Fade to Grey: Tuning Static Program Analysis

Authors:
Ansgar Fehnker;Ralf Huuck;Sean Seefried;Michael Tapp
Affiliations:
National ICT Australia Ltd. (NICTA), Locked Bag 6016, University of New South Wales, Sydney NSW 1466, Australia;National ICT Australia Ltd. (NICTA), Locked Bag 6016, University of New South Wales, Sydney NSW 1466, Australia;National ICT Australia Ltd. (NICTA), Locked Bag 6016, University of New South Wales, Sydney NSW 1466, Australia;National ICT Australia Ltd. (NICTA), Locked Bag 6016, University of New South Wales, Sydney NSW 1466, Australia
Venue:
Electronic Notes in Theoretical Computer Science (ENTCS)
Year:
2010

Citing 10
Cited 0

Principles of Program Analysis

Principles of Program Analysis
Specification and verification of concurrent systems in CESAR

Proceedings of the 5th Colloquium on International Symposium on Programming
NuSMV 2: An OpenSource Tool for Symbolic Model Checking

CAV '02 Proceedings of the 14th International Conference on Computer Aided Verification
Design and Synthesis of Synchronization Skeletons Using Branching-Time Temporal Logic

Logic of Programs, Workshop
SABER: smart analysis based error reduction

ISSTA '04 Proceedings of the 2004 ACM SIGSOFT international symposium on Software testing and analysis
Testing static analysis tools using exploitable buffer overflows from open source code

Proceedings of the 12th ACM SIGSOFT twelfth international symposium on Foundations of software engineering
Evaluating and tuning a static analysis to find null pointer bugs

PASTE '05 Proceedings of the 6th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
Checking system rules using system-specific, programmer-written compiler extensions

OSDI'00 Proceedings of the 4th conference on Symposium on Operating System Design & Implementation - Volume 4
Evaluating static analysis defect warnings on production software

PASTE '07 Proceedings of the 7th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
Model Checking Software at Compile Time

TASE '07 Proceedings of the First Joint IEEE/IFIP Symposium on Theoretical Aspects of Software Engineering

Quantified Score

Hi-index	0.00

Visualization

Abstract

Static program analysis complements traditional dynamic testing by discovering generic patterns and relations in source code, which indicate software deficiencies such as memory corruption, unexpected program behavior and memory leaks. Since static program analysis builds on approximations of a program@?s concrete behavior there is often a trade-off between reporting potential bugs that might be the result of an over-approximation and silently suppressing those defects in that grey area. While this trade-off is less important for small files it has severe implications when facing large software packages, i.e., 1,000,000 LoC and more. In this work we report on experiences with using our static C/C++ analyzer Goanna on such large software systems, motivate why a flexible property specification language is vital, and present a number of decisions that had to be made to select the right checks as well as a sensible reporting strategy. We illustrate our findings by empirical data obtained from regularly analyzing the Firefox source code.