testing  (baseline) System testing 0.204 Customer 0.239 Internal user not significant Reputation of bug opener -0.266 Reputation of 1st assignee not significant Opened by temporary employee 0.178 Initial severity level 0.127 Severity upgraded? 0.331 Opener / any assignee same manager? 0.721 Opener / any assignee same building? 0.468 Num. editors 0.236 Num. assignee building 0.090 Num. component path changes -0.160 © Microsoft Corporation
  • 25. Factor Reopen (Vista) Human review not significant Code analysis tool decrease (-0.503) Bug source: Component testing increase (0.238) (categorical) Ad-hoc testing  (baseline) System testing increase (0.204) Customer increase (0.239) Internal user not significant Reputation of bug opener -0.266 Reputation of 1st assignee not significant Opened by temporary employee 0.178 Initial severity level 0.127 Severity upgraded? 0.331 Opener / any assignee same manager? 0.721 Opener / any assignee same building? 0.468 Num. editors 0.236 Num. assignee building 0.090 Num. component path changes -0.160 © Microsoft Corporation
  • 26. Factor Reopen (Vista) Human review not significant Code analysis tool decrease (-0.503) Bug source: Component testing increase (0.238) (categorical) Ad-hoc testing  (baseline) System testing increase (0.204) Customer increase (0.239) Internal user not significant Reputation of bug opener decrease Reputation of 1st assignee not significant Opened by temporary employee increase Initial severity level increase Severity upgraded? increase Opener / any assignee same manager? increase Opener / any assignee same building? increase Num. editors increase Num. assignee building increase Num. component path changes decrease © Microsoft Corporation
  • 27. Which *reopened* bugs get fixed? vs. Which bugs get fixed? © Microsoft Corporation
  • 28. Fixed When Fixed (Vista) Factor Reopened (Vista) [Guo, ICSE 2010] Human review 0.377 0.511 Code analysis tool not significant 0.357 Bug source: Component testing -0.160 0.065 (categorical) Ad-hoc testing   System testing not significant -0.129 Customer -0.498 -0.347 Internal user -0.465 -0.454 Reputation of bug opener 1.632 2.193 Reputation of 1st assignee 1.651 2.463 Opened by temporary employee -0.144 -0.125 Initial severity level not significant 0.033 Severity upgraded? not significant 0.256 Opener / any assignee same manager? not significant 0.676 Opener / any assignee same building? not significant 0.270 Num. editors 0.127 0.240 Num. assignee building -0.213 -0.257 Num. component path changes -0.162 -0.232 Num. re-opens n/a -0.135 © Microsoft Corporation
  • 29. Fixed When Fixed (Vista) Factor Reopened (Vista) [Guo, ICSE 2010] Human review 0.377 0.511 Code analysis tool not significant 0.357 Bug source: Component testing -0.160 0.065 (categorical) Ad-hoc testing   System testing not significant -0.129 Customer -0.498 -0.347 Internal user -0.465 -0.454 Reputation of bug opener 1.632 2.193 Reputation of 1st assignee 1.651 2.463 Opened by temporary employee -0.144 -0.125 Initial severity level not significant 0.033 Severity upgraded? not significant 0.256 Opener / any assignee same manager? not significant 0.676 Opener / any assignee same building? not significant 0.270 Num. editors 0.127 0.240 Num. assignee building -0.213 -0.257 Num. component path changes -0.162 -0.232 Num. re-opens n/a -0.135 © Microsoft Corporation
  • 30. Fixed When Fixed (Vista) Factor Reopened (Vista) [Guo, ICSE 2010] Human review 0.377 0.511 Code analysis tool not significant 0.357 Bug source: Component testing -0.160 0.065 (categorical) Ad-hoc testing   System testing not significant -0.129 Customer -0.498 -0.347 Internal user -0.465 -0.454 Reputation of bug opener 1.632 2.193 Reputation of 1st assignee 1.651 2.463 Opened by temporary employee -0.144 -0.125 Initial severity level not significant 0.033 Severity upgraded? not significant 0.256 Opener / any assignee same manager? not significant 0.676 Opener / any assignee same building? not significant 0.270 Num. editors 0.127 0.240 Num. assignee building -0.213 -0.257 Num. component path changes -0.162 -0.232 Num. re-opens n/a -0.135 © Microsoft Corporation
  • 31. Lessons learned • Improve reproducibility of bug reports • Provide better tools to identify root cause • Better estimate initial priorities • Reduce the complexity of branching (bugs were “verified” in the wrong branch) © Microsoft Corporation
  • 32. Thank you! Partial replication of Shihab et al. New measurements:  organizational and geographic distance, reputation, how found Qualitative component on the causes of bug reopens (survey):  root cause, priority, process Descriptive models based on logistic regression http://research.microsoft.com/ese © Microsoft Corporation