research-article

Open access

Characterizing and detecting bugs in WeChat mini-programs

Authors:

Xiaoning Chang,

Tao HuangAuthors Info & Claims

ICSE '22: Proceedings of the 44th International Conference on Software Engineering

Pages 363 - 375

https://doi.org/10.1145/3510003.3510114

Published: 05 July 2022 Publication History

Abstract

Built on the WeChat social platform, WeChat Mini-Programs are widely used by more than 400 million users every day. Consequently, the reliability of Mini-Programs is particularly crucial. However, WeChat Mini-Programs suffer from various bugs related to execution environment, lifecycle management, asynchronous mechanism, etc. These bugs have seriously affected users' experience and caused serious impacts.

In this paper, we conduct the first empirical study on 83 WeChat Mini-Program bugs, and perform an in-depth analysis of their root causes, impacts and fixes. From this study, we obtain many interesting findings that can open up new research directions for combating WeChat Mini-Program bugs. Based on the bug patterns found in our study, we further develop WeDetector to detect WeChat Mini-Program bugs. Our evaluation on 25 real-world Mini-Programs has found 11 previously unknown bugs, and 7 of them have been confirmed by developers.

References

[1]

2002. JSLint: The JavaScript Code Quality Tool. Retrieved Apr 5, 2021 from http://www.jslint.com/

[2]

2008. Android Document: Understand the Activity Lifecycle. Retrieved Apr 43, 2021 from https://developer.android.com/guide/components/activities/activity-lifecycle

[3]

2012. An Analysis Of Android Fragmentation. Retrieved Aug 10, 2021 from http://www.tech-thoughts.net/2012/03/analysis-of-android-fragmentation.html#.YRoA64gzZPY

[4]

2013. ESLint: Find and fix problems in your JavaScript code. Retrieved Apr 5, 2021 from https://eslint.org/

[5]

2014. Getting Started: WebView-based Applications for Web Developers. Retrieved Apr 21, 2021 from https://developer.chrome.com/docs/multidevice/webview/gettingstarted/

[6]

2015. ECMAScript 2015 Language Specification. Retrieved Apr 5, 2021 from https://262.ecma-international.org/6.0/

[7]

2015. Kernel Design. Retrieved Apr 21, 2021 from https://www.chromium.org/chromium-os/chromiumos-design-docs/chromium-os-kernel

[8]

2015. Mini-Program development document. Retrieved Apr 10, 2021 from https://developers.weixin.qq.com/miniprogram/en/dev/api/

[9]

2015. NW.js. Retrieved Apr 21, 2021 from https://nwjs.io/

[10]

2016. Gitter. Retrieved Apr 23, 2021 from https://github.com/kokohuang/Gitter

[11]

2016. weapp-mark. Retrieved Apr 23, 2021 from https://github.com/Honye/weapp-mark

[12]

2016. wechat-app-demo. Retrieved Apr 23, 2021 from https://github.com/xwartz/wechat-app-demo

[13]

2016. wechat-webapp-douban-location. Retrieved Apr 23, 2021 from https://github.com/bruintong/wechat-webapp-douban-location

[14]

2016. wxParse. Retrieved Apr 23, 2021 from https://github.com/icindy/wxParse

[15]

2017. The framework of WeChat Mini-Programs. Retrieved Apr 18, 2021 from https://developers.weixin.qq.com/miniprogram/en/dev/framework/MINA.html

[16]

2017. leantodo-weapp. Retrieved Apr 23, 2021 from https://github.com/leancloud/leantodo-weapp

[17]

2017. pinche-xcx. Retrieved Apr 23, 2021 from https://github.com/vincenth520/pinche_xcx

[18]

2017. Shape of i-button our of wrok. Retrieved Apr 23, 2021 from https://github.com/TalkingData/iview-weapp/issues/398

[19]

2017. Syntax Errors lead to abnormal display. Retrieved Apr 23, 2021 from https://github.com/EastWorld/wechat-app-mall/issues/126

[20]

2017. Wechat-app-mall. Retrieved Apr 23, 2021 from https://github.com/EastWorld/wechat-app-mall

[21]

2017. winxin-watch-life. Retrieved Apr 23, 2021 from https://github.com/iamxjb/winxin-app-watch-life.net

[22]

2017. wx-calendar. Retrieved Apr 23, 2021 from https://github.com/treadpit/wx_calendar

[23]

2018. ColorUI. Retrieved Apr 23, 2021 fromhttps://github.com/weilanwl/ColorUI

[24]

2018. Esprima. Retrieved Apr 23, 2021 from https://www.npmjs.com/package/esprima

[25]

2018. HITMers. Retrieved Apr 23, 2021 from https://github.com/upupming/HITMers

[26]

2018. iview-weapp. Retrieved Apr 23, 2021 from https://github.com/TalkingData/iview-weappI

[27]

2018. scuplus-wechat. Retrieved Apr 23, 2021 from https://github.com/mohuishou/scuplus-wechat

[28]

2018. taro-music. Retrieved Apr 23, 2021 from https://github.com/lsqy/taro-music

[29]

2018. Weapp trending. Retrieved Apr 23, 2021 from https://github.com/jae-jae/weapp-github-trending

[30]

2018. WeHalo. Retrieved Apr 23, 2021 from https://github.com/aquanlerou/WeHalo

[31]

2019. nideshop-mini-program. Retrieved Apr 23, 2021 from https://github.com/tumobi/nideshop-mini-program

[32]

2019. Problems in using console.dir. Retrieved Apr 20, 2021 from https://github.com/icindy/wxParse/issues/250

[33]

2019. threejs-example. Retrieved Apr 23, 2021 from https://github.com/yannliao/threejs-example-for-miniprogram

[34]

2019. weapp-ssha. Retrieved Apr 23, 2021 from https://github.com/yaoshanliang/weapp-ssha

[35]

2019. wxchat-mail. Retrieved Apr 23, 2021 from https://github.com/wk989898/wxchat-mail

[36]

2020. A bug caused by API misunderstanding. Retrieved Apr 12, 2021 from https://github.com/DoFind/CardOnePerson/issues/2

[37]

2020. Can not handle too long attribute. Retrieved Apr 5, 2021 from https://github.com/icindy/wxParse/issues/356

[38]

2020. CardOnePerson. Retrieved Apr 12, 2021 from https://github.com/DoFind/CardOnePerson

[39]

2020. Inappropriate parameters. Retrieved Jan 5, 2021 from https://github.com/EastWorld/wechat-app-mall/issues/203

[40]

2020. iPhoneXvirtual. Retrieved Feb 20, 2021 from https://github.com/weilanwl/ColorUI/issues/50

[41]

2020. Money is not rounded. Retrieved Apr 5, 2021 from https://github.com/EastWorld/wechat-app-mall/issues/255

[42]

2020. super9. Retrieved Apr 23, 2021 from https://github.com/terryso/super9

[43]

2020. WeChat revenue and usage statistics in 2020. Retrieved Apr 12, 2021 from https://www.businessofapps.com/data/wechat-statistics/

[44]

2021. API wx.previewMedia fails. Retrieved Apr 5, 2021 from https://developers.weixin.qq.com/community/develop/doc/000aec872908d80896cb6f0335b400

[45]

2021. awesome-wechat-weapp. Retrieved Feb 19, 2021 from https://github.com/justjavac/awesome-wechat-weapp

[46]

2021. Babel documents. Retrieved Apr 10, 2021 from https://babeljs.io/docs/en/

[47]

2021. Component textarea fails. Retrieved Apr 5, 2021 from https://developers.weixin.qq.com/community/develop/doc/00060e8c5340e0742acbeede951000

[48]

2021. Error in render layers. Retrieved Apr 5, 2021 from https://developers.weixin.qq.com/community/develop/doc/00046460eb4bf81380cbfb9ab56800

[49]

2021. JavaScriptCore Tutorial for iOS. Retrieved Apr 21, 2021 from https://www.raywenderlich.com/1227-javascriptcore-tutorial-for-ios-getting-started

[50]

2021. No verification of data validity. Retrieved Apr 21, 2021 from https://github.com/vincenth520/pinche_xcx/issues/20

[51]

2021. ShellBox. Retrieved Apr 23, 2021 from https://github.com/Airmole/ShellBox

[52]

2021. System-specific API usage. Retrieved Feb 21, 2021 from https://github.com/EastWorld/wechat-app-mall/issues/237

[53]

2021. Tencent X5 Webview API. Retrieved Apr 21, 2021 from https://x5.tencent.com/docs/tbsapi/reference/com/tencent/smtt/sdk/WebView.html

[54]

2021. V8. Retrieved Apr 21, 2021 from https://v8.dev/

[55]

2021. weapp-artand. Retrieved Apr 23, 2021 from https://github.com/SuperKieran/weapp-artand

[56]

2021. WeChat developer forum. Retrieved Apr 17, 2021 from https://developers.weixin.qq.com/community/develop/question

[57]

2021. WeChat Mini-Program daily active users. Retrieved Apr 10, 2021 from https://www.chinaz.com/news/1218295.shtml

[58]

2021. WKWebView. Retrieved Apr 21, 2021 from https://developer.apple.com/documentation/webkit/wkwebview

[59]

Cyrille Artho, Armin Biere, and Shinichi Honiden. 2006. Enforcer - Efficient Failure Injection. In Proceedings of International Conference on Formal Methods (FM). 412--427.

Digital Library

[60]

Gemma Catolino, Fabio Palomba, Andy Zaidman, and Filomena Ferrucci. 2019. Not All Bugs are the Same: Understanding, Characterizing, and Classifying Bug Types. Journal of Systems and Software 152 (2019), 165--181.

Digital Library

[61]

Xiaoning Chang, Wensheng Dou, Yu Gao, Jie Wang, Jun Wei, and Tao Huang. 2019. Detecting Atomicity Violations for Event-Driven Node.js Applications. In Proceedings of International Conference on Software Engineering (ICSE). 631--642.

Digital Library

[62]

Xiaoning Chang, Wensheng Dou, Jun Wei, Tao Huang, Jinhui Xie, Yuetang Deng, Jianbo Yang, and Jiaheng Yang. 2021. Race Detection for Event-Driven Node.js Applications. In Proceedings of International Conference on Automated Software Engineering (ASE). 480--491.

Digital Library

[63]

Ao Cheng, Gang Ren, Taeho Hong, Kichan Nam, and Chulmo Koo. 2019. An Exploratory Analysis of Travel-Related WeChat Mini Program Usage: Affordance Theory Perspective. In Proceedings of Information and Communication Technologies. 333--343.

[64]

Wohlin Claes, Per Runeson, Martin Höst, Ohlsson Björn Regnell, and Anders Wesslén. 2012. Experimentation in Software Engineering. Springer Science & Business Media.

[65]

James Davis, Arun Thekumparampil, and Dongyoon Lee. 2017. Node.fz: Fuzzing the Server-Side Event-Driven Architecture. In Proceedings of European Conference on Computer Systems (EuroSys). 145--160.

Digital Library

[66]

Dongdong Deng, Wei Zhang, and Shan Lu. 2013. Efficient Concurrency Bug Detection across Inputs. Acm Sigplan Notices 48, 10 (2013), 785--802.

Digital Library

[67]

Erik Derr, Sven Bugiel, Sascha Fahl, Yasemin Acar, and Michael Backes. 2017. Keep Me Updated: An Empirical Study of Third-Party Library Updatability on Android. In Proceedings of ACM SIGSAC Conference on Computer and Communications Security (CCS). 2187--2200.

Digital Library

[68]

William Enck, Damien Octeau, Patrick McDaniel, and Swarat Chaudhuri. 2011. A Study of Android Application Security. In Proceedings of USENIX Conference on Security (Security). 1--21.

[69]

André Takeshi Endo and Anders Møller. 2020. NodeRacer: Event Race Detection for Node.js Applications. In Proceedings of International Conference on Software Testing, Validation and Verification (ICST). IEEE, 120--130.

[70]

Aurore Fass, Robert P Krawczyk, Michael Backes, and Ben Stock. 2018. Jast: Fully Syntactic Detection of Malicious (Obfuscated) JavaScript. In Proceedings of International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment. 303--325.

[71]

Yu Gao, Wensheng Dou, Feng Qin, Chushu Gao, Dong Wang, Jun Wei, Ruirui Huang, Li Zhou, and Yongming Wu. 2018. An Empirical Study on Crash Recovery Bugs in Large-Scale Distributed Systems. In Proceedings of ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE). 539--550.

Digital Library

[72]

Liang Gong, Michael Pradel, Manu Sridharan, and Koushik Sen. 2015. DLint: Dynamically Checking Bad Coding Practices in JavaScript. In Proceedings of International Symposium on Software Testing and Analysis (ISSTA). 94--105.

Digital Library

[73]

Francisco Gortazár, Micael Gallego, Boni García, Giuseppe Antonio Carella, Michael Pauls, and Ilie-Daniel Gheorghe-Pop. 2017. Elastest --- An Open Source Project for Testing Distributed Applications with Failure Injection. In Proceedings of IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN). 1--2.

[74]

Salvatore Guarnieri and Benjamin Livshits. 2009. Gatekeeper: Mostly Static Enforcement of Security and Reliability Policies for JavaScript Code. In Proceedings of Conference on USENIX Security Symposium (Security). 151--168.

[75]

Dan Han, Chenlei Zhang, Xiaochao Fan, Abram Hindle, Kenny Wong, and Eleni Stroulia. 2012. Understanding Android Fragmentation with Topic Analysis of Vendor-Specific Bugs. In Proceedings of Working Conference on Reverse Engineering (WCRE). 83--92.

Digital Library

[76]

Lei Hao, Fucheng Wan, Ning Ma, and Yicheng Wang. 2018. Analysis of the Development of WeChat Mini Program. 1087, 6 (2018), 062040.

[77]

Huaxun Huang, Lili Wei, Yepang Liu, and Shing-Chi Cheung. 2018. Understanding and Detecting Callback Compatibility Issues for Android Applications. In Proceedings of IEEE/ACM International Conference on Automated Software Engineering (ASE). 532--542.

Digital Library

[78]

Simon Holm Jensen, Anders Møller, and Peter Thiemann. 2009. Type Analysis for JavaScript. In Proceedings of International Symposium on Static Analysis (SAS). 238--255.

Digital Library

[79]

Hao Jiang, Hongli Yang, Shengchao Qin, Zhendong Su, Jian Zhang, and Jun Yan. 2017. Detecting Energy Bugs in Android Apps using Static Analysis. In Proceedings of International Conference on Formal Engineering Methods. 192--208.

[80]

Guoliang Jin, Wei Zhang, Dongdong Deng, Ben Liblit, and Shan Lu. 2012. Automated Concurrency-Bug Fixing. In Proceedings of USENIX Conference on Operating Systems Design and Implementation (OSDI). 221--236.

[81]

Hammad Khalid, Meiyappan Nagappan, Emad Shihab, and Ahmed E. Hassan. 2014. Prioritizing the Devices to Test Your App on: A Case Study of Android Game Apps. In Proceedings of ACM SIGSOFT International Symposium on Foundations of Software Engineering (FSE). 610--620.

[82]

Guodong Li, Esben Andreasen, and Indradeep Ghosh. 2014. SymJS: Automatic Symbolic Testing of JavaScript Web Applications. In Proceedings of ACM SIGSOFT International Symposium on Foundations of Software Engineering (FSE). 449--459.

Digital Library

[83]

Yi Liu, Jinhui Xie, Jianbo Yang, Shiyu Guo, Yuetang Deng, Shuqing Li, Yechang Wu, and Yepang Liu. 2020. Industry Practice of JavaScript Dynamic Analysis on WeChat Mini-Programs. In Proceedings of International Conference on Automated Software Engineering (ASE). 1189--1193.

Digital Library

[84]

Shan Lu, Soyeon Park, Eunsoo Seo, and Yuanyuan Zhou. 2008. Learning from Mistakes: A Comprehensive Study on Real World Concurrency Bug Characteristics. In Proceedings of International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS). 329--339.

Digital Library

[85]

Lijun Ma, Lan Wang, and Entao Jiang. 2018. Empirical Study on the WeChat Mini Program Acceptance based on UTA UT Model Take the Pearl River Delta as An Example. In Proceedings of International Conference on Service Systems and Service Management (ICSSSM). 1--6.

[86]

Xiaojuan Ma. 2019. App Store Killer? The Storm of WeChat Mini Programs Swept over the Mobile App Ecosystem. Masters of Media 15 (2019).

[87]

Magnus Madsen, Frank Tip, and Ondřej Lhoták. 2015. Static Analysis of Event-Driven Node.Js JavaScript Applications. In Proceedings of ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA). 505--519.

Digital Library

[88]

Mehran Mahmoudi and Sarah Nadi. 2018. The Android Update Problem: An Empirical Study. In Proceedings of International Conference on Mining Software Repositories (MSR). 220--230.

Digital Library

[89]

Paul D. Marinescu and George Candea. 2011. Efficient Testing of Recovery Code Using Fault Injection. ACM Transactions on Computer System (TOCS) 29, 4 (2011), 1--38.

Digital Library

[90]

Tyler McDonnell, Baishakhi Ray, and Miryung Kim. 2013. An Empirical Study of API Stability and Adoption in the Android Ecosystem. In Proceedings of IEEE International Conference on Software Maintenance (ICSM). 70--79.

Digital Library

[91]

Gianluca Mezzetti, Anders Møller, and Martin Toldam Torp. 2018. Type Regression Testing to Detect Breaking Changes in Node.js Libraries. In Proceedings of European Conference on Object-Oriented Programming (ECOOP). 1--24.

[92]

Duncan Mitchell and Johannes Kinder. 2019. A Formal Model for Checking Cryptographic API Usage in JavaScript. In Proceedings of European Symposium on Research in Computer Security. 341--360.

Digital Library

[93]

Anders Møller and Martin Toldam Torp. 2019. Model-Based Testing of Breaking Changes in Node.js Libraries. In Proceedings of ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE). 409--419.

Digital Library

[94]

Frolin Ocariza, Kartik Bajaj, Karthik Pattabiraman, and Ali Mesbah. 2013. An Empirical Study of Client-Side JavaScript Bugs. In Proceedings of ACM/IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM). 55--64.

[95]

Frolin S Ocariza, Kartik Bajaj, Karthik Pattabiraman, and Ali Mesbah. 2016. A Study of Causes and Consequences of Client-Side JavaScript Bugs. IEEE Transactions on Software Engineering (TSE) 43, 2 (2016), 128--144.

Digital Library

[96]

Frolin S. Ocariza Jr., Karthik Pattabiraman, and Ali Mesbah. 2012. AutoFLox: An Automatic Fault Localizer for Client-Side JavaScript. In Proceedings of the International Conference on Software Testing, Verification and Validation (ICST). 31--40.

Digital Library

[97]

Jinkun Pan and Xiaoguang Mao. 2017. Detecting DOM-Sourced Cross-Site Scripting in Browser Extensions. In Proceedings of IEEE International Conference on Software Maintenance and Evolution (ICSME). 24--34.

[98]

Shaown Sarker, Jordan Jueckstock, and Alexandros Kapravelos. 2020. Hiding in Plain Site: Detecting JavaScript Obfuscation through Concealed Browser API Usage. In Proceedings of ACM Internet Measurement Conference (IMC). 648--661.

Digital Library

[99]

Koushik Sen, Swaroop Kalasapur, Tasneem Brutch, and Simon Gibbs. 2013. Jalangi: A Selective Record-Replay and Dynamic Analysis Framework for JavaScript. In Proceedings of ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE). 488--498.

Digital Library

[100]

Yuru Shao, Ruowen Wang, Xun Chen, Ahemd M. Azab, and Z. Morley Mao. 2019. A Lightweight Framework for Fine-Grained Lifecycle Control of Android Applications. In Proceedings of European Conference on Computer Systems (EuroSys). 14--31.

[101]

Gupta Shashank and Brij Bhooshan Gupta. 2016. XSS-SAFE: A Server-Side Approach to Detect and Mitigate Cross-Site Scripting (XSS) Attacks in JavaScript Code. Arabian Journal for Science and Engineering (ARAB) 41, 3 (2016), 897--920.

[102]

Cristian-Alexandru Staicu, Michael Pradel, and Benjamin Livshits. 2018. Synode: Understanding and Automatically Preventing Injection Attacks on Node.js. In Proceedings of Network and Distributed System Security Symposium (NDSS).

[103]

Jie Wang, Wensheng Dou, Yu Gao, Chushu Gao, Feng Qin, Kang Yin, and Jun Wei. 2017. A Comprehensive Study on Real World Concurrency Bugs in Node.js. In Proceedings of International Conference on Automated Software Engineering (ASE). 520--531.

[104]

Ran Wang, Guangquan Xu, Xianjiao Zeng, Xiaohong Li, and Zhiyong Feng. 2018. TT-XSS: A Novel Taint Tracking based Dynamic Detection Framework for DOM Cross-Site Scripting. J. Parallel and Distrib. Comput. 118 (2018), 100--106.

Digital Library

[105]

Xijie Wang, Minyong Shi, and Chunfang Li. 2019. Implementation of Elementary Chinese Language Learning Application in WeChat Mini Programs. In Proceedings of IEEE International Conference on Big Data Analytics. 394--398.

[106]

Lili Wei, Yepang Liu, and Shing-Chi Cheung. 2016. Taming Android Fragmentation: Characterizing and Detecting Compatibility Issues for Android Apps. In Proceedings of International Conference on Automated Software Engineering (ASE). 226--237.

Digital Library

[107]

Zhendong Wu, Kai Lu, Xiaoping Wang, and Xu Zhou. 2015. Collaborative Technique for Concurrency Bug Detection. International Journal of Parallel Programming 43, 2 (2015), 260--285.

Digital Library

[108]

Zhemin Yang and Min Yang. 2012. LeakMiner: Detect Information Leakage on Android with Static Taint Analysis. In Proceedings of World Congress on Software Engineering (WCSE). 101--104.

Digital Library

[109]

Lu Zhang and Chao Wang. 2017. RClassify: Classifying Race Conditions in Web Applications via Deterministic Replay. In Proceedings of International Conference on Software Engineering (ICSE). 278--288.

Digital Library

[110]

Ru Zhang, Wencong Xiao, Hongyu Zhang, Yu Liu, Haoxiang Lin, and Mao Yang. 2020. An Empirical Study on Program Failures of Deep Learning Jobs. In Proceedings of International Conference on Software Engineering (ICSE). 1159--1170.

Digital Library

Cited By

Wang YFan MZhou HWang HJin WLi JChen WLi SZhang YHan DLiu TFilkov VRay BZhou M(2024)MiniChecker: Detecting Data Privacy Risk of Abusive Permission Request Behavior in Mini-ProgramsProceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering10.1145/3691620.3695534(1667-1679)Online publication date: 27-Oct-2024
https://dl.acm.org/doi/10.1145/3691620.3695534
Hassan MSalvador JSantu SRahman A(2024)State Reconciliation Defects in Infrastructure as CodeProceedings of the ACM on Software Engineering10.1145/36607901:FSE(1865-1888)Online publication date: 12-Jul-2024
https://dl.acm.org/doi/10.1145/3660790
Xu QGao YWei JChristakis MPradel M(2024)An Empirical Study on Kubernetes Operator BugsProceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3650212.3680396(1746-1758)Online publication date: 11-Sep-2024
https://dl.acm.org/doi/10.1145/3650212.3680396
Show More Cited By

Index Terms

Characterizing and detecting bugs in WeChat mini-programs
1. General and reference
  1. Cross-computing tools and techniques
    1. Empirical studies
2. Software and its engineering
  1. Software creation and management
    1. Software verification and validation
      1. Software defect analysis
        Software testing and debugging

Recommendations

Detect Related Bugs from Source Code Using Bug Information
COMPSAC '10: Proceedings of the 2010 IEEE 34th Annual Computer Software and Applications Conference

Open source projects often maintain open bug repositories during development and maintenance, and the reporters often point out straightly or implicitly the reasons why bugs occur when they submit them. The comments about a bug are very valuable for ...
Characterizing duplicate bugs: Perceptions of practitioners and an empirical analysis
Abstract
Bug handling is an essential part of the software development process. Ideally, in a bug‐tracking system, bugs are reported, fixed, verified, and closed. In some cases, bugs have to be reopened mostly due to an incorrect fix. However, instead of ...

Our study investigates the difference between unique and duplicate bugs and further categorizes duplicates into Master‐Unresolved (Category‐1) and Missed‐Reopen (Category‐2) bugs. Through investigation of bug reports, we found that duplicates are up to ...
Are Neural Bug Detectors Comparable to Software Developers on Variable Misuse Bugs?
ASE '22: Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering

Debugging, that is, identifying and fixing bugs in software, is a central part of software development. Developers are therefore often confronted with the task of deciding whether a given code snippet contains a bug, and if yes, where. Recently, data-...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

ICSE '22: Proceedings of the 44th International Conference on Software Engineering

May 2022

2508 pages

ISBN:9781450392211

DOI:10.1145/3510003

General Chair:
Matthew B Dwyer
University of Virginia
,
Program Chairs:
Daniela Damian
University of Victoria, Canada
,
Andreas Zeller
CISPA, Germany

Copyright © 2022 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSOFT: ACM Special Interest Group on Software Engineering

In-Cooperation

IEEE CS

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 05 July 2022

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Youth Innovation Promotion Association at Chinese Academy of Sciences
National Natural Science Foundation of China
Frontier Science Project of Chinese Academy of Sciences

Conference

ICSE '22

Sponsor:

SIGSOFT

ICSE '22: 44th International Conference on Software Engineering

May 21 - 29, 2022

Pennsylvania, Pittsburgh

Acceptance Rates

Overall Acceptance Rate 276 of 1,856 submissions, 15%

Upcoming Conference

ICSE 2025

2025 IEEE/ACM 46th International Conference on Software Engineering

April 26 - May 3, 2025

Ottawa , ON , Canada

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

7
Total Citations
View Citations
1,411
Total Downloads

Downloads (Last 12 months)984
Downloads (Last 6 weeks)123

Reflects downloads up to 05 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Wang YFan MZhou HWang HJin WLi JChen WLi SZhang YHan DLiu TFilkov VRay BZhou M(2024)MiniChecker: Detecting Data Privacy Risk of Abusive Permission Request Behavior in Mini-ProgramsProceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering10.1145/3691620.3695534(1667-1679)Online publication date: 27-Oct-2024
https://dl.acm.org/doi/10.1145/3691620.3695534
Hassan MSalvador JSantu SRahman A(2024)State Reconciliation Defects in Infrastructure as CodeProceedings of the ACM on Software Engineering10.1145/36607901:FSE(1865-1888)Online publication date: 12-Jul-2024
https://dl.acm.org/doi/10.1145/3660790
Xu QGao YWei JChristakis MPradel M(2024)An Empirical Study on Kubernetes Operator BugsProceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3650212.3680396(1746-1758)Online publication date: 11-Sep-2024
https://dl.acm.org/doi/10.1145/3650212.3680396
Feng SLu HXiong TDeng YChen CChandra SBlincoe KTonella P(2023)Towards Efficient Record and Replay: A Case Study in WeChatProceedings of the 31st ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering10.1145/3611643.3613880(1681-1692)Online publication date: 30-Nov-2023
https://dl.acm.org/doi/10.1145/3611643.3613880
Wang SZhao YWang KWang HLin ZLiao X(2023)On the Usage-scenario-based Data Minimization in Mini ProgramsProceedings of the 2023 ACM Workshop on Secure and Trustworthy Superapps10.1145/3605762.3624435(29-32)Online publication date: 26-Nov-2023
https://dl.acm.org/doi/10.1145/3605762.3624435
Hu JWei LLiu YCheung SJust RFraser G(2023)ωTest: WebView-Oriented Testing for Android ApplicationsProceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3597926.3598112(992-1004)Online publication date: 12-Jul-2023
https://dl.acm.org/doi/10.1145/3597926.3598112
Meng SWang LWang SWang KXiao XBai GWang H(2023)Wemint:Tainting Sensitive Data Leaks in WeChat Mini-Programs2023 38th IEEE/ACM International Conference on Automated Software Engineering (ASE)10.1109/ASE56229.2023.00151(1403-1415)Online publication date: 11-Sep-2023
https://doi.org/10.1109/ASE56229.2023.00151

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents