1 / 10

Retrieving Similar Code Fragments based on Identifier Similarity for Defect Detection

Retrieving Similar Code Fragments based on Identifier Similarity for Defect Detection. Norihiro Yoshida Takashi Ishio Makoto Matsushita Katsuro Inoue (Osaka University). Similar code fragment. A code fragment that has similar part to it in source code

jonco
Download Presentation

Retrieving Similar Code Fragments based on Identifier Similarity for Defect Detection

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Retrieving Similar Code Fragments based on IdentifierSimilarity for Defect Detection Norihiro Yoshida Takashi Ishio Makoto Matsushita Katsuro Inoue (Osaka University)

  2. Similar code fragment • A code fragment that has similar part to it in source code • introduced in source code because of various reasons. • e.g. “copy-and-paste” • makes software maintenance difficult. It is necessary to check CF2 and CF3 It is necessary to check a2. Source file Source file Similar code fragment If CF1 is defective… CF2 CF1 CF3

  3. Similar defects in Linux 2.6.6 for(iter=0; iter<num_regs; iter++) { prom_prom_taken[iter].start_adr = prom_reg_memlist[iter].phys_addr; prom_prom_taken[iter].num_bytes = prom_reg_memlist[iter].reg_size; prom_prom_taken[iter].theres_more = &prom_phys_total[iter+1]; // should be:&prom_prom_taken[iter+1]; } for(iter=0; iter<num_regs; iter++) { prom_prom_taken[iter].start_adr = (char *) prom_reg_memlist[iter].phys_addr; prom_prom_taken[iter].num_bytes = (unsigned long) prom_reg_memlist[iter].reg_size; prom_prom_taken[iter].theres_more = &prom_phys_total[iter+1]; // should be:&prom_prom_taken[iter+1]; }

  4. Similar defects in Linux 2.6.6 for(iter=0; iter<num_regs; iter++) { prom_prom_taken[iter].start_adr = prom_reg_memlist[iter].phys_addr; prom_prom_taken[iter].num_bytes = prom_reg_memlist[iter].reg_size; prom_prom_taken[iter].theres_more = &prom_phys_total[iter+1]; // should be:&prom_prom_taken[iter+1]; } Type cast operations are inserted. for(iter=0; iter<num_regs; iter++) { prom_prom_taken[iter].start_adr = (char *) prom_reg_memlist[iter].phys_addr; prom_prom_taken[iter].num_bytes = (unsigned long) prom_reg_memlist[iter].reg_size; prom_prom_taken[iter].theres_more = &prom_phys_total[iter+1]; // should be:&prom_prom_taken[iter+1]; } Clone detection tools cannot treat the code fragments as a clone pair.

  5. An overview of proposed method Input code fragment (Query) Input identifier list Lexical Analysis Ii[0] Ii[ni] Similar sublists Is1[0] Is1[ns1] Comparison Is2[0] Is2[ns2] Target source files Target identifier lists Isn[0] Isn[nsn] It1[0] It1[nt1] Lexical Analysis It2[0] It2[nt2] Ranking Itn[0] Itn[ntn] Similarity Ranking The method retrieves code fragments similar to an input code fragment.

  6. Comparison • Scan a target identifier list with a sliding window • We compare identifiers in the sliding window with the input identifier list. • Extract a code fragment corresponding to the sliding window if the window involves one or more identifiers in the input list Input identifier list Ii[0] Ii[1] Ii[2] Target identifier list It[n-1] It[n] It[0] It[1] It[2] It[3] Sliding Window (fixed length) The direction of movement of the sliding window

  7. Similarity-based ranking • The extracted code fragments aresorted according to the following similarity. • Si :a set of elements in an input identifier list • Sw: a set of elements in a sliding window • Developers investigate the resultant similarity-based ranking.

  8. Case Study • Target open source software systems • arch/ directory in Linux 2.6.6 • Architecture-specific implementations in OS • 2 incorrect pointer accesses • server/ directory in Canna 3.6 • Japanese input system • 19 buffer overflow errors • Procedure • extract code fragments sharing similar defects • enter each code fragment into the tool implementing our method • inspect if the similarity ranking ranks highly code fragments involving defects

  9. Result • Linux 2.6.6 • We used 2 code fragments as queries. • Each code fragment involves an incorrect pointer access. • In both of those queries, the 2 code fragments are the top 2. • Canna 3.6 • We used 19 code fragments as queries. • Each code fragment involves a buffer overflow error. • In all of those queries, 18 or 19 code fragments are the top 30. In our case studies, we could detect most of similar defects.

  10. Summary & Future work • We proposed a method to retrieve similar code fragments based on identifier similarity. • Sliding window comparison • Similarity-based ranking • We need further case studies. • Application to similar defects in other software systems • Effects from changing “similarity” definition

More Related