Intel has published the release of ControlFlag 1.2, a toolkit that allows you to identify errors and anomalies in source code using a machine learning system trained on a large amount of existing code. Unlike traditional static analyzers, ControlFlag does not apply ready-made rules, in which it is difficult to provide for all possible options, but is based on statistics on the use of various language constructs in a large number of existing projects. The ControlFlag code is written in C++ and is open sourced under the MIT license.
The new release is notable for the implementation of full support for anomaly detection and learning based on common code patterns for the C++ language. In previous versions, similar support was provided for C and PHP languages. The system is suitable for identifying various types of problems in code, from identifying typos and type mismatches, to identifying anomalies in if statements and missing NULL checks in pointers. The system is trained by building a statistical model of the existing code array of open source projects in C, C++ and PHP, published in GitHub and similar public repositories.
At the training stage, the system determines typical patterns for constructing structures in the code and builds a syntactic tree of connections between these patterns, reflecting the flow of code execution in the program. As a result, a reference decision-making tree is formed that combines the development experience of all analyzed source codes. The code under review undergoes a similar process of identifying patterns that are checked against a reference decision tree. Large discrepancies with neighboring branches indicate the presence of an anomaly in the pattern being checked.
Source: opennet.ru