ZHANG Xiao-xin,SUN Wei-jie

DOI: https://doi.org/10.3969/j.issn.1002-0802.2013.04.044

2013-01-01

Abstract:Based on study of the automatic examination method for C code structure,an automatic examination method for C code structure is proposed.Through static analysis of source code,the logic connection relation of the program and the semantic similarity relation are analyzed,the reasonable module divisions of the program extracted,and also through comparison with the design document,the judgement on reasonableness of the program structure is realized.According to this principle and based on the static analysis and clustering method,the process design of automatic examination method for program structure is implemented and verified with specific examples.Finally,a summary and outlook of this research is given in this paper.

Wang Ji-min,Ping Ling-di,Pan Xue-zeng,Shen Hai-bin,Yan Xiao-lang

DOI: https://doi.org/10.1007/bf02842479

2005-01-01

Journal of Zhejiang University SCIENCE A

Abstract:The C programming language is expressive and flexible, but not safe; as its expressive power and flexibility are obtained through unsafe language features, and improper use of these features can lead to program bugs whose causes are hard to identify. Since C is widely used, and it is impractical to rewrite all existing C programs in safe languages, so ways must be found to make C programs safe. This paper deals with the unsafe features of C and presents a survey on existing solutions to make C programs safe. We have studied binary-level instrumentation tools, source checkers, source-level instrumentation tools and safe dialects of C, and present a comparison of different solutions, summarized the strengths and weaknesses of different classes of solutions, and show measures that could possibly improve the accuracy or alleviate the overhead of existing solutions.

Qinghua Zheng,Zhijiang Ou,Linfeng Liu,Ting Liu

DOI: https://doi.org/10.1109/ICSESS.2011.5982301

2011-01-01

Abstract:The software is becoming much more complex and large, thus it is difficult to examine and evaluate the structure of software containing millions of lines of code and thousands of functions or objects. In large-scale software, the structure is one of the most important factors for people to design, develop and maintain trusted software. In this paper, we concentrate on dynamic analysis instead of static analysis and the Calling Network is proposed to represent the dynamic structure of software. Then, the community and hierarchical structure of the software are detected from the Calling Network using Newman Fast algorithm and Bi-Breadth-First Search algorithm. Finally, the Partition Matching Ratio is proposed to evaluate the rationality of software structure by comparing the theoretical community and hierarchical structure with the physical partition. In the experiments, we evaluate two Java applications, JPetStore and Jforum, and find the structure of JPetStore is better than Jforum which is same as the users' evaluation.

JunFeng Kang,Feng Zhang,Renyi Liu,Lei Fang,Junjie Chen

DOI: https://doi.org/10.1109/ICMULT.2010.5631161

2010-01-01

Multimedia Technology

Abstract:This paper studies on how to improve the efficiency of multilayer relationship checking, which was the most complex and time-consuming operation in land plan spatial data quality checking. The existing researches on spatial data quality mostly focused on how to evaluate spatial data quality, but few studies on efficiency. With an in depth study on the characteristics of multilayer relationship, we first proposed an universal spatial multilayer relationship checking module (SMRCM), then based on SMRCM, we designed a parallel algorithm and experimented on the small-scale multi-core processor systems. The experiment results show our parallel algorithm can significantly improve the multilayer relationship checking efficiency. Finally this algorithm was implemented in a prototype software, and now is using to examine Zhejiang province's land plan spatial data quality.

TianTian Wang,KeChao Wang,XiaoHong Su,Lin Liu

DOI: https://doi.org/10.4018/IJDWM.2020040104

2020-01-01

Abstract:Software exists in various control systems, such as security-critical systems and so on. Existing program clustering methods are limited in identifying functional equivalent programs with different syntactic representations. To solve this problem, firstly, a clustering method based on structured metric vectors was proposed to quickly identify structurally similar programs from a large number of existing programs. Next, a clustering method based on similar execution value sequences was proposed, to accurately identify the functional equivalent programs with code variations. This approach has been applied in automatic program repair, to identify sample programs from a large pool of template programs. The average purity value is 0.95576 and the average entropy is 0.15497. This means that the clustering partition is consistent with the expected partition.

Shaojun YANG,Xiaohong SU,Tiantian WANG,Peijun MA

DOI: https://doi.org/10.3969/j.issn.2095-2163.2014.05.020

2014-01-01

Abstract:Program analysis techniques contains control flow analysis,data flow analysis,alias analysis,program slicing techniques and program instrumentation,and has important applications in program comprehension,code refactoring,code optimization,automated software debugging and other aspects. Especially,the lexical analysis and syntax analysis technology is the basis for program analysis techniques. This paper designs and implements a new C language syntax analysis tool named CParser,through three steps which are lexical analysis,preprocessing and syntax analysis to achieve the establishment of the abstract syntax tree based on the source code. This tool is easy to use,and can fully support the C99 standard,furtherly can be used to code clone detection and fault localization.

Bailin Lu,Wei Dong,Liangze Yin,Li Zhang

DOI: https://doi.org/10.1007/978-3-030-04272-1_4

2018-01-01

Abstract:Many static analysis methods and tools have been developed for program bug detection. They are based on diverse theoretical principles, such as pattern matching, abstract interpretation, model checking and symbolic execution. Unfortunately, none of them can meet most requirements for bug finding. Individual tool always faces high false negatives and/or false positives, which is the main obstacle for using them in practice. A direct and promising way to improve the capability of static analysis is to integrate diverse bug finders. In this paper, we first selected five state-of-the-art C/C++ static analysis tools implemented with different theories. We then evaluated them over different defect types and code structures in detail. To increase the precision and recall for tool integration, we studied how to properly employ machine learning algorithms based on features of programs and tools. Evaluation results show that: (1) the abilities of diverse tools are quite different for defect types and code structures, and their overlaps are quite small; (2) the integration based on machine learning can obviously improve the overall performance of static analysis. Finally, we investigated the defect types and code structures which are still challenging for existing tools. They should be addressed in future research on static analysis.

Hairong Zheng

2011-01-01

Abstract:To reduce the redundancy of information in software static analysis and improve the accuracy and efficiency of the information extraction,a syntax trees model based on relational storage mode is proposed.Modeling on dependency relationship between the terminal will effectively reducing the information redundancy and be stored in XML(extensible markup language) format.Using the mature parsing technique on XML,a new static detection method based on XML model is put forward and applied to program norm.Experimental results show that the method not only improves the detection efficiency but also increases the detection accuracy.

Ziliang Wang,Ge Li,Jia Li,Yihong Dong,Yingfei Xiong,Zhi Jin

2024-11-08

Abstract:Unlike the flow structure of natural languages, programming languages have an inherent rigidity in structure and <a class="link-external link-http" href="http://grammar.However" rel="external noopener nofollow">this http URL</a>, existing detection methods based on pre-trained models typically treat code as a natural language sequence, ignoring its unique structural information. This hinders the models from understanding the code's semantic and structual <a class="link-external link-http" href="http://information.To" rel="external noopener nofollow">this http URL</a> address this problem, we introduce the Code Structure-Aware Network through Line-level Semantic Learning (CSLS), which comprises four components: code preprocessing, global semantic awareness, line semantic awareness, and line semantic structure <a class="link-external link-http" href="http://awareness.The" rel="external noopener nofollow">this http URL</a> preprocessing step transforms the code into two types of text: global code text and line-level code <a class="link-external link-http" href="http://text.Unlike" rel="external noopener nofollow">this http URL</a> typical preprocessing methods, CSLS retains structural elements such as newlines and indent characters to enhance the model's perception of code lines during global semantic <a class="link-external link-http" href="http://awareness.For" rel="external noopener nofollow">this http URL</a> line semantics structure awareness, the CSLS network emphasizes capturing structural relationships between line <a class="link-external link-http" href="http://semantics.Different" rel="external noopener nofollow">this http URL</a> from the structural modeling methods based on code blocks (control flow graphs) or tokens, CSLS uses line semantics as the minimum structural unit to learn nonlinear structural relationships, thereby improving the accuracy of code vulnerability <a class="link-external link-http" href="http://detection.We" rel="external noopener nofollow">this http URL</a> conducted extensive experiments on vulnerability detection datasets from real projects. The CSLS model outperforms the state-of-the-art baselines in code vulnerability detection, achieving 70.57% accuracy on the Devign dataset and a 49.59% F1 score on the Reveal dataset.

Software Engineering

Yayun LI,Yaojie SUN

DOI: https://doi.org/10.14081/j.cnki.hgdxb.2017.01.004

2017-01-01

Abstract:A C ++ program project can not be used immediately when it is completed.And it must be debugged and optimized heavily.A C++ program project usually consists of some functions.The running status of C++ application can be known by making judgments about whether the key value or return value of the function is abnormal or not.So a detection method of C++ program based on ISO 15765 is designed to reduce the modification times and debugging time of the program.The communication standard between the upper system and the lower system is finished;An underlying function detection protocol stack in line with ISO 15765 standards is developed;A host computer system with the function of C++ function detection is developed;An detection case in Excel format is made up to transmit parameter and log the detection results.

Ganesh Narayan,K Gopinath,V Sridhar,K. Gopinath,Sridhar Varadarajan

DOI: https://doi.org/10.1109/tase.2008.40

2008-06-01

Abstract:Call graphs depict the static, caller-callee relation between “functions” in a program. With most source/target languages supporting functions as the primitive unit of composition, call graphs naturally form the fundamental control flow representation available to understand/develop software. They are also the substrate on which various inter-procedural analyses are performed and are integral part ofprogram comprehension/testing. Given their universality and usefulness, it is imperative to ask if call graphs exhibit any intrinsic graph theoretic features – across versions, program domains and source languages. This work is an attempt to answer these questions: we present and investigate a set of meaningful graph measures that help us understand call graphs better; we establish how these measures correlate, if any, across different languages and program domains; we also assess the overall, language independent software quality by suitably interpreting these measures.

FENG Jianghui,WANG Tiantian,SU Xiaohong,MA Peijun

DOI: https://doi.org/10.3969/j.issn.2095-2163.2011.03.012

2011-01-01

Abstract:In the development of software,code clones have been one of important causes for software defects.To solve the problem that the existing methods can not effectively handle low-cohesion and cross-functional code clones,this paper proposes a code clone restructuring approach based on k-nearest neighbor algorithm.Firstly,code clones are statically analyzed,and thereby the control dependency information and data flow information are collected.Then,k-nearest neighbor clustering algorithm is performed to form extractable or functional-independence code fragments.After that,a procedure extraction algorithm is performed on these code fragments to extract independent procedures.Finally,original code clones are replaced by the invocations of their corresponding procedures.Experiment results show that this method can effectively reorganize the structure of code clones and perform the extraction on functional independent code fragments.

Zhi-Gang Zhu

DOI: https://doi.org/10.1088/1742-6596/1544/1/012002

2020-05-01

Journal of Physics: Conference Series

Abstract:Abstract In the process of learning the data structure, it is very necessary to master the sorting algorithm, and in the program design, the sorting algorithm is applied frequently. Based on the importance of sorting algorithms, this paper will carefully compare the characteristics of different algorithms, starting with the work efficiency, algorithm implementation, basic ideas, sorting methods and other aspects, and draw conclusions so as to better select sorting algorithms.

李卓,邓明荣

DOI: https://doi.org/10.3969/j.issn.1007-130x.2010.04.020

2010-01-01

Abstract:Similar code detection is a common entry point of software refactoring activities. The paper firstly introduces texts mapping-based similar code detection algorithms like the dynamic text mapping algorithm and the suffix tree algorithm. Based on the combination of these two algorithms,a tool for automated similar code detection is implemented. This tool provides not only a capability to detect similar code both between and within the source files,for an improved accuracy,but also an automatic approach to help developers secure similar code candidates,hence improves the efficiency of software refactoring. Finally,the paper analyzes the experimental outputs of practical programs in a financial information system. Its practicality is shown.

CHEN Tao,LI Kong-wen,WANG Shu-sen,GU Qing,CHEN Dao-xu

DOI: https://doi.org/10.3969/j.issn.1002-137X.2009.04.037

2009-01-01

Computer Science

Abstract:With the rapid progress of software industry,large-scale software systems become dominant,and their functions and structures are usually complicated.There is a need to better understand the structures and evolutions of these systems.This paper developed a tool of Java program analysis based on complex networks.This tool builds complex networks for Java programs,and calculates the complex networks' features existed in Java programs' structures.It provides an effective support for researching and understanding the structures and evolutions of complex software systems.

Ke-chao WANG,Tian-tian WANG,Zhi-fei WANG,Xiang-min REN,Hai-cheng LIN

DOI: https://doi.org/10.3969/j.issn.1671-1815.2015.11.042

2015-01-01

Abstract:The traditional graph based similar code detection approaches usually have high complexity,and are limited in recognizing code variations.In this paper,we propose a similar code retrieval approach based on the clustering of structural features.Source codes are represented as control dependence trees,and code normalization is performed to eliminate code variations so as to recognize the syntactically different but semantically similar codes.Then,vectors are computed to describe the structural information of source code,and the difficult graph similarity problem is reduced to a simpler vector clustering problem.Candidate similar codes are quickly extracted.Test results show that our method can recognize more code variations than that of the method proposed by Gabel et al.

Peijun Ma

2012-01-01

Abstract:To deal with the problems such as high complexity and low accuracy of redundancy detection,a model of redundancy detection based on control structure analysis is proposed and implemented.This paper predigests the complexity of control structure by establishing a compound node table for tokens,which reduces the complexity of redundancy detection,and then detects the idempotent operations,dead code and redundant assignment.Experimental results of the open source code of Linux show that this model can find redundant code accurately and also has a low time-complexity.With this model,it is very convenient for developers to detect and correct these kinds of defects,and thereby to further guarantee the software quality.

DENG Gui-qian,ZHAO Yue-long,Huang Yong-feng

2010-01-01

Abstract:How to improve the universality,portability and easy-maintenance of the program code in the software development process is one of the important issues in area of software development technology research.Based on object-oriented programming design thought,this paper presents an abstract access logic method,and gives an example-based modular layering design model.Abstract access logic methods and modular hierarchical design model are proposed in the text.It is a good practical reference value for improving the universality,portability and easy-maintenance of the program code for the future.

文勇,蔡铭,陈刚,杨子江,金星

DOI: https://doi.org/10.16208/j.issn1000-7024.2010.11.037

2010-01-01

Abstract:To effectively carry out the object code analysis and verification,a novel method of control flow and structural coverage measurement for object code verification is presented based on CPU module extension.By branch instruction function extension,along with a new module for dynamic branch target buffer,the control flow of object code is collected effectively.And then,the algorithm for control flow construction and structural coverage measurement are given respectively.Both the overhead and computation complexity are acceptable with analysis study.Competitive advantage of this method is independent of compiler and non-incursive measurement for the object code.

SHI Zheng,ZHANG Pei-yong

2013-01-01

Abstract:In order to relieve the disadvantage in efficiency and reliability caused by lack of automatic way in addressable test chip design,aiming to the placement of the test structure,the linear programming was investigated.After researching the manual way in placement of test structure,a set of rules was summarized and expressed as multivariate inequality,and the mathematical model based on linear programming was established and developed into an automatic placer which will help the designer finish the placement of test structure quickly and automatically.The experimental result indicates that the automatic placer can address placement of thousands of test structure in minutes,and solution is optimized in area efficiency.