Software products can potentially be very large and complex. Software testing is the process used to measure the quality of developed computer software. Quality may be judged based on a number of metrics, such as correctness, completeness, reliability, number of bugs found, efficiency, and compatibility.
The amount of testing required for a particular software project frequently depends on the target for the deployed software. A developer of game software intended for personal computers, for example, may devote relatively little resources into formal testing of the software. In contrast, the developer of a mission critical application in the healthcare, automotive, or utility industry may require a much more rigorous level of software testing.
One technique for testing software is based on the concept of static verification of the software code. In general, static code verification is an analysis performed without executing the software. Static verification of software code can prove, for example, which operations are free of run-time errors, such as numeric overflows, divisions by zero, buffer overflows, or pointer issues, and identify where run-time errors will or might occur.
In one existing system, static verification is used to classify the code into categories. The categories may include code determined to be good, safe or correct, code determined to have errors, code determined not to be accessible (e.g., dead code or deactivated code), and code for which an error may be present but for which the error could not be conclusively determined (“possible error” code). Code classified as “possible error” represents code that the static verification system could not conclusively determine as including an error. A developer faced with a “possible error” code point may be required to manually review the code to determine if the code will actually cause an error and, if so, to determine what section of the code is the underlying cause of the error.