WO2015008575A1 - Dispositif, procédé et programme d'inspection de logiciel - Google Patents

Dispositif, procédé et programme d'inspection de logiciel Download PDF

Info

Publication number
WO2015008575A1
WO2015008575A1 PCT/JP2014/066318 JP2014066318W WO2015008575A1 WO 2015008575 A1 WO2015008575 A1 WO 2015008575A1 JP 2014066318 W JP2014066318 W JP 2014066318W WO 2015008575 A1 WO2015008575 A1 WO 2015008575A1
Authority
WO
WIPO (PCT)
Prior art keywords
unit
variable
constant
conditional statement
block
Prior art date
Application number
PCT/JP2014/066318
Other languages
English (en)
Japanese (ja)
Inventor
智 市川
Original Assignee
日産自動車株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 日産自動車株式会社 filed Critical 日産自動車株式会社
Priority to CN201480051482.1A priority Critical patent/CN105556484B/zh
Priority to JP2015527227A priority patent/JP6004110B2/ja
Publication of WO2015008575A1 publication Critical patent/WO2015008575A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Preventing errors by testing or debugging software
    • G06F11/3604Software analysis for verifying properties of programs
    • G06F11/3608Software analysis for verifying properties of programs using formal methods, e.g. model checking, abstract interpretation

Definitions

  • the present invention relates to a software inspection device, a software inspection method, and a software inspection program.
  • Patent Document 1 a static analysis method for analyzing a control flow and a data flow in a source program described in a programming language without executing the source program is known (see Patent Document 1).
  • Patent Document 1 According to the static analysis method of Patent Document 1, it is possible to clarify the processing content and the relationship between input and output and visualize the structure of the program. However, in the visualized program structure, it is impossible to make the user aware of a portion where a problem may occur because the constant change is not consistent.
  • the present invention has been made in view of the above problems, and its purpose is to identify a portion of a program structure where a problem may occur because the constant change is not consistent. It is to provide a software inspection device, a software inspection method, and a software inspection program that can be noticed.
  • the software inspection apparatus extracts constants used in a computer program to be inspected, and detects a conditional statement that refers to the extracted constants. Then, the variable to be compared with the constant in the conditional statement is specified as a base variable, and the constant to be compared is classified and output for each base variable.
  • FIG. 1 is a block diagram showing a hardware configuration of the software inspection apparatus according to the first embodiment of the present invention.
  • FIG. 2 is a block diagram showing a functional configuration of the CPU 11a according to the first embodiment.
  • FIG. 3 is a data flow diagram showing a flow of information processing executed by the software inspection apparatus according to the first to third embodiments of the present invention and intermediate data generated during the information processing.
  • FIG. 4 is a data flow diagram showing a continuation of FIG.
  • FIGS. 5A and 5B are diagrams showing an example of a computer program described in the C language as the source code D01 to be inspected.
  • FIG. 6 is a table showing a “constant list (DO2)” that summarizes the results of the constant extraction process (S01).
  • DO2 constant list
  • FIG. 7 is a table showing a “conditional sentence list (DO3)” that summarizes the results of the conditional sentence detection process (S02).
  • FIG. 8 is a table showing a “base variable list (DO4)” that summarizes the results of the base variable specifying process (S03).
  • FIG. 9 is a table showing a “constant group list (DO5)” that summarizes the results of the constant group specifying process (S04).
  • FIG. 10 is a diagram showing an example of a program that is compared with the same base variable but is not classified as the same group because the same value is not compared in the written state.
  • FIG. 11 is a diagram showing the blocks B01 to B05 specified in the program example of FIG. FIG.
  • FIG. 12 is a table showing a “block row number list (DO6)” that summarizes the results of the block specifying process (S05).
  • FIG. 13 is a table showing a “variable list (DO7)” that summarizes the results of the variable identification process (S06).
  • FIG. 14 is a table showing a “global variable list (DO8)” in which the results of the global variable specifying process (S07) are summarized.
  • FIG. 15 is a table showing a “global variable write / read location list (DO9)” that summarizes the results of the global variable write / read location specifying process (S08).
  • FIG. 16 is a table showing a “group-specific parameter list (D10)” in which the results of the first global variable writing location specifying process (S09) are summarized.
  • FIG. 17 is a block diagram illustrating a functional configuration of the CPU 11b according to the second embodiment.
  • FIG. 18 is a table showing a “conditional sentence expansion list (D11)” that summarizes the results of the conditional sentence expansion process (S10).
  • FIG. 19 is a table showing a “global variable writing location list (D12)” in which the results of the second global variable writing location specifying process (S11) are summarized.
  • FIG. 20 is a table showing a “constant statement constant list (D13)” that summarizes the results of the first constant division process (S12).
  • FIG. 21 is a block diagram illustrating a functional configuration of the CPU 11c according to the third embodiment.
  • FIG. 22 is a table showing a “variable write / read list (D14)” that summarizes the results of the variable write / read specification process (S13).
  • FIG. 23 is a table showing a “group list by variable (D15)” summarizing the results of the above-described group identification processing by variable (S14).
  • FIG. 24 is a table showing a “data flow list (D16)” that summarizes the results of the access location specifying process (S15).
  • FIG. 25 is a table showing a “constant list by data flow (D17)” in which the results of the second constant division process (S16) are summarized.
  • the software inspection apparatus can be applied to a software inspection process of a computer program executed by an electronic control unit (ECU) mounted on a vehicle, for example. In particular, it examines the possibility of the occurrence of a problem relating to two or more constants that must be updated simultaneously according to the conditions of the computer program specifications.
  • ECU electronice control unit
  • the software inspection device includes an input / output device 12, a storage device 14, a CPU (central processing unit) 11, an input device 13, and a display device 15.
  • the input / output device 12 reads the computer program (source code D01) to be inspected from the storage medium.
  • the storage device 14 stores the source code D01 read by the input / output device 12 and analysis intermediate data.
  • a CPU (Central Processing Unit) 11 executes various calculations and analyzes the source code D01.
  • the input device 13 is a device for the user to input information necessary for analysis.
  • the display device 15 displays the inspection result output from the CPU 11. The inspection result can also be written to a storage medium using the input / output device 12.
  • the software inspection device can be realized as a client-server model.
  • a general-purpose personal computer (client) is connected to the server via a computer network.
  • a server including the CPU 11 shown in FIG. 1 can be connected to the input / output device 12, the input device 13, the storage device 14, or the display device 15 via a computer network.
  • the software inspection device is mainly configured by the CPU 11 (server), and the input / output device 12, the input device 13, the storage device 14, or the display device 15 is not included in the software inspection device.
  • CPU11 functions as each information processing part shown below.
  • FIG. 1 A computer program (software inspection program) for causing a computer including the CPU 11 to function as a software inspection apparatus is installed in the computer including the CPU 11 and executed.
  • CPU11 functions as each information processing part shown below.
  • the software inspection device is realized by software is shown here, of course, it is also possible to configure the software inspection device by preparing dedicated hardware for executing each information processing described below. is there.
  • the CPU 11a functions as a constant extraction unit 21, a conditional statement detection unit 22, a base variable identification unit 23, and a first constant group output unit 24.
  • the constant extraction unit 21 extracts constants used in the computer program to be inspected.
  • a constant is a name given to a specific value in programming, and unlike a variable, the value determined at the time of declaration cannot be changed later in the code.
  • the constant may be changed at the same time depending on the specification conditions when the specification of the computer program is changed.
  • the constant extraction unit 21 specifies the identifier of the declaration defined by “#define” or “const”, and extracts the constant.
  • the constant extraction unit 21 holds information on the definition pattern by “#define” and “const” in advance, and detects a constant that matches the definition shown in the definition pattern.
  • the conditional statement detection unit 22 detects a conditional statement in which the constant extracted by the constant extraction unit 21 is referred to from the computer program. For example, the conditional statement detection unit 22 compares the constants extracted by the constant extraction unit 21 among if (conditional expression), else (conditional expression), and switch (conditional expression) included in the computer program. Is detected.
  • the base variable specifying unit 23 specifies a variable to be compared with the constant extracted by the constant extracting unit 21 among the conditional statements detected by the conditional statement detecting unit 22 as a base variable.
  • the first constant group output unit 24 classifies and outputs constants to be compared for each base variable specified by the base variable specifying unit 23. Specifically, when two or more constants extracted by the constant extraction unit 21 are compared with the same base variable, the two or more constants are classified as one group.
  • the first constant group output unit 24 performs grouping of the constants for each base variable. Two or more constants compared with the same base variable can be said to be closely related constants in the computer program specification. Therefore, the first constant group output unit 24 displays two or more constants compared with the same base variable as the inspection result output from the CPU 11, for example, on the display device 15 or uses the input / output device 12. Write to the storage medium. This presents the user with the existence of two or more constants that must be updated at the same time according to the conditions of the specification, and informs the user where there is a possibility of malfunctions due to the inconsistency of constant changes. Can be noticed.
  • the first constant group output unit 24 may classify the constants for each base variable in which the same value is written. Even if the same variable is compared with two or more constants in a state where different values are written, the relevance of the two or more constants in the specification is low.
  • the CPU 11a further functions as a block specifying unit 25, a writing location specifying unit 26, and a writing block specifying unit 28.
  • the block specifying unit 25 specifies a block composed of a group of statements that are executed when the conditional statement detected by the conditional statement detecting unit 22 is satisfied.
  • a “statement” is a processing unit for each line on the source code.
  • the block indicates a range surrounded by brackets “ ⁇ ” and “ ⁇ ” after the condition determination of the if statement or the switch statement.
  • the block specifying unit 25 specifies the line number of the portion surrounded by brackets “ ⁇ ” and “ ⁇ ”.
  • the writing location specifying unit 26 specifies a location for writing to the global variable in the computer program. Specifically, a global variable defined in the computer program is extracted, and a location (for example, a line number) where writing is performed on the extracted global variable is specified. The place where the global variable is written is the place where the global variable appears on the left side of the arithmetic expression.
  • the writing block specifying unit 28 specifies the block to which the location specified by the writing location specifying unit 26 belongs from among the blocks specified by the block specifying unit 25. Specifically, when the line number in which the global variable is written is included between the start point (line number) and the end point (line number) of the block, the block is specified.
  • the first constant group output unit 24 classifies and outputs, for each base variable, the global variables to be written when a conditional statement that compares the base variables is established. There are constants that are strongly connected in the specification because of the relationship between the places where global variables are written. Therefore, it is desirable to review whether the processing is performed as specified against the global variables that have been written. Therefore, in the first embodiment, the first constant group output unit 24 is executed not only for classifying constants to be compared with the base variable for each base variable but also by the establishment of a conditional statement to which the constant is referenced. In this block, global variables that are written are also classified and output.
  • FIGS. 5A and 5B show an example of a computer program written in the C language as the read source code D01.
  • the computer program to be inspected is described across the two files shown in FIGS. 5 (a) and 5 (b).
  • the file name in FIG. 5A is “sample1.c”, and the file name in FIG. 5B is “sample2.c”.
  • a serial number starting from 1 written at the left end of each file indicates the “line number” of each statement.
  • the constant extraction unit 21 executes a “constant extraction” process (S01) shown in FIG.
  • the constant extraction unit 21 detects constants that match the definition pattern “#define” and “const” from the source code D01.
  • the constants defined by #define, CC1, 2CC2, CC3, and CC4 are detected as constants from the second line to the fifth line of the program.
  • the value of each constant definition is also detected.
  • the table of FIG. 6 shows a “constant list (DO2)” that summarizes the results of the constant extraction process (S01).
  • conditional sentence detection unit 22 executes a “conditional sentence detection” process (S02) shown in FIG. Detects conditional expressions that are compared with constants extracted by the constant extractor 21 from if (conditional expression), else (conditional expression), else if (conditional expression), and switch (conditional expression) included in the computer program To do.
  • the conditional sentence detection unit 22 detects a conditional sentence that refers to CC1, CC2, CC3, and CC4 extracted by the constant extraction unit 21 from the source code D01.
  • the table in FIG. 7 shows a “conditional sentence list (DO3)” that summarizes the results of the conditional sentence detection process (S02) described above.
  • the conditional statement itself and the line number of the conditional statement are extracted.
  • the base variable specifying unit 23 executes the “base variable specifying” process (S03) shown in FIG.
  • the base variable specifying unit 23 specifies, as a base variable, a variable to be compared with the constant extracted in S01 in the conditional sentence detected in S03.
  • the table of FIG. 8 shows a “base variable list (DO4)” that summarizes the results of the above-described base variable specifying process (S03).
  • the constants CC1, CC2, CC3, and CC4 are compared with the variable groups of the variables v, v1, and vFlag, so these variables are detected as base variables.
  • the conditional statement and a constant to be compared are specified for each base variable.
  • the first constant group output unit 24 executes the “constant group identification” process (S04) shown in FIG. 3 based on the base variable identified in S03. Specifically, when two or more constants extracted in S01 are compared with the same base variable, the two or more constants are classified as one group.
  • the table of FIG. 9 shows a “constant group list (DO5)” that summarizes the results of the constant group specifying process (S04).
  • the constant CC1 is compared with the same variable as the base variable v. Therefore, the constant CC1 is set as one group and “1” is assigned as the first group ID. Since the constants CC2 and CC3 are also compared with the same base variable v1, “2” is assigned as the first group ID.
  • the first constant group output unit 24 does not classify as the same group as long as different values are written even if they are the same base variable.
  • the value of the base variable “a” is rewritten between the previous conditional statement (line number: 1) and the next conditional statement (line number: 4).
  • the relevance of is low. Therefore, CC1 and CC2 are compared with the same base variable “a”, but are not treated as the same group because they are not compared with the base variable “a” in a state where the same value is written.
  • the block specifying unit 25 executes a “block specifying” process (S05) shown in FIG.
  • the block specifying unit 25 specifies a block to be executed when the conditional sentence detected in S02 is satisfied.
  • the line number as the starting point and the line number as the end point of the block are specified.
  • FIG. 11 shows the blocks B01 to B05 specified in the program example of FIG.
  • the table of FIG. 12 shows a “block row number list (DO6)” in which the results of the block specifying process (S05) are summarized.
  • DO6 block row number list
  • the row number (block region) of the identified block is added to the constant group list (DO5) shown in FIG.
  • the writing location specifying unit 26 executes a “variable specifying” process (S06) shown in FIG. Specifically, variables defined in the source code D01 are extracted.
  • the table of FIG. 13 shows a “variable list (DO7)” that summarizes the results of the variable specifying process (S06).
  • the writing location specifying unit 26 extracts global variables and local variables as variables. In the program example of FIG. 5, vFlag and vTemp are extracted as global variables, and temp and temp2 are extracted as local variables.
  • the writing location specifying unit 26 executes a “global variable specifying” process (S07) shown in FIG. Specifically, global variables are extracted from the variables extracted in S06.
  • the table of FIG. 14 shows a “global variable list (DO8)” in which the results of the global variable specifying process (S07) are summarized.
  • vFlag and vTemp are extracted as global variables.
  • the writing location specifying unit 26 executes a “global variable writing / reading location specification” process (S08) shown in FIG. Specifically, the line number in which writing is performed for the extracted global variable is specified.
  • the table of FIG. 15 shows a “global variable write / read location list (DO9)” that summarizes the results of the global variable write / read location specifying process (S08).
  • the global variable vFlag is written on the 16th line and read on the 31st line.
  • the global variable vTemp is written on the 19th, 23rd and 26th lines, and read on the 33rd line.
  • the first constant group output unit 24 executes the “first global variable write location specification” process (S09) shown in FIG. Specifically, for each base variable, global variables to be written are classified and output when a conditional statement that compares the base variables is satisfied.
  • the table of FIG. 16 shows a “group-specific parameter list (D10)” in which the results of the first global variable writing location specifying process (S09) are summarized.
  • D10 group-specific parameter list
  • the row number (block region) of the identified block is added to the “block row number list (DO6)” shown in FIG.
  • the group to which this line number belongs is assigned to the block region in the “block line number list (DO6)” in FIG. Search by. As a result, it can be determined that the block region is “18-20”.
  • the base variable “v” classified by the first group ID 1 is compared with the constant CC1 in the conditional statements of the line numbers 17 and 21, and in the conditional statement block of the line numbers 17 and 21, It can be seen that 1 and 2 are written to the global variable vTemp. The same applies to the base variable “v1” classified by the first group ID2.
  • the base variable “vFlag” classified by the first group ID 3 is compared with the constants CC4 and CC2, but is not written to the global variable.
  • configuration parameter settings The necessity of verifying the relevance of constants is shown by taking examples of configuration parameter settings and calibration parameter settings.
  • configuration parameters will be described. Essentially, the intelligent key and immobilizer functions must be turned on or off at the same time. However, the designer may not be aware of this, and only one of them has changed. For example, the designer may misunderstand that the specification is independent of the functions of the intelligent key and the immobilizer. In this case, in a downstream test such as a unit test, it can not be found that only one of them has been changed, which leads to a malfunction.
  • the software inspection apparatus extracts constants used in the source code D01 to be inspected, and detects a conditional statement that refers to the extracted constants.
  • a variable to be compared with a constant in the detected conditional statement is specified as a base variable, and a constant to be compared is classified and output for each specified base variable.
  • constants to be compared with the same base variable are classified and output, so that a constant group having high relevance can be specified from the viewpoint of commonality of base variables. Therefore, it is possible to easily review whether the specified constant group is processed as specified. Therefore, by presenting to the user the existence of two or more constants that must be updated simultaneously according to the conditions of the specification, the user notices where there is a possibility of malfunction due to inconsistent constant change. Can be made.
  • the software inspection device specifies a block to be executed when the detected conditional statement is satisfied, and specifies a location where a global variable is written in the computer program. Then, from among the identified blocks, identify the block to which the part that writes to the global variable belongs, and for each base variable, classify the global variable that is written by the establishment of a conditional statement that compares the base variable. Output. As a result, as shown in FIG. 16, it is possible to present to the user the existence of a constant having a strong connection in the specification from the relation of the global variable writing location. The user can review whether the processing is performed according to the specification against the written global variable.
  • the first constant group output unit 24 classifies the constants for each base variable in which the same value is written. That is, even if the same base variable is in a state where different values are written, it is not classified as the same group. Thereby, a constant group with high relevance can be specified with higher accuracy.
  • the functional configuration of the CPU 11b according to the second embodiment will be described with reference to FIG.
  • the CPU 11b according to the second embodiment includes a constant extracting unit 21, a conditional sentence detecting unit 22, a block specifying unit 25, a conditional sentence developing unit 27, a writing location specifying unit 26, a writing block specifying unit 28, and a second constant. It functions as a group output unit 29.
  • the constant extraction unit 21, the conditional sentence detection unit 22, the block identification unit 25, the writing location identification unit 26, and the writing block identification unit 28 are the same as those in the first embodiment, and a description thereof will be omitted.
  • the conditional sentence expansion unit 27 expands the conditional sentence detected by the conditional sentence detection unit 22.
  • all the conditions that must be satisfied in order to execute each block specified by the block specifying unit 25 are extracted.
  • the condition of the if statement is extracted as it is, and for the else side block, it is interpreted that the reverse condition of the if statement side is satisfied, and the reverse condition of the if statement side is expanded as a new condition.
  • Each expanded conditional statement is associated with a block range (block region) that is executed when the conditional statement is satisfied.
  • the second constant group output unit 29 specifies a block to which a part to be written to the global variable belongs from among the blocks associated with the expanded conditional statement. Extracts constants referenced in expanded conditional statements. Then, the constants referred to by the conditional statement expanded by the conditional statement expansion unit 27 are classified and output for each portion where the global variable is written.
  • conditional statement development unit 27 executes a “conditional statement development” process (S10) shown in FIG. Specifically, all conditional statements are expanded based on the “block row number list (DO6)” shown in FIG.
  • the table of FIG. 18 shows a “conditional sentence expansion list (D11)” in which the results of the conditional sentence expansion process (S10) are summarized.
  • the if statement is output as it is, and the else statement is represented by “!” indicating that the condition opposite to the if statement is satisfied.
  • the blocks in the 22nd to 24th lines in FIG. 5B are interpreted as the false condition in the 17th line.
  • the block in the 26th to 27th lines in FIG. 5B is interpreted as false of the two conditions in the 17th and 19th lines.
  • the second constant group output unit 29 executes the “second global variable write location specification” process (S11) shown in FIG. Specifically, in the block associated with the expanded conditional statement based on the “conditional statement expansion list (D11)” in FIG. 18 and the “global variable write / read location list (DO9)” in FIG. From this, the block to which the part that writes to the global variable belongs is specified.
  • the table of FIG. 19 shows a “global variable write location list (D12)” in which the results of the second global variable write location specifying process (S11) are summarized. For example, it is determined that the 19th line in which 1 is written to vTemp shown in FIG. 15 belongs to the block region (18-20) shown in FIG.
  • Blocks for which the line number of the global variable write location has not been retrieved from the blocks shown in the “Conditional statement expansion list (D11)”, such as the block regions (32-34) and (36-38), are excluded. To do. This is because a highly relevant constant cannot be specified based on the commonality of the global variable writing location.
  • the second constant group output unit 29 executes the “first constant division” process (S12) shown in FIG. Specifically, the constants included in the conditional statement in the “global variable writing location list (D12)” in FIG. 19 are extracted, and the extracted constants are divided into different lines and displayed.
  • the table of FIG. 20 shows a “constant statement constant list (D13)” that summarizes the results of the first constant dividing process (S12).
  • the constants are classified by assigning the second group ID to each location where the global variable is written.
  • the constants CC1, CC2 are groups of constants that are referred to in the conditional statement necessary for executing the 19th line for writing to the global variable vTemp, and therefore the second group ID. “1” is attached.
  • the constants CC1, CC2, and CC3 are groups of constants that are referred to in the conditional statement necessary to execute the 23rd line for writing to the global variable vTemp. ".
  • the constants CC1, CC2, and CC3 are groups of constants that are referred to in the conditional statement necessary for execution of the 26th line for writing to the global variable vTemp. ".
  • the software inspection device extracts constants used in the source code D01 to be inspected, detects a conditional statement that refers to the extracted constant, and expands the detected conditional statement. Then, as shown in FIG. 20, the block to which the part that writes to the global variable belongs is specified, and the constant that is referred to by the conditional sentence expanded by the conditional sentence expansion unit 27 is set for each part that writes to the global variable. Sort and output. This makes it possible to identify constant groups that are highly relevant from the viewpoint of the commonality of places where global variables are written. Therefore, it is possible to easily review whether the specified constant group is processed as specified. Therefore, by presenting to the user the existence of two or more constants that must be updated simultaneously according to the conditions of the specification, the user notices where there is a possibility of malfunction due to inconsistent constant change. Can be made.
  • the functional configuration of the CPU 11c according to the third embodiment will be described with reference to FIG.
  • the CPU 11c according to the third embodiment includes a constant extraction unit 21, a conditional sentence detection unit 22, a block identification unit 25, a conditional sentence development unit 27, an access location identification unit 30, an access block identification unit 31, and a third constant group output unit. 32 functions.
  • the constant extraction unit 21, the conditional sentence detection unit 22, the block identification unit 25, and the conditional sentence development unit 27 are the same as those in the first embodiment or the second embodiment, and thus the description thereof is omitted.
  • the access location specifying unit 30 specifies a variable to be written and read and a location to access the variable in the source code D01. Specifically, the line number for accessing the variable and whether the access type is writing or reading are specified.
  • the access block specifying unit 31 specifies the block to which the location specified by the access location specifying unit 30 belongs from among the blocks specified by the block specifying unit 25. Specifically, the block region to which the row number that accesses the variable belongs is searched from among the block regions specified by the block specifying unit 25.
  • the third constant group output unit 32 outputs the conditional statement expanded by the conditional statement expansion unit 27 according to the execution order of the location specified by the access location specifying unit 30 for each variable specified by the access location specifying unit 30. Rearrange. Then, for each variable specified by the access location specifying unit 30, the constants referenced in the conditional statement are classified and output.
  • the access location specifying unit 30 executes a “variable write / read specification” process (S13) shown in FIG. Specifically, the line number in which the variable is written and read is specified based on the “variable list (DO7)” in FIG.
  • the table of FIG. 22 shows a “variable write and read location list (D14)” that summarizes the results of the above-described variable write and read identification process (S13).
  • the line number for accessing the variables vFlag, v, vTemp, temp, and temp2 and the type of access (write or read) are specified.
  • the variable read location indicates the location where the variable is on the right side of the arithmetic expression, and the location where the variable is written and the left side of the arithmetic expression.
  • the access location identification unit 30 executes the “variable group identification” process (S14) shown in FIG. Specifically, variable access locations are classified for each variable for which both writing and reading are performed. Variables that are only written or read are excluded from the classification.
  • the table of FIG. 23 shows a “group list by variable (D15)” that summarizes the results of the above-described variable group identification processing (S14).
  • the variables vTemp and temp are both written and read, “1” and “2” are assigned as the third group IDs, respectively.
  • the variables vFlag, v, and temp2 are excluded because only one of writing and reading is performed.
  • the access block specifying unit 31 executes the “access location specifying” process (S15) shown in FIG. More specifically, the block region to which the line number in which the variable is written and read belongs is specified.
  • the line number in which the variable is written and read is specified from the “group list by variable (D15)” in FIG. 23, and the block region is specified from the “block line number list (DO6)” in FIG. .
  • the table of FIG. 24 shows a “data flow list (D16)” that summarizes the results of the above-described access location specifying process (S15).
  • the line number for accessing the variable, the type of access (write or read), the block region to which the variable belongs, and the expanded conditional statement are classified for each variable.
  • the third constant group output unit 32 executes the “second constant division” process (S16) shown in FIG.
  • the table of FIG. 25 shows a “constant list by data flow (D17)” that summarizes the results of the second constant dividing process (S16).
  • the third constant group output unit 32 is specified by the variable-specific write / read specification process (S13) for each variable vTemp and temp assigned the third group ID in the variable-specific group specification process (S14). Rearrange the expanded conditional statements according to the execution order of the variable access points. Further, constants included in each expanded conditional statement are searched, and the line is divided for each constant.
  • the path to the place where the variable is read can be analyzed, and the relationship between writing and reading can be determined for every condition.
  • the third constant group output unit 32 outputs the “constant list by data flow (D17)” of FIG. 25 to the user.
  • the constants related to the writing and reading processes can be output as a list for each variable, and checked against the writing and reading conditions in the specification.
  • the software inspection device extracts constants used in the source code D01 to be inspected, detects a conditional statement that refers to the extracted constant, and expands the detected conditional statement.
  • a variable to be written and read a location to access the variable, and a block to which the location belongs are specified.
  • the expanded conditional statements are rearranged according to the execution order of the variable access locations for each variable, and the constants referenced in the conditional statements are classified and output.
  • a group of constants having high relevance is specified based on the execution order of the locations in the source code D01 that access the variables. Therefore, it is possible to easily review whether the specified constant group is processed as specified. Therefore, by presenting to the user the existence of two or more constants that must be updated simultaneously according to the conditions of the specification, the user notices where there is a possibility of malfunction due to inconsistent constant change. Can be made.

Abstract

Un dispositif d'inspection de logiciel extrait une constante qui est utilisée dans un programme informatique qui doit être inspecté (S01), et détecte une expression conditionnelle dans laquelle il est fait référence à la constante extraite (S02). Une variable qui est comparée à la constante dans l'expression conditionnelle est précisée à titre de variable de base (S03), et la constante devant être comparée est classée et sortie pour chaque variable de base (S04).
PCT/JP2014/066318 2013-07-19 2014-06-19 Dispositif, procédé et programme d'inspection de logiciel WO2015008575A1 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201480051482.1A CN105556484B (zh) 2013-07-19 2014-06-19 软件检查装置、软件检查方法
JP2015527227A JP6004110B2 (ja) 2013-07-19 2014-06-19 ソフトウェア検査装置、ソフトウェア検査方法、ソフトウェア検査プログラム

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2013-150225 2013-07-19
JP2013150225 2013-07-19

Publications (1)

Publication Number Publication Date
WO2015008575A1 true WO2015008575A1 (fr) 2015-01-22

Family

ID=52346048

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2014/066318 WO2015008575A1 (fr) 2013-07-19 2014-06-19 Dispositif, procédé et programme d'inspection de logiciel

Country Status (3)

Country Link
JP (1) JP6004110B2 (fr)
CN (1) CN105556484B (fr)
WO (1) WO2015008575A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2018049565A (ja) * 2016-09-23 2018-03-29 株式会社東芝 ソフトウエア検証用システム及びソフトウエア検証方法
JP7318516B2 (ja) 2019-03-08 2023-08-01 富士通株式会社 コンピュータ可読プログラム検査のための入力の生成

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH03292531A (ja) * 1990-04-11 1991-12-24 Nissan Motor Co Ltd プログラム開発支援装置
JP2000181700A (ja) * 1998-12-18 2000-06-30 Fujitsu Ltd プログラム解析装置および記録媒体
US6151701A (en) * 1997-09-30 2000-11-21 Ahpah Software, Inc. Method for reconstructing debugging information for a decompiled executable file

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP3305949B2 (ja) * 1996-02-08 2002-07-24 富士通株式会社 プログラム解析装置
US7797690B2 (en) * 2005-03-15 2010-09-14 International Business Machines Corporation System, method and program product to optimize code during run time
WO2010125960A1 (fr) * 2009-04-28 2010-11-04 インターナショナル・ビジネス・マシーンズ・コーポレーション Procédé de conversion de codes de programme d'un programme exécuté dans un environnement à cheminements multiples afin de programmer un code comportant moins de conflits de verrouillage, et programme d'ordinateur et son système d'ordinateur

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH03292531A (ja) * 1990-04-11 1991-12-24 Nissan Motor Co Ltd プログラム開発支援装置
US6151701A (en) * 1997-09-30 2000-11-21 Ahpah Software, Inc. Method for reconstructing debugging information for a decompiled executable file
JP2000181700A (ja) * 1998-12-18 2000-06-30 Fujitsu Ltd プログラム解析装置および記録媒体

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2018049565A (ja) * 2016-09-23 2018-03-29 株式会社東芝 ソフトウエア検証用システム及びソフトウエア検証方法
JP7318516B2 (ja) 2019-03-08 2023-08-01 富士通株式会社 コンピュータ可読プログラム検査のための入力の生成

Also Published As

Publication number Publication date
CN105556484A (zh) 2016-05-04
CN105556484B (zh) 2018-02-02
JP6004110B2 (ja) 2016-10-05
JPWO2015008575A1 (ja) 2017-03-02

Similar Documents

Publication Publication Date Title
US9772927B2 (en) User interface for selecting tracing origins for aggregating classes of trace data
Kapser et al. Toward a taxonomy of clones in source code: A case study
US10346292B2 (en) Software component recommendation based on multiple trace runs
Kapser et al. Aiding comprehension of cloning through categorization
CN107766236B (zh) 测试任务自动化管理方法、装置、设备及存储介质
CN110741354A (zh) 呈现代码实体调用之间的差异
US20080052299A1 (en) Reverse engineering support system
KR101979329B1 (ko) 바이너리의 취약점을 유발하는 입력데이터 위치 추적 방법 및 그 장치
WO2015160351A1 (fr) Mise en oeuvre d'un méta-langage avec feuilles de style en cascade
JP6004110B2 (ja) ソフトウェア検査装置、ソフトウェア検査方法、ソフトウェア検査プログラム
CN111736865B (zh) 一种数据库升级方法及系统
CN113312333A (zh) 基于区块链和云计算的安全服务更新方法及云计算中心
US20190354468A1 (en) Code coverage module with testing function identifier
Kamiya An execution-semantic and content-and-context-based code-clone detection and analysis
US20220058260A1 (en) Binary image stack cookie protection
JP5963312B2 (ja) 情報処理装置、情報処理方法、及びプログラム
Prazina et al. Methods for Automatic Web Page Layout Testing and Analysis: A Review
WO2014112303A1 (fr) Dispositif d'examen de mise à jour de données ratée, procédé d'examen de mise à jour de données ratée et programme d'examen de mise à jour de données ratée
EP3699798A1 (fr) Dispositif de support de planification de conception de sécurité
KR101583133B1 (ko) 스택 기반 소프트웨어 유사도 평가 방법 및 장치
WO2014112316A1 (fr) Dispositif d'examen des problèmes d'accès aux indicateurs, procédé d'examen des problèmes d'accès aux indicateurs, et programme d'examen des problèmes d'accès aux indicateurs
US9852046B1 (en) Method and system for automated debugging memory allocation and memory release
US10489428B2 (en) Existing system processing specification extractor
KR102339498B1 (ko) 버그 검출 규칙 개선을 위한 코드 문맥 수집 방법
Xu Using Co-evolution of Artefacts in Git Repository to Establish Test-to-Code Traceability Links on Method-Level

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 201480051482.1

Country of ref document: CN

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14825743

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 2015527227

Country of ref document: JP

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 14825743

Country of ref document: EP

Kind code of ref document: A1