Supported by the National High-Tech Research and Development Plan of China under Grant Nos.2007AA010302, 2009AA012404 (国家高技术研究发展计划(863))
提出一种多项式复杂度的路径敏感静态缺陷检测算法.该方法采用变量的抽象取值范围来表示属性状态条件,通过属性状态条件中的变量抽象取值范围为空来判断不可达路径.在控制流图(control flow graph,简称CFG)中的汇合节点上合并相同属性状态的状态条件,从而避免完整路径上下文分析的组合爆炸问题.该算法已应用于缺陷检测系统DTS(defect testing system).实际测试结果表明,该方法能够减少误报.
This paper presents a new path sensitive algorithm for static defect detecting running in polynomial time. In this method, property state conditions are represented by abstract domain of variables, and infeasible paths can be identified when some variables’ abstract value range is empty. This method avoids the combination explosion of full path analysis by merging the conditions of identical property state at join points in the CFG (control flow graph). This algorithm has been implemented as part of a defect testing tool called DTS (defect testing system). Practical test results show that this method can reduce false positive.