• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文会议>Asia-Pacific Software Engineering Conference >On the Use of Mined Stack Traces to Improve the Soundness of Statically Constructed Call Graphs
【24h】

On the Use of Mined Stack Traces to Improve the Soundness of Statically Constructed Call Graphs

机译:关于使用挖掘的堆栈轨迹提高静态构造的调用图的可靠性

获取原文
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

Static program analysis is a cornerstone of modern software engineering - it is used to detect bugs and security vulnerabilities early before software is deployed. While there is a large body of research into the scalability and the precision of static analysis, the (un) soundness of static analysis is a critical issue that has not attracted the same level of attention by the research community. In this paper we investigate the question whether information harvested from stack traces obtained from the GitHub issue tracker and Stack Overflow Q&A forums can be used in order to complement statically built call graphs. For this purpose, we extract reflective call graph edges from parsed stack traces, and check whether these edges are correctly computed by Doop, a widely used tool for static analysis with built-in support for reflection analysis. We do find edges that Doop misses when analysing real-world programs, even when reflection analysis is enabled. This suggests that mining techniques are a useful tool to test and improve the soundness of static analysis.
机译:静态程序分析是现代软件工程的基础-用于在部署软件之前及早检测错误和安全漏洞。尽管对静态分析的可伸缩性和精确性进行了大量研究,但是静态分析的(非)合理性是一个关键问题,尚未引起研究界的同等关注。在本文中,我们调查了是否可以使用从GitHub问题跟踪器和Stack Overflow Q&A论坛获取的堆栈跟踪信息中收集的信息来补充静态构建的调用图。为此,我们从解析的堆栈轨迹中提取反射调用图边缘,并检查这些边缘是否被Doop(一种广泛用于静态分析的工具,具有对反射分析的内置支持)正确地计算出来。即使在启用反射分析时,我们也确实在分析现实程序时发现了Doop遗漏的边缘。这表明挖掘技术是测试和改善静态分析的合理性的有用工具。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号