假阳性和假阴性
[英]False Positive and False Negative
问题描述
In static analysis, is there any examples explaining false negative and false positive ?
在静态分析中,是否有任何示例可以解释false negative和false positive ?
For the null dereference analysis ?对于空解引用分析?
1 个解决方案
解决方案1
2 2020-02-26 16:36:38
A false positive in general is when something is detected (ie "positive") when it's not there (ie "false").误报通常是指在不存在(即“假”)的情况下检测到(即“阳性”)。
A false negative in general is when something is not detected (ie "negative") when it is really there.假阴性通常是当某物确实存在时未检测到(即“阴性”)。
For null dereference analysis that means:对于空解引用分析,这意味着:
- a false positive is when it tells you that there is a potential null pointer dereference when in fact that can never happen at runtime.误报是它告诉您存在潜在的空指针取消引用,而实际上这在运行时永远不会发生。
- a false negative is when it fails to tell you about a potential null pointer dereference that can actually happen at runtime.错误否定是当它无法告诉您实际上可能在运行时发生的潜在空指针取消引用时。
For example, consider this method:例如,考虑这个方法:
public void frobnicate(Object foo) {
int hash = foo.hashCode(); // line #1
int hash2 = foo.hashCode(); // line #2
}
If the analysis tells you that there's a potential null pointer dereference at the line labelled "#2", then it is wrong because when execution reaches that point, foo can not be null.如果分析告诉您在标记为“#2”的行处存在潜在的空指针取消引用,那么这是错误的,因为当执行到达该点时, foo不能为空。 Therefore such a notification would be considered a false positive.因此,此类通知将被视为误报。
If the analysis fails to tells you that there's a potentital null pointer dereference at the line labelled "#1" then it would also be wrong, because foo can clearly be null at that point.如果分析未能告诉您在标记为“#1”的行处存在潜在的空指针取消引用,那么它也将是错误的,因为foo在该点显然可以为null 。 That would be a false negative.那将是一个假阴性。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.