Uncovering hidden dependencies constructing intelligible path witnesses using dataflow analyses /
The lack of sound, concise and comprehensive error reports emitted by a static analysis tool can cause increased fixing cost, bottleneck at the availability of experts and even may undermine the trust in static analysis as a method. This paper presents novel techniques to improve the quality of bug...
Elmentve itt :
| Szerzők: | |
|---|---|
| Dokumentumtípus: | Cikk |
| Megjelent: |
University of Szeged, Institute of Informatics
Szeged
2024
|
| Sorozat: | Acta cybernetica
26 No. 3 |
| Kulcsszavak: | Statikus analízis, Programanalízis, Szoftvertechnológia, Szoftverbiztonság |
| Tárgyszavak: | |
| doi: | 10.14232/actacyb.299805 |
| Online Access: | http://acta.bibl.u-szeged.hu/86992 |
| Tartalmi kivonat: | The lack of sound, concise and comprehensive error reports emitted by a static analysis tool can cause increased fixing cost, bottleneck at the availability of experts and even may undermine the trust in static analysis as a method. This paper presents novel techniques to improve the quality of bug reports for static analysis tools that employ symbolic execution. With the combination of data and control dependency analysis, we can identify the relevance of particular code snippets that were previously missing from the report. We demonstrated the benefits of our approach by implementing an improved bug report generator algorithm for the Clang Static Analyzer. After being tested by the open source community our solution became enabled by default in the tool. |
|---|---|
| Terjedelem/Fizikai jellemzők: | 713-747 |
| ISSN: | 2676-993X |