618,336 research outputs found
STATIC CODE ANALYSIS
A lot of the defects that are present in a program are not visible to the compiler. Static code analysis is a way to find bugs and reduce the defects in a software application. This paper gives you an overview on static code analysis, well-known tools and the benefits of this practice.code, analysis
A Practical Blended Analysis for Dynamic Features in JavaScript
The JavaScript Blended Analysis Framework is designed to
perform a general-purpose, practical combined static/dynamic
analysis of JavaScript programs, while handling dynamic
features such as run-time generated code and variadic func-
tions. The idea of blended analysis is to focus static anal-
ysis on a dynamic calling structure collected at runtime in
a lightweight manner, and to rene the static analysis us-
ing additional dynamic information. We perform blended
points-to analysis of JavaScript with our framework and
compare results with those computed by a pure static points-
to analysis. Using JavaScript codes from actual webpages
as benchmarks, we show that optimized blended analysis
for JavaScript obtains good coverage (86.6% on average per
website) of the pure static analysis solution and nds ad-
ditional points-to pairs (7.0% on average per website) con-
tributed by dynamically generated/loaded code
Active Learning of Points-To Specifications
When analyzing programs, large libraries pose significant challenges to
static points-to analysis. A popular solution is to have a human analyst
provide points-to specifications that summarize relevant behaviors of library
code, which can substantially improve precision and handle missing code such as
native code. We propose ATLAS, a tool that automatically infers points-to
specifications. ATLAS synthesizes unit tests that exercise the library code,
and then infers points-to specifications based on observations from these
executions. ATLAS automatically infers specifications for the Java standard
library, and produces better results for a client static information flow
analysis on a benchmark of 46 Android apps compared to using existing
handwritten specifications
Lab Package: Static Code Analysis
Antud bakalaureusetöö eesmärgiks on luua uus versioon staatilist koodianalüüsi tutvustavast praktikumimaterjalist, mida kasutatakse Tartu Ülikoolis aines “Tarkvara Testimine (MTAT.03.159)”. Töös kirjeldatakse nii peamisi põhjuseid muutusteks kui ka töö käigus valminud uuenenud materjale. Loodud materjale rakendati eelnimetatud aines ning neile antud tagasiside oli positiivne. Töö lõpeb tudengite antud tagasiside analüüsiga ning lisatud on ka soovitusi edasisteks parandusteks.The main goal of this thesis is to enhance the lab materials about static code analysis used in the course “Software Testing (MTAT.03.159)” in the University of Tartu. The motivation for the changes is explained and the new materials are introduced in this work. The materials were applied in the course and received positive feedback. Students’ feedback given after the execution of the lab is analyzed with suggestions for future improvements given
- …