prevalence of confusing code in software projects
play

Prevalence of Confusing Code in Software Projects Atoms of - PowerPoint PPT Presentation

Feb 17, 2023 •320 likes •834 views

Prevalence of Confusing Code in Software Projects Atoms of Confusion in the Wild Dan Gopstein NYU Hongwei Henry Zhou, Phyllis Frankl, Justin Cappos AtomsOfConfusion.com 1 Atoms of Confusion in the Wild if ((err =

  1. Prevalence of Confusing Code in Software Projects Atoms of Confusion in the Wild Dan Gopstein NYU Hongwei Henry Zhou, Phyllis Frankl, Justin Cappos AtomsOfConfusion.com 1

  2. Atoms of Confusion in the Wild if ((err = SSLHashSHA1.update(&hashCtx, &signedParams)) != 0) goto fail; goto fail; 2

  3. Atoms of Confusion in the Wild Apple’s Goto Fail bug if ((err = SSLHashSHA1.update(&hashCtx, &signedParams)) != 0) goto fail; goto fail; 3

  4. Atoms of Confusion in the Wild Apple’s Goto Fail bug if ((err = SSLHashSHA1.update(&hashCtx, &signedParams)) != 0) goto fail; goto fail; Two Atoms of Confusion: ● Assignment as Value ● Omitted Curly Brace 4

  5. Atoms of Confusion in the Wild Apple’s Goto Fail bug if ((err = SSLHashSHA1.update(&hashCtx, &signedParams)) != 0) { { goto fail; goto fail; Two Atoms of Confusion: } ● Assignment as Value ● Omitted Curly Brace 5

  6. Outline Atoms of Confusion are ... ● Confusing - Both in the lab and in the wild ● Prevalent - Occurring frequently in practice ● Buggy - Causing or correlated with faults 6

  7. Outline Atoms of Confusion are ... ● Confusing - Both in the lab and in the wild ● Prevalent - Occurring frequently in practice ● Buggy - Causing or correlated with faults 7

  8. Atoms of Confusion Understanding Misunderstandings in Source Code D. Gopstein, J. Iannacone, Y. Yan, L. DeLong, Y. Zhuang, M. Yeh, J. Cappos ESEC/FSE 2017 8

  9. Confusion When a person and a machine read the same piece of code, yet come to different conclusions about its output. printf("%d",013) 13 11 9

  10. Measurable printf("%d",013) printf("%d",11) 10

  11. Measurable printf("%d",013) printf("%d",11) 11

  12. Measurable printf("%d",013) printf("%d",11) 12

  13. Precise The smallest piece of code that can cause confusion Fluff Confusing Code Confusing Code Other Stuff 13

  14. Precise The smallest piece of code that can cause confusion Fluff Atom of Confusion Confusing Code Confusing Code Other Stuff 14

  15. Identified Atoms φ 15

  16. Atoms of Confusion φ = .63 φ = .48 Literal Encoding Logic as Control Flow printf("%d",013) V1 && F2() φ = .33 φ = .28 Operator Precedence Pre-Increment 0 && 1 || 2 V1 = ++V2; Understanding Misunderstandings in Source Code D. Gopstein, J. Iannacone, Y. Yan, L. DeLong, Y. Zhuang, M. Yeh, J. Cappos ESEC/FSE 2017 16

  17. Outline Atoms of Confusion are ... ● Confusing - Both in the lab and in the wild ● Prevalent - Occurring frequently in practice ● Buggy - Causing or correlated with faults 17

  18. Classifier if (x = 2) foo(); if = ; x 2 () foo 18

  19. Classifier if (x = 2) foo(); Classifier if = ; x 2 () foo 19

  20. Classifier if (x = 2) foo(); { Classifier if = Two Atoms of Confusion: ; x 2 ● Assignment as Value () ● Omitted Curly Brace foo 20

  21. Corpus 21

  22. How Often do Atoms Occur? 1 atom every ~12 lines 1 atom every ~44 lines 22

  23. Which Atoms Occur Most Frequently? 1 every ~51 lines 1 every ~1.6 million 23

  24. Are Confusing Patterns Less Common? φ 24

  25. Prevalent ulpmc->cmd = htobe32(V_ULPTX_CMD(ULP_TX_MEM_WRITE) | is_t4(sc) ? F_ULP_MEMIO_ORDER : F_T5_ULP_MEMIO_IMM); https://github.com/freebsd/freebsd/blob/3c60e22da7d4460db7adb2b916f55e22b7d60e26/sys/dev/cxgbe/tom/t4_ddp.c#L766 25

  26. Prevalent ulpmc->cmd = htobe32(V_ULPTX_CMD(ULP_TX_MEM_WRITE) | is_t4(sc) ? F_ULP_MEMIO_ORDER : F_T5_ULP_MEMIO_IMM); Contains: ● Operator Precedence ● Conditional Operator ● Implicit Predicate https://github.com/freebsd/freebsd/blob/3c60e22da7d4460db7adb2b916f55e22b7d60e26/sys/dev/cxgbe/tom/t4_ddp.c#L766 26

  27. Prevalent ulpmc->cmd = htobe32(V_ULPTX_CMD(ULP_TX_MEM_WRITE) | is_t4(sc) ? F_ULP_MEMIO_ORDER : F_T5_ULP_MEMIO_IMM); Contains: ● Operator Precedence ● Conditional Operator ● Implicit Predicate https://github.com/freebsd/freebsd/blob/3c60e22da7d4460db7adb2b916f55e22b7d60e26/sys/dev/cxgbe/tom/t4_ddp.c#L766 27

  28. Outline Atoms of Confusion are ... ● Confusing - Both in the lab and in the wild ● Prevalent - Occurring frequently in practice ● Buggy - Causing or correlated with faults 28

  29. Are Atoms Removed More In Bug Fix Commits? 29

  30. Are Atoms Commented More Often? 30

  31. Are Atoms Commented More Often? 1.00 31

  32. Buggy #define ABS(x) ((x) < 0 ? (-x) : (x)) https://github.com/torvalds/linux/commit/7aa92c4229fefff0cab6930cf977f4a0e3e606d8 32

  33. Buggy #define ABS(x) ((x) < 0 ? (-x) : (x)) ABS(1) => ??? https://github.com/torvalds/linux/commit/7aa92c4229fefff0cab6930cf977f4a0e3e606d8 33

  34. Buggy #define ABS(x) ((x) < 0 ? (-x) : (x)) ABS(1) => 1 https://github.com/torvalds/linux/commit/7aa92c4229fefff0cab6930cf977f4a0e3e606d8 34

  35. Buggy #define ABS(x) ((x) < 0 ? (-x) : (x)) ABS(1) => 1 ABS(-2) => ??? https://github.com/torvalds/linux/commit/7aa92c4229fefff0cab6930cf977f4a0e3e606d8 35

  36. Buggy #define ABS(x) ((x) < 0 ? (-x) : (x)) ABS(1) => 1 ABS(-2) => 2 https://github.com/torvalds/linux/commit/7aa92c4229fefff0cab6930cf977f4a0e3e606d8 36

  37. Buggy #define ABS(x) ((x) < 0 ? (-x) : (x)) ABS(1) => 1 ABS(-2) => 2 ABS(1-2) => ??? https://github.com/torvalds/linux/commit/7aa92c4229fefff0cab6930cf977f4a0e3e606d8 37

  38. Buggy #define ABS(x) ((x) < 0 ? (-x) : (x)) ABS(1) => 1 ABS(-2) => 2 ABS(1-2) => 1 https://github.com/torvalds/linux/commit/7aa92c4229fefff0cab6930cf977f4a0e3e606d8 38

  39. Buggy #define ABS(x) ((x) < 0 ? (-x) : (x)) ABS(1) => 1 ABS(-2) => 2 ABS(1-2) => 1 -3 X https://github.com/torvalds/linux/commit/7aa92c4229fefff0cab6930cf977f4a0e3e606d8 39

  40. Buggy #define ABS(x) ((x) < 0 ? (-x) : (x)) ABS(1-2) https://github.com/torvalds/linux/commit/7aa92c4229fefff0cab6930cf977f4a0e3e606d8 40

  41. Buggy #define ABS(x) ((x) < 0 ? (-x) : (x)) ABS(1-2) (( x ) < 0 ? (- x ) : ( x )) https://github.com/torvalds/linux/commit/7aa92c4229fefff0cab6930cf977f4a0e3e606d8 41

  42. Buggy #define ABS(x) ((x) < 0 ? (-x) : (x)) ABS(1-2) (( x ) < 0 ? (- x ) : ( x )) https://github.com/torvalds/linux/commit/7aa92c4229fefff0cab6930cf977f4a0e3e606d8 42

  43. Buggy #define ABS(x) ((x) < 0 ? (-x) : (x)) ABS(1-2) ((1-2) < 0 ? (-1-2) : (1-2)) https://github.com/torvalds/linux/commit/7aa92c4229fefff0cab6930cf977f4a0e3e606d8 43

  44. Buggy #define ABS(x) ((x) < 0 ? (-x) : (x)) ABS(1-2) ((1-2) < 0 ? (-1-2) : (1-2)) https://github.com/torvalds/linux/commit/7aa92c4229fefff0cab6930cf977f4a0e3e606d8 44

  45. Buggy #define ABS(x) ((x) < 0 ? (-x) : (x)) ABS(1-2) ((1-2) < 0 ? (-1-2) : (1-2)) -3 https://github.com/torvalds/linux/commit/7aa92c4229fefff0cab6930cf977f4a0e3e606d8 45

  46. Buggy #define ABS(x) ((x) < 0 ? (-x) : (x)) ABS(1-2) ((1-2) < 0 ? (-1-2) : (1-2)) -3 https://github.com/torvalds/linux/commit/7aa92c4229fefff0cab6930cf977f4a0e3e606d8 46

  47. Buggy #define ABS(x) ((x) < 0 ? (-x) : (x)) Macro Operator Precedence https://github.com/torvalds/linux/commit/7aa92c4229fefff0cab6930cf977f4a0e3e606d8 47

  48. Buggy 48

  49. Summary Atoms of Confusion are ... ● Confusing ○ Atoms are statistically more confusing than other code in the lab ○ Atoms are 13% more likely to be commented than other code ● Prevalent ○ We found millions of examples in our corpus ○ 1 in ~23 lines of code has an atom ● Buggy ○ Bug-fix commits are 25% more likely remove atoms ○ We found and fixed a handful of bugs in Linux 49

  50. Thank You Prevalence of Confusing Code in Software Projects Atoms of Confusion in the Wild Dan Gopstein NYU Hongwei Henry Zhou, Phyllis Frankl, Justin Cappos AtomsOfConfusion.com 50

Recommend

Prevalence of Confusing Code in Software Projects Atoms of Confusion in the Wild Dan Gopstein

Prevalence of Confusing Code in Software Projects Atoms of Confusion in the Wild Dan Gopstein

Prevalence of Confusing Code in Software Projects Atoms of Confusion in the Wild Dan Gopstein NYU Hongwei Henry Zhou, Phyllis Frankl, Justin Cappos AtomsOfConfusion.com 1 Hi, my name is Dan Gopstein, and today Im going to talk about

809 views • 50 slides
An Exploratory Study Into the Prevalence of Botched Code Integrations @wardmuylaert @oniroi

An Exploratory Study Into the Prevalence of Botched Code Integrations @wardmuylaert @oniroi

An Exploratory Study Into the Prevalence of Botched Code Integrations @wardmuylaert @oniroi Ward Muylaert and Coen De Roover Software Languages Lab Vrije Universiteit Brussel Brussels, Belgium Textual Conflicts function foo(x) { if (x &lt;

829 views • 44 slides
Thinking Software Today I want to talk about the importance of software/code and why we need to

Thinking Software Today I want to talk about the importance of software/code and why we need to

Thinking Software Today I want to talk about the importance of software/code and why we need to study it: 1. Software/Code 2. The softwarization of the university Apple Siri Thinking Software 3. Knowledge in the Digital Age code and the

476 views • 14 slides
CS314 Software Engineering Clean Code Dave Matthews Clean Code: A Handbook of Agile Software

CS314 Software Engineering Clean Code Dave Matthews Clean Code: A Handbook of Agile Software

3/1/18 CS314 Software Engineering Clean Code Dave Matthews Clean Code: A Handbook of Agile Software Craftsmanship, Robert C Martin, 2009 1 3/1/18 Code Climate Maintainability complexity (cognitive or boolean logic) duplicate code

257 views • 4 slides
How Software Projects Fail Software Failures Software appears, by its nature, to be difficult to

How Software Projects Fail Software Failures Software appears, by its nature, to be difficult to

How Software Projects Fail Software Failures Software appears, by its nature, to be difficult to engineer on a large scale. Nevertheless, there is an insatiable demand for sizeable, well-engineered software. Dr. James A. Bednar We continue to

69 views • 6 slides
Code Coverage SWEN-261 Introduction to Software Engineering Department of Software Engineering

Code Coverage SWEN-261 Introduction to Software Engineering Department of Software Engineering

Code Coverage SWEN-261 Introduction to Software Engineering Department of Software Engineering Rochester Institute of Technology Code coverage analysis is measuring how well your unit tests exercise the production code. Code coverage

290 views • 10 slides
Code quality in Python A reasonable approach to measuring code quality in your projects Radosaw

Code quality in Python A reasonable approach to measuring code quality in your projects Radosaw

Code quality in Python A reasonable approach to measuring code quality in your projects Radosaw Ganczarek - 2019 Hi! Its me again! Radosaw Ganczarek (Rad) EuroPython 2015 (Bilbao) Reasonable approach? Made with by PGS Software Made

770 views • 34 slides
Fisheries NZ Interaction projects Projects from the last 3 years Code Title Stage Comments

Fisheries NZ Interaction projects Projects from the last 3 years Code Title Stage Comments

Fisheries NZ Interaction projects Projects from the last 3 years Code Title Stage Comments PRO2016-06 Spatially explicit risk assessment query and simulation tool Contracted Due to deliver by early 2019 PMM2018-04A Estimate spatial

142 views • 3 slides
ECE 3574: Applied Software Design Meeting 08: Building Cross-Platform Software using CMake The

ECE 3574: Applied Software Design Meeting 08: Building Cross-Platform Software using CMake The

ECE 3574: Applied Software Design Meeting 08: Building Cross-Platform Software using CMake The goal of todays meeting it to learn about building larger software projects that have multiple modules of code, unit tests, and main programs.

230 views • 9 slides
Tools for Software Projects Massimo Felici Massimo Felici Tools for Software Projects 2011

Tools for Software Projects Massimo Felici Massimo Felici Tools for Software Projects 2011

Tools for Software Projects Massimo Felici Massimo Felici Tools for Software Projects 2011 c 1 Automating Drudgery Most of the techniques we will talk about can benefit from automated tools , and some would be totally impractical

451 views • 28 slides
Code Communication SWEN-610 Foundations of Software Engineering Department of Software

Code Communication SWEN-610 Foundations of Software Engineering Department of Software

Code Communication SWEN-610 Foundations of Software Engineering Department of Software Engineering Rochester Institute of Technology How your code &quot;reads&quot; is critically important for the humans who will read it. Any fool can write

417 views • 9 slides
The Severity and Prevalence of Ambiguity in Software Engineering Requirements Cristina Ribeiro

The Severity and Prevalence of Ambiguity in Software Engineering Requirements Cristina Ribeiro

The Severity and Prevalence of Ambiguity in Software Engineering Requirements Cristina Ribeiro PhD Candidate University of Waterloo Overview Introduction Research Problem Proposed Solution Ambiguity Model Research Method 2 Introduction

846 views • 47 slides
Software Architecture and Design On the importance of planning Why do Projects Fail? Steve

Software Architecture and Design On the importance of planning Why do Projects Fail? Steve

Software Architecture and Design On the importance of planning Why do Projects Fail? Steve McConnell describes how small projects aren't necessarily representative of the problems you'll encounter on larger projects: People who have

638 views • 30 slides
Managing Large Code Projects 15-110 Wednesday 11/11 Learning Goals Implement helper

Managing Large Code Projects 15-110 Wednesday 11/11 Learning Goals Implement helper

Managing Large Code Projects 15-110 Wednesday 11/11 Learning Goals Implement helper functions in code to break up large problems into solvable subtasks Recognize the four core rules of code maintenance Use the input command and

1.07k views • 62 slides
The Impact of Code Review Coverage and Code Review Participation on Software Quality Shane

The Impact of Code Review Coverage and Code Review Participation on Software Quality Shane

The Impact of Code Review Coverage and Code Review Participation on Software Quality Shane Yasutaka Bram Ahmed E. McIntosh Kamei Adams Hassan Code reviews : An opportunity for constructive criticism of code changes Yasu Shane Bram

1.62k views • 89 slides
Monitoring Code Quality and Monitoring Code Quality and Development Activity by Software Maps

Monitoring Code Quality and Monitoring Code Quality and Development Activity by Software Maps

Monitoring Code Quality and Monitoring Code Quality and Development Activity by Software Maps by Software Maps J h Johannes Bohnet and Jrgen Dllner B h t d J Dll Hasso-Plattner-Institute for IT Systems Engineering University of

226 views • 8 slides
Differences in TBI Prevalence, Outcomes, and Symptoms in Colorado CB Eagye TBI Prevalence

Differences in TBI Prevalence, Outcomes, and Symptoms in Colorado CB Eagye TBI Prevalence

Differences in TBI Prevalence, Outcomes, and Symptoms in Colorado CB Eagye TBI Prevalence Research Studies Initial Research Project Colorado Study of TBI Prevalence and Associated Outcomes - 2007 Funded by the CDC Statewide

1.1k views • 81 slides
Gerrit Code Review Web based code review and project management for Git based projects Johannes

Gerrit Code Review Web based code review and project management for Git based projects Johannes

Gerrit Code Review Web based code review and project management for Git based projects Johannes Barop gateprotect AG Germany Agenda Agenda Why Code Reviews? Why a Dedicated Tool for Reviews? Googles Web Code Review Tools

435 views • 42 slides
Legacy Code Matters Since maintenance consumes ~60% of software costs, it is probably the most

Legacy Code Matters Since maintenance consumes ~60% of software costs, it is probably the most

Legacy Code Matters Since maintenance consumes ~60% of software costs, it is probably the most important life cycle phase of software Old hardware becomes obsolete; old software goes into production every night. Robert Glass,

763 views • 50 slides
Projects and Development Tools CS 485/540 Software Engineering Cengiz Gnay Fall 2014 Gnay

Projects and Development Tools CS 485/540 Software Engineering Cengiz Gnay Fall 2014 Gnay

Projects and Development Tools CS 485/540 Software Engineering Cengiz Gnay Fall 2014 Gnay Projects and Tools Overview Lets review: 1 Projects 2 Integrated Development Environments (IDEs) 3 Software Process Tool websites Gnay

595 views • 11 slides
Software Engineering and Architecture Writing Clean Code Motivation Code is written to

Software Engineering and Architecture Writing Clean Code Motivation Code is written to

Software Engineering and Architecture Writing Clean Code Motivation Code is written to Be compiled, deployed, and executed by users in order to serve their need So we make money, get salaries and can buy presents for our spouses (or

684 views • 35 slides
Growing participation, growing participants Supporting the users of software projects through

Growing participation, growing participants Supporting the users of software projects through

Growing participation, growing participants Supporting the users of software projects through better communications Barriers to recruiting project members New software projects hit the Internet every day Bringing new users up to speed is

489 views • 26 slides
KAI Software YOUR IDEA.OUR SOFTWARE. Overview KAI SOFTWARE INC was founded in 1994 and today we

KAI Software YOUR IDEA.OUR SOFTWARE. Overview KAI SOFTWARE INC was founded in 1994 and today we

KAI Software YOUR IDEA.OUR SOFTWARE. Overview KAI SOFTWARE INC was founded in 1994 and today we create new software development solutions for projects with sizable data requirements. Having a background in mining industry, KAI Software have

267 views • 26 slides
Peter Kolb Model for Outsourced Project Management Projects ETH Zurich Successful Software

Peter Kolb Model for Outsourced Project Management Projects ETH Zurich Successful Software

Peter Kolb Model for Outsourced Project Management Projects ETH Zurich Successful Software Outsourcing and Offshoring, - 1 - Objectives This module will enable the participant to: Plan and execute Software development projects with sub-

579 views • 21 slides

More recommend