• DocumentCode
    3008650
  • Title

    Parfait - A Scalable Bug Checker for C Code

  • Author

    Cifuentes, Cristina

  • Author_Institution
    Sun Microsyst. Labs., Brisbane, QLD
  • fYear
    2008
  • fDate
    28-29 Sept. 2008
  • Firstpage
    263
  • Lastpage
    264
  • Abstract
    Parfait is a bug checker of C code that has been designed to address developers´ requirements of scalability (support millions of lines of code in a reasonable amount of time), precision (report few false positives) and reporting of bugs that may be exploitable from a security vulnerability point of view. For large code bases, performance is at stake if the bug checking tool is to be integrated into the software development process, and so is precision, as each false alarm (i.e., false positive) costs developer time to track down. Further, false negatives give a false sense of security to developers and testers, as it is not obvious or clear what other bugs were not reported by the tool. A common criticism of existing bug checking tools is the lack of reported metrics on the use of the tool. To a developer it is unclear how accurate the tool is, how many bugs it does not find, how many bugs get reported that are not actual bugs, whether the tool understands when a bug has been fixed, and what the performance is for the reported bugs. In this tool demonstration we show how Parfait fairs in the area of buffer overflow checking against the various requirements of scalability and precision.
  • Keywords
    C language; program debugging; C code tool demonstration; Parfait; scalable bug checker; Algorithm design and analysis; Australia; Buffer overflow; Computer bugs; Laboratories; Programming; Scalability; Security; Sun; Testing; Scalability; benchmarking; precision;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Source Code Analysis and Manipulation, 2008 Eighth IEEE International Working Conference on
  • Conference_Location
    Beijing
  • Print_ISBN
    978-0-7695-3353-7
  • Type

    conf

  • DOI
    10.1109/SCAM.2008.21
  • Filename
    4637559