Using unreachable code analysis in static analysis tool for finding defects in source code

The goal of finding unreachable code is to report warnings about possible bugs in the source code and an increase of other analyses accuracy. The paper describes unreachable code classification and approaches for finding unreachable code in C/C++ programs. We described three data-flow analysis problems: value interval analysis, excluded value analysis, predicate analysis. Solutions for these problems are used to detect redundant expressions in conditional statements. We described common occurrences of useless warnings. The algorithms are implemented in the Svace tool that is developed by ISP RAS. The results are evaluated for open source projects Android-5.02 and Tizen-2.3. They represent the number of found warnings and its intersection.

static analysis, unreachable code, data-flow analysis, Svace, defects in source code

1. A.I. Avetisjan, A.E. Borodin. [Mechanisms for extending the system of static analysis Svace by new types of detectors of vulnerabilities and critical errors]. Trudy ISP RAN/Proc. ISP RAS volume 21, 2011, pp. 39–54 (in Russian).

2. A.I. Avetisjan, A.A. Belevantsev, A.E. Borodin, V.S. Nesov. [Using static analysis for searching vulnerabilities and critical errors in the source code of programs]. Trudy ISP RAN/Proc. ISP RAS, volume 21, 2011, pp. 23–38 (in Russian).

3. Ivannikov V. P., Belevantsev A. A., Borodin A. E. et al. Static analyzer Svace for finding defects in a source program code. Programming and Computer Software. 2014. Vol. 40, no. 5. P. 265–275. 5. DOI: 10.1134/S0361768814050041

4. Borodin A., Belevancev A. [A Static Analysis Tool Svace as a Collection of Analyzers with Various Complexity Levels]. Trudy ISP RAN/Proc. ISP RAS, vol. 27, issue 6, 2015, pp. 111-134 (in Russian). DOI: 10.15514/ISPRAS-2015-27(6)-8

5. Y.I. Shokin. Interval analysis. Novisibirsk – Science, 1981.

6. P. Cousot and R. Cousot. Comparing the Galois connection and widening/narrowing approaches to abstract interpretation. In Proc. Int. Workshop on Programming Language Implementation and Logic Programming, volume 631 of LNCS, pages 269–295. Springer-Verlag, 1992.