| Static testing includes two steps:static analysis and manual inspection. In actual testing process, a large number of reported defects make the manual review stage very time-consuming. It may lead the developers and testers rejecting the use of static analysis tools. Meanwhile, most static testing tools can only detect single unrelated defects. They underutilize the interrelationships between different defects. This may cause reporting excessive number of defects and increasing the cost of the whole test process.In this thesis, we concluded that the main reasons for the huge burden of manual review are huge amount of similar true positives and false positives reported by static analysis tools. According to defect patterns defined in DTS, we generalized12code patterns of identical defect patterns. We also verified the generality of false positives in worldwide mainstream static analysis tools by testing Klocwork and DTS.After concluding the problems and bottlenecks of defect-based static analysis tools, this thesis presents an automated defect code feature mining method. It can find high level patterns of related defects. These patterns can help reduce the workload of artificial defect inspection and guide the design of new defect patterns. |
PDF Full Text Request