Practical Static Code Analysis: Challenges, Methods, and Solutions

The Hong Kong University of Science and Technology
Department of Computer Science and Engineering


PhD Thesis Defence


Title: "Practical Static Code Analysis: Challenges, Methods, and Solutions"

By

Mr. Gang FAN


Abstract:

Static code analysis has been proven to be a promising technique for
reducing defects and improving the reliability of software systems.
Applying static code analysis in practice faces many technical and
non-technical challenges. Based on our experiences of commercializing a
static code analysis system, those challenges can be represented as three
hard-tos: hard-to-employ, hard-to-scale, and hard-to-be-recognized. In
this thesis, we present systematic approaches that address these
challenges. We first present a system that automates the whole
build-analysis process, which enables seamlessly analyzing thousands of
different projects on a daily base. Then, we propose two techniques to
scale up and speed up the analyzing process: SMOKE, which is designed for
optimizing the performance for analyzing typestate problems (e.g., memory
leak detection), uses the staged design together with sparse analysis
techniques. Experimental results demonstrated that SMOKE could finish
checking industrial-sized projects, up to 8MLoC, in forty minutes with an
average false positive rate of 24.4%; VeriBuild is an approach to
detecting dependency bugs in build systems. VeriBuild uses static analysis
to complement conventional dynamic approaches for constructing a unified
dependency graph (UDG), which facilitates efficient and precise detecting
dependency errors via simple graph traversals. The experimental results
have demonstrated its good performance in efficiency and precision.
Lastly, we propose a new objective indicator, the "perceived false
positive rate", to better understand the recognization degree of the
analyzing results from users. We also discuss the design choices we have
made to reduce the perceived false positive rate.


Date:                   Wednesday, 19 February 2020

Time:                   2:30pm - 4:30pm

Zoom Meeting:           https://hkust.zoom.com.cn/j/580586583

Chairman:               Prof. Alexis Lau (CIVL)

Committee Members:      Prof. Charles Zhang (Supervisor)
                        Prof. Shing-Chi Cheung
                        Prof. Qiong Luo
                        Prof. Jiang Xu (ECE)
                        Prof. Jianjun Zhao (Kyushu Univ)


**** ALL are Welcome ****