Full metadata record
| DC Field | Value | Language |
|---|---|---|
| dc.contributor | Department of Computing | en_US |
| dc.contributor.advisor | Pei, Yu (COMP) | en_US |
| dc.creator | Zhang, Huaien | - |
| dc.identifier.uri | https://theses.lib.polyu.edu.hk/handle/200/13960 | - |
| dc.language | English | en_US |
| dc.publisher | Hong Kong Polytechnic University | en_US |
| dc.rights | All rights reserved | en_US |
| dc.title | Effective fault detection for static analyzers via automated testing | en_US |
| dcterms.abstract | Static analyzers comprehend and analyze input programs without dynamically executing them to gather insights into and detect flaws in their properties and behaviors. These tools are indispensable for ensuring software quality and supporting various software engineering tasks, including vulnerability detection, privacy leakage identification, and malware analysis. Despite their widespread adoption in real-world software development and maintenance, static analyzers, like other computer programs, are susceptible to implementation faults, and it is a common practice for static analyzers to detect such faults via testing. Manually creating test cases for static analyzers, however, is highly time-consuming and labor-intensive because both constructing input programs to trigger specific analyses and deriving the correct analysis results for the input programs are non-trivial tasks. Meanwhile, existing research efforts to automatically generate test cases and uncover faults in static analyzers suffer from three important limitations that restrict their applicability. These efforts depend on dedicated oracles designed for specific programming languages or particular sets of static analyzers, have limited support for certain program elements, or overlook bugs reflected in only the intermediate representations constructed by the static analyzers but not the warnings they report. | en_US |
| dcterms.abstract | To address these limitations, we develop three novel techniques, namely STATFIER, ANĀNATESTER, and SASCOPE. The STATFIER technique leverages semantics-preserving program transformations to derive valid variants from existing test input programs for static analyzers, and it discovers faults in the static analyzers via metamorphic testing. We systematically investigate the impact of program annotations on static analyzers and propose another metamorphic testing technique, ANĀNATESTER, to automatically identify annotation-induced faults. Furthermore, we comprehensively study the root causes of program representation faults and their fix strategies and develop the SASCOPE technique to detect relevant faults via automated testing. | en_US |
| dcterms.abstract | We have implemented the techniques into three testing frameworks with the same names. Using the testing frameworks, we identify 141 faults in popular static analyzers. We have reported all identified faults to the respective developers via issue tracking systems, with 72 of them confirmed or fixed. | en_US |
| dcterms.extent | xi, 145 pages : color illustrations | en_US |
| dcterms.isPartOf | PolyU Electronic Theses | en_US |
| dcterms.issued | 2025 | en_US |
| dcterms.educationalLevel | Ph.D. | en_US |
| dcterms.educationalLevel | All Doctorate | en_US |
| dcterms.accessRights | open access | en_US |
Copyright Undertaking
As a bona fide Library user, I declare that:
- I will abide by the rules and legal ordinances governing copyright regarding the use of the Database.
- I will use the Database for the purpose of my research or private study only and not for circulation or further reproduction or any other purpose.
- I agree to indemnify and hold the University harmless from and against any loss, damage, cost, liability or expenses arising from copyright infringement or unauthorized usage.
By downloading any item(s) listed above, you acknowledge that you have read and understood the copyright undertaking as stated above, and agree to be bound by all of its terms.
Please use this identifier to cite or link to this item:
https://theses.lib.polyu.edu.hk/handle/200/13960