Application of Interval Arithmetic in Software Testing Based on Field-Sensitive Point-to Analysis

Static analysis cannot obtain variable values in actual operation, because it does not execute source codes. It is difficult to detect defects which are related with variable values. Although the technique of symbolic execution and interval arithmetic can imitate the range of variable values in actual execution program, for structures, arrays, etc., their members cannot be described independently. It makes data flow analysis field-insensitive, and generates many false negative. The interval arithmetic model based on field-sensitive point-to analysis improves the classical model by splitting the complex data type into separate variables, and proposes a type system with a set of abstract values. This system can describe the range of variable values conservatively. When calculating the data flow, combined with the abstract syntax definition of assignment statements, we also propose a derivation algorithm to the type, and apply this type system in defect testing system (DTSGCC and DTSCPP). We choose DTSCPP as the experimental platform, six C++ open source projects as test objects. Experimental results prove that our method can efficiently lower the ratio of false negative in the condition of keeping the analysis time constant.