prevalence of confusing code in software projects
play

Prevalence of Confusing Code in Software Projects Atoms of - PowerPoint PPT Presentation

Feb 17, 2023 •320 likes •834 views

Prevalence of Confusing Code in Software Projects Atoms of Confusion in the Wild Dan Gopstein NYU Hongwei Henry Zhou, Phyllis Frankl, Justin Cappos AtomsOfConfusion.com 1 Atoms of Confusion in the Wild if ((err =

  1. Prevalence of Confusing Code in Software Projects Atoms of Confusion in the Wild Dan Gopstein NYU Hongwei Henry Zhou, Phyllis Frankl, Justin Cappos AtomsOfConfusion.com 1

  2. Atoms of Confusion in the Wild if ((err = SSLHashSHA1.update(&hashCtx, &signedParams)) != 0) goto fail; goto fail; 2

  3. Atoms of Confusion in the Wild Apple’s Goto Fail bug if ((err = SSLHashSHA1.update(&hashCtx, &signedParams)) != 0) goto fail; goto fail; 3

  4. Atoms of Confusion in the Wild Apple’s Goto Fail bug if ((err = SSLHashSHA1.update(&hashCtx, &signedParams)) != 0) goto fail; goto fail; Two Atoms of Confusion: ● Assignment as Value ● Omitted Curly Brace 4

  5. Atoms of Confusion in the Wild Apple’s Goto Fail bug if ((err = SSLHashSHA1.update(&hashCtx, &signedParams)) != 0) { { goto fail; goto fail; Two Atoms of Confusion: } ● Assignment as Value ● Omitted Curly Brace 5

  6. Outline Atoms of Confusion are ... ● Confusing - Both in the lab and in the wild ● Prevalent - Occurring frequently in practice ● Buggy - Causing or correlated with faults 6

  7. Outline Atoms of Confusion are ... ● Confusing - Both in the lab and in the wild ● Prevalent - Occurring frequently in practice ● Buggy - Causing or correlated with faults 7

  8. Atoms of Confusion Understanding Misunderstandings in Source Code D. Gopstein, J. Iannacone, Y. Yan, L. DeLong, Y. Zhuang, M. Yeh, J. Cappos ESEC/FSE 2017 8

  9. Confusion When a person and a machine read the same piece of code, yet come to different conclusions about its output. printf("%d",013) 13 11 9

  10. Measurable printf("%d",013) printf("%d",11) 10

  11. Measurable printf("%d",013) printf("%d",11) 11

  12. Measurable printf("%d",013) printf("%d",11) 12

  13. Precise The smallest piece of code that can cause confusion Fluff Confusing Code Confusing Code Other Stuff 13

  14. Precise The smallest piece of code that can cause confusion Fluff Atom of Confusion Confusing Code Confusing Code Other Stuff 14

  15. Identified Atoms φ 15

  16. Atoms of Confusion φ = .63 φ = .48 Literal Encoding Logic as Control Flow printf("%d",013) V1 && F2() φ = .33 φ = .28 Operator Precedence Pre-Increment 0 && 1 || 2 V1 = ++V2; Understanding Misunderstandings in Source Code D. Gopstein, J. Iannacone, Y. Yan, L. DeLong, Y. Zhuang, M. Yeh, J. Cappos ESEC/FSE 2017 16

  17. Outline Atoms of Confusion are ... ● Confusing - Both in the lab and in the wild ● Prevalent - Occurring frequently in practice ● Buggy - Causing or correlated with faults 17

  18. Classifier if (x = 2) foo(); if = ; x 2 () foo 18

  19. Classifier if (x = 2) foo(); Classifier if = ; x 2 () foo 19

  20. Classifier if (x = 2) foo(); { Classifier if = Two Atoms of Confusion: ; x 2 ● Assignment as Value () ● Omitted Curly Brace foo 20

  21. Corpus 21

  22. How Often do Atoms Occur? 1 atom every ~12 lines 1 atom every ~44 lines 22

  23. Which Atoms Occur Most Frequently? 1 every ~51 lines 1 every ~1.6 million 23

  24. Are Confusing Patterns Less Common? φ 24

  25. Prevalent ulpmc->cmd = htobe32(V_ULPTX_CMD(ULP_TX_MEM_WRITE) | is_t4(sc) ? F_ULP_MEMIO_ORDER : F_T5_ULP_MEMIO_IMM); https://github.com/freebsd/freebsd/blob/3c60e22da7d4460db7adb2b916f55e22b7d60e26/sys/dev/cxgbe/tom/t4_ddp.c#L766 25

  26. Prevalent ulpmc->cmd = htobe32(V_ULPTX_CMD(ULP_TX_MEM_WRITE) | is_t4(sc) ? F_ULP_MEMIO_ORDER : F_T5_ULP_MEMIO_IMM); Contains: ● Operator Precedence ● Conditional Operator ● Implicit Predicate https://github.com/freebsd/freebsd/blob/3c60e22da7d4460db7adb2b916f55e22b7d60e26/sys/dev/cxgbe/tom/t4_ddp.c#L766 26

  27. Prevalent ulpmc->cmd = htobe32(V_ULPTX_CMD(ULP_TX_MEM_WRITE) | is_t4(sc) ? F_ULP_MEMIO_ORDER : F_T5_ULP_MEMIO_IMM); Contains: ● Operator Precedence ● Conditional Operator ● Implicit Predicate https://github.com/freebsd/freebsd/blob/3c60e22da7d4460db7adb2b916f55e22b7d60e26/sys/dev/cxgbe/tom/t4_ddp.c#L766 27

  28. Outline Atoms of Confusion are ... ● Confusing - Both in the lab and in the wild ● Prevalent - Occurring frequently in practice ● Buggy - Causing or correlated with faults 28

  29. Are Atoms Removed More In Bug Fix Commits? 29

  30. Are Atoms Commented More Often? 30

  31. Are Atoms Commented More Often? 1.00 31

  32. Buggy #define ABS(x) ((x) < 0 ? (-x) : (x)) https://github.com/torvalds/linux/commit/7aa92c4229fefff0cab6930cf977f4a0e3e606d8 32

  33. Buggy #define ABS(x) ((x) < 0 ? (-x) : (x)) ABS(1) => ??? https://github.com/torvalds/linux/commit/7aa92c4229fefff0cab6930cf977f4a0e3e606d8 33

  34. Buggy #define ABS(x) ((x) < 0 ? (-x) : (x)) ABS(1) => 1 https://github.com/torvalds/linux/commit/7aa92c4229fefff0cab6930cf977f4a0e3e606d8 34

  35. Buggy #define ABS(x) ((x) < 0 ? (-x) : (x)) ABS(1) => 1 ABS(-2) => ??? https://github.com/torvalds/linux/commit/7aa92c4229fefff0cab6930cf977f4a0e3e606d8 35

  36. Buggy #define ABS(x) ((x) < 0 ? (-x) : (x)) ABS(1) => 1 ABS(-2) => 2 https://github.com/torvalds/linux/commit/7aa92c4229fefff0cab6930cf977f4a0e3e606d8 36

  37. Buggy #define ABS(x) ((x) < 0 ? (-x) : (x)) ABS(1) => 1 ABS(-2) => 2 ABS(1-2) => ??? https://github.com/torvalds/linux/commit/7aa92c4229fefff0cab6930cf977f4a0e3e606d8 37

  38. Buggy #define ABS(x) ((x) < 0 ? (-x) : (x)) ABS(1) => 1 ABS(-2) => 2 ABS(1-2) => 1 https://github.com/torvalds/linux/commit/7aa92c4229fefff0cab6930cf977f4a0e3e606d8 38

  39. Buggy #define ABS(x) ((x) < 0 ? (-x) : (x)) ABS(1) => 1 ABS(-2) => 2 ABS(1-2) => 1 -3 X https://github.com/torvalds/linux/commit/7aa92c4229fefff0cab6930cf977f4a0e3e606d8 39

  40. Buggy #define ABS(x) ((x) < 0 ? (-x) : (x)) ABS(1-2) https://github.com/torvalds/linux/commit/7aa92c4229fefff0cab6930cf977f4a0e3e606d8 40

  41. Buggy #define ABS(x) ((x) < 0 ? (-x) : (x)) ABS(1-2) (( x ) < 0 ? (- x ) : ( x )) https://github.com/torvalds/linux/commit/7aa92c4229fefff0cab6930cf977f4a0e3e606d8 41

  42. Buggy #define ABS(x) ((x) < 0 ? (-x) : (x)) ABS(1-2) (( x ) < 0 ? (- x ) : ( x )) https://github.com/torvalds/linux/commit/7aa92c4229fefff0cab6930cf977f4a0e3e606d8 42

  43. Buggy #define ABS(x) ((x) < 0 ? (-x) : (x)) ABS(1-2) ((1-2) < 0 ? (-1-2) : (1-2)) https://github.com/torvalds/linux/commit/7aa92c4229fefff0cab6930cf977f4a0e3e606d8 43

  44. Buggy #define ABS(x) ((x) < 0 ? (-x) : (x)) ABS(1-2) ((1-2) < 0 ? (-1-2) : (1-2)) https://github.com/torvalds/linux/commit/7aa92c4229fefff0cab6930cf977f4a0e3e606d8 44

  45. Buggy #define ABS(x) ((x) < 0 ? (-x) : (x)) ABS(1-2) ((1-2) < 0 ? (-1-2) : (1-2)) -3 https://github.com/torvalds/linux/commit/7aa92c4229fefff0cab6930cf977f4a0e3e606d8 45

  46. Buggy #define ABS(x) ((x) < 0 ? (-x) : (x)) ABS(1-2) ((1-2) < 0 ? (-1-2) : (1-2)) -3 https://github.com/torvalds/linux/commit/7aa92c4229fefff0cab6930cf977f4a0e3e606d8 46

  47. Buggy #define ABS(x) ((x) < 0 ? (-x) : (x)) Macro Operator Precedence https://github.com/torvalds/linux/commit/7aa92c4229fefff0cab6930cf977f4a0e3e606d8 47

  48. Buggy 48

  49. Summary Atoms of Confusion are ... ● Confusing ○ Atoms are statistically more confusing than other code in the lab ○ Atoms are 13% more likely to be commented than other code ● Prevalent ○ We found millions of examples in our corpus ○ 1 in ~23 lines of code has an atom ● Buggy ○ Bug-fix commits are 25% more likely remove atoms ○ We found and fixed a handful of bugs in Linux 49

  50. Thank You Prevalence of Confusing Code in Software Projects Atoms of Confusion in the Wild Dan Gopstein NYU Hongwei Henry Zhou, Phyllis Frankl, Justin Cappos AtomsOfConfusion.com 50

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Prevalence of Confusing Code in Software Projects Atoms of Confusion in the Wild Dan Gopstein

Prevalence of Confusing Code in Software Projects Atoms of Confusion in the Wild Dan Gopstein

Prevalence of Confusing Code in Software Projects Atoms of Confusion in the Wild Dan Gopstein NYU Hongwei Henry Zhou, Phyllis Frankl, Justin Cappos AtomsOfConfusion.com 1 Hi, my name is Dan Gopstein, and today Im going to talk about

809 views • 50 slides
An Exploratory Study Into the Prevalence of Botched Code Integrations @wardmuylaert @oniroi

An Exploratory Study Into the Prevalence of Botched Code Integrations @wardmuylaert @oniroi

An Exploratory Study Into the Prevalence of Botched Code Integrations @wardmuylaert @oniroi Ward Muylaert and Coen De Roover Software Languages Lab Vrije Universiteit Brussel Brussels, Belgium Textual Conflicts function foo(x) { if (x &lt;

829 views • 44 slides
Thinking Software Today I want to talk about the importance of software/code and why we need to

Thinking Software Today I want to talk about the importance of software/code and why we need to

Thinking Software Today I want to talk about the importance of software/code and why we need to study it: 1. Software/Code 2. The softwarization of the university Apple Siri Thinking Software 3. Knowledge in the Digital Age code and the

476 views • 14 slides
CS314 Software Engineering Clean Code Dave Matthews Clean Code: A Handbook of Agile Software

CS314 Software Engineering Clean Code Dave Matthews Clean Code: A Handbook of Agile Software

3/1/18 CS314 Software Engineering Clean Code Dave Matthews Clean Code: A Handbook of Agile Software Craftsmanship, Robert C Martin, 2009 1 3/1/18 Code Climate Maintainability complexity (cognitive or boolean logic) duplicate code

257 views • 4 slides
How Software Projects Fail Software Failures Software appears, by its nature, to be difficult to

How Software Projects Fail Software Failures Software appears, by its nature, to be difficult to

How Software Projects Fail Software Failures Software appears, by its nature, to be difficult to engineer on a large scale. Nevertheless, there is an insatiable demand for sizeable, well-engineered software. Dr. James A. Bednar We continue to

69 views • 6 slides
Code Coverage SWEN-261 Introduction to Software Engineering Department of Software Engineering

Code Coverage SWEN-261 Introduction to Software Engineering Department of Software Engineering

Code Coverage SWEN-261 Introduction to Software Engineering Department of Software Engineering Rochester Institute of Technology Code coverage analysis is measuring how well your unit tests exercise the production code. Code coverage

290 views • 10 slides
Code quality in Python A reasonable approach to measuring code quality in your projects Radosaw

Code quality in Python A reasonable approach to measuring code quality in your projects Radosaw

Code quality in Python A reasonable approach to measuring code quality in your projects Radosaw Ganczarek - 2019 Hi! Its me again! Radosaw Ganczarek (Rad) EuroPython 2015 (Bilbao) Reasonable approach? Made with by PGS Software Made

770 views • 34 slides
Fisheries NZ Interaction projects Projects from the last 3 years Code Title Stage Comments

Fisheries NZ Interaction projects Projects from the last 3 years Code Title Stage Comments

Fisheries NZ Interaction projects Projects from the last 3 years Code Title Stage Comments PRO2016-06 Spatially explicit risk assessment query and simulation tool Contracted Due to deliver by early 2019 PMM2018-04A Estimate spatial

142 views • 3 slides
ECE 3574: Applied Software Design Meeting 08: Building Cross-Platform Software using CMake The

ECE 3574: Applied Software Design Meeting 08: Building Cross-Platform Software using CMake The

ECE 3574: Applied Software Design Meeting 08: Building Cross-Platform Software using CMake The goal of todays meeting it to learn about building larger software projects that have multiple modules of code, unit tests, and main programs.

230 views • 9 slides
Tools for Software Projects Massimo Felici Massimo Felici Tools for Software Projects 2011

Tools for Software Projects Massimo Felici Massimo Felici Tools for Software Projects 2011

Tools for Software Projects Massimo Felici Massimo Felici Tools for Software Projects 2011 c 1 Automating Drudgery Most of the techniques we will talk about can benefit from automated tools , and some would be totally impractical

451 views • 28 slides
Code Communication SWEN-610 Foundations of Software Engineering Department of Software

Code Communication SWEN-610 Foundations of Software Engineering Department of Software

Code Communication SWEN-610 Foundations of Software Engineering Department of Software Engineering Rochester Institute of Technology How your code &quot;reads&quot; is critically important for the humans who will read it. Any fool can write

417 views • 9 slides
The Severity and Prevalence of Ambiguity in Software Engineering Requirements Cristina Ribeiro

The Severity and Prevalence of Ambiguity in Software Engineering Requirements Cristina Ribeiro

The Severity and Prevalence of Ambiguity in Software Engineering Requirements Cristina Ribeiro PhD Candidate University of Waterloo Overview Introduction Research Problem Proposed Solution Ambiguity Model Research Method 2 Introduction

846 views • 47 slides
Software Architecture and Design On the importance of planning Why do Projects Fail? Steve

Software Architecture and Design On the importance of planning Why do Projects Fail? Steve

Software Architecture and Design On the importance of planning Why do Projects Fail? Steve McConnell describes how small projects aren't necessarily representative of the problems you'll encounter on larger projects: People who have

638 views • 30 slides
Managing Large Code Projects 15-110 Wednesday 11/11 Learning Goals Implement helper

Managing Large Code Projects 15-110 Wednesday 11/11 Learning Goals Implement helper

Managing Large Code Projects 15-110 Wednesday 11/11 Learning Goals Implement helper functions in code to break up large problems into solvable subtasks Recognize the four core rules of code maintenance Use the input command and

1.07k views • 62 slides
The Impact of Code Review Coverage and Code Review Participation on Software Quality Shane

The Impact of Code Review Coverage and Code Review Participation on Software Quality Shane

The Impact of Code Review Coverage and Code Review Participation on Software Quality Shane Yasutaka Bram Ahmed E. McIntosh Kamei Adams Hassan Code reviews : An opportunity for constructive criticism of code changes Yasu Shane Bram

1.62k views • 89 slides
Monitoring Code Quality and Monitoring Code Quality and Development Activity by Software Maps

Monitoring Code Quality and Monitoring Code Quality and Development Activity by Software Maps

Monitoring Code Quality and Monitoring Code Quality and Development Activity by Software Maps by Software Maps J h Johannes Bohnet and Jrgen Dllner B h t d J Dll Hasso-Plattner-Institute for IT Systems Engineering University of

226 views • 8 slides
Combined Loading 2 Lecture 7 ME EN 372 Andrew Ning aning@byu.edu Outline Bit Brace Problem

Combined Loading 2 Lecture 7 ME EN 372 Andrew Ning aning@byu.edu Outline Bit Brace Problem

Combined Loading 2 Lecture 7 ME EN 372 Andrew Ning aning@byu.edu Outline Bit Brace Problem Sometimes we mistakenly may believe that happiness is the absence of a load. But bearing a load is a necessary and essential part of the plan of

228 views • 3 slides
#join Brace JellyBox Build: 20_Acrylic Brace In this video, we assemble and incorporate the

#join Brace JellyBox Build: 20_Acrylic Brace In this video, we assemble and incorporate the

#join Brace JellyBox Build: 20_Acrylic Brace In this video, we assemble and incorporate the Brace. ___________________________________________________________________ You'll Need: Front Brace piece Back Brace piece 4&quot; zip tie (1)

376 views • 5 slides
Algorithms for NLP Classification I Sachin Kumar - CMU Slides: Dan Klein UC Berkeley, Taylor

Algorithms for NLP Classification I Sachin Kumar - CMU Slides: Dan Klein UC Berkeley, Taylor

Algorithms for NLP Classification I Sachin Kumar - CMU Slides: Dan Klein UC Berkeley, Taylor Berg-Kirkpatrick, Yulia Tsvetkov CMU Classification Image Digit Classification Document Category Classification Query + Web Pages

771 views • 73 slides
From the YBE to the Left Braces Ivan Lau (Joint Work with Patrick Kinnear and Dora Pulji c)

From the YBE to the Left Braces Ivan Lau (Joint Work with Patrick Kinnear and Dora Pulji c)

From the YBE to the Left Braces Ivan Lau (Joint Work with Patrick Kinnear and Dora Pulji c) University of Edinburgh Groups, Rings and Associated Structures 2019 June 9-15 2019, Spa, Belgium 1/20 Small Challenge Find all matrices R C 4

387 views • 25 slides
Hyatt Place North Shore AE Senior Thesis Spring 2011 Kyle Tennant Structural

Hyatt Place North Shore AE Senior Thesis Spring 2011 Kyle Tennant Structural

Hyatt Place North Shore AE Senior Thesis Spring 2011 Kyle Tennant Structural Option Faculty Consultant ... Dr. Ali Memari Project Information Existing Structure Thesis Proposal Thesis Proposal Thesis Proposal Structural

281 views • 3 slides
DHCP EAP Analysis or wheres my pony? Protocol overview

DHCP EAP Analysis or wheres my pony? Protocol overview

DHCP EAP Analysis or wheres my pony? Protocol overview EAP Encapsulated in DHCP Protocol DHCP protocol starts normally Relay (proxy)

881 views • 12 slides
Generalized Matrix Factorizations as a Unifying Framework for Pattern Set Mining Complexity

Generalized Matrix Factorizations as a Unifying Framework for Pattern Set Mining Complexity

Generalized Matrix Factorizations as a Unifying Framework for Pattern Set Mining Complexity Beyond Blocks Pauli Miettinen 10 September 2015 Community detection A B C ( ) 1 1 1 0 1 A 2 1 1 1 0 1 1 3 A B C B ( ) ( ) 2

301 views • 18 slides
Order in Datalog with Applications to Declarative Output Stefan Brass University of Halle,

Order in Datalog with Applications to Declarative Output Stefan Brass University of Halle,

Order in Datalog with Applications to Declarative Output 1 Order in Datalog with Applications to Declarative Output Stefan Brass University of Halle, Germany Stefan Brass Datalog 2.0, 11.09.2012 Order in Datalog with Applications to

490 views • 26 slides

More recommend