CoBOT

Proceedings of the 26th Conference on Program Comprehension Pub Date : 2018-05-28 DOI:10.1145/3196321.3196367

Qing Gao, Sen Ma, Sihao Shao, Yulei Sui, G. Zhao, Luyao Ma, Xiaozun Ma, Fuyao Duan, Xiao Deng, Shikun Zhang, Xianglong Chen

{"title":"CoBOT","authors":"Qing Gao, Sen Ma, Sihao Shao, Yulei Sui, G. Zhao, Luyao Ma, Xiaozun Ma, Fuyao Duan, Xiao Deng, Shikun Zhang, Xianglong Chen","doi":"10.1145/3196321.3196367","DOIUrl":null,"url":null,"abstract":"To obtain precise and sound results, most of existing static analyzers require whole program analysis with complete source code. However, in reality, the source code of an application always interacts with many third-party libraries, which are often not easily accessible to static analyzers. Worse still, more than 30% of legacy projects cannot be compiled easily due to complicated configuration environments (e.g., third-party libraries, compiler options and macros), making ideal \"whole-program analysis\" unavailable in practice. This paper presents CoBOT, a static analysis tool that can detect bugs in the presence of incomplete code. It analyzes function APIs unavailable in application code by either using function summarization or automatically downloading and analyzing the corresponding library code as inferred from the application code and its configuration files. The experiments show that CoBOT is not only easy to use, but also effective in detecting bugs in real-world programs with incomplete code. Our demonstration video is at: https://youtu.be/bhjJp3e7LPM.","PeriodicalId":348046,"journal":{"name":"Proceedings of the 26th Conference on Program Comprehension","volume":"29 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-05-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 26th Conference on Program Comprehension","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3196321.3196367","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 3

Abstract

To obtain precise and sound results, most of existing static analyzers require whole program analysis with complete source code. However, in reality, the source code of an application always interacts with many third-party libraries, which are often not easily accessible to static analyzers. Worse still, more than 30% of legacy projects cannot be compiled easily due to complicated configuration environments (e.g., third-party libraries, compiler options and macros), making ideal "whole-program analysis" unavailable in practice. This paper presents CoBOT, a static analysis tool that can detect bugs in the presence of incomplete code. It analyzes function APIs unavailable in application code by either using function summarization or automatically downloading and analyzing the corresponding library code as inferred from the application code and its configuration files. The experiments show that CoBOT is not only easy to use, but also effective in detecting bugs in real-world programs with incomplete code. Our demonstration video is at: https://youtu.be/bhjJp3e7LPM.

查看原文本刊更多论文

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of the 26th Conference on Program Comprehension

自引率

0.00%

发文量