14-Jun-05White Elephant GmbH1 Ada Bug Finder. 14-Jun-05White Elephant GmbH2 Ada Bug Finder The Ada Bug Finder is a Windows application that searches Ada.

Slides:



Advertisements
Similar presentations
11-Jun-14 The assert statement. 2 About the assert statement The purpose of the assert statement is to give you a way to catch program errors early The.
Advertisements

Slide: 1 Copyright © AdaCore Packages Presented by Quentin Ochem university.adacore.com.
Coding Standard: General Rules 1.Always be consistent with existing code. 2.Adopt naming conventions consistent with selected framework. 3.Use the same.
C++ Programming: Program Design Including Data Structures, Third Edition Chapter 7: User-Defined Functions II.
Chapter 7: User-Defined Functions II Instructor: Mohammad Mojaddam.
1 Copyright © 1998 by Addison Wesley Longman, Inc. Chapter 13 In a language without exception handling: When an exception occurs, control goes to the operating.
1 Lecture 11 Interfaces and Exception Handling from Chapters 9 and 10.
This Time Pointers (declaration and operations) Passing Pointers to Functions Const Pointers Bubble Sort Using Pass-by-Reference Pointer Arithmetic Arrays.
1 Design by Contract Building Reliable Software. 2 Software Correctness Correctness is a relative notion  A program is correct with respect to its specification.
Gary MarsdenSlide 1University of Cape Town Statements & Expressions Gary Marsden Semester 2 – 2000.
ADA Langage Report Ligia Nitu. Introduction Ada is the most extensive and expensive computer language ever developed. Ada is the most extensive and expensive.
API Design CPSC 315 – Programming Studio Fall 2008 Follows Kernighan and Pike, The Practice of Programming and Joshua Bloch’s Library-Centric Software.
Chapter 7Louden, Programming Languages1 Chapter 7 - Control I: Expressions and Statements "Control" is the general study of the semantics of execution.
6/10/2015C++ for Java Programmers1 Pointers and References Timothy Budd.
VBA Modules, Functions, Variables, and Constants
1 Chapter 4 Language Fundamentals. 2 Identifiers Program parts such as packages, classes, and class members have names, which are formally known as identifiers.
Exceptions (Large parts of these copied from Ed Schonberg’s slides)
Slides prepared by Rose Williams, Binghamton University Chapter 13 Interfaces and Inner Classes.
1 ES 314 Advanced Programming Lec 3 Sept 8 Goals: complete discussion of pointers discuss 1-d array examples Selection sorting Insertion sorting 2-d arrays.
Guide To UNIX Using Linux Third Edition
Chapter 7Louden, Programming Languages1 Chapter 7 - Control I: Expressions and Statements "Control" is the general study of the semantics of execution.
Examining the Code [Reading assignment: Chapter 6, pp ]
1 Exception and Event Handling (Based on:Concepts of Programming Languages, 8 th edition, by Robert W. Sebesta, 2007)
Language Evaluation Criteria
JavaServer Pages Syntax Harry Richard Erwin, PhD CSE301/CIT304.
 2006 Pearson Education, Inc. All rights reserved Classes: A Deeper Look.
C++ Programming: Program Design Including Data Structures, Fourth Edition Chapter 13: Pointers, Classes, Virtual Functions, and Abstract Classes.
C++ Programming: From Problem Analysis to Program Design, Fourth Edition Chapter 14: Pointers, Classes, Virtual Functions, and Abstract Classes.
Testing. What is Testing? Definition: exercising a program under controlled conditions and verifying the results Purpose is to detect program defects.
1 Exception Handling Introduction to Exception Handling Exception Handling in PLs –Ada –C++ –Java Sebesta Chapter 14.
June 14, 2001Exception Handling in Java1 Richard S. Huntrods June 14, 2001 University of Calgary.
Object Oriented Programming
Ryan Chu. Arithmetic Expressions Arithmetic expressions consist of operators, operands, parentheses, and function calls. The purpose is to specify an.
Evaluating and Tuning a Static Analysis to Find Null Pointer Bugs Dave Hovemeyer Bill Pugh Jaime Spacco.
EE4E. C++ Programming Lecture 1 From C to C++. Contents Introduction Introduction Variables Variables Pointers and references Pointers and references.
Names Variables Type Checking Strong Typing Type Compatibility 1.
C++ for Engineers and Scientists Second Edition Chapter 6 Modularity Using Functions.
C++ Programming: From Problem Analysis to Program Design, Fifth Edition, Fifth Edition Chapter 7: User-Defined Functions II.
FIRST JAVA PROGRAM. JAVA PROGRAMS Every program may consist of 1 or more classes. Syntax of a class: Each class can contain 1 or more methods. public.
Controlling Execution Programming Right from the Start with Visual Basic.NET 1/e 8.
Comp 249 Programming Methodology Chapter 13 Interfaces & Inner Classes Dr. Aiman Hanna Department of Computer Science & Software Engineering Concordia.
1 Records Record aggregate of data elements –Possibly heterogeneous –Elements/slots are identified by names –Elements in same fixed order in all records.
1 C++ Classes and Data Structures Jeffrey S. Childs Chapter 4 Pointers and Dynamic Arrays Jeffrey S. Childs Clarion University of PA © 2008, Prentice Hall.
Software Documentation Section 5.5 ALBING’s Section JIA’s Appendix B JIA’s.
Java development environment and Review of Java. Eclipse TM Intergrated Development Environment (IDE) Running Eclipse: Warning: Never check the “Use this.
Chapter Making Decisions 4. Relational Operators 4.1.
 2008 Pearson Education, Inc. All rights reserved JavaScript: Introduction to Scripting.
Exceptions and Assertions Chapter 15 – CSCI 1302.
 In the java programming language, a keyword is one of 50 reserved words which have a predefined meaning in the language; because of this,
Error Handling Tonga Institute of Higher Education.
Refactoring Agile Development Project. Lecture roadmap Refactoring Some issues to address when coding.
More about Java Classes Writing your own Java Classes More about constructors and creating objects.
Essential Ada Terminology copyright © Michael B. Feldman, All Rights Reserved.
And other languages…. must remember to check return value OR, must pass label/exception handler to every function Caller Function return status Caller.
Announcements Assignment 2 Out Today Quiz today - so I need to shut up at 4:25 1.
FILES AND EXCEPTIONS Topics Introduction to File Input and Output Using Loops to Process Files Processing Records Exceptions.
Recap Resizing the Vector Push_back function Parameters passing Mechanism Primitive Arrays of Constants Multidimensional Arrays The Standard Library string.
Secure Coding Rules for C++ Copyright © 2016 Curt Hill
Definition of the Programming Language CPRL
Expressions and Assignment
Testing and Debugging.
C Basics.
Secure Coding Rules for C++ Copyright © Curt Hill
Programmazione I a.a. 2017/2018.
Memory and Addresses Memory is just a sequence of byte-sized storage devices. The bytes are assigned numeric addresses, starting with zero, just like the.
Pointers and References
CMSC 202 Exceptions 2nd Lecture.
Exception Handling and Event Handling
Controlling Program Flow
Presentation transcript:

14-Jun-05White Elephant GmbH1 Ada Bug Finder

14-Jun-05White Elephant GmbH2 Ada Bug Finder The Ada Bug Finder is a Windows application that searches Ada code for recognisable bug patterns

14-Jun-05White Elephant GmbH3 Presentation Bug Finders Ada Bug Finder v1.4 Ada Bug Patterns Results Free software for you to try out!

14-Jun-05White Elephant GmbH4 Inspiration “Finding Bugs is Easy” By David Hovemeyer and William Pugh Presented October 2004 at OOPSLA Specific to Java Bug Patterns

14-Jun-05White Elephant GmbH5 Bug Pattern - Definition A bug pattern is a code idiom that is likely to be an error. David Hovemeyer and William Pugh Syntactically correct but probably not what the author intended.

14-Jun-05White Elephant GmbH6 Concept Premise: Bugs exist in production code Search existing Ada code base for bug patterns.

14-Jun-05White Elephant GmbH7 Bugs in Production Code Why? In code that is rarely executed Symptoms hard to reproduce No access to development staff

14-Jun-05White Elephant GmbH8 A “Find bugs” Utility Should use simple patterns Need not be 100% correct False Positives are to be expected No guarantee that every situation covered Overnight background job – Speed not an issue

14-Jun-05White Elephant GmbH9 Trade-offs Compilers could do more –Increased compilation time Bug finder utility could do more or raise fewer false positives –Increased development costs

14-Jun-05White Elephant GmbH10 Ada Bug Finder v1.4 Result of a small 140 hour project As yet only detects 8 bug patterns Optionally checks 7 style rules

14-Jun-05White Elephant GmbH11 False Positives ABF doesn’t always get it right! –Implementation trade-off –Bad or over-complex style Exercise care when modifying code! Mark code with special comment to prevent ABF reporting

14-Jun-05White Elephant GmbH12 Code Marking - Example

14-Jun-05White Elephant GmbH13 Recognised Ada Bug Patterns 1. Illogical Operator Rename 2. Code Not Reachable 3. Exception Not Raised 4. Unused Unit 5. Unused Declaration 6. Null Pointer 7. Non Short Circuit 8. Wrong Granularity

14-Jun-05White Elephant GmbH14 1. Illogical Operator Rename In Ada83, where there is no use type clause, operators are often renamed to avoid the use of prefixed notation Clumsy cut & paste editing might result in renaming an operator to be something totally different. The compiler allows this although it is highly unlikely to be what the author intended

14-Jun-05White Elephant GmbH15 IOR - Example

14-Jun-05White Elephant GmbH16 2. Code Not Reachable Code placed after an unconditional Raise Return Exit Some compilers (Gnat) detect this.

14-Jun-05White Elephant GmbH17 CNR - Example

14-Jun-05White Elephant GmbH18 3. Exception Not Raised An exception is declared but never raised Exception handled but never raised

14-Jun-05White Elephant GmbH19 ENR – Example of False Positive

14-Jun-05White Elephant GmbH20 4. Unused Unit Package imported but never used Procedure, function or package defined but neither exported nor used locally False positives: Undetected default generic subprogram parameter Conditional compilation selected code destined for a different target

14-Jun-05White Elephant GmbH21 UU – Example of False Positive

14-Jun-05White Elephant GmbH22 5. Unused Declaration Type, Constant or Variable declared but never used Why? History Confusion – Similar names Overloading False positive: Required because controlled type or default initialisation has an effect

14-Jun-05White Elephant GmbH23 UD – Example of False Positive

14-Jun-05White Elephant GmbH24 6. Null Pointer Code explicitly checks for null then dereferences the pointer Unbelievable? Not a compiler requirement. Some make checks None do the job properly!

14-Jun-05White Elephant GmbH25 NP - Example

14-Jun-05White Elephant GmbH26 7. Non Short Circuit and used instead of and then or used instead of or else Typically Test if index in range then use it Test if pointer not null then dereference it

14-Jun-05White Elephant GmbH27 NSC - Example

14-Jun-05White Elephant GmbH28 8. Wrong Granularity Size attribute outside of an expression Unlikely usage because hardly anything requires the size of an object in bits! Typically An imported API (e.g. Windows) requires the address and size of a buffer in bytes. If this buffer size is supplied as bits, a buffer overrun may occur!

14-Jun-05White Elephant GmbH29 WG - Example

14-Jun-05White Elephant GmbH30 The Ada Bug Finder Utility Written in Ada95 Uses Ada Parser to detect patterns Reports Options Style

14-Jun-05White Elephant GmbH31 Screen Shot

14-Jun-05White Elephant GmbH32 ABF - Reports Text Comma Delimited

14-Jun-05White Elephant GmbH33 ABF - Options Gnat Extensions Preparation Phase (Second pass to reduce false positives at the expense of speed)

14-Jun-05White Elephant GmbH34 Style Rules Not bugs as such but coding practices that lead to bugs or make bugs harder to find. 1. Character Not Portable 2. Handle Task Exceptions 3. No Declaration Overloading 4. No Goto Statements 5. No Use Clause 6. No Variables in Specification 7. Superfluous Code Mark

14-Jun-05White Elephant GmbH35 Other recognised bug patterns 1. Division by Zero 2. Raise after Assignment 3. Redundant Comparison to Null 4. Symmetrical Comparison

14-Jun-05White Elephant GmbH36 1. Division by Zero Code explicitly checks for zero then uses it for division.

14-Jun-05White Elephant GmbH37 DBZ - Example

14-Jun-05White Elephant GmbH38 2.Raise after assignment Leaving a procedure abnormally nullifies assignment to in-out or out parameters

14-Jun-05White Elephant GmbH39 RAA - Example

14-Jun-05White Elephant GmbH40 3. Redundant Comparison to null Comparing a pointer to null after it has been dereferenced is redundant Indicates confusion. Either the check is truly redundant or the previous dereference should have been first checked.

14-Jun-05White Elephant GmbH41 RCN - Example

14-Jun-05White Elephant GmbH42 4. Symmetrical Comparison When both sides of a comparison are identical

14-Jun-05White Elephant GmbH43 SC - Example

14-Jun-05White Elephant GmbH44 Results SourcesFiles CnrEnrIorNscNpSeUdUuWgStyles UniControl ILTIS Aonix Gnat GCC 3.15p Gps AI

14-Jun-05White Elephant GmbH45 Results Bugs were found in all the code bases we searched. Most were in code that was seldom if ever executed (e.g. Error handling) Some were severe! Reluctance to change production code that been accepted and that appears to function correctly. Can be used as a development tool.

14-Jun-05White Elephant GmbH46 Results (Style Violations) SourcesTotalCnpHteNdoNgsNpucNvisScm UniControl Iltis Aonix Gnat GCC 3.15p Gps AI

14-Jun-05White Elephant GmbH47 Any other ideas? After you find a bug ask yourself whether it could have been found automatically by looking for a “Simple Pattern” If so then let’s include it into ABF and see if anyone else has made the same bug!

14-Jun-05White Elephant GmbH48 Where to get it Not open source but freely available for use Download from Feedback appreciated. –Results –Suggestions for new patterns –Excessive false positives.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.