Ubisoft And Mozilla Announce AI Coding Assistant Clever-Commit

Video game publisher Ubisoft is working with Mozilla to develop an AI coding assistant called Clever-Commit, head of Ubisoft La Forge Yves Jacquier announced during DICE Summit 2019 on Tuesday. From a report: Clever-Commit reportedly helps programmers evaluate whether or not a code change will introduce a new bug by learning from past bugs and fixes. The prototype, called Commit-Assistant, was tested using data collected during game development, Ubisoft said, and it's already contributing to some major AAA titles. The publisher is also working on integrating it into other brands. "Working with Mozilla on Clever-Commit allows us to support other programming languages and increase the overall performances of the technology. Using this tech in our games and Firefox will allow developers to be more productive as they can spend more time creating the next feature rather than fixing bugs. Ultimately, this will allow us to create even better experiences for our gamers and increase the frequency of our game updates," said Mathieu Nayrolles, technical architect, data scientist, and member of the Technological Group at Ubisoft Montreal.

Son of Clippy!

[XXongo]

So, it's like Clippy, but for programmers!

Re:Son of Clippy!

No Clippy in Federal prison. Sorry Trump traitors. That's the one upside of Federal prison, you made it.

Re:Son of Clippy!

It looks like you're making a joke.

Would you like help?
- Writing a punchline
- Working on your timing

Good!

Good! I am sure that our resident IT clerk living in San Jose and working in Palo Alto doesn't have a clue about what TFS is about so that's one less crappy video he is going to make!

-Ubisoft Montreal Guy

Re:Good!

Cdreimer left /. after 20+ years and posted 100+ videos in 2018. His trolls are still butthurt about this.

The thing to do for him: post more videos :)

WOPR_AI

How about a nice game of chess?

No... just no

[mark-t]

Either the class of programs for which this would work is so narrow as to be practically useless for most people or they have effectively claimed to have solved the Turing Halting Problem.

My money is on the former.

Re: No... just no

I likk yerrrr toe cheese

Re: No... just no

Likely it'll be checking for obvious stuff that developers should already be looking for, but don't.

I frequently debate with developers at places I've worked at over the silliest of things. They'll do stupid stuff like checking the memory addresses of two objects instead of the values (when yes they want to check the values). Even when they've killed the infrastructure or app or whatever multiple times, they'll still do stupid stuff like this and debate it. Entirely unbelievable.

Of course, a tool like this won't help unless it's enforced. I've seen the same developers ignore tool warnings and what not. A number of projects I've been on have had so many warnings, that the tool would literally stop counting them. The others frequently did not consider this a problem.

Anyway... Some habits out there are entirely unbelievable. In my opinion, no tool will fix it. You have to be willing to fire these people to make an actual difference.

Re:No... just no

[squiggleslash]

I think there's a gap between useless and being able to prove that p=np if it comes to advice rather than making boolean decisions on whether to accept a commit.

As a really simple example, if a program uses strcpy but there's no apparent use of strlen before in the same function, you can probably reasonably issue a warning that the code there may be unsafe and explain why. You shouldn't block it because you don't know that there's some other way that the programmer knows strcpy is safe in context, but at the same time it's going to be worth highlighting as a potential issue.

Re:No... just no

[Darinbob]

I think you just need a static analysis tool that you can run quickly on your code. The ones I used in the past you had to commit the code first and wait overnight, though they say there are improvements so you can do it at your desk. From there it's a small jump to just reverifying just on the changed files. The static analysis tools do a good job and find a lot of bugs (and some false positives) that code reviewers often overlook.

Re: No... just no

[Darinbob]

A good process should always be "zero warnings" before code is committed, or send automatic emails to the offender if the build shows warnings, or whatnot. Once you start letting some warnings through then people stop paying attention. I'm amazed in some occasions that after figuring out a bug from the field that there was a warning pointing to it the whole time; and the dev usually has an excuse that there are so many warnings that it slipped past.

Sure, 99% of the warnings will be meaningless but you don't want the 1% that get through be discovered by crashes that the customer finds first.

The snag is with third party libraries that typically come with tons of warnings when compiled (we statically link it all together in a single build most places I've worked). But that's where you tweak the build to only exclude warnings on those problematic libraries instead of excluding globally.

Re:No... just no

[Darinbob]

Static analysis tools are really great at figuring out that you're overwriting past the end of an array or allocated block. Even if it's a false positive there's always a way to flag it or tweak to code so that it doesn't show as a warning anymore.

One snag I've seen over the years is that a lot of programmers don't think that it's worth their time (or not their job) to write code that is maintainable over the long run. If it compilers and runs and QA isn't complaining then they think that's all there is to it. Quashing warnings and keeping static analysis happy is indeed a major part of the job. (If you're in a startup and being paid to deliver a demo with new features every Friday then you can possibly be excused from this, but still try to sneak in some quality when the boss isn't looking.)

Re: No... just no

so, like warnings from own code, warnings from 3rd party libs, warnings from stackoverflow and common sense in general this tool will be ignored too.

Re: No... just no

Oh I agree.

Good luck enforcing that in any of the companies I've been at though. I've seen developers escalate these disputes all the way up to CEO or founder level and then force their code into production. At which point it inevitably blows up.

Then everyone stands around and wonders how this happens. Then a meeting gets scheduled and another one gets scheduled and so on. When the answer is obvious to all involved. But instead they'll want another tool to tell them the same shit they were already told.

Even the best company I worked at had these issues from time to time. Yes, it happened less often. But you would still find it happening here and there.

This tool will just be another one saying more or less the same thing.

Hell, during one of the interviews I was at this kind of situation came up. The group that interviewed me insisted they needed another tool, even though they clearly stated their existing tools would flag lots of things they ignored. I told them that they had to stop ignoring the warnings, etc and take care of it and that yet another tool wouldn't force them to have proper procedures.
  Guess what they did? They laughed at me. I decided I didn't want to work at their ridiculous company if their attitude was THAT bad.

Re: No... just no

You just broke Linux. In Linux they read memory outside of the allocated area on purpose. Postgresql does similar for performance reasons. Also almost every system that gives warnings also gives false positives. Do you want to halt production because tool you use is broken?

Re: No... just no

Writing maintainable code is not the responsibility of the programmer but the architect and product owner. If they do their work correctly, programmers are unable to write unmaintainable code.

Re: No... just no

No you didn't idiot.

Generally for these types of tools you can mark code that doesn't conform with an override marker that indicates it is in fact correct.

Granted, not all tools support this. But either way, you then add a comment to that line to indicate WHY this is not an actual issue. This isn't for you, it's for other people that come later.

Then, you grant the exception and pass it through.

Many developers do NOT do this. They want their literal bullshit code passed through without explanation and have no desire to take two seconds to add the override for the tool so the warning disappears. This code will then ALWAYS break.

Exceptions are exactly that, exceptions. They should not be the norm. But again, for many developers this is the norm. Which proves they're crap developers. Good luck getting them to change though. They'll argue all the time how their crap technique is in fact the correct way, even as they leave a wasteland behind them.

Re:No... just no

[Wootery]

I share your scepticism, for the simple reason that extraordinary claims require extraordinary evidence, but it's not the case that theoretical computer science demonstrates the impossibility of a useful-but-imperfect bug-detector powered by learning techniques.

Indeed, we know for a fact that such systems exist: human programmers' intuitions.

Re:No... just no

[mark-t]

Yes, but we do not know if the human programmer intuition is behaving non-deterministically or not (even if the universe is deterministic, it can be shown through a paraphrasing of the halting problem that non-deterministic systems could theoretically exist within it without violating any underlying deterministic nature, thereby allowing for the existence of things like free will).

Re:No... just no

[Wootery]

we do not know if the human programmer intuition is behaving non-deterministically or not

There's little sense holding out hope that we're spared from determinism, hoping to carve out space for conventional free will, but it makes little difference for our purposes here. Even if the brain is somehow non-deterministic, you can do a reasonable job of simulating it using a deterministic machine: just pick seed values using some pseudorandom scheme, to pick from the set of candidate outputs of the non-deterministic machine. You'll get a valid output.

even if the universe is deterministic, it can be shown through a paraphrasing of the halting problem that non-deterministic systems could theoretically exist within it without violating any underlying deterministic nature

With respect, it absolutely cannot, but I'd be curious to hear your line of reasoning here.

Keep Mozilla away from Ubisoft

[xack]

We need less influence from big companies especially now Firefox is the only major non chrome based browser. I don't want Microtransactions in Firefox

Re:Keep Mozilla away from Ubisoft

In soviet Russia, Firefox pockets you!

Re: Keep Mozilla away from Ubisoft

I dont want to hear what anyone else thinks about Firefox except my custome clippy. I really really dont want to hear what the typical dust bunny thinks or the average Tom dick or Harry or religious morons. GTFO

Re:Keep Mozilla away from Ubisoft

I'd happily buy microtransactions in Firefox if it meant they would be less reliant on Google for revenue and could fight more freely against web tracking.

Re:Keep Mozilla away from Ubisoft

if you worked for mozilla you'd know that mozilla VPs want to be another big corp.
they no longer care (well the ones that did are gone and mitchell gave up, she just cares about trying to get into politics now)

Thinking the same thing

[SuperKendall]

Looks like you are trying to add code that exhibits a buffer overflow!

Would you:

(A) Like me to add protection around use of this memory?
(B) Update the NSA unregistered exploit list with the location of this memory exploit and your bank account number?
(C) Public exploit to Russian IRC server for the LOLs?

curve

So both teachers and programmers are out their jobs on the same day. The singularity is approaching liftoff.

If the coders are like where I work

All it has to do is look at the submitter's name.

Re: If the coders are like where I work

Lol. Agreed.

How is this any different from this open source pr

Seems the same .. without the fancy AI buzzword sprinkle?!

http://commit.guru/

Better Approaches

If there's a type of repeating bug you should update how you use the language to make it impossible to repeat the same error in the future. Example, if you always have to call X before Y, then there should be a Z which calls X,Y. If you need to do work in between X and Y, then Z takes a B and performs X,B,Y. Now update your build process to throw an error if Y is ever called outside of Z.

If you're messing with basic arrays, create a struct and set of functions which automatically maintain the length of the array. Never reference an array outside of the struct and those functions. If your performance is absolutely critical, you can have that extra code collapse into nothing in your release builds.

Doing things like the above is what makes you a better software engineer. Manually trying to remember all the rules to perform safe programming just means you'll be writing bugs without realizing it and that you're an adult code monkey. (With child code monkeys not even trying to write safe code).

Keep Mozilla away from Web Browsers.

We don't need advertising and deep data mining in our Browser, and despite their claims to the contrary they are implementing technology to do all of that. Plus the WILLNOTFIX bug of Private Mode not clearing cookies until all private mode windows/tabs or a full browser shutdown have occurred, while blocking plugins from being able to view/delete private mode cookies causing them to persist even when the user believes they will have been cleared (like via the preferences clear cookies button... which DOES NOT clear private session cookies!!!!)

Mozilla is just as untrustworthy as Ubisoft in my book. If you need any more evidence, go and look at executive salaries for each and ask yourself if the Mozilla Foundation is really doing something to value their executive staff so highly.

Re:Keep Mozilla away from Web Browsers.

Will you do a better job for less money than Mozilla's execs? If so, do it and prove yourself. Otherwise stop acting like reading tea leaves entitles you to acting like you know anything about Mozilla or executives employees. Let alone your thoughts on "deep data mining" or "trustworthiness" or how Mozilla should run their browser company.

Re:Keep Mozilla away from Web Browsers.

If you need any more evidence, go and look at executive salaries for each and ask yourself if the Mozilla Foundation is really doing something to value their executive staff so highly.

Uh, you expect us to work? Show us the link or what you say means nothing.

AI looks over code

[AHuxley]

Self aware AI looks over code.
"What is my function?
To test Rust code
"And the CoC?"
Yeah, welcome to the CoC.

No one needs it more

[drinkypoo]

Ubisoft And Mozilla

Judging by the number of crash bugs in their software, the only developer who might need more help is Bethesda

Fuck Off APK

Fuck Off APK

Not F/OSS

[The1stImmortal]

Sadly, it doesn't look like this "Clever Commit" stuff is open source. That's disappointing from Mozilla - partnering with a game publisher with a poor customer relations track record, and using proprietary technology as an integral part of its development like this.

There does seem to be a paper but no actual code. In fact, the way the Mozilla blog is worded (https://blog.mozilla.org/futurereleases/2019/02/12/making-the-building-of-firefox-faster-for-you-with-clever-commit-from-ubisoft/) - it looks like Clever Commit is Ubisoft's technology, not even Mozilla's.

Not happy.