摘要
针对函数与函数之间存在警报间关联关系的问题,论文提出警报关联摘要来实现函数间分析,并利用该警报关联摘要实现过程间警报关联,通过该方法能够有效减轻人工判定警报的工作量。论文首先通过采用警报关联摘要实现函数调用的过程间分析,接着在调用点处进行警报关联摘要实例化得出警报对应的符号表达式及取值区间,分析警报间对应的符号表达式的逻辑关系得出关联关系,最后根据警报间的关联关系对警报进行判定。通过对5个实际C工程的测试结果表明,论文所提方法可以有效识别过程间警报关联关系,能够在一定程度上有效减轻人工判定警报的工作量。
Regarding the problem of correlation between alarms between functions,this paper proposes an alarm correlation summary to realize inter-function analysis,and uses the alarm correlation summary to realize inter-process alarm correlation.This method can effectively reduce the workload of manually determining alarms.This article firstly implements the inter-process analysis of the function call by using the alarm correlation summary,and then instantiates the alarm correlation summary at the call point to obtain the symbol expression and value interval corresponding to the alarm,and analyzes the logical relationship of the corresponding symbol expression between the alarm.The association relationship is obtained,and finally the alarm is judged based on the association relationship between the alarms.The test results of five actual C projects show that the method proposed in this paper can effectively identify the correlation between alarms between processes,and can effectively reduce the workload of manual judgment of alarms to a certain extent.
作者
张莉
董玉坤
刘浩
尹文静
ZHANG Li;DONG Yukun;LIU Hao;YIN Wenjing(College of Computer Science and Technology,China University of Petroleum,Qingdao 266580)
出处
《计算机与数字工程》
2022年第4期821-826,共6页
Computer & Digital Engineering
关键词
静态分析
缺陷检测
程序语义缺陷
警报关联摘要
警报关联
static analysis
defect detection
program semantic defect
warnings correlation summary
warnings correlation
