Duplicate code: Difference between revisions
→Costs and benefits: +section link |
→Costs and benefits: Correcting misleading summarization of source 6 |
||
Line 16: | Line 16: | ||
== Costs and benefits == |
== Costs and benefits == |
||
When code with a [[Vulnerability (computing)|software vulnerability]] is copied, the vulnerability may continue to exist in the copied code if the developer is not aware of such copies. |
|||
When code with a [[Vulnerability (computing)|software vulnerability]] is copied, the vulnerability may continue to exist in the copied code if the developer is not aware of such copies.<ref>{{cite journal|last1=Li|first1=Hongzhe|last2=Kwon|first2=Hyuckmin|last3=Kwon|first3=Jonghoon|last4=Lee|first4=Heejo|title=CLORIFI: software vulnerability discovery using code clone verification|journal=Concurrency and Computation: Practice and Experience|date=25 April 2016|volume=28|issue=6|pages=1900–1917|doi=10.1002/cpe.3532}}</ref> [[Code refactoring|Refactoring]] duplicate code can improve many software metrics, such as [[lines of code]], [[cyclomatic complexity]], and [[Coupling (computer programming)|coupling]]. This may lead to shorter compilation times, lower [[cognitive load]], less [[human error]], and fewer forgotten or overlooked pieces of code. However, not all code duplication can be refactored.<ref>{{cite journal|last1=Arcelli Fontana|first1=Francesca|last2=Zanoni|first2=Marco|last3=Ranchetti|first3=Andrea|last4=Ranchetti|first4=Davide|title=Software Clone Detection and Refactoring|journal=ISRN Software Engineering|date=2013|volume=2013|pages=1–8|doi=10.1155/2013/129437}}</ref> Clones may be the most effective solution if the programming language provides inadequate or overly complex abstractions, particularly if supported with user interface techniques such as [[simultaneous editing]]. Furthermore, the risks of breaking code when refactoring may outweigh any maintenance benefits.<ref>Kapser, C.; Godfrey, M.W., [http://plg2.cs.uwaterloo.ca/~migod/papers/2006/wcre06-clonePatterns.pdf ""Cloning Considered Harmful" Considered Harmful]," 13th Working Conference on Reverse Engineering (WCRE), pp. 19-28, Oct. 2006</ref> Duplicated code does not seem to be significantly more error-prone than unduplicated code.<ref>{{Cite journal|last=Wagner|first=Stefan|last2=Abdulkhaleq|first2=Asim|last3=Kaya|first3=Kamer|last4=Paar|first4=Alexander|date=2016|title=On the relationship of inconsistent software clones and faults: an empirical study|url=http://elib.uni-stuttgart.de/opus/volltexte/2016/10526/|journal=Proc. 23rd IEEE International Conference on Software Analysis, Evolution, and Reengineering (SANER 2016)|doi=|pmid=|access-date=}}</ref>{{disputed-inline|date=June 2019|1=Concern by 173.177.203.139}} |
|||
<ref>{{cite journal|last1=Li|first1=Hongzhe|last2=Kwon|first2=Hyuckmin|last3=Kwon|first3=Jonghoon|last4=Lee|first4=Heejo|title=CLORIFI: software vulnerability discovery using code clone verification|journal=Concurrency and Computation: Practice and Experience|date=25 April 2016|volume=28|issue=6|pages=1900–1917|doi=10.1002/cpe.3532}}</ref> |
|||
[[Code refactoring|Refactoring]] duplicate code can improve many software metrics, such as [[lines of code]], [[cyclomatic complexity]], and [[Coupling (computer programming)|coupling]]. This may lead to shorter compilation times, lower [[cognitive load]], less [[human error]], and fewer forgotten or overlooked pieces of code. However, not all code duplication can be refactored. |
|||
<ref>{{cite journal|last1=Arcelli Fontana|first1=Francesca|last2=Zanoni|first2=Marco|last3=Ranchetti|first3=Andrea|last4=Ranchetti|first4=Davide|title=Software Clone Detection and Refactoring|journal=ISRN Software Engineering|date=2013|volume=2013|pages=1–8|doi=10.1155/2013/129437}}</ref> |
|||
Clones may be the most effective solution if the programming language provides inadequate or overly complex abstractions, particularly if supported with user interface techniques such as [[simultaneous editing]]. Furthermore, the risks of breaking code when refactoring may outweigh any maintenance benefits. |
|||
<ref>Kapser, C.; Godfrey, M.W., [http://plg2.cs.uwaterloo.ca/~migod/papers/2006/wcre06-clonePatterns.pdf ""Cloning Considered Harmful" Considered Harmful]," 13th Working Conference on Reverse Engineering (WCRE), pp. 19-28, Oct. 2006</ref> |
|||
A study by Wagner, Abdulkhaleq, and Kaya concluded that while additional work must be done to keep duplicates in sync, if the programmers involved are aware of the duplicate code there weren't significantly more faults caused than in unduplicated code. |
|||
<ref>{{Cite journal|last=Wagner|first=Stefan|last2=Abdulkhaleq|first2=Asim|last3=Kaya|first3=Kamer|last4=Paar|first4=Alexander|date=2016|title=On the relationship of inconsistent software clones and faults: an empirical study|url=http://elib.uni-stuttgart.de/opus/volltexte/2016/10526/|journal=Proc. 23rd IEEE International Conference on Software Analysis, Evolution, and Reengineering (SANER 2016)|doi=|pmid=|access-date=}}</ref>{{disputed-inline|date=June 2019|1=Concern by 173.177.203.139}}</ref> |
|||
==Detecting duplicate code== |
==Detecting duplicate code== |
Revision as of 01:39, 13 June 2019
Duplicate code is a computer programming term for a sequence of source code that occurs more than once, either within a program or across different programs owned or maintained by the same entity. Duplicate code is generally considered undesirable for a number of reasons.[1] A minimum requirement is usually applied to the quantity of code that must appear in a sequence for it to be considered duplicate rather than coincidentally similar. Sequences of duplicate code are sometimes known as code clones or just clones, the automated process of finding duplications in source code is called clone detection.
Some of the ways in which two code sequences can be duplicates of each other are to be character-for-character identical, character-for-character identical with white space characters and comments being ignored, token-for-token identical, token-for-token identical with occasional variation or functionally identical.
How duplicates are created
Some of the reasons why duplicate code may be created include Copy and paste programming, which in academic settings may be done as part of plagiarism, or scrounging, in which a section of code is copied "because it works". In most cases this operation involves slight modifications in the cloned code such as renaming variables or inserting/deleting code. The language nearly always provides facilities to allow one copy of the code to serve multiple purposes, but a copy is created due to the programmer not truly knowing the language, not having the time to do it properly, or not caring about the increased active software rot.
It may also contain functionality that is very similar to that in another part of a program is required and a developer independently writes code that is very similar to what exists elsewhere. Studies suggest that such independently rewritten code is typically not syntactically similar.[2]
Automatically generated code, where having duplicate code may be desired to increase speed or ease of development, is another reason for duplication. Note that the actual generator will not contain duplicates in its source code, only the output it produces.
Fixing
Duplicate code is most commonly fixed by moving the code into its own unit (function or module) and calling that unit from all of the places where it was originally used. Using a more open-source style of development, in which components are in centralized locations, may also help with duplication.
Costs and benefits
When code with a software vulnerability is copied, the vulnerability may continue to exist in the copied code if the developer is not aware of such copies. [3] Refactoring duplicate code can improve many software metrics, such as lines of code, cyclomatic complexity, and coupling. This may lead to shorter compilation times, lower cognitive load, less human error, and fewer forgotten or overlooked pieces of code. However, not all code duplication can be refactored. [4] Clones may be the most effective solution if the programming language provides inadequate or overly complex abstractions, particularly if supported with user interface techniques such as simultaneous editing. Furthermore, the risks of breaking code when refactoring may outweigh any maintenance benefits. [5] A study by Wagner, Abdulkhaleq, and Kaya concluded that while additional work must be done to keep duplicates in sync, if the programmers involved are aware of the duplicate code there weren't significantly more faults caused than in unduplicated code. [6][disputed – discuss]</ref>
Detecting duplicate code
A number of different algorithms have been proposed to detect duplicate code. For example:
- Baker's algorithm.[7]
- Rabin–Karp string search algorithm.
- Using Abstract Syntax Trees.[8]
- Visual clone detection.[9]
- Count Matrix Clone Detection.[10][11]
- Locality-sensitive hashing
- Anti-unification[12]
Example of functionally duplicate code
Consider the following code snippet for calculating the average of an array of integers
extern int array_a[];
extern int array_b[];
int sum_a = 0;
for (int i = 0; i < 4; i++)
sum_a += array_a[i];
int average_a = sum_a / 4;
int sum_b = 0;
for (int i = 0; i < 4; i++)
sum_b += array_b[i];
int average_b = sum_b / 4;
The two loops can be rewritten as the single function:
int calc_average_of_four(int* array) {
int sum = 0;
for (int i = 0; i < 4; i++)
sum += array[i];
return sum / 4;
}
Using the above function will give source code that has no loop duplication:
extern int array1[];
extern int array2[];
int average1 = calc_average_of_four(array1);
int average2 = calc_average_of_four(array2);
Note that in this trivial case, the compiler may choose to inline both calls to the function, such that the resulting machine code is identical for both the duplicated and non-duplicated examples above. If the function is not inlined, then the additional overhead of the function calls will probably take longer to run (on the order of 10 processor instructions for most high-performance languages). Theoretically, this additional time to run could matter.
See also
- Abstraction principle (programming)
- Anti-pattern
- Don't repeat yourself
- List of tools for static code analysis
- Redundant code
- Rule of three (computer programming)
References
- ^ Spinellis, Diomidis. "The Bad Code Spotter's Guide". InformIT.com. Retrieved 2008-06-06.
- ^ Code similarities beyond copy & paste by Elmar Juergens, Florian Deissenboeck, Benjamin Hummel.
- ^ Li, Hongzhe; Kwon, Hyuckmin; Kwon, Jonghoon; Lee, Heejo (25 April 2016). "CLORIFI: software vulnerability discovery using code clone verification". Concurrency and Computation: Practice and Experience. 28 (6): 1900–1917. doi:10.1002/cpe.3532.
- ^ Arcelli Fontana, Francesca; Zanoni, Marco; Ranchetti, Andrea; Ranchetti, Davide (2013). "Software Clone Detection and Refactoring". ISRN Software Engineering. 2013: 1–8. doi:10.1155/2013/129437.
{{cite journal}}
: CS1 maint: unflagged free DOI (link) - ^ Kapser, C.; Godfrey, M.W., ""Cloning Considered Harmful" Considered Harmful," 13th Working Conference on Reverse Engineering (WCRE), pp. 19-28, Oct. 2006
- ^ Wagner, Stefan; Abdulkhaleq, Asim; Kaya, Kamer; Paar, Alexander (2016). "On the relationship of inconsistent software clones and faults: an empirical study". Proc. 23rd IEEE International Conference on Software Analysis, Evolution, and Reengineering (SANER 2016).
- ^ Brenda S. Baker. A Program for Identifying Duplicated Code. Computing Science and Statistics, 24:49–57, 1992.
- ^ Ira D. Baxter, et al. Clone Detection Using Abstract Syntax Trees
- ^ Visual Detection of Duplicated Code Archived 2006-06-29 at the Wayback Machine by Matthias Rieger, Stephane Ducasse.
- ^ Yuan, Y. and Guo, Y. CMCD: Count Matrix Based Code Clone Detection, in 2011 18th Asia-Pacific Software Engineering Conference. IEEE, Dec. 2011, pp. 250–257.
- ^ Chen, X., Wang, A. Y., & Tempero, E. D. (2014). A Replication and Reproduction of Code Clone Detection Studies. In ACSC (pp. 105-114).
- ^ Bulychev, Peter, and Marius Minea. "Duplicate code detection using anti-unification." Proceedings of the Spring/Summer Young Researchers’ Colloquium on Software Engineering. No. 2. Федеральное государственное бюджетное учреждение науки Институт системного программирования Российской академии наук, 2008.