Abstract
Static program analysis complements traditional dynamic testing by discovering generic patterns and relations in source code, which indicate software deficiencies such as memory corruption, unexpected program behavior and memory leaks. Since static program analysis builds on approximations of a programʼs concrete behavior there is often a trade-off between reporting potential bugs that might be the result of an over-approximation and silently suppressing those defects in that grey area. While this trade-off is less important for small files it has severe implications when facing large software packages, i.e., 1,000,000 LoC and more. In this work we report on experiences with using our static C/C++ analyzer Goanna on such large software systems, motivate why a flexible property specification language is vital, and present a number of decisions that had to be made to select the right checks as well as a sensible reporting strategy. We illustrate our findings by empirical data obtained from regularly analyzing the Firefox source code.
Original language | English |
---|---|
Pages (from-to) | 17-32 |
Number of pages | 16 |
Journal | Electronic Notes in Theoretical Computer Science |
Volume | 266 |
DOIs | |
Publication status | Published - 12 Oct 2010 |
Externally published | Yes |
Event | 3rd International Workshop on Harnessing Theories for Tool Support in Software, TTSS 2009 - Universiti Kebangsaan Malaysia (UKM), Kuala Lumpur, Malaysia Duration: 17 Aug 2009 → 17 Aug 2009 |
Bibliographical note
Copyright the Publisher 2010. Version archived for private and non-commercial use with the permission of the author/s and according to publisher conditions. For further rights please contact the publisher.Keywords
- Source code analysis
- Static analysis
- C/C++
- False positive reduction
- Case study
- Firefox