Static Detection Method Of State Related Defects In Large Scale Software System

Code defect is the wrong implementation in the code,which can cause the software system to deviate from the software requirements or produce unexpected error results.Many software system failures are attributed to defects.Finding and eliminating code defects is important to software quality assurance.State-related defects are very common in the software systems,so they are always the focus of code defect detection.Static analysis and dynamic testing are common methods of defect detection.The static analysis method is widely used in academia and industry because of its high automation and easy deployment.But the false positive rate of simple static analysis results is high,so high accuracy analysis algorithm is usually needed to improve the accuracy.Now the scale of the software systems is increasing day by day.Using the static analysis method to detect state related defects needs to track all the control flow and data flow information of the object,so it faces a huge challenge of accuracy and scalability.Now,most of the research work only focuses on low-precision static analysis,while high-precision static analysis algorithms usually need a lot of computing resources,which is difficult to be realized in the resource-limited environment.Aiming at the detection of state-related defects in large-scale software systems,this paper studies effective methods to improve the accuracy and scalability of static analysis methods.The main research work of this paper includes:1,This paper proposes a high-precision,highly scalable context-sensitive and path-sensitive static analysis method.This method proposes a path constraint coding/decoding algorithm based on the inter-process control flow execution tree,which greatly reduces the storage,access and other costs of large-scale path constraints,and realizes efficient and highly scalable analysis support.On this basis,this method performs constraint-guided CFL-reachability computation.2,This paper proposes a static detection method of state-related defects in largescale software systems based on reachable computation.Firstly,FSM is used to model state-related defects;Secondly,FSM and control flow graph are used to generate extended program state graph;On this basis,the algorithm is designed to transform the defect detection problem into constraint-based graph reachability calculation,so that the reachable edge can be calculated by the above-mentioned high-precision and high expandability analysis method.And then judge whether the state of each reachable edge endpoint is the error state defined in FSM to realize defect detection.3,Based on the above method,this paper implements a static tool of state-related defects in a large-scale software system,and makes an experimental evaluation.Based on the static analysis framework Soot,SMT solver Z3 and large-scale system static analysis tool Graspan,this paper implements the prototype tool Grapple.In this paper,four state-related defects of four widely deployed large-scale software systems are evaluated.The experimental results show that grapple can perform high-precision and scalable static analysis of large-scale software systems,and can effectively detect state-related defects.