| 基于缺陷关联的静态分析优化 |
| |
| 引用本文: | 张大林,金大海,宫云战,王前,董玉坤,张海龙.基于缺陷关联的静态分析优化[J].软件学报,2014,25(2):386-399. |
| |
| 作者姓名: | 张大林 金大海 宫云战 王前 董玉坤 张海龙 |
| |
| 作者单位: | 网络与交换技术国家重点实验室(北京邮电大学),北京 100876;网络与交换技术国家重点实验室(北京邮电大学),北京 100876;网络与交换技术国家重点实验室(北京邮电大学),北京 100876;网络与交换技术国家重点实验室(北京邮电大学),北京 100876;网络与交换技术国家重点实验室(北京邮电大学),北京 100876;网络与交换技术国家重点实验室(北京邮电大学),北京 100876 |
| |
| 基金项目: | 国家自然科学基金(91318301, 61202080);国家高技术研究发展计划(863)(2012AA011201) |
| |
| 摘 要: | 缺陷检测一般包括静态分析与人工审查两个阶段.静态检测工具报告大量缺陷,但是主要的缺陷确认工作仍由人工完成,这是一件费时、费力的工作.巨大的审查开销可能会导致软件开发人员拒绝使用该静态缺陷检测工具.提出一种可靠的基于缺陷关联的静态分析优化方法,能够分组静态检测工具所报告的缺陷,在分组后的任意一组缺陷中,如果其主导缺陷被证明是误报(或者是真实的),就能确认其他缺陷也是误报(也是真实的).实验结果表明,基于缺陷关联的静态分析优化方法在较小的时间和空间开销下减少了22%的缺陷审查工作,能够较好地适应于大型的关键嵌入式系统程序缺陷检测.
|
| 关 键 词: | 静态分析 优化 缺陷关联 抽象解释 状态切片 |
| 收稿时间: | 5/8/2013 12:00:00 AM |
| 修稿时间: | 2013/12/5 0:00:00 |
Optimizing Static Analysis Based on Defect Correlations |
| |
| ZHANG Da-Lin,JIN Da-Hai,GONG Yun-Zhan,WANG Qian,DONG Yu-Kun and ZHANG Hai-Long.Optimizing Static Analysis Based on Defect Correlations[J].Journal of Software,2014,25(2):386-399. |
| |
| Authors: | ZHANG Da-Lin JIN Da-Hai GONG Yun-Zhan WANG Qian DONG Yu-Kun and ZHANG Hai-Long |
| |
| Affiliation: | State Key Laboratory of Networking and Switching Technology (Beijing University of Posts and Telecommunications), Beijing 100876,;China;State Key Laboratory of Networking and Switching Technology (Beijing University of Posts and Telecommunications), Beijing 100876,;China;State Key Laboratory of Networking and Switching Technology (Beijing University of Posts and Telecommunications), Beijing 100876,;China;State Key Laboratory of Networking and Switching Technology (Beijing University of Posts and Telecommunications), Beijing 100876,;China;State Key Laboratory of Networking and Switching Technology (Beijing University of Posts and Telecommunications), Beijing 100876,;China;State Key Laboratory of Networking and Switching Technology (Beijing University of Posts and Telecommunications), Beijing 100876,;China |
| |
| Abstract: | Defect detection generally includes two stages: static analysis and defect inspection. A large number of defects reported may lead developers and managers to reject the use of static analysis tools as part of the development process due to the overhead of defect inspection. To help with the inspection tasks, this paper formally introduces defect correlation, a sound dependency relationship between defects. If the occurrence of one defect causes another defect to occur, the two defects are correlated. This paper presents a sound optimized method to static analysis that can classify the defects reported by static defect detection tool into different groups, in which all defects are false positives (true positives) if the dominant defect is false positives (true positives). The experimental results show a decrease of 22% the time inspecting all defects and the capability and flexibility of this method to detect defects of large, critical or embedded systems. |
| |
| Keywords: | static analysis optimizing defect correlation abstract interpretation state slicing |
|
| 点击此处可从《软件学报》浏览原始摘要信息 |
|
点击此处可从《软件学报》下载全文 |
|
