Intel Labs’ Machine Programming Research (MPR) team, working to improve software developer productivity and quality, announced the open source availability of ControlFlag. Designed late last year, ControlFlag is a self-supervised idiosyncratic pattern detection system that learns typical patterns that occur in the control structures of high-level programming languages, such as C/C++, by mining these patterns from open-source repositories (on GitHub and other version control systems). It then applies learned patterns to detect anomalous patterns in user’s code.
The ControlFlag’s pattern anomaly detection system can be used for various problems such as typographical error detection, flagging a missing NULL check to name a few.
It follows two main phases: (1) pattern mining phase, and (2) scanning for anomalous patterns phase. The pattern mining phase is a “training phase” that mines typical patterns in the user-provided GitHub repositories and then builds a decision-tree from the mined patterns. The scanning phase, on the other hand, applies the mined patterns to flag anomalous expressions in the user-specified target repositories.
Intel said, since its introduction, ControlFlag has been tested on production-level software and widely used open-source software systems. For example, last year, ControlFlag identified a code anomaly in Client URL (cURL), a computer software project transferring data using various network protocols over one billion times a day. After reporting the anomaly to the cURL team, they agreed with ControlFlag’s findings and have subsequently patched their code.
The company says, While ControlFlag cannot yet automatically mitigate the defects it finds, it provides users suggestions for potential corrections. “Yet, prior surveys have shown that when programmers are debugging, most of their time is spent identifying software defects.”