CN112527419A - Finite state machine analysis method and system based on abstract model - Google Patents
Finite state machine analysis method and system based on abstract model Download PDFInfo
- Publication number
- CN112527419A CN112527419A CN202011489589.8A CN202011489589A CN112527419A CN 112527419 A CN112527419 A CN 112527419A CN 202011489589 A CN202011489589 A CN 202011489589A CN 112527419 A CN112527419 A CN 112527419A
- Authority
- CN
- China
- Prior art keywords
- statement
- state machine
- conversion
- finite state
- finite
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000004458 analytical method Methods 0.000 title claims abstract description 42
- 238000006243 chemical reaction Methods 0.000 claims abstract description 126
- 238000010586 diagram Methods 0.000 claims abstract description 15
- 238000005516 engineering process Methods 0.000 claims abstract description 15
- 238000000034 method Methods 0.000 claims description 19
- 230000008569 process Effects 0.000 claims description 14
- 238000010276 construction Methods 0.000 claims description 6
- 230000007704 transition Effects 0.000 description 17
- 238000001514 detection method Methods 0.000 description 13
- 230000006872 improvement Effects 0.000 description 2
- 230000009191 jumping Effects 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000005094 computer simulation Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/448—Execution paradigms, e.g. implementations of programming paradigms
- G06F9/4498—Finite state machines
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Debugging And Monitoring (AREA)
- Stored Programmes (AREA)
Abstract
The invention discloses a finite-state machine analysis method and a finite-state machine analysis system based on an abstract model, wherein the analysis method comprises the following steps: converting a finite-state machine model constructed according to user description into a representation form which can be recognized by a system by using a compiling technology; accessing all software units from bottom to top from the call relation diagram of the representation form by using a compiling technology, identifying conversion statements related to the finite state machine model in a single software unit, and establishing a subsequent access list of the single conversion statement; and traversing all the software units, after the initial conversion statement of the finite state machine model is identified, traversing the software units in the software according to the successive access list of the conversion statement and the sequential incidence relation of the finite state machine conversion statement, and identifying and reporting errors according to the finite state machine state conversion. In the invention, all situations of the problems concerned by the finite-state machine model can be covered, and the problems concerned are not reported in a missing way or in a wrong way.
Description
Technical Field
The invention belongs to the technical field of state machines, and particularly relates to a finite state machine analysis method and system based on an abstract model.
Background
A finite state machine is a mathematical computational model that represents a finite number of states and the behavior of transitions and actions between these states. In program analysis, some more complex detection rules can also be abstracted into a finite-state machine model to guide the implementation of an analysis algorithm. However, as the program size increases, the internal logic of the program becomes more complex, the paths to be traversed by program analysis are exponentially increased due to various branch conditions, and the capture error of the state transition of the finite state machine tracked by the full-program traversal is more limited by the resource consumption. Meanwhile, the current program analysis tool and related research only use a finite-state machine to identify errors, and the realization does not include a correct flow of the concerned problem on the abstract model of the finite-state machine, so that whether the abstract finite-state machine model completely covers all situations of the concerned problem cannot be judged, whether the finite-state machine covers all error situations of the concerned problem cannot be judged, and the report missing and the report error of the concerned problem cannot be easily realized.
In view of this, overcoming the deficiencies of the prior art products is an urgent problem to be solved in the art.
Disclosure of Invention
In view of the above defects or improvement requirements of the prior art, the present invention provides an abstract model-based finite state machine analysis method and system, and aims to cover all situations of the problems concerned by a finite state machine model by using the analysis method, so as to achieve no missing report or no false report of the concerned problems.
To achieve the above object, according to an aspect of the present invention, there is provided an abstract model-based finite state machine analysis method, the analysis method including:
s1: converting a finite-state machine model constructed according to a user description into a representation which can be recognized by a system by using a compiling technology, wherein the representation comprises a plurality of software units;
s2: accessing all software units from bottom to top from the call relation diagram of the representation form by using a compiling technology, identifying conversion statements related to the finite state machine model in a single software unit, and establishing a subsequent access list of the single conversion statement;
s3: and traversing all the software units, after the initial conversion statement of the finite state machine model is identified, traversing the software units in the software according to the successive access list of the conversion statement and the sequential incidence relation of the finite state machine conversion statement, and identifying and reporting errors according to the finite state machine state conversion.
Preferably, the S2 specifically includes:
s21: judging whether the current software unit has an unaccessed statement or not;
s22: if the sentence which is not accessed exists, judging whether the current sentence is a state conversion associated sentence of the finite state machine model;
s23: and if the current statement is the state conversion association statement of the finite state machine model, marking the current statement as the state conversion association statement of the finite state machine model, adding the statement into a subsequent access list of a previous conversion statement, and setting the current statement as the previous conversion statement.
Preferably, the S2 further includes:
s24: if the current statement is not the state conversion association statement of the finite state machine model, judging whether the current statement is a function call statement;
s25: if the function is a function calling statement, judging whether the called function contains a conversion statement of the finite state machine model;
s26: and if the conversion statement of the finite state machine model is contained, marking the current statement as a function call associated statement of the finite state machine model, adding the statement into a subsequent access list of the previous conversion statement, and setting the current statement as the previous conversion statement.
Preferably, the S3 includes:
s31: judging whether the current software unit contains an initial conversion statement of the finite-state machine model;
s32: if so, skipping to a next hop associated statement according to a successor access list corresponding to the statement, and marking the next hop associated statement as a current statement;
s33: judging whether the current statement is a function call statement;
s34: if the function is a function calling statement, judging whether the called function contains a conversion statement of the finite state machine model;
s35: if yes, switching to the called function, skipping to the next hop association statement according to the corresponding successor access list, marking the next hop association statement as the current statement, and circularly judging.
S36: and if the current state is not the function calling statement or the called function does not contain the conversion statement of the finite state machine model, performing state conversion based on the current state of the finite state machine model and the current conversion statement.
Preferably, said S36 is followed by:
s37: judging whether the state of the current finite-state machine model is an identified error or not;
s38: if so, an error is reported.
Preferably, said S37 is followed by:
s39: if not, judging whether a subsequent access list of the current conversion statement is empty, and if not, returning to execute S32;
s40: if yes, judging whether the previous conversion statement exists;
s41: if yes, returning to the previous conversion statement, returning the state of the finite state machine model, and searching the unexploited statement in the subsequent access list of the statement.
Preferably, said S41 is followed by:
s42: and judging whether an unaccessed conversion statement exists in a subsequent access list of the statement, and if not, returning to execute S40.
Preferably, said S40 is followed by:
s43: if not, judging whether the current statement has a caller;
s44: if the current statement has the caller, switching to the caller calling statement, and returning to S42;
if the current statement has no caller, return to S31.
Preferably, said S31 is followed by:
s45: if not, judging whether the software unit which is not accessed exists, if so, returning to the step S31; if not, the process is finished.
To achieve the above object, according to another aspect of the present invention, there is provided an abstract model-based finite state machine analysis system, including: the system comprises a construction module, a conversion identification module and an analysis module;
the construction module is used for converting the finite-state machine model constructed according to the user description into a representation form which can be recognized by a system by using a compiling technology, wherein the representation form comprises a plurality of software units;
the conversion identification module is used for accessing all software units from bottom to top from the call relation diagram of the representation form by using a compiling technology, identifying conversion statements related to the finite state machine model in a single software unit, and establishing a subsequent access list of the single conversion statement;
the analysis module is used for traversing all software units, traversing the software units according to the successive incidence relation of the finite state machine conversion statements in the software according to the successive access list of the conversion statements after identifying the initial conversion statements of the finite state machine model, and identifying and reporting errors according to the finite state machine state conversion.
Generally, compared with the prior art, the technical scheme of the invention has the following beneficial effects: the invention provides a finite state machine analysis method and a finite state machine analysis system based on an abstract model, wherein the analysis method comprises the following steps: converting a finite-state machine model constructed according to a user description into a representation which can be recognized by a system by using a compiling technology, wherein the representation comprises a plurality of software units; accessing all software units from bottom to top from the call relation diagram of the representation form by using a compiling technology, identifying conversion statements related to the finite state machine model in a single software unit, and establishing a subsequent access list of the single conversion statement; and traversing all the software units, after the initial conversion statement of the finite state machine model is identified, traversing the software units in the software according to the successive access list of the conversion statement and the sequential incidence relation of the finite state machine conversion statement, and identifying and reporting errors according to the finite state machine state conversion.
In the invention, the finite-state machine model not only comprises an error flow, but also comprises a correct flow and a detection modeling method for state transition from all intermediate states to program end, a transition statement of the finite-state machine is labeled from bottom to top according to a call relation, and the transition statement is added to a subsequent access list; and detecting the state transition of the finite-state machine model in a cross-function mode according to the marked subsequent access list, so that all situations of the concerned problems of the finite-state machine model can be covered, and the concerned problems are reported without missing report and error report.
Drawings
Fig. 1 is a schematic flowchart of an abstract model-based finite state machine analysis method according to an embodiment of the present invention;
fig. 2 is a schematic diagram of a specific implementation process of S2 according to an embodiment of the present invention;
fig. 3 is a schematic diagram of a specific implementation process of S3 according to an embodiment of the present invention;
FIG. 4 is a schematic structural diagram of an abstract model-based finite state machine analysis system according to an embodiment of the present invention;
FIG. 5 is a schematic structural diagram of a finite state machine model according to an embodiment of the present invention;
FIG. 6 is a diagram illustrating the recognition result of the translation recognition module according to the model shown in FIG. 5;
fig. 7 is a schematic process diagram of the analysis detection based on fig. 5 according to the embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
In the description of the present invention, the terms "inner", "outer", "longitudinal", "lateral", "upper", "lower", "top", "bottom", and the like indicate orientations or positional relationships based on those shown in the drawings, and are for convenience only to describe the present invention without requiring the present invention to be necessarily constructed and operated in a specific orientation, and thus should not be construed as limiting the present invention.
In addition, the technical features involved in the embodiments of the present invention described below may be combined with each other as long as they do not conflict with each other.
Example 1:
referring to fig. 1, the present embodiment provides an abstract model-based finite state machine analysis method, where the analysis method includes:
s1: a finite state machine model constructed from a user description is transformed into a system-recognizable representation using a compilation technique, wherein the representation comprises a plurality of software elements.
Wherein the aforementioned representation may be source code.
Wherein the finite state machine model is constructed according to a specific problem concerned in the user description. The finite state machine model contains not only the erroneous flow, but also the correct flow and all intermediate state to end-of-program state transitions.
S2: accessing all software units from bottom to top from the call relation diagram of the representation form by using a compiling technology, identifying conversion statements related to the finite state machine model in a single software unit, and establishing a subsequent access list of the single conversion statement;
s3: and traversing all the software units, after the initial conversion statement of the finite state machine model is identified, traversing the software units in the software according to the successive access list of the conversion statement and the sequential incidence relation of the finite state machine conversion statement, and identifying and reporting errors according to the finite state machine state conversion.
With reference to fig. 2, the S2 specifically includes the following steps:
s21: judging whether the current software unit has an unaccessed statement or not;
if yes, S22 is executed, and if not, the process ends.
S22: if the sentence which is not accessed exists, judging whether the current sentence is a state conversion associated sentence of the finite state machine model;
if so, go to S23, otherwise, go to S24.
S23: and if the current statement is the state conversion association statement of the finite state machine model, marking the current statement as the state conversion association statement of the finite state machine model, adding the statement into a subsequent access list of a previous conversion statement, and setting the current statement as the previous conversion statement.
S24: if the current statement is not the state conversion association statement of the finite state machine model, judging whether the current statement is a function call statement;
if the current statement is a function call statement, the process proceeds to S25, and if the current statement is not a function call statement, the process returns to S21.
S25: if the function is a function calling statement, judging whether the called function contains a conversion statement of the finite state machine model;
if the called function includes the conversion statement of the finite state machine model, S26 is executed, and if the called function does not include the conversion statement of the finite state machine model, S21 is returned to execution.
S26: and if the conversion statement of the finite state machine model is contained, marking the current statement as a function call associated statement of the finite state machine model, adding the statement into a subsequent access list of the previous conversion statement, and setting the current statement as the previous conversion statement.
In this embodiment, with reference to fig. 3, the S3 includes:
s31: judging whether the current software unit contains an initial conversion statement of the finite-state machine model;
if so, then S32 is performed, otherwise S45 is performed.
S32: if so, skipping to a next hop associated statement according to a successor access list corresponding to the statement, and marking the next hop associated statement as a current statement;
s33: judging whether the current statement is a function call statement;
if so, go to S34, otherwise, go to S36.
S34: if the function is a function calling statement, judging whether the called function contains a conversion statement of the finite state machine model;
if so, go to S35, otherwise, go to S36.
S35: if yes, switching to the called function, skipping to the next hop association statement according to the corresponding successor access list, marking the next hop association statement as the current statement, and circularly judging.
S36: and if the current state is not the function calling statement or the called function does not contain the conversion statement of the finite state machine model, performing state conversion based on the current state of the finite state machine model and the current conversion statement.
S37: judging whether the state of the current finite-state machine model is an identified error or not;
if yes, S38 is executed, which indicates that the flow is an error flow and outputs a report. If not, the flow is indicated as the correct flow, and S39 is executed to ensure that the method can override the correct flow.
S38: if so, an error is reported and S39 is performed.
S39: if not, judging whether a subsequent access list of the current conversion statement is empty, if not, returning to execute S32, and if so, executing S40;
in this embodiment, if the successor access list of the current conversion statement is not empty, returning to S32 to ensure that the associated statement in the successor access list of each statement can be accessed; and if the successor access list of the current conversion statement is empty, returning to the previous conversion statement, returning to the state of the finite state machine model, searching the unexploited statement in the successor access list of the statement, and returning to execute S32 when the unexploited conversion statement exists, so as to ensure that the associated statement in the successor access list of each statement can be accessed, thereby ensuring that all flow branches corresponding to the state from the intermediate state to the program end can be detected.
S40: if yes, judging whether the previous conversion statement exists;
if so, go to S41, otherwise, go to S43.
S41: if yes, returning to the previous conversion statement, returning the state of the finite state machine model, and searching the unexploited statement in the subsequent access list of the statement.
S42: judging whether an unaccessed conversion statement exists in a subsequent access list of the statement;
if not, the process returns to step S40, and if so, the process returns to step S32.
S43: if not, judging whether the current statement has a caller;
if so, execution proceeds to S44, otherwise, execution returns to S31.
S44: if the current statement has a caller, the procedure switches to the caller' S calling statement, and returns to S42.
In this embodiment, the finite state machine model not only includes an error flow, but also includes a correct flow and a detection modeling method for state transition from all intermediate states to program end, and a transition statement of the finite state machine is labeled from bottom to top according to a call relation and added to a subsequent access list; and detecting the state transition of the finite-state machine model in a cross-function mode according to the marked subsequent access list, so that all situations of the concerned problems of the finite-state machine model can be covered, and the concerned problems are reported without missing report and error report.
Example 2:
with reference to the foregoing embodiment 1 and fig. 4, this embodiment provides an abstract model-based finite-state machine analysis system, where the finite-state machine analysis system includes: the system comprises a construction module, a conversion identification module and an analysis module;
the construction module is used for converting the finite-state machine model constructed according to the user description into a representation form which can be recognized by a system by using a compiling technology, wherein the representation form comprises a plurality of software units;
the conversion identification module is used for accessing all software units from bottom to top from the call relation diagram of the representation form by using a compiling technology, identifying conversion statements related to the finite state machine model in a single software unit, and establishing a subsequent access list of the single conversion statement;
the analysis module is used for traversing all software units, traversing the software units according to the successive incidence relation of the finite state machine conversion statements in the software according to the successive access list of the conversion statements after identifying the initial conversion statements of the finite state machine model, and identifying and reporting errors according to the finite state machine state conversion.
For specific implementation mechanisms of the building module, the conversion identifying module, and the analyzing module, please refer to embodiment 1 in detail, which is not described herein again.
Example 3:
the following describes a specific working mechanism of the foregoing finite state machine analysis method based on a specific example with reference to fig. 5 to 7.
Fig. 5 is a simple finite-state machine model, which identifies not only an erroneous operation flow but also a correct operation flow in a file operation, and a flow (a dotted line in the figure) of exiting the program without any file operation after the file is opened (fopen).
Wherein, the erroneous operation flow comprises: open the file (fopen), read the file content (fread), error that does not close the file (EXIT means that all program modules have gone through end), and other various operation errors.
Wherein, the correct operation flow comprises: open file (fopen), read file content (fread), and close file (fclose).
It should be noted that "the flow of exiting the program without any file operation after opening the file (fopen)" is classified as a normal operation because no file reading operation itself has no influence on the data and thus does not influence the execution of the program.
Therefore, not only can the path information which causes errors in the program be obtained, but also the information of the correct operation flow in the program module can be obtained, and the abstract accuracy of the finite-state machine model and how to improve the abstract can be judged according to the path coverage information.
The present solution requires that when constructing the finite-state machine model, all intermediate states (besides the states of start, end and error, open, READ, CLOSE in fig. 6) need to be added with the state (normal end or error) that it would reach under the EXIT transition. This ensures that the model covers all program branches when examined in the actual program. If the EXIT conversion from open to FINISH in fig. 6 (the dotted line in the figure) is not included, in the example of fig. 6, when the detection is performed after the 12 th line and when the 13 th line comes to the 14 th line under the condition that the condition branch is established, the conversion path is not described by the finite state machine model, and it cannot be determined whether the path has an error.
With reference to fig. 6, the specific identification process is that, according to the bottom-up call relation diagram, the bar function is accessed first (the foo calls the bar). In the statement that traverses the bar function, the statement fread related to the finite state machine model state transition is found in line 3, and the statement is identified in the internal representation, while the successor access list (Nlist) of the statement is easily found to be empty. The bar function is also identified as a function containing a state transition statement of the finite state machine model. Then, the caller foo of the bar function is traversed. On line 12, the state transition statement fopen of the finite state machine model is found. On line 14, the traversal end point EXIT is found, which is added to the successor access list of the previous state transition statement fopen (reached via f ═ NULL). On line 16, a function call bar is found that contains a finite state machine model transition statement, which is added to the successor access list of the previous state transition statement fopen (reached via f | ═ NULL). Fclose is then found at line 18, and similarly line 18 is added to the subsequent access list for bar. Finally, at the end of the traversal at line 19, EXIT is found, where line 19 is added to the list of subsequent accesses of fclose and bar, because the program can reach line 19 via line 16 (if the decision condition is not true) and line 18 (if the decision condition is true). The time complexity of this recognition process is easily found to be linear.
With reference to fig. 7, the analytical detection process is illustrated:
step 2, returning to the 12 th line, returning the state of the finite-state machine model to OPENED, searching the elements which are not accessed in the subsequent access list, finding the 16 th line, and then jumping to the 16 th line;
step 3, in the 16 th line, it is found that the function call contains the finite-state machine model state conversion statement, and then the function is switched to the called function bar, and in the 3 rd line, the state of the finite-state machine model is converted into READ according to the related statement fread;
step 4, returning to the 16 th line of the caller foo because the subsequent access list of the 3 rd line is empty;
and 7, through rollback, the 19 th row in the subsequent access list of the 16 th row bar function is not accessed, then the operation jumps to the 19 th row, through the state conversion of the finite state machine model, the state is ERROR, an ERROR needs to be reported, and then ERROR information and the current path are output to a user through an ERROR reporting module. By this point, all subsequent access lists have been accessed and the detection of the finite state machine model in the example ends.
It can be easily seen that the detection of the present technical solution covers all possible execution flows illustrated in fig. 7, and results in the correct path for the model of fig. 5: 1 and 2- >3- >4- >5- >6, and the wrong path: 2- >3- >4- > 7. These path results are non-failure and non-failure for the model of fig. 5.
The technical scheme meets the modeling requirement of the finite-state machine model (all intermediate states must be added with EXIT conversion) and implements a detection method in the program, so that all execution paths of the program are ensured to be covered, the execution paths are divided into correct execution paths and wrong execution paths according to the specification of the model, and the technical scheme has no false report and no false report for the detected model. Meanwhile, through the analysis of correct and wrong path information, the finite-state machine model can be perfected and is more accurate. If the program is required to have some ERROR handling in the event of a failed open file, as shown by the correct path 1 in fig. 7 according to the model of fig. 5, then the EXIT conversion from open to finnsh in fig. 5 can be changed to open- > ERROR2, and the user is prompted by modifying the finite state machine model to indicate that modifications are required.
Although the complexity of a complete program may be high, the sparseness of the statements associated with the desired detection FSM model is obviously limited, which makes the overall analysis and detection process time consuming and controllable.
It will be understood by those skilled in the art that the foregoing is only a preferred embodiment of the present invention, and is not intended to limit the invention, and that any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the scope of the present invention.
Claims (10)
1. An abstract model-based finite state machine analysis method, the analysis method comprising:
s1: converting a finite-state machine model constructed according to a user description into a representation which can be recognized by a system by using a compiling technology, wherein the representation comprises a plurality of software units;
s2: accessing all software units from bottom to top from the call relation diagram of the representation form by using a compiling technology, identifying conversion statements related to the finite state machine model in a single software unit, and establishing a subsequent access list of the single conversion statement;
s3: and traversing all the software units, after the initial conversion statement of the finite state machine model is identified, traversing the software units in the software according to the successive access list of the conversion statement and the sequential incidence relation of the finite state machine conversion statement, and identifying and reporting errors according to the finite state machine state conversion.
2. The finite state machine analysis method according to claim 1, wherein the S2 specifically includes:
s21: judging whether the current software unit has an unaccessed statement or not;
s22: if the sentence which is not accessed exists, judging whether the current sentence is a state conversion associated sentence of the finite state machine model;
s23: and if the current statement is the state conversion association statement of the finite state machine model, marking the current statement as the state conversion association statement of the finite state machine model, adding the statement into a subsequent access list of a previous conversion statement, and setting the current statement as the previous conversion statement.
3. The finite state machine analysis method according to claim 2, wherein the S2 further comprises:
s24: if the current statement is not the state conversion association statement of the finite state machine model, judging whether the current statement is a function call statement;
s25: if the function is a function calling statement, judging whether the called function contains a conversion statement of the finite state machine model;
s26: and if the conversion statement of the finite state machine model is contained, marking the current statement as a function call associated statement of the finite state machine model, adding the statement into a subsequent access list of the previous conversion statement, and setting the current statement as the previous conversion statement.
4. The finite state machine analysis method according to claim 3, wherein the S3 comprises:
s31: judging whether the current software unit contains an initial conversion statement of the finite-state machine model;
s32: if so, skipping to a next hop associated statement according to a successor access list corresponding to the statement, and marking the next hop associated statement as a current statement;
s33: judging whether the current statement is a function call statement;
s34: if the function is a function calling statement, judging whether the called function contains a conversion statement of the finite state machine model;
s35: if yes, switching to the called function, skipping to the next hop association statement according to the corresponding successor access list, marking the next hop association statement as the current statement, and circularly judging.
S36: and if the current state is not the function calling statement or the called function does not contain the conversion statement of the finite state machine model, performing state conversion based on the current state of the finite state machine model and the current conversion statement.
5. The finite state machine analysis method according to claim 4, wherein the step S36 is followed by the step of:
s37: judging whether the state of the current finite-state machine model is an identified error or not;
s38: if so, an error is reported.
6. The finite state machine analysis method according to claim 5, wherein the step S37 is followed by the step of:
s39: if not, judging whether a subsequent access list of the current conversion statement is empty, and if not, returning to execute S32;
s40: if yes, judging whether the previous conversion statement exists;
s41: if yes, returning to the previous conversion statement, returning the state of the finite state machine model, and searching the unexploited statement in the subsequent access list of the statement.
7. The finite state machine analysis method according to claim 6, wherein the step S41 is followed by the step of:
s42: and judging whether an unaccessed conversion statement exists in a subsequent access list of the statement, and if not, returning to execute S40.
8. The finite state machine analysis method according to claim 5, wherein the step S40 is followed by the step of:
s43: if not, judging whether the current statement has a caller;
s44: if the current statement has the caller, switching to the caller calling statement, and returning to S42;
if the current statement has no caller, return to S31.
9. The finite state machine analysis method according to claim 4, wherein the step S31 is followed by the step of:
s45: if not, judging whether the software unit which is not accessed exists, if so, returning to the step S31; if not, the process is finished.
10. An abstract model-based finite state machine analysis system, comprising: the system comprises a construction module, a conversion identification module and an analysis module;
the construction module is used for converting the finite-state machine model constructed according to the user description into a representation form which can be recognized by a system by using a compiling technology, wherein the representation form comprises a plurality of software units;
the conversion identification module is used for accessing all software units from bottom to top from the call relation diagram of the representation form by using a compiling technology, identifying conversion statements related to the finite state machine model in a single software unit, and establishing a subsequent access list of the single conversion statement;
the analysis module is used for traversing all software units, traversing the software units according to the successive incidence relation of the finite state machine conversion statements in the software according to the successive access list of the conversion statements after identifying the initial conversion statements of the finite state machine model, and identifying and reporting errors according to the finite state machine state conversion.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011489589.8A CN112527419B (en) | 2020-12-16 | 2020-12-16 | Finite state machine analysis method and system based on abstract model |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011489589.8A CN112527419B (en) | 2020-12-16 | 2020-12-16 | Finite state machine analysis method and system based on abstract model |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112527419A true CN112527419A (en) | 2021-03-19 |
| CN112527419B CN112527419B (en) | 2024-04-19 |
Family
ID=75000802
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011489589.8A Active CN112527419B (en) | 2020-12-16 | 2020-12-16 | Finite state machine analysis method and system based on abstract model |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112527419B (en) |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5870590A (en) * | 1993-07-29 | 1999-02-09 | Kita; Ronald Allen | Method and apparatus for generating an extended finite state machine architecture for a software specification |
| CN101286132A (en) * | 2008-06-02 | 2008-10-15 | 北京邮电大学 | Test method and system based on software defect mode |
| CN101847122A (en) * | 2010-06-01 | 2010-09-29 | 北京邮电大学 | Method and system for testing software by using abnormal control flow set |
| US20120233599A1 (en) * | 2011-03-11 | 2012-09-13 | Oracle International Corporation | Efficient model checking technique for finding software defects |
| CN103164337A (en) * | 2013-02-28 | 2013-06-19 | 汉柏科技有限公司 | Cloud calculation software test method based on finite-state machine (FSM) |
| CN104573503A (en) * | 2015-02-11 | 2015-04-29 | 中国农业银行股份有限公司 | Method and device for detecting memory access overflow |
-
2020
- 2020-12-16 CN CN202011489589.8A patent/CN112527419B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5870590A (en) * | 1993-07-29 | 1999-02-09 | Kita; Ronald Allen | Method and apparatus for generating an extended finite state machine architecture for a software specification |
| CN101286132A (en) * | 2008-06-02 | 2008-10-15 | 北京邮电大学 | Test method and system based on software defect mode |
| CN101847122A (en) * | 2010-06-01 | 2010-09-29 | 北京邮电大学 | Method and system for testing software by using abnormal control flow set |
| US20120233599A1 (en) * | 2011-03-11 | 2012-09-13 | Oracle International Corporation | Efficient model checking technique for finding software defects |
| CN103164337A (en) * | 2013-02-28 | 2013-06-19 | 汉柏科技有限公司 | Cloud calculation software test method based on finite-state machine (FSM) |
| CN104573503A (en) * | 2015-02-11 | 2015-04-29 | 中国农业银行股份有限公司 | Method and device for detecting memory access overflow |
Non-Patent Citations (1)
| Title |
|---|
| 李声涛 等: "面向软件源程序的模型检验技术", 《空间控制技术与应用》, vol. 41, no. 2, pages 57 - 62 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112527419B (en) | 2024-04-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112000398B (en) | Method and device for determining bottom layer interface call link, computer equipment and medium | |
| CN109976760A (en) | A kind of the cross compile method and cross-compiler of graphic language | |
| CN103559123B (en) | Based on function call stack analytical approach and the device of vxworks operating system | |
| CN102063328B (en) | System for detecting interrupt-driven type program data competition | |
| CN102117228B (en) | Dynamic and static combined Java program exception handling and optimization method | |
| US20110145799A1 (en) | Path-sensitive dataflow analysis including path refinement | |
| CN112817787B (en) | Automatic detection method for data competition of interrupt-driven embedded system | |
| US11262988B2 (en) | Method and system for using subroutine graphs for formal language processing | |
| CN111124870A (en) | Interface testing method and device | |
| Gallaba et al. | Refactoring asynchrony in JavaScript | |
| CN110162474B (en) | Intelligent contract reentry vulnerability detection method based on abstract syntax tree | |
| CN104484266A (en) | Lock usage mode automatic static analysis system | |
| CN112527419A (en) | Finite state machine analysis method and system based on abstract model | |
| CN112230904A (en) | Code generation method and device based on interface document, storage medium and server | |
| CN116594869A (en) | Memory defect static detection method based on type region model | |
| CN116302919A (en) | Multi-language extensible code dependency analysis model and analysis method | |
| Biswas et al. | A model-based regression test selection approach for embedded applications | |
| Szalay et al. | Towards better symbol resolution for C/C++ programs: A cluster-based solution | |
| Leitão et al. | Petri net based methodology for the development of collaborative production systems | |
| Dantas et al. | Towards aspect-oriented programming for context-aware systems: A comparative study | |
| CN113220302A (en) | Code defect static detection method and system for operating system of Internet of things | |
| KR101422737B1 (en) | Mixed language code simultaneous running device and method | |
| CN110471669A (en) | A kind of detection method and detection device of null pointer dereference | |
| Sun et al. | A hierarchical CPN model automatically generating method aiming at multithreading program algorithm error detection | |
| Tubaishat | A knowledge base for program debugging |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20230421 Address after: LB505, Building 1, Shenye Shangcheng (South District) Commercial Complex Building, No. 5001 Huanggang Road, Lianhua Yicun Community, Huafu Street, Futian District, Shenzhen City, Guangdong Province, 518000, self-made 05B002 Applicant after: Jianshi Technology (Shenzhen) Co.,Ltd. Address before: 14 / F, Chinatown, 8 Hennessy Road, Wanchai, Hong Kong, China Applicant before: XC5 Hong Kong Ltd. Applicant before: Jianshi Technology (Shenzhen) Co.,Ltd. |
|
| TA01 | Transfer of patent application right | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20230606 Address after: B1301, Lenovo Houhai Center, 3288 Houhaibin Road, Haizhu Community, Yuehai Street, Nanshan District, Shenzhen, Guangdong Province, 518000 Applicant after: Shenzhen Zhishi Network Technology Co.,Ltd. Address before: LB505, Building 1, Shenye Shangcheng (South District) Commercial Complex Building, No. 5001 Huanggang Road, Lianhua Yicun Community, Huafu Street, Futian District, Shenzhen City, Guangdong Province, 518000, self-made 05B002 Applicant before: Jianshi Technology (Shenzhen) Co.,Ltd. |
|
| TA01 | Transfer of patent application right | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |