Bug Hunting with False Negatives
نویسندگان
چکیده
Safe data abstractions are widely used for verification purposes. Positive verification results can be transferred to the concrete system. When a property is violated in the abstract system, one still has to check whether a concrete violation exists. However, even when the violation scenario is not reproducible in the concrete system (a false negative), it may still contain information on possible sources of bugs. Here we propose a bug hunting framework based on abstract violation scenarios. We first extract a violation pattern from an abstract violation scenario. The violation pattern represents multiple violation scenarios, increasing the chance that a corresponding concrete violation exists. Then we look for a concrete violation that corresponds to the violation pattern by using constraint solving techniques. 1998 ACM Computing Classification System: D.2.4; D.2.5
منابع مشابه
Bug Hunting with False Negatives Revisited
Safe data abstractions are widely used for verification purposes. Positive verification results can be transferred from the abstract to the concrete system. When a property is violated in the abstract system, one still has to check whether a concrete violation scenario exists. However, even when the violation scenario is not reproducible in the concrete system (a false negative), it may still c...
متن کاملA Machine Learning Approach to Finding Bugs
Recently a number of tools have been developed for finding bugs in programs without executing the programs. While these tools are helpful, they often report too many false alarms, false negatives or both. This paper does not present any new such tools. Rather, it is focused on providing a machine learning approach for integrating existing bug finding tools into a practical and adaptive toolset.
متن کامل—An Extended Empirical Study of False Negatives in Static Bug-Finding Tools
Software defects can cause much loss. Static bug-finding tools are designed to detect and remove software defects and believed to be effective. However, do such tools in fact help prevent actual defects that occur in the field and reported by users? If these tools had been used, would they have detected these field defects, and generated warnings that would direct programmers to fix them? To an...
متن کاملAn Approach to Static-Dynamic Software Analysis
Safety-critical software in industry is typically subjected to both dynamic testing as well as static program analysis. However, while testing is expensive to scale, static analysis is prone to false positives and/or false negatives. In this work we propose a solution based on a combination of static analysis to zoom into potential bug candidates in large code bases and symbolic execution to co...
متن کاملImpact of a community-based bug-hunting campaign on Chagas disease control: a case study in the department of Jalapa, Guatemala.
Chagas disease control requires an innovative approach to strengthen community participation in vector surveillance. This paper presents a case study of a community-based bug-hunting campaign in Guatemala. The campaign was implemented in 2007 in the following three stages: (i) a four week preparation stage to promote bug-hunting, (ii) a one week bug-hunting stage to capture and collect bugs and...
متن کامل