Search papers, labs, and topics across Lattice.
This paper performs a large-scale empirical analysis of over 14k pre- and post-release defects in C/C++ and Java open-source projects. The study uses a broad set of software metrics to characterize code attributes and identify key differences between the two defect types. Results indicate that post-release defects are more prevalent in older, frequently modified, high-churn components and require more complex fixes, suggesting evolutionary and process dynamics are key factors.
Post-release software bugs aren't just about code complexity; they're a symptom of code age, frequent modification, and high churn, demanding a shift in testing focus.
Understanding how software defects manifest and evolve in production environments is critical for improving reliability. While previous research has largely focused on pre-release defects, the nature of residual faults, i.e., those escaping testing and surfacing post-release, remains poorly understood. This paper presents a large-scale characterization of pre- and post-release defects across C/C++ and Java systems, encompassing over 14k defects mined from open-source projects. We employ a broad suite of software metrics to capture diverse code attributes such as complexity, size, structure, and development history. Results show that post-release defects are concentrated in older, frequently modified, and high-churn components, typically requiring longer and more complex fixes than pre-release ones. These findings highlight that residual defects arise more from evolutionary and process dynamics than code structure alone, suggesting that reliability engineering should prioritize targeted testing in mature and complex code regions.
