2 Dataflow Bugs
Dataflow bugs are sequences of actions on a variable in a program which are suspected to be erroneous.
Here??™s the theory. Any variable in a program can be:
??? D(efined), i.e., assigned a value
??? R(eferenced), i.e., its value used
??? U(ndefined), i.e., its value (if any) is destroyed (e.g., when a variable is first declared it is assumed
to be undefined or when a variable goes out of scope it becomes undefined)
Three kinds of dataflow bug can be defined in terms of these states:
1. A variable whose value is undefined may be referenced (UR bug).
2. A variable which has been defined may be redefined without referencing the variable after the
first definition (DD bug).
3. A variable which has been defined may become undefined without referencing the variable after
the definition (DU bug).
In the program segment shown in Figure 13.3:
??? The variable x is defined on line 4 and again on line 6; an example of a DD bug.
??? The variable y is referenced on line 5, but is not given a value before the reference; an example
of a UR bug.
??? The variable z is defined on line 8, but becomes undefined (by going out of scope at the end of
the procedure) without being referenced; example of a DU bug.
There is also an anomalous use or rather non-use of the variable
t
which is declared on line 2, but is
never used.
13.3 Control-Flow Analysis
Control-flow analysis, also known as structure analysis, is a means of detecting illegal sub-program use
and control-flow standards violations such as detecting unreachable code, infinite loops, knots, and
recursive procedure calls.
Pages:
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433