Abstract
We present a database that can serve as a tool for tuning and evaluation of miscellaneous program analysis tools. The database contains bug-reports produced by various tools applied to various source codes. The bug-reports are classified as either real errors or false positives. The database currently contains more than 800 bug-reports detected in the Linux kernel 2.6.28. Support of other software projects written in various programming languages is planned. The database can be downloaded and manipulated by SQL queries, or accessed via a web frontend.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Chatzieleftheriou, G., Katsaros, P.: Test-driving static analysis tools in search of C code vulnerabilities. In: Proceedings of COMPSACW, pp. 96–103. IEEE Computer Society (2011)
Cifuentes, C., Hoermann, C., Keynes, N., Long, S., Li, L., Mealy, E., Mounteney, M., Scholz, B.: BegBunch – Benchmarking for C Bug Detection Tools. In: Proceedings of DEFECTS, pp. 16–20. ACM (2009)
Heckman, S., Williams, L.: On establishing a benchmark for evaluating static analysis alert prioritization and classification techniques. In: Proceedings of ESEM, pp. 41–50. ACM (2008)
Kratkiewicz, K.: Using a diagnostic corpus of C programs to evaluate buffer overflow detection by static analysis tools. In: Proceedings of BUGS (2005)
Lu, S., Li, Z., Qin, F., Tan, L., Zhou, P., Zhou, Y.: Bugbench: Benchmarks for evaluating bug detection tools. In: Workshop on ESDDT (2005)
Newsham, T., Chess, B.: ABM: A prototype for benchmarking source code analyzers. In: Proceedings of SSATTM, pp. 52–59. NIST Special Publication (2005)
NIST. Samate reference dataset project, http://samate.nist.gov/SRD/
Obdržálek, J., Slabý, J., Trtík, M.: STANSE: Bug-Finding Framework for C Programs. In: Kotásek, Z., Bouda, J., Černá, I., Sekanina, L., Vojnar, T., Antoš, D. (eds.) MEMICS 2011. LNCS, vol. 7119, pp. 167–178. Springer, Heidelberg (2012)
Clang: a C language family frontend for LLVM, http://clang.llvm.org/
Common Weakness Enumeration (CWE), http://cwe.mitre.org/
Open Database License 1.0, http://opendatacommons.org/licenses/odbl/1.0/
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Slaby, J., Strejček, J., Trtík, M. (2013). ClabureDB: Classified Bug-Reports Database. In: Giacobazzi, R., Berdine, J., Mastroeni, I. (eds) Verification, Model Checking, and Abstract Interpretation. VMCAI 2013. Lecture Notes in Computer Science, vol 7737. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-35873-9_17
Download citation
DOI: https://doi.org/10.1007/978-3-642-35873-9_17
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-35872-2
Online ISBN: 978-3-642-35873-9
eBook Packages: Computer ScienceComputer Science (R0)