A semi-automatic extensible static defect analysis tool

被引：0

作者：

Liang G.-T. ^{[1
]}

Meng N. ^{[1
]}

Li J.-H. ^{[1
]}

Zhong H. ^{[1
]}

Zhang L. ^{[1
]}

Wang Q.-X. ^{[1
]}

机构：

[1] Key Laboratory for High Confidence Software Technologies of Ministry of Education, School of Electronics Engineering and Computer Science, Peking University

来源：

Jisuanji Xuebao/Chinese Journal of Computers | 2011年 / 34卷 / 06期

关键词：

Defect analysis; Defect pattern; Semi-automatic extensible; Static analysis;

D O I：

10.3724/SP.J.1016.2011.01114

中图分类号：

学科分类号：

摘要：

The pattern based code defect analysis approach finds defects for subject programs with the aid of predefined defect pattern knowledge. The advantages of this kind of approach lie in the simplicity of its usage and the efficiency of its analysis, which make it a new technique with more rapid development among different approaches of static code defect analysis recently. However, among the available tools based on the approach, the extension modes provided by most of them are neither friendly nor efficient enough for users to extend their defect analysis capability. In order to solve this problem, the authors proposes a semi-automatic extensible static code defect analysis approach. Based on the approach, a tool named CODA (COde Defect Analysis tool) has been designed and implemented. In order to support the efficient extension of the defect pattern library, CODA provides not only enough "defect pattern description templates" to facilitate users' manual extension, but also a "semi-automatic extension mechanism" which accelerates the process of discovering, summarizing and extending new defect patterns. Once a new defect pattern is defined and added into the defect pattern library, CODA can automatically own the detecting ability for its related defects.

引用

页码：1114 / 1125

页数：11

共 15 条

[1] Flemming N., Riis N.H., Chris H., Principles of Program Analysis, (2005)
[2] Cousot P., Cousot R., Abstract interpretation: A unified lattice model for static analysis of programs by construction or approximation of fixpoints, Proceedings of the 4th ACM Symposium on Principles of Programming Languages (POPL), pp. 238-252, (1977)
[3] Detlefs D.L., Nelson G., Saxe J.B., A theorem prover for program checking, (2003)
[4] Clarke E.M., Grumberg Jr.O., Peled D.A., Model Checking, (2000)
[5] Boyer Robert S., Bernard E., Levitt Karl N., SELECT - A formal system for testing and debugging programs by symbolic execution, Proceedings of the International Conference on Reliable Software, pp. 234-245, (1975)
[6] Hallem S., Chelf B., Xie Y., Engler D., A system and language for building system-specific, static analyses, Proceedings of the ACM SIGPLAN 2002 Conference on Programming Language Design and Implementation (PLDI), pp. 69-82, (2002)
[7] Hallem S., Chelf B., Xie Y., Engler D., A system and language for building system-specific, static analyses, Proceedings of the ACM SIGPLAN 2002 Conference on Programming Language Design and Implementation (PLDI), pp. 69-82, (2002)
[8] Reimer D., Schonberg E., Srinivas K., Srinivasan H., Alpern B., Johnson R.D., Kershenbaum A., Koved L., SABER: Smart analysis based error reduction, Proceedings of the International Symposium on Software Testing and Analysis (ISSTA), pp. 243-251, (2004)
[9] Yang Z.-H., Gong Y.-Z., Xiao Q., Wang Y.-W., A defect based model testing system, Journal of Beijing University of Posts and Communications, 31, 5, pp. 1-4, (2008)
[10] Zhong H., Zhang L., Mei H., Early filtering of polluting method calls for mining temporal specifications, Proceedings of the Asia-Pacific Software Engineering Conference (APSEC), pp. 9-16, (2008)

← 1 2 →