Assessing the Bug-Proneness of Refactored Code: A Longitudinal Multi-Project Study

TL;DR

This longitudinal study of 12 open source projects investigates how different types and combinations of refactorings influence bug proneness, revealing nuanced effects and limitations of current detection methods.

Contribution

It provides empirical evidence on the long-term impact of various refactoring practices on bug occurrence, highlighting complexities beyond common assumptions.

Findings

Multiple refactorings do not reduce bug-proneness compared to single refactorings.

Single refactorings often induce bugs across projects.

Refactorings combined with other changes (floss refactorings) are frequently bug-prone.

Abstract

Refactoring is a common practice in software development, aimed at improving the internal code structure in order to make it easier to understand and modify. Consequently, it is often assumed that refactoring makes the code less prone to bugs. However, in practice, refactoring is a complex task and applied in different ways (e.g., various refactoring types, single vs. composite refactorings) and with a variety of purposes (e.g., root-canal vs. floss refactoring). Therefore, certain refactorings can inadvertently make the code more prone to bugs. Unfortunately, there is limited research in the literature on the long-term relationship between the different characteristics of refactorings and bugs. This paper presents a longitudinal study of 12 open source software projects, where 27,450 refactorings, 6,051 reported bugs, and 49,250 bugs detected with static analysis tools were analyzed. While our study confirms the common intuition that refactored code is less bug-prone than non-refactored code, we also extend or contradict existing body of knowledge in other ways. First, a code element that undergoes multiple refactorings is not less bug-prone than an element that undergoes a single refactoring. A single refactoring is the one not performed in conjunction with other refactorings in the same commit. Second, single refactorings often induce the occurrence of bugs across all analyzed projects. Third, code elements affected by refactorings made in conjunction with other non-refactoring changes in the same commit (i.e., floss refactorings) are often bug-prone. Finally, many of such bugs induced by refactoring cannot be revealed with state-of-the-art techniques for detecting behavior-preserving refactorings.