Advertisement

Unleashing the Power of Static Analysis

  • Manuvir Das
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4134)

Abstract

The last few years have seen a surge of activity in the static analysis community on the application of static analysis to program verification and defect detection. Researchers have long believed in the benefit of exposing and fixing potential defects in a program before it is ever run, especially when the program can be made correct by construction, as in the case of compiler-enforced type systems. But every static analysis tool (other than a compiler’s type checker) ever built, no matter how precise, suffers from the same fatal flaw in the eyes of the programmer: Defect reports do not come with known user scenarios that expose the defects. Therefore, programmers have been loathe to examine and fix defect reports produced by static analysis tools as a routine part of the software development process. In spite of recent advancements in analysis techniques, there are no papers we are aware of that report programmers fixing more than a few dozen defects.

Keywords

Defect Detection Software Development Process Graph Reachability Static Analysis Tool Defect Report 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. 1.
    Cousot, P., Cousot, R.: Abstract interpretation: A unified lattice model for static analysis of programs by construction or approximation of fixpoints. In: Proceedings of the ACM Symposium on Principles of Programming Languages (POPL) (1977)Google Scholar
  2. 2.
    Reps, T., Horwitz, S., Sagiv, M.: Precise interprocedural data flow analysis via graph reachability. In: Proceedings of the ACM Symposium on Principles of Programming Languages (POPL) (1995)Google Scholar
  3. 3.
    Das, M.: Unification-based pointer analysis with directional assignments. In: ACM SIGPLAN 2000 Conference on Programming Language Design and Implementation (PLDI) (2000)Google Scholar
  4. 4.
    Flanagan, C., Leino, K.R.M., Lillibridge, M., Nelson, G., Saxe, J.B., Stata, R.: Extended Static Checking for Java. In: Proceedings of the ACM SIGPLAN 2002 Conference on Programming Language Design and Implementation (2002)Google Scholar
  5. 5.
    Dor, N., Rodeh, M., Sagiv, M.: CSSV: Towards a realistic tool for statically detecting all buffer overflows in C. In: Proceedings of the SIGPLAN 2003 Conference on Programming Language Design and Implementation (2003)Google Scholar
  6. 6.
    Bush, W.R., Pincus, J.D., Sielaff, D.J.: A static analyzer for finding dynamic programming errors. Software - Practice and Experience 30(7), 775–802 (2000)CrossRefMATHGoogle Scholar
  7. 7.
    Das, M., Lerner, S., Seigle, M.: ESP: Path-sensitive program verification in polynomial time. In: ACM SIGPLAN 2002 Conference on Programming Language Design and Implementation (PLDI) (2002)Google Scholar
  8. 8.
    Dor, N., Adams, S., Das, M., Yang, Z.: Software validation via scalable path-sensitive value flow analysis. In: Proceedings of the International Symposium on Software Testing and Analysis (ISSTA) (2004)Google Scholar
  9. 9.
    Hackett, B., Das, M., Wang, D., Yang, Z.: Modular checking of buffer overflows in the large. In: 28th International Conference on Software Engineering (2006)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Manuvir Das
    • 1
  1. 1.Program Analysis Group, Center for Software ExcellenceMicrosoft Corporation 

Personalised recommendations