Examples of Code Roaches. First Draft List Cem Kaner September 11, 2005

Similar documents
Absolute C++ Walter Savitch

[0569] p 0318 garbage

Examining the Code. [Reading assignment: Chapter 6, pp ]

Defect Classes, the Defect Repository, and Test Design

QUIZ. 1. Explain the meaning of the angle brackets in the declaration of v below:

Programming for Engineers Iteration

Test Requirement Catalog. Generic Clues, Developer Version

Contents. Error Message Descriptions... 7

Project 3: RPN Calculator

C-LANGUAGE CURRICULAM

Assoc. Prof. Dr. Marenglen Biba. (C) 2010 Pearson Education, Inc. All rights reserved.

ASML Language Reference Manual

Quick Reference Guide

XQ: An XML Query Language Language Reference Manual

6. Control Statements II

Principle of Complier Design Prof. Y. N. Srikant Department of Computer Science and Automation Indian Institute of Science, Bangalore

Error Code. GO Software Pty Limited Map: 27 Tacoma Blvd, Pasadena SA 5042 ABN: ACN:

PROCEDURAL DATABASE PROGRAMMING ( PL/SQL AND T-SQL)

Verification & Validation of Open Source

CS1622. Semantic Analysis. The Compiler So Far. Lecture 15 Semantic Analysis. How to build symbol tables How to use them to find

Lecture Notes on Memory Layout

Quick Reference Guide

CS143 Handout 05 Summer 2011 June 22, 2011 Programming Project 1: Lexical Analysis

Model Viva Questions for Programming in C lab

BLITZ I 128. A BASIC Compiler. for. Commodore 128. from. Skyles Electric Works. Instruction Manual. Bob Skyles

CS 211 Programming Practicum Fall 2018

Computer Systems A Programmer s Perspective 1 (Beta Draft)

CS201 Some Important Definitions

C Review. MaxMSP Developers Workshop Summer 2009 CNMAT

Lecture 3 Tao Wang 1

Chapter 3 Syntax, Errors, and Debugging. Fundamentals of Java

(2-1) Numeric Expressions in C H&K Chapter 2. Instructor - Andrew S. O Fallon CptS 121 (August 27, 2018) Washington State University

More Programming Constructs -- Introduction

Chapter 12. CPU Structure and Function. Yonsei University

Homework #3 CS2255 Fall 2012

Security Coding Module - Buffer Overflow Data Gone Wild CS1

P.G.TRB - COMPUTER SCIENCE. c) data processing language d) none of the above

A brief introduction to C programming for Java programmers

Module 2 - Part 2 DATA TYPES AND EXPRESSIONS 1/15/19 CSE 1321 MODULE 2 1

Long (LONGMATH) variables may be used the same as short variables. The syntax is the same. A few limitations apply (see below).

Problem Solving with C++

OSEK/VDX. Communication. Version January 29, 2003

FP_IEEE_DENORM_GET_ Procedure

CS107 Handout 13 Spring 2008 April 18, 2008 Computer Architecture: Take II

Object Oriented Programming Exception Handling

Introduction to Programming Using Java (98-388)

CS 115 Data Types and Arithmetic; Testing. Taken from notes by Dr. Neil Moore

Program Correctness and Efficiency. Chapter 2

5.Coding for 64-Bit Programs

CHAPTER 1 Introduction to Computers and Programming CHAPTER 2 Introduction to C++ ( Hexadecimal 0xF4 and Octal literals 031) cout Object

MISRA-C:2012 Standards Model Summary for C / C++

UNIT 3

Announcements. Lab Friday, 1-2:30 and 3-4:30 in Boot your laptop and start Forte, if you brought your laptop

Control Flow. COMS W1007 Introduction to Computer Science. Christopher Conway 3 June 2003

(Not Quite) Minijava

x. The optional Cross-compiler word set x.1 Introduction x.2 Additional terms and notation x.2.1 Definitions of terms

Inspirel. YAMI4 Requirements. For YAMI4Industry, v page 1

Chapter 12 Variables and Operators

The PCAT Programming Language Reference Manual

Arithmetic Operators. Binary Arithmetic Operators. Arithmetic Operators. A Closer Look at the / Operator. A Closer Look at the % Operator

A program execution is memory safe so long as memory access errors never occur:

Question No: 1 ( Marks: 1 ) - Please choose one One difference LISP and PROLOG is. AI Puzzle Game All f the given

4 Operations On Data 4.1. Foundations of Computer Science Cengage Learning

A short, pragmatic and INCOMPLETE intro to C++/ROOT programming. Mikołaj Krzewicki Nikhef/UU

EXAMINING THE CODE. 1. Examining the Design and Code 2. Formal Review: 3. Coding Standards and Guidelines: 4. Generic Code Review Checklist:

Introduction to Computers and C++ Programming p. 1 Computer Systems p. 2 Hardware p. 2 Software p. 7 High-Level Languages p. 8 Compilers p.

Short Notes of CS201

CS106X Handout 03 Autumn 2012 September 24 th, 2012 Getting Started

Control Structures. Lecture 4 COP 3014 Fall September 18, 2017

Module 2: Computer Arithmetic

C Programming. Course Outline. C Programming. Code: MBD101. Duration: 10 Hours. Prerequisites:

Lecture 3 Notes Arrays

CS201 - Introduction to Programming Glossary By

Chapter 4 - Notes Control Structures I (Selection)

Programming Languages Third Edition. Chapter 7 Basic Semantics

1 Lexical Considerations

Introduction to C. Why C? Difference between Python and C C compiler stages Basic syntax in C

CS 330 Lecture 18. Symbol table. C scope rules. Declarations. Chapter 5 Louden Outline

Lecture Notes on Memory Management

Motivation was to facilitate development of systems software, especially OS development.

Fix serial communications not functioning after reboot when the station number is set to iptables Fix iptables.

15 The Main Firmware Jumpblock.

Semantic Analysis. Outline. The role of semantic analysis in a compiler. Scope. Types. Where we are. The Compiler Front-End

SOFTWARE QUALITY OBJECTIVES FOR SOURCE CODE

What the CPU Sees Basic Flow Control Conditional Flow Control Structured Flow Control Functions and Scope. C Flow Control.

Accelerated Library Framework for Hybrid-x86

Outline. Computer programming. Debugging. What is it. Debugging. Hints. Debugging

Risk Management. I.T. Mock Interview Correction

LANGUAGE RUNTIME NON-VOLATILE RAM AWARE SWAPPING

Full file at

LESSON 6 FLOW OF CONTROL

CS 115 Lecture 4. More Python; testing software. Neil Moore

Full file at C How to Program, 6/e Multiple Choice Test Bank

C Programming SYLLABUS COVERAGE SYLLABUS IN DETAILS

Motor Industry Software Reliability Association (MISRA) C:2012 Standard Mapping of MISRA C:2012 items to Goanna checks

Bill Bridge. Oracle Software Architect NVM support for C Applications

Where We Are. Lexical Analysis. Syntax Analysis. IR Generation. IR Optimization. Code Generation. Machine Code. Optimization.

APPENDIX B. Fortran Hints

CS 211 Programming Practicum Spring 2018

The role of semantic analysis in a compiler

Transcription:

Examples of Code Roaches First Draft List Cem Kaner September 11, 2005

Why a Potential-Bug List? Given a potential error, you can develop a method to test for it Foundation for Code inspections Glass box tests Glass box test tools Test tool evaluation What is a test technique? A heuristic for exposing a bug of a specific kind Every type of bug can have one or more techniques optimized to expose it A list of potential bugs is a list of requirements for test techniques.

Example: How Should You Test a Loop?

It Helps to Consider Loop Types Index variable Initialization expression Continuation expression Update expression for ( init_expr; continue_expr; update_expr ) statement; while ( continue_expr ) statement; Risks Associated with the index variable or expressions Associated with the statements being iterated do statement while (continue_expr); Break;

So How Can a Loop Fail? Associated with index or expressions Overflow yields unexpected value Divide by zero Continue condition off by 1 for ( init; continue; update ) statement; Associated with statements iterated Memory leak triggered by the iteration Stack overflow triggered by the iteration Variable intended to be in synch with the index goes out of synch Index reset in loop, never terminates Index reset inside loop, causing error in calculations based on loop iterations Index never meets continue condition: Condition is equality, index skips past it Condition rounds to not-quite-equal What if initialization fails the continuation expression? Loop never runs, is that a problem? while ( continue_expr ) statement; break; Loop might never execute Loop might never terminate do statement while (continue_expr); Loop might never terminate

Now, What Tests Should You Run?

Referenced variable not yet declared Variable declared but never used Data Declaration

Data Reference Reference the wrong variable two variables differ only in capitalization two variables have same name, defined and used in different places Read an outdated copy of the variable Reference outside the bounds of the array causes runtime error causes runtime extension of the array problems associated with non-integer array indexes off-by-one reference e.g. expect first array element to be [0] when it is really [1] or [1] when it is really [0]

Data Setting Set the value of the wrong variable two variables differ only in capitalization two variables have same name, defined and used in different places Method fails to update a variable before returning Calculates but doesn't update Method sets variable to a constant (relic of junit passing test) and returns Attempt to set to/with wrong type aliases to same block of storage, with different data types result variable has lower precision than variables in the calculated expression: rounding error or truncation on conversion

Data Setting (2) Doesn't validate against user supplied filters Doesn't validate the user supplied filters Inappropriately reconciles user and system filters Doesn't read the full set of filters unexpectedly long list Parameter inconsistency Fails to notice it is copying a value that overflow/underflowed Wrong mask in bit field

Data Value Initial state Sets to outdated constant Not initialized to zero Not initialized to empty Supposed to be initialized elsewhere Other method / process Compiler initialized elsewhere unexpectedly (scope broader than you realize) Updated state User input values Accepts invalid input Accepts inconsistent input Accepts unlikely input without confirmation updated elsewhere unexpectedly (scope broader than you realize) updated by method that doesn't obviously operate on this variable

Data Value (2) Out of range String too long File name too long Too long for buffer Overwrites other data Integer overflow Float exponent overflow Float mantissa overflow Not in the enumerated list Too many array overflow stack overflow Edited string visually appears to have data deleted but data are overwritten Creates/displays new instance rather than modify or replace old instance Persistent data lose value unexpectedly retain value (don't realize this is persistent)

Message passing Parameter lists Correct sequence (number and types) Plausible values Correct values Processing results Does wrong thing in response to proper command Does less than expected in response to proper command

Message passing (2) Feedback Success feedback needs results needs success flag Message rejection Requested task attempted but failed No feedback expected Unexpected response response to nonexistent message Nth response when N-1 are expected Expected response at unexpected time Unreadable response Response with inappropriate content Message sent to wrong process or port Message sent to N of N+1 proper recipients units (e.g. cm versus inches) don't match for sender / recipient

Pointers pointer to unallocated area of memory wasn't ever allocated allocated but then freed up pointer into wrong place in the data structure miscalculate length of record miscalculate position in record (e.g. which element in the array) pointer into wrong data structure past end of referenced data structure wrong address

Data Use

Data Interpretation misunderstood contents of memory (e.g. interpret integer data as string)

Data Storage Save at an unexpected time, overwriting data Fail to save at the expected time, doesn't update data Problems with undo buffer or stack Saves record in slightly wrong format (e.g. 1-character too long, misaligns next record)

Memory management

Device Operations Doesn't handle device nonresponse Doesn't handle device error messages (such as) printer not ready out of memory wants data resent invalid command invalid data

Device Operations (2) Input device (keyboard/mouse/etc) misunderstands state of device (e.g. language settings modify interpretation of keys) conflicting demands from parallel devices Drops characters or clicks Queues characters or clicks unexpectedly Queues characters or clicks inconsistently or in wrong sequence Sound Plays wrong sound Plays sound through wrong device Too loud or too soft (i.e. louder or softer than the parameters require Incomplete sound

File operations No such file Full (on write) Almost full on write Illegal characters Premature terminator character/string end of file embedded in string being stored fails to recognize end of file when attempting to read/write data Interrupted while writing Interrupted while reading Wrong record structure No error message Fails to interpret error message Wrong error message insufficient memory to hold the file attempt to read/write a file before opening it attempt to read/write a file after closing it failure to close a file after changing it

Display Write to wrong screen position Message too large for display field Message oriented incorrectly Message has wrong attributes color size font blink

Display (2) Cursor not displayed doubled not blinking wrong shape or color moves to wrong place Pointer not displayed doubled not blinking wrong shape or color moves to wrong place

Performance Nested loop unnecessarily repeats an operation Long time-out delays Unnecessary time-out delay (error message or other redundant state info available) garbage collection creates unexpected delay Synchronization (A1 through AN must all happen, then we can do B) includes too many Ai's or is too variable

Exception handling

Log Error log Fails to log Logs wrong data Mostly correct, some data outdated Mostly correct, some data mis-set or miscalculated Wrong error / conditions (i.e. packs the wrong message overall) Logs in wrong sequence Log in wrong format Incorrect termination of log entry Incorrect header Transaction log Monitored event log

Control Flow Unreachable code Does too much before exiting on error Will not exit on invalid state / data Comes from unexpected place Jump through data rather than address Returns to wrong place Corrupt stack Goto Interrupt at unexpected time Fails to restore or update interrupt vector Loop starts with wrong initial value Loop doesn't terminate Never reaches terminal comparison Terminates when index=n, but skips N Terminates when index=n, but rounding error creates not-quite-n Index reset in body of loop Loop control variable changed unexpectedly Variable intended to be in synch with loop control goes out of synch

Control Flow (2) Assume incorrectly that X has finished before beginning Y Assume that X cannot happen in the short time needed to process Y exits before setting (resetting) a key variable loop never executes (but subsequent code assumes that it did) drops through to an inappropriate default case no default case off-by-one error in number of iterations incorrect assumptions associated with multiple entry points into same segment of code

Table-driven control Flow Index to wrong table entry Unreachable table entry Invalid address in table Incorrect address in table

Comparison Test floating point for equality fails to allow for rounding error compare signed instead of absolute values compare absolute values instead of signed Wrong inequalities < versus <= = and not-equal when there's a third meaningful case

Calculation Unexpected precision high low Rounds rather than truncates Truncates rather than rounds Sequence of operations costs precision Erroneous algorithm wrong result from 3rd party library Allegedly equivalent operations/methods are not

Calculation (2) Alternate calculations depending on a parameter (e.g. algorithm1 for small N, algorithm2 for large N) wrong calculation selected wrong boundary (on N) specified Error because only one of the calculations was tested Order of operations Error because parentheses needed Error because of precedence rules mixed-mode arithmetic yields unexpected results order of operations may yield different effects integer overflow integer division has unexpected results

Boolean Expressions confuse inclusive and exclusive OR negated expression precedence error missing parentheses invalid expression valid but wrong complex expression fails to consider some of the cases wrong default overlapping cases that should have both operations done to them not just one

Comments

Syntax

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback