大规模源代码增量式资源泄漏检测方法
作者:
作者简介:

高志伟(1991-),男,山西阳泉人,硕士,CCF学生会员,主要研究领域为软件分析与可靠性;高玉金(1974-),男,博士,讲师,主要研究领域为并行程序设计,计算机体系结构;计卫星(1980-),男,博士,副教授,CCF专业会员,主要研究领域为计算机系统结构,并行计算与高性能计算,程序分析与优化;廖心怡(1993-),女,硕士,CCF学生会员,主要研究领域为高性能计算;石剑君(1991-),女,博士生,主要研究领域为软件分析与可靠性;罗辉(1991-),男,硕士生,CCF学生会员,主要研究领域为静态代码检测;王一拙(1979-),男,博士,讲师,CCF专业会员,主要研究领域为计算机系统结构,并行编程模型;石峰(1961-),男,博士,教授,博士生导师,主要研究领域为多核处理器体系结构,并行与分布式计算.

通讯作者:

计卫星,E-mail:jwx@bit.edu.cn

基金项目:

国家自然科学基金(61300010);国家重点研发计划(2016YFB1000801)


Incremental Resource Leak Detection for Large Scale Source Code
Author:
Fund Project:

National Natural Science Foundation of China (61300010); National Key Research and Development Program of China (2016YFB1000801)

  • 摘要
  • | |
  • 访问统计
  • |
  • 参考文献 [24]
  • |
  • 相似文献 [20]
  • | | |
  • 文章评论
    摘要:

    资源泄漏是影响软件质量和可靠性的一种重要软件缺陷,存在资源泄漏的程序长时间运行会由于资源耗尽而发生异常甚至崩溃.静态代码分析是进行资源泄漏检测的一种有效的技术手段,能够基于源代码或者二进制代码有效地发现程序中潜在的资源泄漏问题.然而,精确的资源泄漏检测算法的复杂性会随着程序规模的增加呈指数级增长,无法满足生产中即时对缺陷进行分析检测的实际应用需求.面向大规模源代码提出了一种增量式的静态资源泄漏检测方法,该方法支持过程间流敏感的资源泄漏检测,在用户编辑代码的过程中,从变更的函数入手,通过资源闭包、指向分析过滤等多种技术手段缩小资源泄漏检测范围,进而实现了大规模代码的即时缺陷分析与报告.实验结果表明:该方法在保证准确率的前提下,90%的增量检测实验可以在10s内完成,能够满足在用户编辑程序过程中对缺陷进行即时检测和报告的实际应用需求.

    Abstract:

    Resource leak is an important software defect that affects the quality and reliability of software and may cause program abnormality or even system crash.Static analysis is an effective defect detection method which can identify potential resource leaks in source code or executable binary.However,as the scale of programs increases,the complexity of accurate resource leak detection rises exponentially,thereby making it difficult to meet the demand of just-in-time defect detection for large practical applications.In this paper,an incremental static resource leak detection algorithm is proposed for large-scale source code projects.The algorithm supports inter-procedural flow sensitive resource leak detection that allows developers to observe the impact of their changes immediately.Starting from the modified functions,this approach narrows down the scope of resource leak detection by generating method closures and performing points-to analysis to analyze hundreds of thousands of lines of source code in seconds.Experimental results show that the algorithm completes defect detection within 10s with a high accuracy on more than 90% of the tests,which makes it possible for just-in-time resource leak detection for practical applications.

    参考文献
    [1] Wang KC, Wang TT, Su XH, Ma PJ. Key scientific issues and state-art of automatic software fault localization. Chinese Journal of Computers, 2015,38(11):2262-2278(in Chinese with English abstract).
    [2] Wang T. Research and implements on static detection technology for source-oriented software vulnerality[MS. Thesis]. Wuhan:Huazhong University of Science and Technology, 2015(in Chinese with English abstract).
    [3] Shirazi J, Pepperdine K, Hutt JT. Java performance tuning. 2010. http://www.javaperformancetuning.com/news/news116.shtml
    [4] Xiao Q, Gong YZ, Yang ZH, Jin DH, Wang YW. Path sensitive static defect detecting method. Ruan Jian Xue Bao/Journal of Software, 2010,21(2):209-217(in Chinese with English abstract). http://www.jos.org.cn/1000-9825/3782.htm[doi:10.3724/SP.J. 1001.2010.03782]
    [5] Yang X, Gong YZ, Jin DH. A method of detecting resource leak based on static analysis. In:Proc. of the 3rd National Software Test Conf. and Advanced Forum on Mobile Computing, Grid, Intelligence. 2009. 5-9(in Chinese with English abstract).
    [6] Ayewah N, Pugh W, Morgenthaler JD, Penix J, Zhou YQ. Using findbugs on production software. In:Proc. of the ACM Sigplan Conf. on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA 2007). 2007. 805-806.[doi:10.1145/1297846.1297897]
    [7] Péter R. Rice HG. Classes of recursively enumerable sets and their decision problems. Trans. of the American Mathematical Society, 1953,74(2):358-366.[doi:10.1090/S0002-9947-1953-0053041-6]
    [8] Zhao YS, Gong YZ, Liu L, Xiao Q, Yang ZH. Improving the efficiency and accuracy of path-sensitive defect detecting. Chinese Journal of Computers, 2011,34(6):1100-1113(in Chinese with English abstract).[doi:10.3724/SP.J.1016.2011.01100]
    [9] Broy M, Denert E. Pioneers and Their Contributions to Software Engineering. Berlin, Heidelberg:Springer-Verlag, 2001.[doi:10. 1007/978-3-642-59412-0]
    [10] Torlak E, Chandra S. Effective interprocedural resource leak detection. In:Proc. of the 32nd ACM/IEEE Int'l Conf. on Software Engineering. ACM Press, 2010. 535-544.[doi:10.1145/1806799.1806876]
    [11] Do LNQ, Ali K, Livshits B, Bodden E, Smith J, Murphyhill ER. Just-in-Time static analysis. In:Proc. of the ACM Sigsoft Int'l Symp. ACM Press, 2016. 307-317.[doi:10.1145/3092703.3092705]
    [12] Valléerai R, Co P, Gagnon E, Hendren L, Lam P, Sundaresan V. Soot-A Java bytecode optimization framework. In:Proc. of the Masters Abstracts Int'l. 2000. 214-224.
    [13] Evanno G, Regnaut S, Goudet J. Optimizing Java bytecode using the soot framework:Is it feasible. In:Proc. of the Int'l Conf. on Compiler Construction. Springer-Verlag, 2000. 18-34.[doi:10.1007/3-540-46423-9_2]
    [14] Mei H, Wang QX, Zhang L, Wang J. Software analysis:A road map. Chinese Journal of Computers, 2009,32(9):1697-1710(in Chinese with English abstract).
    [15] Umanee N. Shimple:And Investigation of Static Single Assignment Form[MS. Thesis]. School of Computer Science, McGill University, 2006.
    [16] Vallee-Rai R, Hendren LJ. Jimple:Simplifying Java bytecode for analyses and transformations. Technical Report, 1998-4, Sable Research Group, McGill University, 1998.
    [17] Liu YP, Wei LL, Xu C, Cheung SC. DroidLeaks:Benchmarking resource leak bugs for android applications. CoRR abs/1611.08079, 2016.
    附中文参考文献:
    [1] 王克朝,王甜甜,苏小红,马培军.软件错误自动定位关键科学问题及研究进展.计算机学报,2015,38(11):2262-2278.
    [2] 王涛.面向源码的软件漏洞静态检测技术研究与实现[硕士学位论文].武汉:华中科技大学,2015.
    [4] 肖庆,宫云战,杨朝红,金大海,王雅文.一种路径敏感的静态缺陷检测方法.软件学报,2010,21(2):209-217. http://www.jos.org.cn/1000-9825/3782.htm[doi:10.3724/SP.J.1001.2010.03782]
    [5] 杨绣,宫云战,金大海.一种基于静态分析的资源泄漏检测方法.见:第3届全国软件测试会议与移动计算栅格、智能化高级论坛论文集.2009.5-9.
    [8] 赵云山,宫云战,刘莉,肖庆,杨朝红.提高路径敏感缺陷检测方法的效率及精度研究.计算机学报,2011,34(6):1100-1113.[doi:10. 3724/SP.J.1016.2011.01100]
    [14] 梅宏,王千祥,张路,王戟.软件分析技术进展.计算机学报,2009,32(9):1697-1710.
    引证文献
    网友评论
    网友评论
    分享到微博
    发 布
引用本文

高志伟,计卫星,石剑君,王一拙,高玉金,廖心怡,罗辉,石峰.大规模源代码增量式资源泄漏检测方法.软件学报,2018,29(5):1244-1257

复制
分享
文章指标
  • 点击次数:3320
  • 下载次数: 5927
  • HTML阅读次数: 2969
  • 引用次数: 0
历史
  • 收稿日期:2017-07-02
  • 最后修改日期:2017-11-21
  • 在线发布日期: 2018-05-06
文章二维码
您是第19894637位访问者
版权所有:中国科学院软件研究所 京ICP备05046678号-3
地址:北京市海淀区中关村南四街4号,邮政编码:100190
电话:010-62562563 传真:010-62562533 Email:jos@iscas.ac.cn
技术支持:北京勤云科技发展有限公司

京公网安备 11040202500063号