Path Sensitive Static Defect Detecting Method

Xiao, Qing; Gong, Yi; Zhou, Yang; Jin, Dahai; Wang, Yawen

doi:10.3724/sp.j.1001.2010.03782

Cited by 11 publications

(4 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…To verify whether the method in this paper can realize defect repair and false-positive elimination without side effect, DTSFix is implemented based on static detection tool DTS (Defect Test System) [29,30], DTSFix detect locations of suspicious statements by DTS, and produce defect reports [31]. Partial defect reports of JFreeChart detected by DTS are shown in Table 3.…”

Section: Methodsmentioning

confidence: 99%

Automated Program-Semantic Defect Repair and False-Positive Elimination without Side Effects

Dong¹,

Wu²,

Pang³

et al. 2020

Symmetry

View full text Add to dashboard Cite

The alarms of the program-semantic defect-detection report based on static analysis include defects and false positives. The repair of defects and the elimination of false positives are time-consuming and laborious, and new defects may be introduced in the process. To solve these problems, the safe constraints interval of related variables and methods are proposed for the semantic defects in the program, and proposes a functionally equivalent no-side-effect program-semantic defect repair and false-positive elimination strategy based on the test-equivalence theory. This paper realizes the automatic repair of the typical semantic defects of Java programs and the automatic elimination of false positives by adding safe constraint patches. After the repair, the program functions are equivalent and the status of each program point is within the safety range, so that the functions before and after the defect repair are consistent, and the functions and semantics before and after the false positives are eliminated. We have evaluated our approach by repairing 5 projects; our results show that the repair strategy does not require manual confirmation of alarms, automated repair of the program effectively, shortened the repair time greatly, and ensured the correctness of the program after the repair.

show abstract

Section: Methodsmentioning

confidence: 99%

Automated Program-Semantic Defect Repair and False-Positive Elimination without Side Effects

Dong¹,

Wu²,

Pang³

et al. 2020

Symmetry

View full text Add to dashboard Cite

show abstract

“…Software testing is an expensive, tedious, and labor-intensive task and accounts for up to 50% of the total cost of software development [1]. To improve the efficiency of software testing and find more defects, it is desirable to have matured static analysis tools that can automatically detect the defects in a program [2]- [4]. However, since static analysis is conservative and every path is considered to be executable, a large number of false positives come out as the results of static analysis.…”

Section: Introductionmentioning

confidence: 99%

“…Fig.1(b) show a C language code segment and the corresponding control flow graphs of functions foo() and f1() in the code segment, respectively. An invalid arithmetic operation (IAO) fault (at statement 7) is detected by the defect testing system (DTS) [4] which is a code static analysis tool for detecting the defects in program, but it is manually confirmed as a false positive. The path constraints 1 can be extracted after the symbolic execution, the constraint X > 1 ∧ Y > 0 is considered as the path constraint of subpath 1-2-3-4-5-6.…”

Section: Introductionmentioning

confidence: 99%

Detecting Interprocedural Infeasible Paths Based on Unsatisfiable Path Constraint Patterns

et al. 2019

View full text Add to dashboard Cite

The static analysis plays an important role in many software engineering activities. However, the existence of infeasible paths, which causes lower program test coverage and several false positives in the results of the static analysis, has become one of the biggest challenges for the static analysis. In this paper, based on unsatisfiable path constraint patterns, we present a new approach to detect interprocedural infeasible paths. In our approach, we first discover nine unsatisfiable path constraint patterns by mining the common path constraint features of a large number of infeasible paths. Then, we detect the interprocedural infeasible paths; a detected path is deemed to be an interprocedural infeasible path if its simplified constraint conditions match one of the nine unsatisfiable path constraint patterns. To illustrate and verify the approach, an experimental study is performed on five open source C projects. The results show that compared with the existing approach, our approach requires less time on average and detects more interprocedural infeasible paths among the given paths. INDEX TERMS Static analysis, infeasible path, constraint pattern, interprocedural analysis.

show abstract

“…Software testing is an inevitable step in software development, and it accounts for more than 50% of the cost of software development [1,2]. In order to detect and repair the faults existing in the software as soon as possible, testers often analyze the program with the aid of defect detection tools [3,4], such as Astrée [5], DTS [6], Klocwork, etc. These tools employ the static analysis techniques and have some features such as the high defect detection rate, accurate fault location and high degree of automation.…”

Section: Introductionmentioning

confidence: 99%

Inter-Procedural Diagnosis Path Generation for Automatic Confirmation of Program Suspected Faults

2019

View full text Add to dashboard Cite

Static analysis plays an important role in the software testing field. However, the initial results of static analysis always have a large number of false positives, which need to be confirmed by manual or automatic tools. In this paper, a novel approach is proposed, which combines the demand-driven analysis and the inter-procedural dataflow analysis, and generates the inter-procedural diagnosis paths to help the testers confirm the suspected faults automatically. In our approach, first, the influencing nodes of suspected fault are calculated. Then, the CFG of each associated procedure is simplified according to the influencing nodes. Finally, the "section-whole" strategy is employed to generate the inter-procedural diagnosis path. In order to illustrate and verify our approach, an experimental study is performed on the five open source C language projects. The results show that compared with the traditional approach, our approach requires less time and can generate more inter-procedural diagnosis paths in the given suspected faults.

show abstract

Path Sensitive Static Defect Detecting Method

Cited by 11 publications

References 9 publications

Automated Program-Semantic Defect Repair and False-Positive Elimination without Side Effects

Automated Program-Semantic Defect Repair and False-Positive Elimination without Side Effects

Detecting Interprocedural Infeasible Paths Based on Unsatisfiable Path Constraint Patterns

Inter-Procedural Diagnosis Path Generation for Automatic Confirmation of Program Suspected Faults

Contact Info

Product

Resources

About