摘要:Modern Software is often exposed to security accidents primarily due to malicious hackings takingadvantage of defects and vulnerabilities residing in source code. Recent technological advance andcommercial success of static-analysis tools have made it possible for software developers to use the toolsand detect safety defects and security vulnerabilities before release. Despite the advantages of static codeanalysis, the developers tend to avoid using it because of the immoderate false negatives and positives. Inthis paper, we propose an effective method of automatically generating test codes for static-analysis toolsbased on mutation testing techniques. In fact, several false-negatives of commercially released a staticanalysis tool were found by this method.
