| The most commonly used software defect detection techniques include dynamic testing and static analysis,static analysis technology is widely used because of its high detection efficiency and low cost.Now there are many tools based on static analysis technology,but the ability of these tools to detect some detects is poor,can not meet the requirements of developers or testes,so it's still need to study.The tool is designed and implemented as part of defense basic research program “software defect discovery platform”.Because open source static analysis tools used in static analysis module have poor ability to detect some defects,it is necessary to design a static analysis tool to enchance the defect detection capability of the module.This article describes the static analysis,static analysis of the status and results of previous studies related defect detection tools and technology,analyzes the difficulty of detecting defects and difficulties,on this basis,a tool is designed and implemented based on symbolic execution.The tool generates the abstract syntax tree from the source code and generates a control flow graph from abstract syntax tree.The tool uses flaw detectors to detect defects.Finally,using the standard function to defect the detection capability of this tool.Testing indicates that the tool can detect corresponding defects,which achieves the desired target tool. |
PDF Full Text Request