Eclipse Application Programming Interfaces: How Buggy Are They?

Simon Kawuma; David Sabiiti Bamutura; Aggrey Obbo; Vicent Mabirizi; Moreen  Kabarungi; Evarist Nabaasa

doi:10.21015/vtse.v13i2.2134

Authors

Simon Kawuma Department of Software and Informatics Engineering, Mbarara University of Science and Technology, Ugandan https://orcid.org/0000-0001-6988-6418
David Sabiiti Bamutura Department of Computer Science, Mbarara University of Science and Technology, Ugandan https://orcid.org/0000-0002-5875-9269
Aggrey Obbo Department of Software and Informatics Engineering, Mbarara University of Science and Technology, Ugandan https://orcid.org/0000-0003-3444-5369
Vicent Mabirizi Department of Information Technology and Computer Science, Kabale University, Ugandan https://orcid.org/0000-0001-8990-4003
Moreen Kabarungi Department of Information Technology, Mbarara University of Science and Technology, Ugandan https://orcid.org/0009-0007-3454-9180
Evarist Nabaasa Department of Computer Science, Mbarara University of Science and Technology, Ugandan https://orcid.org/0000-0002-1722-767X

DOI:

https://doi.org/10.21015/vtse.v13i2.2134

Abstract

Eclipse Framework provides stable public APIs and unstable internal APIs. However, there is no guarantee that these interfaces are well tested because several bugs are reported by interface users on Bugzilla-based Eclipse project. Applications that use buggy APIs risk failing if bugs are not fixed. Bug fixation and resolution takes at least 3 years thus API users have to fix the bugs themselves or abandon that particular API. The study aimed at identifying bug free interfaces in the Eclipse Framework and recommend them to application developers. In this research study, we used both SonarQube and SpotBugs static analysis tools to carry out an empirical investigation on 28 major Eclipse releases to establish the existence of bug free interfaces. We provide a dataset of 218K and 303K bug-free public API and internal API respectively. There exist over $85.9%$ and $88.2%$ bug-free public APIs and internal APIs, respectively, in Eclipse releases. Furthermore, over 80.8% and 44.2% are major and Malicious code vulnerability bugs respectively and the average bug remediation effort is 105 days. Results from this study can be used by both interface providers and users as a starting point to know tested interfaces and also estimate efforts needed to fix bugs and an online dataset of bug-free interface is available on Github for developer.

References

J. Businge, S. Kawuma, M. Openja, E. Bainomugisha, and A. Serebrenik, “How stable are eclipse application framework internal interfaces?,” in Proc. 26th IEEE Int. Conf. Software Analysis, Evolution and Reengineering (SANER), 2019, pp. 117–127.

S. Kawuma, J. Businge, and E. Bainomugisha, “Can we find stable alternatives for unstable eclipse interfaces?,” in Proc. 24th IEEE Int. Conf. Program Comprehension (ICPC), 2016, pp. 1–10. DOI: https://doi.org/10.1109/ICPC.2016.7503716

J. des Rivières, “How to use the Eclipse API,” [Online]. Available: http://www.eclipse.org/articles/article.php?file=Article-API-Use/index.html. [Accessed: Jan. 2020].

Oracle, “Why developers should not write programs that call ‘sun’ packages,” [Online]. Available: https://www.oracle.com/technetwork/java/faq-sun-packages-142232.html. [Accessed: Oct. 2020].

The jBPM Team, “The jBPM API,” [Online]. Available: http://docs.jboss.org/jbpm/v5.0/userguide/ch05.html#d0e2099. [Accessed: Oct. 2020].

S. Bechtold et al., “JUnit 5 user guide,” [Online]. Available: https://junit.org/junit5/docs/current/user-guide/#api-evolution. [Accessed: Oct. 2020].

Eclipse Foundation, “Evolving Java-based APIs,” [Online]. Available: https://wiki.eclipse.org/Provisional_API_Guidelines. [Accessed: Jul. 2020].

J. Businge, A. Serebrenik, and M. G. van den Brand, “Eclipse API usage: the good and the bad,” Software Quality Journal, vol. 23, no. 1, pp. 107–141, 2015. DOI: https://doi.org/10.1007/s11219-013-9221-3

A. Hora, M. T. Valente, R. Robbes, and N. Anquetil, “When should internal interfaces be promoted to public?,” in Proc. 24th ACM SIGSOFT Int. Symp. Foundations Software Engineering, 2016, pp. 278–289. DOI: https://doi.org/10.1145/2950290.2950306

J. Businge, A. Serebrenik, and M. G. J. van den Brand, “Analyzing the Eclipse API usage: Putting the developer in the loop,” in Proc. 17th Eur. Conf. Software Maintenance and Reengineering (CSMR), 2013, pp. 37–46. DOI: https://doi.org/10.1109/CSMR.2013.14

A. Yan, H. Zhong, D. Song, and L. Jia, “How do programmers fix bugs as workarounds? An empirical study on apache projects,” Empirical Softw. Eng., vol. 28, no. 4, p. 96, 2023.

Z. Abou Khalil, E. Constantinou, T. Mens, and L. Duchien, “On the impact of release policies on bug handling activity: A case study of Eclipse,” J. Syst. Softw., vol. 173, p. 110882, 2021.

Z. Abou Khalil et al., “A longitudinal analysis of bug handling across Eclipse releases,” in Proc. IEEE Int. Conf. Software Maintenance and Evolution (ICSME), 2019, pp. 1–12.

A. Campbell, “Metric definitions - SonarQube documentation,” [Online]. Available: https://docs.sonarqube.org/display/SONAR/Metric+Definitions. [Accessed: Jul. 2021].

SpotBugs Community, “SpotBugs – find bugs in Java programs,” [Online]. Available: https://spotbugs.github.io/, 2022.

L. Lavazza, D. Tosi, and S. Morasca, “An empirical study on the persistence of SpotBugs issues in open-source software evolution,” in Proc. Quality of Information and Communications Technology, Springer, 2020, pp. 144–151.

The University of Maryland, “FindBugs – find bugs in Java programs,” [Online]. Available: http://findbugs.sourceforge.net/, 2022.

J. des Rivières, “Evolving Java-based APIs,” [Online]. Available: http://wiki.eclipse.org/Evolving_Java-based_APIs. [Accessed: Jan. 2020].

ProfessionalQA.com, “Difference between error, mistake, fault, bug, failure, defect,” [Online]. Available: https://www.professionalqa.com/difference-between-error-bug-mistake-fault-bug-failure-defect. [Accessed: Dec. 2020].

V. Lenarduzzi, A. Sillitti, and D. Taibi, “A survey on code analysis tools for software maintenance prediction,” in Int. Conf. Software Engineering for Defence Applications, Springer, 2018, pp. 165–175.

C. Vassallo et al., “How developers engage with static analysis tools in different contexts,” Empirical Softw. Eng., vol. 25, no. 2, pp. 1419–1457, 2020.

V. Lenarduzzi, F. Lomio, H. Huttunen, and D. Taibi, “Are SonarQube rules inducing bugs?,” in Proc. 27th IEEE Int. Conf. Software Analysis, Evolution and Reengineering (SANER), 2020, pp. 501–511.

J. Businge, A. Serebrenik, and M. G. J. van den Brand, “Eclipse API usage: the good and the bad,” in SQM, 2012, pp. 54–62.

J. Businge, A. Serebrenik, and M. G. J. van den Brand, “Compatibility prediction of Eclipse third-party plug-ins in new Eclipse releases,” in Proc. 12th IEEE Int. Working Conf. Source Code Analysis and Manipulation, 2012, pp. 164–173. DOI: https://doi.org/10.1109/SCAM.2012.10

S. Kawuma and E. Nabaasa, “Identification of promoted Eclipse unstable interfaces using clone detection technique,” Int. J. Software Eng. Appl., 2018.

J. Businge et al., “Code authorship and fault-proneness of open-source Android applications: An empirical study,” in Proc. 13th Int. Conf. Predictive Models and Data Analytics in Software Engineering, ACM, 2017, pp. 33–42. DOI: https://doi.org/10.1145/3127005.3127009

L. Guerrouj et al., “Investigating the relation between lexical smells and change- and fault-proneness: An empirical study,” Software Quality Journal, vol. 25, no. 3, pp. 641–670, 2017. DOI: https://doi.org/10.1007/s11219-016-9318-6

G. Bavota et al., “The impact of API change- and fault-proneness on the user ratings of Android apps,” IEEE Trans. Softw. Eng., vol. 41, no. 4, pp. 384–407, 2015. DOI: https://doi.org/10.1109/TSE.2014.2367027

M. Asaduzzaman, M. C. Bullock, C. K. Roy, and K. A. Schneider, “Bug introducing changes: A case study with Android,” in Proc. 9th IEEE Working Conf. Mining Software Repositories (MSR), 2012, pp. 116–119. DOI: https://doi.org/10.1109/MSR.2012.6224267

R. G. Vieira et al., “The role of bug report evolution in reliable fixing estimation,” Empirical Softw. Eng., vol. 27, no. 7, p. 164, 2022.

F. Fang et al., “On the classification of bug reports to improve bug localization,” Soft Computing, vol. 25, pp. 7307–7323, 2021.

F. Zampetti et al., “An empirical characterization of software bugs in open-source cyber–physical systems,” J. Syst. Softw., vol. 192, p. 111425, 2022.

A. Goyal and N. Sardana, “Nrfixer: Sentiment based model for predicting the fixability of non-reproducible bugs,” e-Informatica Software Eng. J., vol. 11, no. 1, 2017.

X. Xia, D. Lo, E. Shihab, and X. Wang, “Automated bug report field reassignment and refinement prediction,” IEEE Trans. Reliab., vol. 65, no. 3, pp. 1094–1113, 2015. DOI: https://doi.org/10.1109/TR.2015.2484074

D. Vyas, T. Fritz, and D. Shepherd, “Bug reproduction: A collaborative practice within software maintenance activities,” in Proc. COOP 2014, Springer, 2014, pp. 189–207. DOI: https://doi.org/10.1007/978-3-319-06498-7_12

W. Maalej and H. Nabil, “Bug report, feature request, or simply praise? On automatically classifying app reviews,” in Proc. 23rd IEEE Int. Requirements Eng. Conf. (RE), 2015, pp. 116–125. DOI: https://doi.org/10.1109/RE.2015.7320414

Y. Fan, X. Xia, D. Lo, and A. E. Hassan, “Chaff from the wheat: Characterizing and determining valid bug reports,” IEEE Trans. Softw. Eng., vol. 46, no. 5, pp. 495–525, 2018.

Eclipse Foundation, “Eclipse project archived download,” [Online]. Available: http://archive.eclipse.org/eclipse/downloads/index.php. [Accessed: Jan. 2020].

Eclipse Project, “Eclipse IDE for Java developers,” [Online]. Available: https://www.eclipse.org/downloads/packages/release/2020-03/r. [Accessed: Jul. 2020].

V. Lenarduzzi, A. Sillitti, and D. Taibi, “Analyzing forty years of software maintenance models,” in Proc. 39th IEEE/ACM Int. Conf. Software Engineering Companion (ICSE-C), 2017, pp. 146–148. DOI: https://doi.org/10.1109/ICSE-C.2017.122

D. Marcilio et al., “Are static analysis violations really fixed? A closer look at realistic usage of SonarQube,” in Proc. 27th IEEE/ACM Int. Conf. Program Comprehension (ICPC), 2019, pp. 209–219.

ggraham412, “Using internal interfaces while preserving encapsulation,” [Online]. Available: https://www.codeproject.com/Articles/43156/Using-Internal-Interfaces-While-Preserving-Encapsu. [Accessed: Apr. 2020].

L. N. Q. Do, J. R. Wright, and K. Ali, “Why do software developers use static analysis tools? A user-centered study of developer needs and motivations,” IEEE Trans. Softw. Eng., vol. 48, no. 3, pp. 835–847, 2020.

H. Zhong, X. Wang, and H. Mei, “Inferring bug signatures to detect real bugs,” IEEE Trans. Softw. Eng., vol. 48, no. 2, pp. 571–584, 2020.

Eclipse Application Programming Interfaces: How Buggy Are They?

Authors

DOI:

Abstract

References

Downloads

Published

How to Cite

Issue

Section

License

Information

ISSN

Make a Submission