UP | HOME
../../

On Software Bugs

Table of Contents

1 Bugs Over The Years

  1. 20 Famous Software Disasters in four parts.
  2. History's Worst Software Bugs by Simson Garfinkel 2005
  3. Software Horror Stories collected by Nachum Dershowitz

2 On Bugs

  1. Bugs or Errors? "Its Not a Bug, Its a Feature"
  2. Definition: A bug is a deviation from functional spec.
  3. Implicit Specs (No matter what the input is …)
    1. No Crashes: Illegal ops, such as div by 0, out of range array index, …
    2. No Crashes: pointer values outside the address space
    3. No Hangs: Infinite Loop/Recursion
    4. No Hangs: Waiting for an Event That Won't Happen
  4. Classification?
    1. uininitialized vars; v := 0, p := nil
    2. off by 1
    3. array bounds exceeded
    4. ptr == nil
    5. memory leaks (not freed malloc-d areas)
    6. Knuth on TeX gives fifteen classes of errors
    7. See Errors in Linux
  5. How Many Bugs per KLOC? Anecdotal data: 0.1 to 50 bugs per KLOC (delivered products)

3 Knuth's TeX Errors

  1. Donald E. Knuth, "The Errors of TeX". Published in the journal "Software: Practice and Experience," vol 19, no. 7, pp. 607 - 685. [Ref details below.]
  2. Altogether the error log contains 865 entries so far (1989).
  3. Classified into 15 categories (alphabetically listed)
    1. Algorithmic Anomaly
    2. Blunder, Botch
    3. Cleanup for Consistency
    4. Datastructure Debacle
    5. Efficiency Enhancement
    6. Forgotten Function
    7. Generalization, Growth
    8. Interactive Improvement
    9. Language Liability
    10. Mismatch between Modules
    11. Promotion of Portability
    12. Quest for Quality
    13. Reinforced Robustness
    14. Surprising Scenario
    15. Trivial Typo
  4. Categories A, B, D, F, L, M, R, S, T are bugs, which definitely needed to be removed from the code;
  5. Categories C, E, G, I, P, Q are enhancements, which improved but were not obligatory.

4 Errors in Linux Kernel

  1. Dawson Engler, Stanford U and his students, Errors in Linux
  2. Using Static Analysis, Model Checking
  3. Linux kernel, 2004, 5.7 MLOC, about 1000 bugs from http://lwn.net/Articles/115530/
    1. Crash causing defects 569
    2. Incorrect program behavior ??
    3. Performance degradation 33
    4. Improper use of APIs ??
    5. Security flaws 100
    6. Buffer overflows 25
  4. http://www.coverity.com/library/pdf/linux_report.pdf 2004. Required Reading.
  5. Cindy Rubio-Gonzalez, Ben Liblit, Defective Error/Pointer Interactions in the Linux Kernel http://pages.cs.wisc.edu/~liblit/issta-2011/issta-2011.pdf 2011. Reference

5 Practical Debugging

  1. What does a "debugger" do? Lets us examine current process state. Does not do any bug removal.
    1. Watch Points
    2. Break Points
    3. Stepping through code execution
  2. Integrated debuggers in IDEs
  3. Wide consensus: Highly expensive to debug using debuggers.
  4. Future research: Explore process state history, and with abstraction.

6 Prevention of Errors

  1. Why do programs have errors?
  2. What is the largest program you can write that has no bugs with "normal" effort?
    1. Right after the first compilation?
    2. After one month, one year, …?
  3. Use assertions
    1. Pre-, Post-, Loop invariants, Class invariants
    2. Make them executable

7 Discovering Bugs by Static Analysis

  1. Grammars, Derivation Trees, Abstract Syntax Trees
  2. ./static-analysis.html
  3. Brittany Johnson, Yoonki Song, Emerson Murphy-Hill, and Robert Bowdidge "Why Don't Software Developers Use Static Analysis Tools to Find Bugs? ", http://2013.icse-conferences.org/ 35th International Conference on Software Engineering (ICSE 2013). Reference.

8 References

  1. Section "Bugs Over the Years". All 3 URLS. Required Reading.
  2. Kim Herzig, Sascha Just, and Andreas Zeller, "Its Not a Bug, Its a Feature: How Misclassification Impacts Bug Prediction", 35th International Conference on Software Engineering (ICSE 2013). Reference.
  3. Donald E. Knuth, "The Errors of TeX". Published in the journal "Software: Practice and Experience," vol 19, no. 7, pp. 607 - 685. Find it on Wiley on-line archives via WSU Library proxy. Also, (i) https://www.tug.org/texlive//devsrc/Master/texmf-dist/doc/generic/knuth/errata/errorlog.pdf, https://www.tug.org/TUGboat/tb10-4/tb26knut.pdf, (ii) http://tug.ctan.org/systems/knuth/dist/errata/, Knuth on TeX errors Highly Recommended Reading.
  4. Donald E. Knuth, "The Errors of TeX". Published in the journal "Software: Practice and Experience," vol 19, no. 7, pp. 607 - 685. Find it on Wiley on-line archives via WSU Library proxy. Also, (i) https://www.tug.org/TUGboat/tb10-4/tb26knut.pdf, (ii) http://tug.ctan.org/systems/knuth/dist/errata/, Knuth on TeX errors Highly Recommended Reading.
  5. http://www.coverity.com/library/pdf/linux_report.pdf 2004. Required Reading.
  6. Norman Matloff and Peter Jay Salzman, "Art of Debugging with GDB, DDD, and Eclipse," No Starch Press, September 2008, 280 pp. ISBN: 978-1-59327-174-9. [DDD is a GUI front end for GDB]. [Book] Recommended Reading.
  7. Andreas Zeller, "Why Programs Fail: A Guide to Systematic Debugging", Morgan Kaufmann, 424pp, 2009, ISBN: 978-0-12-374515-6. [Book] Reference.
  8. https://www.udacity.com/ Online Course on Debugging by Andreas Zeller. Free. Recommended.
Copyright © 2016 pmateti@wright.edu www.wright.edu/~pmateti 2016-03-28