本文選題：缺陷定位 + 自動程序修復�。� 參考：《國防科學技術(shù)大學》2016年博士論文

【摘要】：缺陷作為軟件系統(tǒng)設(shè)計和維護過程中不可避免的產(chǎn)物,隨著軟件系統(tǒng)的規(guī)模和復雜程度的增加也在不斷增加。將軟件缺陷的定位與修復工作進行自動化,對于提升軟件調(diào)試效率以及軟件質(zhì)量有著重要意義。多年來學術(shù)界和工業(yè)界一直致力于高效的、準確的缺陷定位和自動修復技術(shù)的研究,取得了不少進展。然而由于軟件缺陷作用機理的復雜性,目前的缺陷定位和自動修復技術(shù)仍然面臨很大挑戰(zhàn)。本文基于軟件執(zhí)行過程中錯誤的傳播過程,對現(xiàn)有的缺陷定位技術(shù)以及基于缺陷定位的自動修復技術(shù)修復效果進行研究分析,并針對缺陷定位、補丁生成以及補丁驗證三個方面,研究基于測試用例聚類的缺陷定位優(yōu)化技術(shù)、基于可疑代碼集過濾的程序自動修復技術(shù)以及基于測試用例分組的迭代修復技術(shù),提出了一系列提高缺陷定位能力和自動修復能力的優(yōu)化技術(shù),并通過對大型開源軟件真實歷史錯誤進行缺陷定位和修復實驗,依據(jù)科學統(tǒng)計和度量方法驗證了這些優(yōu)化技術(shù)的效能。論文的主要研究工作及創(chuàng)新點如下:1)從缺陷容忍和缺陷排除的角度出發(fā),對現(xiàn)有的程序自動修復工具的修復效果進行分析在研究領(lǐng)域,缺陷容忍和缺陷排除是兩類主流的提升軟件可靠性和安全性的方式�，F(xiàn)有的程序自動修復工具均專注于通過補丁生成的方式來修復目標程序暴露出來的故障,卻忽略了對修復效果的分析研究。本文通過收集兩種主流的軟件自動修復工具:Genprog以及CETI所生成的修復補丁,分析各個修復補丁中所修改的代碼與目標程序中的軟件缺陷之間的關(guān)聯(lián)性,研究現(xiàn)有修復工具的修復效果是傾向于實現(xiàn)缺陷容忍還是缺陷排除。此外,本文還提出了缺陷復雜程度和錯誤深度的概念,通過缺陷所涉及的代碼數(shù)來簡單表示缺陷的復雜程度,以及通過從缺陷到失效所經(jīng)過的傳播鏈的長度和缺陷所影響的錯誤傳播鏈的數(shù)量來定義程序中所包含錯誤的深度,并分析統(tǒng)計了缺陷的復雜程度、錯誤深度與最終修復效果(生成補丁是屬于缺陷容忍還是缺陷排除?)之間的關(guān)聯(lián)程度。分析結(jié)果表明,現(xiàn)有程序自動化修復工具更多地是以缺陷容忍方式而不是缺陷排除方式來修復目標程序,缺陷的復雜程度越低、錯誤深度越小,就越可能通過缺陷排除的方式進行修復,反之,則只能通過缺陷容忍的方式進行修復。2)提出了基于測試用例聚類的缺陷定位技術(shù)優(yōu)化方法基于程序譜的缺陷定位技術(shù)(SFL)是目前最為流行的一種缺陷定位技術(shù),然而由于其是根據(jù)測試用例集來進行統(tǒng)計定位缺陷的,它的定位精度必然受到巧合正確性現(xiàn)象(coincidental correctness)的影響。巧合正確性是指在測試用例執(zhí)行過程中,缺陷所在代碼被執(zhí)行,但缺陷并未被激活或錯誤的傳播并未導致失效的情況,由于sfl是根據(jù)執(zhí)行測試用例所覆蓋的代碼以及執(zhí)行結(jié)果來統(tǒng)計得到各個程序代碼為缺陷所在的可疑度,巧合正確的測試用例越多,其定位缺陷的精度就越受影響。本文通過對部分缺陷程序進行缺陷定位實驗,觀察到在巧合正確的測試用例之間,測試用例執(zhí)行過程中的錯誤的傳播鏈之間具有很高的相似性,基于這個觀測結(jié)果,假設(shè)在執(zhí)行所有巧合正確的測試用例時,其行為之間均具有很高的相似度,并提出了一種基于聚類分析的缺陷定位優(yōu)化方法tsar(testcaseselectionandreconsitution),通過將測試用例進行聚類,并基于聚類來構(gòu)建新的覆蓋矩陣來進行缺陷定位的可疑度計算,從而盡可能地削弱巧合正確性現(xiàn)象對sfl的定位精度的影響。實驗結(jié)果表明,在大部分情況下,通過tsar能有效提高sfl的定位精度。3)提出了基于可疑代碼集過濾的程序自動修復技術(shù)優(yōu)化方法目前,自動化的程序修復技術(shù)往往是通過修改一處或多處的代碼來產(chǎn)生修復補丁,這些可進行修改的代碼集合通常是通過缺陷定位技術(shù)來得到的,且被稱為可疑代碼集。然而,現(xiàn)有的可疑代碼集中往往包含大量與成功修復無關(guān)的代碼,這些代碼影響了自動修復的效率。本文提出了一種過濾可疑代碼集中無用代碼的方法sfcsf(suspiciousfaultycodesnippetfiltering),在保證修復成功率的同時可以有效地減少可疑代碼集的大小。sfcsf依托于基于程序譜的缺陷定位(sbfl)技術(shù)來獲得各個代碼的可疑值�；阱e誤的傳播鏈,sfcsf只從可疑代碼集中過濾出在錯誤傳播鏈上那些可疑值即將發(fā)生變化的節(jié)點處代碼作為過濾后的可疑代碼集進行自動修復。實驗結(jié)果表明了sfcsf在大多數(shù)情況下能夠大大提高了自動修復工具的修復效率,但同時,sfcsf的有效性也受到了測試用例集的制約:程序譜過于相似的測試用例集將使得sfcsf失效。4)提出了基于測試用例分組的迭代修復技術(shù)在補丁驗證階段,自動化的程序修復技術(shù)往往使用測試用例集來驗證所生成補丁的有效性:只有使得所有測試用例的執(zhí)行結(jié)果均正確的補丁才是正確的修復補丁。這種驗證方式表明現(xiàn)有的自動化的程序修復技術(shù)仍是基于缺陷排除的思想來生成并驗證補丁的,而忽略了部分修復的可能性。而本文之前的研究表明,修復結(jié)果大部分是缺陷容忍的。自動修復技術(shù)的目標與結(jié)果之間的矛盾性使得修復的成功率和效率受到很大影響,特別是針對復雜缺陷,現(xiàn)有的自動修復技術(shù)的修復效果并不理想。本文從實現(xiàn)缺陷容忍的角度出發(fā),提出了一種基于測試用例分組的迭代修復方法,該方法根據(jù)測試用例的代碼執(zhí)行信息將測試用例進行分組,并基于迭代的方式對程序進行修復:每次迭代的目標在于生成能夠滿足一組或多組測試用例的中間補丁,通過多次迭代,最終獲得滿足所有測試用例的修復補丁。實驗結(jié)果顯示,本文方法能夠大大提高對程序缺陷特別是復雜缺陷的修復能力。
[Abstract]:As an inevitable product in the process of software system design and maintenance, defects are increasing with the scale and complexity of the software system. It is important to automate the positioning and repair work of software defects to improve the efficiency of software debugging and the quality of software. A lot of progress has been made in the research of high efficiency, accurate defect location and automatic repair technology. However, due to the complexity of the mechanism of software defects, the current defect location and automatic repair technology still faces great challenges. Based on the error propagation process in the software execution process, the existing defect positioning technology is used in this paper. And the repair effect of automatic repair technology based on defect location is studied and analyzed, and aiming at three aspects of defect location, patch generation and patch validation, the defect location optimization technology based on test case clustering is studied, the automatic repair technique based on the suspicious code set filtering and the iterative repair technique based on the test case grouping are also studied. A series of optimization techniques to improve the ability of defect location and automatic repair are proposed, and the effectiveness of these optimization techniques is verified by scientific statistics and measurement methods. The main research work and innovation points of this paper are as follows: 1) tolerance from defect tolerance. From the point of view of the defect elimination, the restoration effect of the existing automatic program repair tools is analyzed in the research field. Defect tolerance and defect elimination are the two main types of ways to improve the reliability and security of the software. The existing automatic program repair tools are focused on the repair of the target program by the patch generated. By collecting two mainstream software auto repair tools: Genprog and CETI repair patches, this paper analyzes the relationship between the code modified in the repair patches and the software defects in the target program, and studies the repair effect of the existing repair tools. In addition, the concept of defect complexity and error depth is also proposed, the complexity of the defect is simply expressed by the code number involved in the defect, and the number of error propagation chains influenced by the length and defect of the propagation chain passed from the defect to the failure. The depth of the error is included in the program, and the degree of correlation between the complexity of the defect, the error depth and the final repair effect (the patch is a defect tolerance or the defect exclusion?). The analysis results show that the existing program automation repair tools are more in the way of defect tolerance rather than defect exclusion. To repair the target program, the lower the complexity of the defect and the smaller the error depth, the more likely it is to repair the defect through the method of defect exclusion. On the contrary, the defect location technology can only be repaired.2). The defect location technology based on the program spectrum based defect location technology (SFL) is the most important method based on the test case clustering. A popular defect location technique, however, because it is based on a test case set to make a statistical location defect, its positioning accuracy is bound to be affected by the coincidence correctness (coincidental correctness). The error propagation does not lead to the failure situation, because SFL is based on the code covered by the execution test case and the execution result to count the doubtful degree of the defects in each program code. The more the correct test cases are coincidental, the more the accuracy of the location defect is affected. In a bit experiment, a high similarity between the error propagation chains in the execution of a test case is observed between the coincidentally correct test cases. Based on this observation result, it is assumed that when all the coincidental test cases are executed, their behavior has a very high similarity, and a lack of clustering analysis is proposed. The settlement optimization method Tsar (testcaseselectionandreconsitution), by clustering the test cases and constructing a new coverage matrix based on clustering to calculate the doubtful degree of the defect location, so as to weaken the effect of the coincidence accuracy to the positioning accuracy of the SFL as much as possible. Tsar can improve the positioning accuracy of SFL effectively.3.) a new method of automatic repair technology optimization based on suspicious code set filtering is proposed. The automated program repair technology is often created by modifying one or more codes to produce repair patches. It is known as a suspicious code set. However, the existing suspicious code sets often contain a large number of codes unrelated to successful repair. These codes affect the efficiency of automatic repair. This paper proposes a method sfcsf (suspiciousfaultycodesnippetfiltering) for filtering suspicious code centralized useless code, which ensures the success rate of repair. At the same time, the size of the suspicious code set can be effectively reduced by.Sfcsf based on the program spectrum based defect location (sbfl) technology to obtain the suspicious values of each code. Based on the error propagation chain, the sfcsf only filters out the code of the nodes that are about to change on the wrong propagation chain from the suspicious code set as a filter. The experimental results show that sfcsf can greatly improve the repair efficiency of the auto repair tool in most cases, but at the same time, the effectiveness of the sfcsf is also restricted by the test case set: the test case set which is too similar to the program spectrum will make the sfcsf failure.4) put forward the iterations based on the test case grouping. In the patch validation phase, the automated program repair technology often uses a test case set to verify the validity of the generated patch: only the patch that makes all the test cases correctly executed is the correct fix patch. This validation means that some automated program repair techniques are still based on the existing automated repair techniques. The idea of defect exclusion to generate and verify patches and ignore the possibility of partial repair. The previous study shows that most of the restoration results are tolerable. The contradiction between the target and the result of the automatic repair technology makes the success rate and efficiency of the repair greatly affected, especially for the complex defects. In this paper, an iterative repair method based on test case grouping is proposed from the point of view of defect tolerance. This method is based on the code execution information of the test case to group the test cases and repair the program based on the iterative method: the target of each iteration is at the end of each iteration. Yu Shengcheng is able to meet a set of intermediate patches for a group of test cases or multiple sets of test cases, and through multiple iterations, the final patch that meets all test cases is finally obtained. The experimental results show that this method can greatly improve the ability to repair program defects, especially complex defects.

【學位授予單位】：國防科學技術(shù)大學
【學位級別】：博士
【學位授予年份】：2016
【分類號】：TP311.53

【相似文獻】

相關(guān)期刊論文 前10條

1 葉鋼;李重文;余丹;馬世龍;;基于非參數(shù)假設(shè)檢驗的程序缺陷定位方法[J];北京航空航天大學學報;2012年08期

2 葉鋼;余丹;李重文;李先軍;尹杰;呂江花;馬世龍;;一種基于Kolmogorov-Smirnov檢驗的缺陷定位方法[J];計算機研究與發(fā)展;2013年04期

3 丁暉;陳林;錢巨;許蕾;徐寶文;;一種基于信息量的缺陷定位方法[J];軟件學報;2013年07期

4 杜懋暢,張進安;光子探測光纖缺陷定位的實驗研究[J];電子學報;1981年01期

5 潘偉偉;張波;鄭勇軍;史崢;嚴曉浪;;一種改進的測試芯片的設(shè)計方法[J];電路與系統(tǒng)學報;2013年02期

6 何杰;;手機軟件APP在配網(wǎng)巡視中的應(yīng)用[J];電子世界;2014年10期

7 郝鵬;鄭征;張震宇;高乙超;宮成;薛云志;;基于謂詞執(zhí)行信息分析的自適應(yīng)缺陷定位算法[J];計算機學報;2014年03期

8 李偉;鄭征;郝鵬;高乙超;饒培峰;宮成;;基于謂詞執(zhí)行序列的軟件缺陷定位算法[J];計算機學報;2013年12期

9 劉卉芳;王召巴;陳友興;;合金彈頭超聲檢測缺陷定位方法研究[J];山西電子技術(shù);2010年06期

10 蔡虹;黃霞;;一種基于聚類算法的缺陷語句定位技術(shù)[J];山東大學學報(工學版);2012年06期

相關(guān)會議論文 前3條

1 盛佩軍;;斜面探傷中的缺陷定位修正及實際應(yīng)用[A];2007'湖北·武漢NDT學術(shù)年會論文集[C];2007年

2 賈社民;沈功田;吳彥;;索道鋼絲繩無損檢測和缺陷定位[A];北京機械工程學會2008年優(yōu)秀論文集[C];2008年

3 賈社民;沈功田;吳彥;;索道鋼絲繩無損檢測和缺陷定位[A];第四屆十三省區(qū)市機械工程學會科技論壇暨2008海南機械科技論壇論文集[C];2008年

相關(guān)博士學位論文 前1條

1 李唯實;基于傳播鏈的缺陷定位及修復技術(shù)研究[D];國防科學技術(shù)大學;2016年

相關(guān)碩士學位論文 前10條

1 張曉紅;基于頻譜的軟件缺陷定位方法的研究[D];南京郵電大學;2015年

2 施小燕;基于條件概率公式的缺陷定位問題研究[D];南京大學;2013年

3 童燕翔;基于Bug Report的降噪和缺陷定位研究[D];南京航空航天大學;2016年

4 張鵬;多缺陷和多線程缺陷定位技術(shù)研究[D];國防科學技術(shù)大學;2014年

5 唐啟鋒;基于模型結(jié)合的缺陷定位研究[D];南京大學;2012年

6 雷晏;基于迭代反饋的缺陷定位技術(shù)研究[D];國防科學技術(shù)大學;2010年

7 貢亮;軟件頻譜缺陷定位技術(shù)的研究[D];清華大學;2013年

8 王志銀;鋁合金薄板焊縫的超聲檢測與缺陷定位[D];哈爾濱工業(yè)大學;2008年

9 楊飛;X射線數(shù)字成像中的缺陷定位檢測技術(shù)研究[D];華北工學院;2003年

10 張軍輝;鈦合金焊接結(jié)構(gòu)缺陷檢測與定位方法[D];哈爾濱工業(yè)大學;2008年

，

本文編號：1780530