STANSE: Bug-Finding Framework for C Programs
نویسندگان
چکیده
Stanse is a free (available under the GPLv2 license) modular framework for finding bugs in C programs using static analysis. Its two main design goals are 1) ability to process large software projects like the Linux kernel and 2) extensibility with new bug-finding techniques with a minimal effort. Currently there are four bug-finding algorithms implemented within Stanse: AutomatonChecker checks properties described in an automata-based formalism, ThreadChecker detects deadlocks among multiple threads, LockChecker finds locking errors based on statistics, and ReachabilityChecker looks for unreachable code. Stanse has been tested on the Linux kernel, where it has found dozens of previously undiscovered bugs.
منابع مشابه
Artemis: Practical Runtime Monitoring of Applications for Errors
A number of hardware and software techniques have been proposed to detect dynamic program behaviors that may indicate a bug in a program. Because these techniques suffer from high overheads they are useful in finding bugs in programs before they are released, but are significantly less useful in finding the much harder to detect bugs in long-running programs – the bugs that are the most difficu...
متن کاملFinding and Fixing Bugs in Liquid Haskell
Dependent types provide strong guarantees but can be hard to program, admitting mistakes in the implementation as well as the specification. We present algorithms for resolving verification failures by both finding bugs in implementations and also completing annotations in the refinement type framework. We present a fault localization algorithm for finding likely bug locations when verification...
متن کاملBug-Assist: Assisting Fault Localization in ANSI-C Programs
Bug-Assist takes as input an ANSI-C program annotated with assertions. Pdf A step by step instruction on how to install and use bug-assist through.We describe Bug-Assist, a tool that assists programmers localize error causes to a few lines of code. Bug-Assist takes as input an ANSI-C program annotated.We describe Bug-Assist, a tool that assists programmers localize error causes to a. We present...
متن کاملObject Model Construction for Inheritance in C++ and Its Applications to Program Analysis
Modern object-oriented programming languages such as C++ provide convenient abstractions and data encapsulation mechanisms for software developers. However, these features also complicate testing and static analysis of programs that utilize object-oriented programming concepts. In particular, the C++ language exhibits features such as multiple inheritance, static and dynamic typecasting that ma...
متن کاملGiven enough eyeballs, all bugs are shallow? Revisiting Eric Raymond with bug bounty programs
Bug bounty programs offer a modern platform for organizations to crowdsource their software security and for security researchers to be fairly rewarded for the vulnerabilities they find. Little is known however on the incentives set by bug bounty programs: How they drive new bug discoveries, and how they supposedly improve security through the progressive exhaustion of discoverable vulnerabilit...
متن کامل