Open AccessIMPROVING THE PRECISION OF FLOW-SENSITIVE LIFETIME ANALYSIS
Author(s) -
Gábor Horväth,
Norbert Pataki
Publication year - 2020
Publication title -
acta electrotechnica et informatica
Language(s) - English
Resource type - Journals
eISSN - 1338-3957
pISSN - 1335-8243
DOI - 10.15546/aeei-2020-0020
Subject(s) - false positive paradox , computer science , data flow analysis , coding (social sciences) , filter (signal processing) , open source , data mining , source code , sensitivity (control systems) , computer security , data flow diagram , programming language , artificial intelligence , software , database , statistics , engineering , computer vision , mathematics , electronic engineering
Object lifetimes are a common source of bugs in C++ that can cause crashes, unexpected behavior, or even security vulnerabilities. Herb Sutter, the chair of the C++ standard committee proposed a flow-sensitive analysis to catch lifetime errors statically. Sadly, this analysis is prone to false positives unless the author follows some specific guidelines. We developed mitigations to eliminate some classes of false positives to make it easier to write conforming code. The first mitigation fixes a common false positive from a frequently used coding pattern by introducing local path-sensitivity. The second one is a filter based on reaching definitions and dominance algorithms to remove reports that might be the result of analyzing infeasible paths. We tested the effectiveness of the methods on the open source Google Fuchsia project.