{"id":31,"date":"2009-02-27T16:37:35","date_gmt":"2009-02-27T05:37:35","guid":{"rendered":"http:\/\/blog.mozilla.org\/nnethercote\/?p=31"},"modified":"2009-02-27T16:37:35","modified_gmt":"2009-02-27T05:37:35","slug":"bugs-defects-infections-and-failures","status":"publish","type":"post","link":"https:\/\/blog.mozilla.org\/nnethercote\/2009\/02\/27\/bugs-defects-infections-and-failures\/","title":{"rendered":"Bugs, defects, infections and failures"},"content":{"rendered":"<p>People often use the word &#8220;bug&#8221;.  Unfortunately it&#8217;s a very imprecise word.  &#8220;Error&#8221; suffers from the same problems.  Both of them are used at different times to mean incorrect program code, incorrect program states, and visibly incorrect program behaviour.  The conflation of these distinct things inhibits clear thinking and can mask subtleties regarding program correctness.<\/p>\n<h2>Better terminology<\/h2>\n<p>Because of this, I like the following terminology used by Andreas Zeller in his book <a href=\"http:\/\/whyprogramsfail.com\">Why Programs Fail<\/a>:<\/p>\n<ul>\n<li>A <strong>defect<\/strong> is an erroneous piece of code, one that can cause an infection when executed (but it may not always, i.e. it may be masked).\u00a0 Defects are created by programmers.<\/li>\n<li>An <strong>infection<\/strong> is an erroneous piece of program state, i.e. one for which there is a discrepancy between the intended and actual program state.  Infections are caused by defects and\/or prior infections. Infections can be masked via overwriting or correction.<\/li>\n<li>A <strong>failure<\/strong> is an erroneous user-visible behaviour, i.e. one for which there is discrepancy between the intended and actual user-visible behaviour. Failures are caused by infections.<\/li>\n<li> An<strong> infection chain<\/strong> is a cause-effect chain from a defect to one or more infections to a failure.<\/li>\n<\/ul>\n<p>(Nb: &#8220;Intended state&#8221; and &#8220;intended behaviour&#8221; can be fuzzy concepts. Few programs have complete specifications, and these concepts typically reside partly in the mind of the programmer, partly in the mind of the user, partly in the documentation, and partly nowhere!)<\/p>\n<p>Zeller&#8217;s book has received high praise from many quarters.\u00a0 I personally found these definitions, which appear in chapter 1, the single best part of the whole book.<\/p>\n<h2>Some examples<\/h2>\n<p>Common terminology for memory-related &#8220;bugs&#8221; haphazardly covers all of these concepts.\u00a0 Consider the following examples.<\/p>\n<ul>\n<li>A <strong>double free<\/strong> is a defect.<\/li>\n<li>A <strong>memory leak<\/strong> is an infection;\u00a0 the underlying defect is (in a C program) a missing call to free() of a heap block, and the resulting failure may be degraded performance or an out-of-memory abort.\u00a0 (If the leak is minor enough that the user doesn&#8217;t notice any difference, then it&#8217;s arguably not a failure.  There&#8217;s a whole separate philosophical discussion to be had on whether poor performance could be considered a failure, depending on what the user&#8217;s implicit mental specification of &#8220;fast enough&#8221; is.)<\/li>\n<li>A <strong>segmentation fault<\/strong> (just one kind of <strong>crash<\/strong>) is a failure which may be caused by a number of different infections, each of which may be caused by a number of different defects.<\/li>\n<li>A <strong>buffer overflow attack<\/strong> involves an entire infection chain;\u00a0 for example, a particular defect (a missing bounds check), causes an infection (an incorrect pointer value), which causes more infections (incorrect values on the stack), which causes yet more infections (an incorrect value for the program counter), which causes failures (incorrect and malicious behaviour from injected code).<\/li>\n<\/ul>\n<h2>Users care about failures, programmers care about defects<\/h2>\n<p>Failures affect users.\u00a0 But defects are the root cause of failures, and they are what programmers must fix.\u00a0 Furthermore, defects are still defects (and infections and still infections) even if they cannot cause failures;\u00a0 such defects may not cause problems now, but if the program is changed later, the defect may cause a failure.<\/p>\n<p>Therefore, the aim of &#8220;bug detection&#8221; tools such as those built with Valgrind is to help the programmer identify defects, whether they cause failures or not. Sometimes a tool can identify defects directly;\u00a0 more often a tool will identify infections or failures, and it is the programmer&#8217;s task to work back through the infection chain to identify the defect.\u00a0 The usability of such tools is greatly affected by how easy this task is, and my next post will discuss a particular example in more detail, and may teach even veteran Valgrind users a new trick or two that will make their lives easier.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>People often use the word &#8220;bug&#8221;. Unfortunately it&#8217;s a very imprecise word. &#8220;Error&#8221; suffers from the same problems. Both of them are used at different times to mean incorrect program code, incorrect program states, and visibly incorrect program behaviour. The conflation of these distinct things inhibits clear thinking and can mask subtleties regarding program correctness. [&hellip;]<\/p>\n","protected":false},"author":139,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[528],"tags":[],"_links":{"self":[{"href":"https:\/\/blog.mozilla.org\/nnethercote\/wp-json\/wp\/v2\/posts\/31"}],"collection":[{"href":"https:\/\/blog.mozilla.org\/nnethercote\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.mozilla.org\/nnethercote\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.mozilla.org\/nnethercote\/wp-json\/wp\/v2\/users\/139"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.mozilla.org\/nnethercote\/wp-json\/wp\/v2\/comments?post=31"}],"version-history":[{"count":0,"href":"https:\/\/blog.mozilla.org\/nnethercote\/wp-json\/wp\/v2\/posts\/31\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.mozilla.org\/nnethercote\/wp-json\/wp\/v2\/media?parent=31"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.mozilla.org\/nnethercote\/wp-json\/wp\/v2\/categories?post=31"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.mozilla.org\/nnethercote\/wp-json\/wp\/v2\/tags?post=31"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}