Aims and Scopes
Publishing Policy
Editorial Board
Specialty
To Authors
Partners
Contacts


 
Archive

 
 
 
 
 
 
Appendix

 
 
 
 
 
Другие журналы

scientific edition of Bauman MSTU

SCIENCE & EDUCATION

Bauman Moscow State Technical University.   El № FS 77 - 48211.   ISSN 1994-0408

A New Modified Summary-Based Method of the Programme Codes Analysis for Testing Large Software Systems

# 08, August 2015
DOI: 10.7463/0815.0793227
Article file: SE-BMSTU...o300.pdf (406.31Kb)
authors: A.V. Sidorin1, T.N. Romanova1

The automated testing tools becoming a frequent practice require thorough computer-aided testing of large software systems, including system inter-component interfaces. To achieve a good coverage, one should overcome scalability problems of different methods    of analysis. These problems arise from impossibility to analyze all the execution paths. The objective of this research is to build a method for inter-procedural analysis, which efficiency enables us to analyse large software systems (such as Android OS codebase as a whole) for a reasonable time (no more than 4 hours). This article reviews existing methods of software analysis to detect their potential defects. It focuses on the symbolic execution method since it is widely used both in static analysis of source code and in hybrid analysis of object files and intermediate representation (concolic testing). The method of symbolic execution involves separation of a set of input data values into equivalence classes while choosing an execution path. The paper also considers advantages of this method and its shortcomings. One of the main scalability problems is related to inter-procedural analysis. Analysis time grows rapidly if an inlining method is used for inter-procedural analysis.  So this work proposes a summary-based analysis method to solve scalability problems. Clang Static Analyzer, an open source static analyzer (a part of the LLVM project), has been chosen as a target system. It allows us to compare performance of inlining and summary-based inter-procedural analysis. A mathematical model for preliminary estimations is described in order to identify possible factors of performance improvement.

References
  1. Hiroo Matsumoto. Applying Clang Static Analyzer to Linux Kernel : abstract of 2012 LinuxCon Japan (6−8 June, 2012). Fujitsu Computer Technologies Ltd., 2012.
  2. PVS-Studio Description. PVS-Studio. Static Code Analyzer for C/C++: “Program Verification Systems” company website. Available at:http://www.viva64.com/ru/pvs-studio/, accessed 13.05.2015.
  3. Marjamaki D. Cppcheck Design , 2010. Kent State University: website. Available at : http://www.cs.kent.edu/~rothstei/spring_12/secprognotes/cppcheck-design.pdf (дата обращения 14.05.2015).
  4. Johnson S.C. Lint, a C Program Checker. Computer Science Technical Reports No. 65 . Bell Laboratories, Murray Hill, New Jersey, 1978, pp. 78-90.
  5. Almossawi A., Lim K., Sinha T. Analysis tool evaluation: Coverity Prevent. Final Report . Pittsburgh, PA: Carnegie Mellon University, 2006. 19 с .
  6. Ivannikov V.P., Belevantsev A.A., Borodin A.E., Ignatiev V.N., Zhurikhin D.M., Avetisyan A.I., Leonov M.I. Static analyzer Svace for finding defects in a source program code. Trudy Instituta sistemnogo programmirovaniya RAN , 2014, vol. 26, no. 1, pp. 231-250. ( English version of journal: Programming and Computer Software , 2014, vol. 40, is. 5, pp. 265-275. DOI:10.1134/S0361768814050041).
  7. Hovemeyer D., Pugh W. Finding Bugs is Easy. ACM SIGPLAN Notices , 2004, vol. 39, no. 12, pp. 132-136. DOI: 10.1145/1028664.1028717
  8. Nethercote N., Seward J. Valgrind: a framework for heavyweight dynamic binary instrumentation. ACM SIGPLAN Notices , 2007, vol. 42, no. 6, pp. 89-100. DOI:10.1145/1273442.1250746
  9. Serebryany K., Bruening D., Potapenko A., Vyukov D. AddressSanitizer: A Fast Address Sanity Checker. Proceedings of the 2012 USENIX Annual Technical Conference . USENIX, 2012, pp. 309-318. Available at: https://www.usenix.org/conference/atc12/technical-sessions/presentation/serebryany, accessed 01.07.2015.
  10. Serebryany K., Iskhodzhanov T. ThreadSanitizer: data race detection in practice. Proc. of the Workshop on Binary Instrumentation and Applications (WBIA '09). ACM, New York, NY, USA, 2009, pp. 62-71. DOI: 10.1145/1791194.1791203
  11. Sang Kil Cha, Avgerinos T., Rebert A., Brumley D. Unleashing Mayhem on Binary Code. Proceedings of the 33rd IEEE Symposium on Security and Privacy . IEEE, 2012, pp. 380-394. DOI: 10.1109/SP.2012.31
  12. Cadar C., Dunbar D., Engler D. KLEE: Unassisted and automatic generation of high-coverage tests for complex systems programs. Proceedings of the 8th USENIX conference on Operating systems design and implementation . USENIX, 2008, pp. 209-224.
  13. King J.C. Symbolic execution and program testing. Communications of the ACM , 1976, vol. 19, no. 7, pp. 385-394. DOI: 10.1145/360248.360252
  14. Cousot P., Cousot R. Abstract Interpretation: A Unified Lattice Model for Static Analysis of Programs by Construction or Approximation of Fixpoints. Proceedings of the 4th ACM SIGACT-SIGPLAN Symposium on Principles of Programming Languages . ACM, 1977. C. 238-252. DOI: 10.1145/512950.512973
  15. Reps T., Horwitz S., Sagiv M. Precise interprocedural dataflow analysis via graph reachability. Proceedings of the 22nd ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages . ACM, 1995. C. 49-61. DOI: 10.1145/199448.199462
  16. Sen K., Marinov D., Agha G. CUTE: a concolic unit testing engine for C. Proceedings of the 10th European software engineering conference held jointly with 13th ACM SIGSOFT international symposium on Foundations of software engineering . ACM, 2005. C. 263-272. DOI: 10.1145/1095430.1081750
  17. The LLVM compiler infrastructure. Available at: http://llvm.org/, accessed 14.05.2015.
  18. clang: a C language family frontend for LLVM. Available at: http://clang.llvm.org/, accessed 15.05.2015.
  19. Clang Static Analyzer. Available at: http://clang-analyzer.llvm.org/, accessed 15.05.2015.
Publications with keywords: C++, static code analysis, symbolic execution, interprocedural analysis, summary-based method, Clang Static Analyzer
Publications with words: C++, static code analysis, symbolic execution, interprocedural analysis, summary-based method, Clang Static Analyzer
See also:
Thematic rubrics:
Поделиться:
 
SEARCH
 
elibrary crossref ulrichsweb neicon rusycon
Photos
 
Events
The 7th International Scientific Conference on Physics and Control (PhysCon2015)

The 1st IFAC Conference on Modelling, Identification and Control of Nonlinear Systems (MICNON 2015)

 
News
13.05.2016
Summer School on General Relativity

16.04.2016
Online Experimentation: Emerging Technologies and IoT

28.09.2014
Australia Most Expensive Place for International Students to Get University Education: Survey

28.09.2014
The issue 2014 (1) of the IPACS peer reviewed free open access journal Cybernetics and Physics (CAP) is released.

12.09.2014
Two foreign universities open branch campuses in South Korea




Authors
Press-releases
Library
Conferences
About Project
Rambler's Top100
Phone: +7 (915) 336-07-65 (строго: среда; пятница c 11-00 до 17-00)
  RSS
© 2003-2024 «Наука и образование»
Перепечатка материалов журнала без согласования с редакцией запрещена
 Phone: +7 (915) 336-07-65 (строго: среда; пятница c 11-00 до 17-00)