1 / 48

Ada Bug Finder

Ada Bug Finder. Ada Bug Finder. The Ada Bug Finder is a Windows application that searches Ada code for recognisable bug patterns. Presentation. Bug Finders Ada Bug Finder v1.4 Ada Bug Patterns Results Free software for you to try out!. Inspiration. “Finding Bugs is Easy”

dysis
Télécharger la présentation

Ada Bug Finder

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Ada Bug Finder White Elephant GmbH

  2. Ada Bug Finder • The Ada Bug Finder is a Windows application that searches Ada code for recognisable bug patterns White Elephant GmbH

  3. Presentation • Bug Finders • Ada Bug Finder v1.4 • Ada Bug Patterns • Results • Free software for you to try out! White Elephant GmbH

  4. Inspiration “Finding Bugs is Easy” By David Hovemeyer and William Pugh • Presented October 2004 at OOPSLA • Specific to Java Bug Patterns White Elephant GmbH

  5. Bug Pattern - Definition A bug pattern is a code idiom that is likely to be an error. David Hovemeyer and William Pugh • Syntactically correct but probably not what the author intended. White Elephant GmbH

  6. Concept • Premise: Bugs exist in production code • Search existing Ada code base for bug patterns. White Elephant GmbH

  7. Bugs in Production Code Why? • In code that is rarely executed • Symptoms hard to reproduce • No access to development staff White Elephant GmbH

  8. A “Findbugs” Utility • Should use simple patterns • Need not be 100% correct • False Positives are to be expected • No guarantee that every situation covered • Overnight background job – Speed not an issue White Elephant GmbH

  9. Trade-offs • Compilers could do more • Increased compilation time • Bug finder utility could do more or raise fewer false positives • Increased development costs White Elephant GmbH

  10. Ada Bug Finder v1.4 • Result of a small 140 hour project • As yet only detects 8 bug patterns • Optionally checks 7 style rules White Elephant GmbH

  11. False Positives • ABF doesn’t always get it right! • Implementation trade-off • Bad or over-complex style • Exercise care when modifying code! • Mark code with special comment to prevent ABF reporting White Elephant GmbH

  12. Code Marking - Example White Elephant GmbH

  13. Recognised Ada Bug Patterns • Illogical Operator Rename • Code Not Reachable • Exception Not Raised • Unused Unit • Unused Declaration • Null Pointer • Non Short Circuit • Wrong Granularity White Elephant GmbH

  14. 1. Illogical Operator Rename • In Ada83, where there is no use type clause, operators are often renamed to avoid the use of prefixed notation • Clumsy cut & paste editing might result in renaming an operator to be something totally different. The compiler allows this although it is highly unlikely to be what the author intended White Elephant GmbH

  15. IOR - Example White Elephant GmbH

  16. 2. Code Not Reachable Code placed after an unconditional • Raise • Return • Exit Some compilers (Gnat) detect this. White Elephant GmbH

  17. CNR - Example White Elephant GmbH

  18. 3. Exception Not Raised • An exception is declared but never raised • Exception handled but never raised White Elephant GmbH

  19. ENR – Example of False Positive White Elephant GmbH

  20. 4. Unused Unit • Package imported but never used • Procedure, function or package defined but neither exported nor used locally False positives: • Undetected default generic subprogram parameter • Conditional compilation selected code destined for a different target White Elephant GmbH

  21. UU – Example of False Positive White Elephant GmbH

  22. 5. Unused Declaration • Type, Constant or Variable declared but never used Why? • History • Confusion – Similar names • Overloading False positive: • Required because controlled type or default initialisation has an effect White Elephant GmbH

  23. UD – Example of False Positive White Elephant GmbH

  24. 6. Null Pointer • Code explicitly checks for null then dereferences the pointer • Unbelievable? • Not a compiler requirement. Some make checks None do the job properly! White Elephant GmbH

  25. NP - Example White Elephant GmbH

  26. 7. Non Short Circuit • and used instead of and then • or used instead of or else Typically • Test if index in range then use it • Test if pointer not null then dereference it White Elephant GmbH

  27. NSC - Example White Elephant GmbH

  28. 8. Wrong Granularity • Size attribute outside of an expression • Unlikely usage because hardly anything requires the size of an object in bits! Typically • An imported API (e.g. Windows) requires the address and size of a buffer in bytes. If this buffer size is suppliedas bits, a buffer overrun may occur! White Elephant GmbH

  29. WG - Example White Elephant GmbH

  30. The Ada Bug Finder Utility • Written in Ada95 • Uses Ada Parser to detect patterns • Reports • Options • Style White Elephant GmbH

  31. Screen Shot White Elephant GmbH

  32. ABF - Reports • Text • Comma Delimited White Elephant GmbH

  33. ABF - Options • Gnat Extensions • Preparation Phase (Second pass to reduce false positives at the expense of speed) White Elephant GmbH

  34. Style Rules Not bugs as such but coding practices that lead to bugs or make bugs harder to find. • Character Not Portable • Handle Task Exceptions • No Declaration Overloading • No Goto Statements • No Use Clause • No Variables in Specification • Superfluous Code Mark White Elephant GmbH

  35. Other recognised bug patterns • Division by Zero • Raise after Assignment • Redundant Comparison to Null • Symmetrical Comparison White Elephant GmbH

  36. 1. Division by Zero • Code explicitly checks for zero then uses it for division. White Elephant GmbH

  37. DBZ - Example White Elephant GmbH

  38. 2.Raise after assignment • Leaving a procedure abnormally nullifies assignment to in-out or out parameters White Elephant GmbH

  39. RAA - Example White Elephant GmbH

  40. 3. Redundant Comparison to null • Comparing a pointer to null after it has been dereferenced is redundant • Indicates confusion. Either the check is truly redundant or the previous dereference should have been first checked. White Elephant GmbH

  41. RCN - Example White Elephant GmbH

  42. 4. Symmetrical Comparison • When both sides of a comparison are identical White Elephant GmbH

  43. SC - Example White Elephant GmbH

  44. Results White Elephant GmbH

  45. Results • Bugs were found in all the code bases we searched. • Most were in code that was seldom if ever executed (e.g. Error handling) • Some were severe! • Reluctance to change production code that been accepted and that appears to function correctly. • Can be used as a development tool. White Elephant GmbH

  46. Results (Style Violations) White Elephant GmbH

  47. Any other ideas? • After you find a bug ask yourself whether it could have been found automatically by looking for a “Simple Pattern” • If so then let’s include it into ABF and see if anyone else has made the same bug! White Elephant GmbH

  48. Where to get it • Not open source but freely available for use • Download from www.white-elephant.ch • Feedback appreciated. • Results • Suggestions for new patterns • Excessive false positives. White Elephant GmbH

More Related