-
1.发明授权Method and system for performing backward-driven path-sensitive dataflow analysis 有权执行反向驱动的路径敏感数据流分析的方法和系统公开(公告)号:US08893102B2
公开(公告)日:2014-11-18
申请号:US13192349
申请日:2011-07-27
IPC分类号: G06F9/45
摘要: In general, in one aspect, the invention relates to a method for static analysis. The method includes: obtaining source code; constructing a control flow graph (CFG) corresponding to the source code, by identifying control structures within the source code, creating a set of graph nodes of the CFG, and creating a set of directed graph edges of the CFG connecting the set of graph nodes; assigning a first Boolean flow value to a selected node of the set of graph nodes; backward traversing the CFG from the selected node to a target node; computing, by a computer processor and while backward traversing the CFG, disjoint predicate expressions representing flow values at the set of directed graph edges; computing, based on the disjoint predicate expressions, a resulting disjoint predicate expression; and identifying, based on the resulting disjoint predicate expression, a potential program property in the source code.
摘要翻译: 通常,一方面,本发明涉及静态分析方法。 该方法包括:获取源代码; 通过识别源代码中的控制结构,创建一组CFG的图形节点,以及创建连接该图形节点组的CFG的一组有向图边缘来构建与源代码相对应的控制流程图(CFG) ; 向所述一组图形节点的所选节点分配第一布尔流值; 从选择的节点向目标节点反向遍历CFG; 通过计算机处理器进行计算,并且在向后遍历CFG时,分离表示在有向图边缘集合处的流量值的谓词表达式; 基于不相交的谓词表达式计算所得到的不相交谓词表达式; 并且基于所得到的不相交谓词表达来识别源代码中的潜在程序属性。
-
公开(公告)号:US20120304158A1
公开(公告)日:2012-11-29
申请号:US13117058
申请日:2011-05-26
IPC分类号: G06F9/44
CPC分类号: G06F8/75 , G06F8/434 , G06F11/3604
摘要: In general, in one aspect, the invention relates to a method for performing points-to analysis by generating a value flow graph for source code. The method steps include: initializing the value flow graph including a set of memory objects and a set of edges based on Base and Assignment instructions, where the set of edges represents inclusion constraints between the set of memory objects and a set of pointer variables; determining a pointed-to-by set including at least one pointer variable of the set of pointer variables; updating the value flow graph by introducing a flow edge based on an indirect reference, where the flow edge is related to a memory object of the set of memory objects that is added to a working list; updating the pointed-to-by set based on the memory object in the working list; and analyzing the source code using the pointed-to-by set.
摘要翻译: 一般来说,一方面,本发明涉及通过生成源代码的值流程图来执行点分析的方法。 所述方法步骤包括:基于基本和分配指令来初始化包括一组存储器对象和一组边的值流图,其中所述边集合表示所述一组存储器对象与一组指针变量之间的包含约束; 确定包括所述指针变量集合中的至少一个指针变量的指向对象集合; 通过引入基于间接引用的流边来更新值流图,其中流边缘与添加到工作列表的一组存储器对象的存储器对象相关; 基于工作列表中的存储器对象来更新指向性集合; 并使用尖括号分析源代码。
-
公开(公告)号:US08302086B2
公开(公告)日:2012-10-30
申请号:US12642729
申请日:2009-12-18
IPC分类号: G06F9/45
CPC分类号: G06F11/3608
摘要: A method for demand-driven symbolic analysis involves obtaining a section of code comprising an instruction from a source code file and determining a critical variable in the section of code and data dependencies related to the critical variable. The method further involves iteratively computing a symbolic value representing a range of values of the critical variable according to the data dependencies, determining a set of control predicates relevant to the critical variable at the instruction, refining the range of values according to the set of control predicates to generate a second range of values for the symbolic value, and reporting an error when the second range of values exceeds a predetermined value.
摘要翻译: 用于需求驱动的符号分析的方法涉及获得包括源代码文件的指令的代码部分,并且确定与关键变量相关的代码和数据依赖性部分中的关键变量。 该方法还包括迭代地计算表示根据数据依赖性的关键变量的值的范围的符号值,确定与该指令处的关键变量相关的一组控制谓词,根据该组控制来改进值的范围 谓词以产生符号值的第二范围值,并且当第二范围值超过预定值时报告错误。
-
公开(公告)号:US08473927B2
公开(公告)日:2013-06-25
申请号:US13117058
申请日:2011-05-26
CPC分类号: G06F8/75 , G06F8/434 , G06F11/3604
摘要: In general, in one aspect, the invention relates to a method for performing points-to analysis by generating a value flow graph for source code. The method steps include: initializing the value flow graph including a set of memory objects and a set of edges based on Base and Assignment instructions, where the set of edges represents inclusion constraints between the set of memory objects and a set of pointer variables; determining a pointed-to-by set including at least one pointer variable of the set of pointer variables; updating the value flow graph by introducing a flow edge based on an indirect reference, where the flow edge is related to a memory object of the set of memory objects that is added to a working list; updating the pointed-to-by set based on the memory object in the working list; and analyzing the source code using the pointed-to-by set.
摘要翻译: 一般来说,一方面,本发明涉及通过生成源代码的值流程图来执行点分析的方法。 所述方法步骤包括:基于基本和分配指令来初始化包括一组存储器对象和一组边的值流图,其中所述边集合表示所述一组存储器对象与一组指针变量之间的包含约束; 确定包括所述指针变量集合中的至少一个指针变量的指向对象集合; 通过引入基于间接引用的流边来更新值流图,其中流边缘与添加到工作列表的一组存储器对象的存储器对象相关; 基于工作列表中的存储器对象来更新指向性集合; 并使用尖括号分析源代码。
-
公开(公告)号:US20110179400A1
公开(公告)日:2011-07-21
申请号:US12688078
申请日:2010-01-15
IPC分类号: G06F9/44
CPC分类号: G06F11/3624 , G06F11/3612 , G06F21/577
摘要: A method for overflow detection using partial evaluations. The method includes obtaining a section of code from a source code file stored on a storage device, analyzing the section of code to identify a buffer with an index, determining a plurality of statements that are statically-computable and dependent on the index of the buffer, and generating a code segment including the plurality of statements. The method further includes replacing an access statement of the plurality of statements with a conditional statement returning true when bounds of the buffer are exceeded, where the access statement uses the index to access the buffer, adding an unconditional statement returning false to the code segment, and executing the code segment on a computer processor to obtain a determination of whether the bounds of the buffer are exceeded.
摘要翻译: 一种使用部分评估的溢出检测方法。 该方法包括从存储在存储设备上的源代码文件中获取一段代码,分析代码段以识别具有索引的缓冲区,确定可静态计算并依赖于缓冲区索引的多个语句 ,以及生成包括所述多个语句的代码段。 该方法进一步包括:当条件语句在超出缓冲区的边界时返回true,替换多个语句的访问语句,访问语句使用索引访问缓冲区,向代码段添加返回false的无条件语句, 以及在计算机处理器上执行代码段以获得是否超过了缓冲区的范围的确定。
-
公开(公告)号:US20110154122A1
公开(公告)日:2011-06-23
申请号:US12642729
申请日:2009-12-18
CPC分类号: G06F11/3608
摘要: A method for demand-driven symbolic analysis involves obtaining a section of code comprising an instruction from a source code file and determining a critical variable in the section of code and data dependencies related to the critical variable. The method further involves iteratively computing a symbolic value representing a range of values of the critical variable according to the data dependencies, determining a set of control predicates relevant to the critical variable at the instruction, refining the range of values according to the set of control predicates to generate a second range of values for the symbolic value, and reporting an error when the second range of values exceeds a predetermined value.
摘要翻译: 用于需求驱动的符号分析的方法涉及获得包括源代码文件的指令的代码部分,并且确定与关键变量相关的代码和数据依赖性部分中的关键变量。 该方法还包括迭代地计算表示根据数据依赖性的关键变量的值的范围的符号值,确定与该指令处的关键变量相关的一组控制谓词,根据该组控制来改进值的范围 谓词以产生符号值的第二范围值,并且当第二范围值超过预定值时报告错误。
-
7.发明申请METHOD AND SYSTEM FOR PERFORMING BACKWARD-DRIVEN PATH-SENSITIVE DATAFLOW ANALYSIS 有权用于执行后向驱动路径敏感数据流分析的方法和系统公开(公告)号:US20130031531A1
公开(公告)日:2013-01-31
申请号:US13192349
申请日:2011-07-27
IPC分类号: G06F9/44
摘要: In general, in one aspect, the invention relates to a method for static analysis. The method includes: obtaining source code; constructing a control flow graph (CFG) corresponding to the source code, by identifying control structures within the source code, creating a set of graph nodes of the CFG, and creating a set of directed graph edges of the CFG connecting the set of graph nodes; assigning a first Boolean flow value to a selected node of the set of graph nodes; backward traversing the CFG from the selected node to a target node; computing, by a computer processor and while backward traversing the CFG, disjoint predicate expressions representing flow values at the set of directed graph edges; computing, based on the disjoint predicate expressions, a resulting disjoint predicate expression; and identifying, based on the resulting disjoint predicate expression, a potential program property in the source code.
摘要翻译: 通常,一方面,本发明涉及静态分析方法。 该方法包括:获取源代码; 通过识别源代码中的控制结构,创建一组CFG的图形节点,以及创建连接该图形节点组的CFG的一组有向图边缘来构建与源代码相对应的控制流程图(CFG) ; 向所述一组图形节点的所选节点分配第一布尔流值; 从选择的节点向目标节点反向遍历CFG; 通过计算机处理器进行计算,并且在向后遍历CFG时,分离表示在有向图边缘集合处的流量值的谓词表达式; 基于不相交的谓词表达式计算所得到的不相交谓词表达式; 并且基于所得到的不相交谓词表达来识别源代码中的潜在程序属性。
-
公开(公告)号:US20120304153A1
公开(公告)日:2012-11-29
申请号:US13117078
申请日:2011-05-26
IPC分类号: G06F9/44
CPC分类号: G06F8/75 , G06F11/3604
摘要: In general, in one aspect, the invention relates to a method for identifying program properties in source code. The method includes: identifying a set of program objects corresponding to a potential program property within the source code; identifying a function associated with the set of program objects in the source code; identifying an input and an output of the function in the source code; creating a value flow graph by: creating a function input node representing the input; creating a function output node representing the output; identifying value flow functions, where each value flow function defines a conditional dependency between a pair of graph nodes, and creating, based on the value flow functions, directed graph edges modeling a potential flow of data through the value flow graph; and identifying a feasible path in the value flow graph depicting an occurrence of the potential program property in the source code.
摘要翻译: 通常,一方面,本发明涉及用于识别源代码中的程序属性的方法。 该方法包括:识别与源代码内的潜在程序属性相对应的一组程序对象; 识别与所述源代码中的所述一组程序对象相关联的功能; 识别源代码中的功能的输入和输出; 通过以下方式创建价值流程图:创建表示输入的函数输入节点; 创建表示输出的功能输出节点; 识别价值流函数,其中每个价值流函数定义一对图形节点之间的条件依赖关系,并且基于所述价值流函数创建通过所述价值流图对潜在数据流建模的有向图边缘; 并且在所述值流程图中识别描绘所述源代码中的潜在程序属性的发生的可行路径。
-
公开(公告)号:US08578343B2
公开(公告)日:2013-11-05
申请号:US12688078
申请日:2010-01-15
IPC分类号: G06F9/44
CPC分类号: G06F11/3624 , G06F11/3612 , G06F21/577
摘要: A method for overflow detection using partial evaluations. The method includes obtaining a section of code from a source code file stored on a storage device, analyzing the section of code to identify a buffer with an index, determining a plurality of statements that are statically-computable and dependent on the index of the buffer, and generating a code segment including the plurality of statements. The method further includes replacing an access statement of the plurality of statements with a conditional statement returning true when bounds of the buffer are exceeded, where the access statement uses the index to access the buffer, adding an unconditional statement returning false to the code segment, and executing the code segment on a computer processor to obtain a determination of whether the bounds of the buffer are exceeded.
摘要翻译: 一种使用部分评估的溢出检测方法。 该方法包括从存储在存储设备上的源代码文件中获取一段代码,分析代码段以识别具有索引的缓冲区,确定可静态计算并依赖于缓冲区索引的多个语句 ,以及生成包括所述多个语句的代码段。 该方法进一步包括:当条件语句在超出缓冲区的边界时返回true,替换多个语句的访问语句,访问语句使用索引访问缓冲区,向代码段添加返回false的无条件语句, 以及在计算机处理器上执行代码段以获得是否超过了缓冲区的范围的确定。
-
公开(公告)号:US08516443B2
公开(公告)日:2013-08-20
申请号:US13117078
申请日:2011-05-26
IPC分类号: G06F9/44
CPC分类号: G06F8/75 , G06F11/3604
摘要: In general, in one aspect, the invention relates to a method for identifying program properties in source code. The method includes: identifying a set of program objects corresponding to a potential program property within the source code; identifying a function associated with the set of program objects in the source code; identifying an input and an output of the function in the source code; creating a value flow graph by: creating a function input node representing the input; creating a function output node representing the output; identifying value flow functions, where each value flow function defines a conditional dependency between a pair of graph nodes, and creating, based on the value flow functions, directed graph edges modeling a potential flow of data through the value flow graph; and identifying a feasible path in the value flow graph depicting an occurrence of the potential program property in the source code.
摘要翻译: 通常,一方面,本发明涉及用于识别源代码中的程序属性的方法。 该方法包括:识别与源代码内的潜在程序属性相对应的一组程序对象; 识别与所述源代码中的所述一组程序对象相关联的功能; 识别源代码中的功能的输入和输出; 通过以下方式创建价值流程图:创建表示输入的函数输入节点; 创建表示输出的功能输出节点; 识别价值流函数,其中每个价值流函数定义一对图形节点之间的条件依赖关系,并且基于所述价值流函数创建通过所述价值流图对潜在数据流建模的有向图边缘; 并且在所述值流程图中识别描绘所述源代码中的潜在程序属性的发生的可行路径。
-
-
-
-
-
-
-
-
-
搜索结果
10 条记录 (耗时 0.014 秒)
