Fade to grey: tuning static program analysis

Ansgar Fehnker, Ralf Huuck, Sean Seefried, Michael Tapp

Research output: Contribution to journalArticlepeer-review

6 Citations (Scopus)
25 Downloads (Pure)

Abstract

Static program analysis complements traditional dynamic testing by discovering generic patterns and relations in source code, which indicate software deficiencies such as memory corruption, unexpected program behavior and memory leaks. Since static program analysis builds on approximations of a programʼs concrete behavior there is often a trade-off between reporting potential bugs that might be the result of an over-approximation and silently suppressing those defects in that grey area. While this trade-off is less important for small files it has severe implications when facing large software packages, i.e., 1,000,000 LoC and more. In this work we report on experiences with using our static C/C++ analyzer Goanna on such large software systems, motivate why a flexible property specification language is vital, and present a number of decisions that had to be made to select the right checks as well as a sensible reporting strategy. We illustrate our findings by empirical data obtained from regularly analyzing the Firefox source code.
Original languageEnglish
Pages (from-to)17-32
Number of pages16
JournalElectronic Notes in Theoretical Computer Science
Volume266
DOIs
Publication statusPublished - 12 Oct 2010
Externally publishedYes
Event3rd International Workshop on Harnessing Theories for Tool Support in Software, TTSS 2009 - Universiti Kebangsaan Malaysia (UKM), Kuala Lumpur, Malaysia
Duration: 17 Aug 200917 Aug 2009

Bibliographical note

Copyright the Publisher 2010. Version archived for private and non-commercial use with the permission of the author/s and according to publisher conditions. For further rights please contact the publisher.

Keywords

  • Source code analysis
  • Static analysis
  • C/C++
  • False positive reduction
  • Case study
  • Firefox

Fingerprint

Dive into the research topics of 'Fade to grey: tuning static program analysis'. Together they form a unique fingerprint.

Cite this