CN115858393A - Software test range evaluation method and system based on call chain - Google Patents
Software test range evaluation method and system based on call chain Download PDFInfo
- Publication number
- CN115858393A CN115858393A CN202211714956.9A CN202211714956A CN115858393A CN 115858393 A CN115858393 A CN 115858393A CN 202211714956 A CN202211714956 A CN 202211714956A CN 115858393 A CN115858393 A CN 115858393A
- Authority
- CN
- China
- Prior art keywords
- code
- class
- call
- call chain
- relation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Stored Programmes (AREA)
Abstract
The invention discloses a software test range evaluation method and system based on a call chain, wherein the method comprises the following steps: acquiring a code of an application to be tested, compiling the code, preprocessing a class file, respectively acquiring a class and method corresponding relation, a subclass and parent class corresponding relation, an interface and a realization class corresponding relation, and acquiring a class method calling relation; denoising and bridging the calling relation, generating a global method calling chain, and storing the calling relation according to the global method calling chain; dynamically acquiring call chain data in real time, and storing a corresponding method call relation according to the call chain data acquired in real time; and judging the difference between the new code and the old code, searching the changed code according to the code difference, and analyzing the influence code according to the changed code and the call chain to obtain a test range evaluation result.
Description
Technical Field
The invention relates to the technical field of software testing, in particular to a method and a system for evaluating a software testing range based on a call chain.
Background
The traditional test range evaluation mainly depends on specific function points in the development and test mails, the influence on the associated functions is determined by the personal experience of testers, and with the appearance of distributed, micro-service architecture and big data technology, the software is more and more complex, the iteration is more and more rapid, and the test challenge is more and more great. Due to the strong subjectivity of the test range evaluation, the conditions of missing test and over test occur occasionally. Then evaluating the test range by code alteration becomes a more objective, scientific analytical method. Most tests currently view code changes through a version control tool. However, the existing version control tool has the following technical problems: 1. each change file needs to be found for comparison and viewing. 2. Only the change code is known, the influence range of the change still depends on development input, and the analysis mode of the test range is still subjective.
Disclosure of Invention
One of the purposes of the invention is to provide a software test range assessment method and system based on a call chain, wherein the method and system obtain the call chain by executing dynamic analysis and static analysis on a code, obtain a change method of a new version and an old version by a difference instruction comparison algorithm, and find out a method influenced on the call chain based on the change method, thereby scientifically and accurately judging the software test range at the code level.
The invention also aims to provide a software test range evaluation method and system based on the call chain, and the method and system can realize the storage of the call chain of the global method by executing dynamic analysis on the code, thereby realizing the analysis of cross-application code influence and improving the accuracy of detection range evaluation.
The invention also aims to provide a software test range evaluation method and system based on the call chain, wherein the method and system utilize difference code analysis to obtain operations including deletion, modification, addition and the like of codes, and combine call chain influence analysis to obtain a complete test range evaluation result.
To achieve at least one of the above objects, the present invention further provides a software test range evaluation method based on a call chain, the method comprising:
acquiring a code of an application to be tested, compiling the code, preprocessing a class file, respectively acquiring a class and method corresponding relation, a subclass and parent class corresponding relation, an interface and a realization class corresponding relation, and acquiring a class method calling relation;
denoising and bridging the calling relation, generating a global method calling chain, and storing the calling relation according to the global method calling chain;
dynamically acquiring call chain data in real time, and storing a corresponding method call relation according to the call chain data acquired in real time;
and judging the difference between the new code and the old code, searching the changed code according to the code difference, and analyzing the influence code according to the changed code and the call chain to obtain a test range evaluation result.
According to a preferred embodiment of the present invention, the method for preprocessing the class file comprises: and setting JavaAgents, acquiring paths of jar packages after codes are compiled through the JavaAgents, intercepting the class files before the class files are loaded, and acquiring corresponding relations between classes and methods, corresponding relations between subclasses and father classes, and corresponding relations between interfaces and implementation classes through a BCEL byte code framework.
According to another preferred embodiment of the present invention, the method for denoising and bridging call relations comprises: removing jvm method calls after the call relation is obtained, adding an abstract method in an interface into an abstract parent class, adding a parent class call child class method, adding a child class call parent class method, adding an interface call implementation class method, recording method annotation information to achieve call relation bridging, and storing the method call relation, the class inheritance relation and the interface implementation relation which are obtained through analysis in a graph database.
According to another preferred embodiment of the present invention, the method for dynamically acquiring the call link in real time includes: the method comprises the steps of including a Trace command in a request header, including the Trace command in the request header, intercepting the request header by using JavaAgents, wherein the JavaAgents include a Tomcat, a Weblogic container and a Web MVC, spring-Boot, jersey and RPC framework entrance, and executing transparent transmission implantation including the Trace command request header among micro-services.
According to another preferred embodiment of the present invention, the method for dynamically acquiring the call link in real time further includes: and after the calling link is obtained by tracking by using the Trace command, obtaining Trace link data in a data cleaning and rendering mode.
According to another preferred embodiment of the present invention, the missing part of the global method call chain obtained by static code analysis is identified, the corresponding call chain missing part is analyzed by supplementing the static code according to the call chain obtained dynamically in real time, and a complete code link knowledge graph within the application and between the applications is constructed. For example, when an application is started, the relationships such as method calling, class inheritance, interface realization and the like are written into the graph database Neo4j through code static analysis, all entity IDs are points, all calling relationships form edges, and thus a relationship graph is generated.
According to another preferred embodiment of the present invention, the method for determining the change type of the code difference according to the old and new codes comprises: acquiring the className of the new code and the old code, judging whether the new code and the old code have the same className, if so, further judging whether the classID is the same, if so, judging that no changed class exists, and if not, modifying the class; and if the same className does not exist, judging the class as a new or deleted class.
According to another preferred embodiment of the present invention, when the new and old codes have the same classID, further determining whether the new and old codes have the same method according to whether the method name and the method signature are the same, if so, determining that the same method exists, otherwise, determining that the method is different; if the same method name and method signature exist, further judging whether the new code and the old code are the same, if so, judging that the new code and the old code are the same, and if not, judging that the new code and the old code are the same, otherwise, modifying the method; and if the method name and the method signature of the new code and the old code are different, judging that the method is added or deleted.
In order to achieve at least one of the above objects, the present invention further provides a software test range evaluation system based on a call chain, which executes the above software test range evaluation method based on a call chain.
The present invention further provides a computer-readable storage medium storing a computer program for execution by a processor to implement one of the above-described call chain-based software test range assessment methods.
Drawings
FIG. 1 is a schematic flow chart showing a method for evaluating a software test range based on a call chain according to the present invention.
Detailed Description
The following description is presented to disclose the invention so as to enable any person skilled in the art to practice the invention. The preferred embodiments described below are by way of example only, and other obvious variations will occur to those skilled in the art. The underlying principles of the invention, as defined in the following description, may be applied to other embodiments, variations, modifications, equivalents, and other technical solutions without departing from the spirit and scope of the invention.
It is understood that the terms "a" and "an" should be interpreted as meaning that a number of one element or element is one in one embodiment, while a number of other elements is one in another embodiment, and the terms "a" and "an" should not be interpreted as limiting the number.
Referring to fig. 1, the present invention discloses a method and a system for evaluating a software test range based on a call chain, wherein the method mainly comprises the following steps: firstly, compiling the application code to obtain a files file, and obtaining a compiled jar package according to the class to which the files file belongs. Preprocessing is carried out on the calls files before loading, so that the corresponding relation between classes and methods, the corresponding relation between subclasses and parent classes, and the corresponding relation between interfaces and implementation classes contained in the calls files are obtained. And obtaining the calling relation of the methods in the classes. And further carrying out noise reduction and bridging on the calling relationship, generating a global method calling chain, and storing the method calling relationship in a graph database, wherein the method process is a static code analysis process of the code. And further acquiring the call chain data in the request in real time in an execution test state, executing dynamic analysis of the real-time acquisition of the call chain data, storing the method call relation in the real-time acquisition of the call chain data in a graph database, and completing static analysis on the call chain missing part by using the call chain obtained by dynamic analysis. And further judging whether class change and method change exist or not according to the related code difference of the new version and the old version. The method for analyzing the static code, the method for analyzing the dynamic code and the method for analyzing the code difference are combined to realize the range of the complete call chain influence method, so that the test range evaluation result can be output in a structured mode.
Specifically, when the tested application is started, a JavaAgent is required to be set, the JavaAgent can be used as an agent to obtain path (path) information of a jar package, the JavaAgent can intercept the calls before loading, the class files are further preprocessed through a BCEL byte code frame, and the class and method corresponding relation, the parent class and subclass corresponding relation, the interface and implementation class corresponding relation of the calls files are obtained after preprocessing.
After the corresponding relation is obtained, semantic analysis is further performed on the application code, and denoising operation and bridging operation are performed on the code, wherein the denoising operation includes but is not limited to removing jvm method call. Wherein the bridging operation comprises: adding a parent class calling subclass method, adding a subclass calling parent class method, adding an interface calling implementation class method, recording method annotation information and the like to complete calling bridging. Wherein the bridging method code is for example:
M:78test.CurrentHashMapTest:main(java.lang.String[])(RIR)test.CurrentHashMapTe st$2:<init>()45 1
M:79test.CurrentHashMapTest$2:<init>()(RIR)test.CurrentHashMapTest$2:run()01
M:30test.asm.Demo:main(java.lang.String[])(LM)test.asm.Demo:lambda$main$1(java.lang.String)42 1
M:35test.asm.Demo:lambda$main$1(java.lang.String)(M)java.lang.String:isEmpty()42 1
M:15test.asm.Demo:main(java.lang.String[])(I)test.asm.inter.SingleInterface:singleM1()31 1
M:99test.asm.inter.SingleInterface:singleM1()(ITF)test.asm.inter.SingleInterfaciImpl:singleM1()0 1
the above example code completes processing call bridging, such as interface and implementation class, internal class, lambda, etc. to add abstract methods in the interface to abstract parent class;
adding a parent class to call a subclass method, and calling a parent class method by a subclass;
adding an interface and calling a realization method;
recording method annotation information;
the method comprises the steps of performing static analysis on a code which is subjected to denoising and bridging to obtain a method calling relationship, a class inheritance relationship, an interface realization relationship and the like, and storing the method calling relationship, the class inheritance relationship, the interface realization relationship and the like into a graph database, wherein the graph database is used as a relational database and comprises nodes and relations, the nodes are methods, classes and interfaces in method calling, and the relations comprise the method calling relationship, the relations among the classes and the interface realization relationship, so that a knowledge graph comprising the method calling relationship can be constructed through the graph database. For example: when the application is started, the relationships such as method calling, class inheritance, interface realization and the like are written into the graph database Neo4j through code static analysis, all entity IDs are points, and all calling relationships form edges to form a knowledge graph.
It should be noted that, in the present invention, a Trace command is configured in each request header, and a Trace value sample: 00-da9e0a24333f7b349205f8f778e05db3-d917e2677462a9ab-01, wherein da9e0a24333f7b349205f8f778e05db3 is traceId and is a 32-bit 16-digit random number. d917e2677462a9ab: parentId, 16-bit 16-digit random number. When the application is tested, the request heads are intercepted by using the JavaAgents for the container and the frame entrance, and the transparent transmission implantation containing the Trace command request heads is executed between the micro-services. And obtaining the Trace link data of the application level by utilizing a big data cleaning mode and an aggregation rendering mode. Wherein call links to within-application and outside-application can be traced in real time using the Trace command. The invention further utilizes the path information acquired by the dynamic code to supplement the missing part in the calling link obtained by analyzing the static code according to the Trace link data acquired in real time, thereby perfecting the whole global method calling link and constructing the complete code calling link knowledge graph inside and outside the application.
According to the code difference analysis method, difference analysis is carried out on the new and old codes which are constructed by the complete code calling link knowledge graph, wherein after the new and old codes are obtained, className of the new and old codes is obtained, whether the same className exists in the new and old codes is judged, if yes, whether the same classID exists in the same className class is further judged, if yes, the class is not changed, and if not, the class is changed. If the same className does not exist, the fact that the same class does not exist is indicated, and the class is a new or deleted class. If the class exists in the new version, the class is a new class, and if the class exists in the old version, the class is a deleted class.
When the new code and the old code have the same classID, further judging whether method difference exists in the class, wherein judging whether the method name and the method signature of the new code and the old code exist, if the method name and the method signature exist, indicating that the same method exists, further judging whether the method name and the method signature of the new code and the old code are the same, if the method name and the method signature are the same, judging that the new code and the old code are the same, if the new code and the old code are the same, judging that the new code and the old code are the same, and if the new code and the old code are the same, judging that the new code is a method without change, and otherwise, judging that the method is changed; and if the method name and the method signature of the new code and the old code are different, judging whether the method exists or adding or deleting. If the method exists in a new version, the method is a new method, and if the method exists in an old version, the method is a deleted method.
Analyzing the upper-layer call chain methods influenced by the change, deletion and newly-added methods based on the call chain, obtaining the number of call chain influence methods after analyzing the influence of each layer of call chain based on the same call chain change, deletion and newly-added methods, recording the influence type of each method on the call chain, and displaying the influence range through method dimension to realize accurate evaluation of the test range.
In particular, according to the embodiments of the present disclosure, the processes described above with reference to the flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer-readable medium, the computer program comprising program code for performing the method illustrated by the flow chart. In such an embodiment, the computer program may be downloaded and installed from a network via the communication section, and/or installed from a removable medium. The computer program, when executed by a Central Processing Unit (CPU), performs the above-described functions defined in the method of the present application. It should be noted that the computer readable medium mentioned above in the present application may be a computer readable signal medium or a computer readable storage medium or any combination of the two. The computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wire segments, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present application, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In this application, however, a computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless section, wire section, fiber optic cable, RF, etc., or any suitable combination of the foregoing.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
It will be understood by those skilled in the art that the embodiments of the present invention described above and illustrated in the drawings are given by way of example only and not by way of limitation, the objects of the invention having been fully and effectively achieved, the functional and structural principles of the present invention having been shown and described in the embodiments, and that various changes or modifications may be made in the embodiments of the present invention without departing from such principles.
Claims (10)
1. A software testing range evaluation method based on a call chain is characterized by comprising the following steps:
acquiring a code of an application to be tested, compiling the code, preprocessing a class file, respectively acquiring a class and method corresponding relation, a subclass and parent class corresponding relation, an interface and a realization class corresponding relation, and acquiring a class method calling relation;
denoising and bridging the calling relation, generating a global method calling chain, and storing the calling relation according to the global method calling chain;
dynamically acquiring call chain data in real time, and storing a corresponding method call relation according to the call chain data acquired in real time;
and judging the difference between the new code and the old code, searching the changed code according to the code difference, and analyzing the influence code according to the changed code and the call chain to obtain a test range evaluation result.
2. The method for software test range evaluation based on the call chain as claimed in claim 1, wherein the method for preprocessing the class file comprises: and setting JavaAgents, acquiring paths of jar packages after codes are compiled through the JavaAgents, intercepting the class files before the class files are loaded, and acquiring corresponding relations between classes and methods, corresponding relations between subclasses and father classes, and corresponding relations between interfaces and implementation classes through a BCEL byte code framework.
3. The method for evaluating the software test range based on the call chain as claimed in claim 1, wherein the method for denoising and bridging the call relation comprises: removing jvm method calls after the call relation is obtained, adding an abstract method in an interface into an abstract parent class, adding a parent class call child class method, adding a child class call parent class method, adding an interface call implementation class method, recording method annotation information to achieve call relation bridging, and storing the method call relation, the class inheritance relation and the interface implementation relation which are obtained through analysis in a graph database.
4. The software test range evaluation method based on the call chain as claimed in claim 1, wherein the dynamic real-time acquisition method of the call chain comprises: the method comprises the steps of containing a Trace command in a request header, utilizing JavaAgents to intercept the request header of a Tomcat container, a Weblogic container and a Web MVC (Web MVC), spring-Boot, jersey and RPC (remote procedure control) framework entrance comprising Spring, and executing transparent transmission implantation containing the Trace command request header among micro-services.
5. The method for evaluating the software test range based on the call chain as claimed in claim 4, wherein the method for dynamically acquiring the call chain in real time further comprises: and after the calling link is obtained by tracking by using the Trace command, obtaining Trace link data in a data cleaning and rendering mode.
6. The method according to claim 1, wherein the missing part of the global method call chain obtained by static code analysis is identified, the corresponding call chain missing part is analyzed by supplementing static code according to the call chain obtained dynamically in real time, and a complete code link knowledge graph within the application and between the applications is constructed.
7. The method for evaluating the software test range based on the call chain as claimed in claim 1, wherein the method for judging the change type of the code difference according to the old code and the new code comprises: acquiring the className of the new code and the old code, judging whether the new code and the old code have the same className, if so, further judging whether the classID is the same, if so, judging that no changed class exists, and if not, modifying the class; and if the same className does not exist, judging the class as a new or deleted class.
8. The method for evaluating the software test range based on the call chain as claimed in claim 7, wherein when the new code and the old code have the same classID, determining whether the new code and the old code have the same method according to whether the method name and the method signature are the same, if so, judging that the same method exists, otherwise, judging that the method is different; if the same method name and method signature exist, further judging whether the new code and the old code are the same, if so, judging that the new code and the old code are the same, and if not, judging that the new code and the old code are the same, otherwise, modifying the method; and if the method name and the method signature of the new code and the old code are different, judging that the method is added or deleted.
9. A software test range evaluation system based on a call chain is characterized in that the system executes the software test range evaluation method based on the call chain.
10. A computer-readable storage medium, characterized in that the computer-readable storage medium stores a computer program, which is executed by a processor to implement a software test range evaluation method based on a call chain according to any one of claims 1 to 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211714956.9A CN115858393A (en) | 2022-12-28 | 2022-12-28 | Software test range evaluation method and system based on call chain |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211714956.9A CN115858393A (en) | 2022-12-28 | 2022-12-28 | Software test range evaluation method and system based on call chain |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115858393A true CN115858393A (en) | 2023-03-28 |
Family
ID=85656121
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211714956.9A Pending CN115858393A (en) | 2022-12-28 | 2022-12-28 | Software test range evaluation method and system based on call chain |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115858393A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117112413A (en) * | 2023-08-18 | 2023-11-24 | 鱼快创领智能科技(南京)有限公司 | Method for automatically generating interface test case |
-
2022
- 2022-12-28 CN CN202211714956.9A patent/CN115858393A/en active Pending
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117112413A (en) * | 2023-08-18 | 2023-11-24 | 鱼快创领智能科技(南京)有限公司 | Method for automatically generating interface test case |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Petrov et al. | Race detection for web applications | |
| Coelho et al. | Unveiling exception handling bug hazards in android based on github and google code issues | |
| US8286149B2 (en) | Apparatus for and method of implementing feedback directed dependency analysis of software applications | |
| US8473915B2 (en) | Coverage analysis tool for testing database-aware software applications | |
| US9152731B2 (en) | Detecting a broken point in a web application automatic test case | |
| CN111831573B (en) | Method, device, computer system and medium for determining code branch coverage condition | |
| US9690946B2 (en) | Security analysis using relational abstraction of data structures | |
| US20060236309A1 (en) | System and method to build a callgraph for functions with multiple entry points | |
| US8510604B2 (en) | Static data race detection and analysis | |
| US8930913B2 (en) | Intermediate representation construction for static analysis | |
| US9286039B2 (en) | Operating system support for contracts | |
| US20130275951A1 (en) | Race detection for web applications | |
| CN106529304B (en) | A kind of Android applies concurrent leakage location | |
| US20240320344A1 (en) | Runtime application monitoring without modifying application program code | |
| CN111488579A (en) | Vulnerability detection method and device, electronic equipment and computer readable storage medium | |
| CN115858393A (en) | Software test range evaluation method and system based on call chain | |
| CN112948828A (en) | Binary program malicious code detection method, terminal device and storage medium | |
| CN116166547A (en) | Code change range analysis method, device, equipment and storage medium | |
| US7685586B1 (en) | Global escape analysis using instantiated type analysis | |
| CN114077737A (en) | Android inter-component communication data flow detection method based on taint analysis | |
| CN114780952B (en) | Detection method, system and storage medium for sensitive application call scene | |
| Schulz et al. | Thread-Sensitive Data Race Detection for Java | |
| CN113722233A (en) | Code coverage rate determining method, system, storage medium and electronic equipment | |
| US20200110606A1 (en) | Detection and elimination of runtime visibility gaps in transactions | |
| Chis | Automatic detection of memory anti-patterns |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |