Test based static analysis misinformation eliminating method

A technology of static analysis and testing methods, applied in software testing/debugging, error detection/correction, instrumentation, etc., can solve problems such as time-consuming and labor-intensive, boring, inaccurate program attribute modeling, etc., to reduce workload and time cost effect

Active Publication Date: 2013-09-11
NANJING UNIV
View PDF0 Cites 19 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, static analysis tools may sacrifice accuracy for better scalability, resulting in inaccurate modeling of many important program properties, such as heap memory cells, etc.
In addition, due to the lack of runtime information, static analysis tools often report a large number of unacknowledged alarms, while real memory leaks are hidden
This severely limits the usability of static analysis tools in real development, even a mature commercial static analysis tool may report a large number of alarms when analyzing moderate-sized programs
Manually reviewing all these alerts and finding real defects is a difficult, tedious and time-consuming job

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Test based static analysis misinformation eliminating method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0038] Specific embodiments of the present invention will be described in more detail below.

[0039] 1. Read and parse the static analysis result report

[0040] In a specific implementation, the static analysis report file saved in the metadata exchange format based on the extensible markup language is obtained from the disk file. There are already mature information search methods and query languages ​​based on the data format of Extensible Markup Language, but different defects require different information to be queried in the static analysis report, and the data formats generated by different static analysis tools are not uniform, and corresponding Understand the report data format generated by the static analysis tool used, and write a simple defect information finder to obtain static analysis alerts.

[0041]To get the list of static analysis alerts to be validated requires defect type specific data processing and organization while reading the static analysis report....

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a test based static analysis misinformation eliminating method capable of enhancing usability of a software static analysis technology and reducing time and labor cost in artificially confirming and testing a static analysis report. A testing technology is adopted to acquire procedural information which is mutually verified with target paths and target defects related in the static analysis report to confirm the defects or eliminate misinformation. The test based static analysis misinformation elimination method includes reading static analysis report files stored in a metadata interchange format based on an extensible markup language, and analyzing information with the target defects; subjecting each specified defect to static analysis warning, performing continuous concrete execution, symbolic execution and constraint solving on a programs by adopting an idea of mixed execution, and modeling and acquiring the runtime information according to features with different defects during the course; adopting the runtime information acquired in the previous step to confirm whether the defects occur or not, or judging that the static analysis warning is the misinformation; iterating till all the static analysis warnings are processed.

Description

technical field [0001] The present invention relates to a technique for reducing the number of false positives in static analysis results by using a test method, mainly using a dynamic test technology combining symbolic execution and specific execution to verify the static analysis results, and realizing the judgment and elimination of false positives in software static analysis results. It belongs to the technical field combining software engineering, software testing, and software dynamic and static analysis. Background technique [0002] Both static analysis and dynamic analysis techniques are used to find program defects in C / C++ programs. Static analysis techniques usually formalize different types of software defect detection processes as a specific matching problem, that is, to match the characteristics or patterns of a certain defect in the target analysis program. Because software defects often occur on specific control flow paths, most static analysis techniques a...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F11/36
CPCG06F11/3608
Inventor 王林章李孟宸李宣东陈志
Owner NANJING UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap