An Empirical Study of API Misuses of Data-Centric Libraries
Akalanka Galappaththi, Sarah Nadi, Christoph Treude
TL;DR
This paper investigates API misuses in data-centric Python libraries (NumPy, pandas, scikit-learn, Matplotlib, seaborn) by mining Stack Overflow and GitHub commits. Using a data-centric extension of Wei et al.'s deep-learning misuse taxonomy, the study identifies 49 misuses across 45 APIs and shows that data dependency and API parameter misuses are prevalent. The authors introduce a new root-cause category (configuration errors) and quantify how many misuses are accompanied by explicit API directives, highlighting gaps in documentation. The findings inform API and language design, improve misuse detectors, and provide reproducible data and examples to advance tooling for reducing API misuses in data-centric libraries.
Abstract
Developers rely on third-party library Application Programming Interfaces (APIs) when developing software. However, libraries typically come with assumptions and API usage constraints, whose violation results in API misuse. API misuses may result in crashes or incorrect behavior. Even though API misuse is a well-studied area, a recent study of API misuse of deep learning libraries showed that the nature of these misuses and their symptoms are different from misuses of traditional libraries, and as a result highlighted potential shortcomings of current misuse detection tools. We speculate that these observations may not be limited to deep learning API misuses but may stem from the data-centric nature of these APIs. Data-centric libraries often deal with diverse data structures, intricate processing workflows, and a multitude of parameters, which can make them inherently more challenging to use correctly. Therefore, understanding the potential misuses of these libraries is important to avoid unexpected application behavior. To this end, this paper contributes an empirical study of API misuses of five data-centric libraries that cover areas such as data processing, numerical computation, machine learning, and visualization. We identify misuses of these libraries by analyzing data from both Stack Overflow and GitHub. Our results show that many of the characteristics of API misuses observed for deep learning libraries extend to misuses of the data-centric library APIs we study. We also find that developers tend to misuse APIs from data-centric libraries, regardless of whether the API directive appears in the documentation. Overall, our work exposes the challenges of API misuse in data-centric libraries, rather than only focusing on deep learning libraries. Our collected misuses and their characterization lay groundwork for future research to help reduce misuses of these libraries.