ESEC/FSE 2023 CoLos
31st ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE 2023)
Powered by
Conference Publishing Consulting

1st International Workshop on Software Defect Datasets (SDD 2023), December 8, 2023, San Francisco, CA, USA

SDD 2023 – Proceedings

Contents - Abstracts - Authors
Twitter: https://twitter.com/esecfse

1st International Workshop on Software Defect Datasets (SDD 2023)

Frontmatter

Title Page


Welcome from the Chair
Welcome to the First International Workshop on Software Defect Datasets (SDD), co-located with ESEC/FSE 2023 and to take place in San Francisco, CA on December 8th, 2023.

SDD 2023 Organization


Papers

Code Revert Prediction with Graph Neural Networks: A Case Study at J.P. Morgan Chase
Yulong Pei ORCID logo, Salwa Alamir ORCID logo, Rares Dolga ORCID logo, and Sameena Shah ORCID logo
(JPMorgan AI Research, UK)
Code revert prediction, a specialized form of software defect detection, aims to forecast or predict the likelihood of code changes being reverted or rolled back in software development. This task is very important in practice because by identifying code changes that are more prone to being reverted, developers and project managers can proactively take measures to prevent issues, improve code quality, and optimize development processes. However, compared to code defect detection, code revert prediction has been rarely studied in previous research. Additionally, many previous methods for code defect detection relied on independent features but ignored relationships between code scripts. Moreover, new challenges are introduced due to constraints in an industry setting such as company regulation, limited features and large-scale codebase. To overcome these limitations, this paper presents a systematic empirical study for code revert prediction that integrates the code import graph with code features. Different strategies to address anomalies and data imbalance have been implemented including graph neural networks with imbalance classification and anomaly detection. We conduct the experiments on real-world code commit data within J.P. Morgan Chase which is extremely imbalanced in order to make a comprehensive comparison of these different approaches for the code revert prediction problem.

Publisher's Version
Towards Assessing the Real-World Impact of Defects in Blockchain-Based Smart Contracts
Michael Hettmer ORCID logo, Benedikt Severin ORCID logo, Florian Blum ORCID logo, and Volker Gruhn ORCID logo
(University of Duisburg-Essen, Germany)
Blockchain-based smart contracts enable a wide range of use cases by relying on trustless and guaranteed code execution. The immutability of blockchains means that defects in smart contracts cannot be fixed once the code has been deployed. Previous research has focused on identifying defects and developing tools to improve defect detection. However, several existing blockchain defect datasets rely solely on expert knowledge or static code analysis. They do not provide an objective assessment of the real-world impact of defects. We show how blockchain transactions and execution traces can support an objective evaluation of the impact of a smart contract defect. As a foundation for future research, we propose three novel blockchain-specific metrics. Using the defect dataset SmartBugs, we demonstrate the computation of the metrics and the use cases that can benefit from them. This example focuses on five distinct types of the commonly occurring reentrancy vulnerability defect as detected by Slither, Manticore and Osiris.

Publisher's Version Published Artifact Artifacts Available
Log Summarisation for Defect Evolution Analysis
Rares Dolga ORCID logo, Ran Zmigrod ORCID logo, Rui Silva ORCID logo, Salwa Alamir ORCID logo, and Sameena Shah ORCID logo
(JPMorgan Chase, UK)
Log analysis and monitoring are essential aspects in software maintenance and identifying defects. In particular, the temporal nature and vast size of log data leads to an interesting and important research question: How can logs be summarised and monitored over time? While this has been a fundamental topic of research in the software engineering community, work has typically focused on heuristic-, syntax-, or static-based methods. In this work, we suggest an online semantic-based clustering approach to error logs that dynamically updates the log clusters to enable monitoring code error life-cycles. We also introduce a novel metric to evaluate the performance of temporal log clusters. We test our system and evaluation metric with an industrial dataset and find that our solution outperforms similar systems. We hope that our work encourages further temporal exploration in defect datasets.

Publisher's Version

proc time: 2.34