Detection of Dead Function Calls as Source Code Defects through Static Analysis

Detection of dead code (i.e. the code which is executed, but does not affect an observable program behavior) is commonly used by compilers as a part of optimization techniques for redundant code elimination. At the same time dead function calls might be seen as a kind of program source code defects, which may point to serious program logic faults. We describe a new detector for this kind of issues developed as a part of Svace static defect detection tool, as well as the specific cases, which should be filtered out for practical detection of dead functions calls as program errors in contrast to their formal definition.

1. Aho A. V., Lam M. S., Sethi R., Ullman J. D. Compilers: Principles, techniques, and tools (2 ed.). Addison Wesley, Boston, 2007, p. 535.

2. [gcc.git] / gcc / tree-call-cdce.cc: Conditional Dead Call Elimination pass for the GNU compiler. Available at: https://gcc.gnu.org/git/?p=gcc.git;f=gcc/tree-call-cdce.cc;hb=refs/heads/master, accessed 19.02.2024.

3. Common Weakness Enumeration (CWE™) – CWE-561: Dead Code. Available at: https://cwe.mitre.org/data/definitions/561.html, accessed 19.02.2024.

4. Belevantsev A., Borodin A., Dudina I., Ignatiev V., Izbyshev A., Polyakov S., Zhurikhin D. Design and Development of Svace Static Analyzers. In 2018 Ivannikov Memorial Workshop (IVMEM), 2018, pp. 3- 9.

5. Borodin A.E., Belevancev A.A. A static analysis tool Svace as a collection of analyzers with various complexity levels. Proceedings of the Institute for System Programming of the RAS, 2015, vol. 27, issue 6, pp. 111-134.

6. Cytron R., Ferrante J., Rosen B. K., Wegman M. N., Zadeck F. K. An efficient method of computing static single assignment form. In Proceedings of the 16th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, 1989, pp. 25-35.

7. Galustov A., Borodin A., Belevantsev A. Devirtualization for static analysis with low level intermediate representation. In 2022 Ivannikov Ispras Open Conference (ISPRAS), 2022, pp. 18-23. DOI: 10.1109/ISPRAS57371.2022.10076859.

8. Borodin, A.E., Dudina, I.A. Intraprocedural Analysis Based on Symbolic Execution for Bug Detection. Programming and Computer Software, 2021, vol. 47, issue 8, pp. 858-865.

9. Mulyukov, R.R., Borodin, A.E. Using unreachable code analysis in static analysis tool for finding defects in source code. Proceedings of the Institute for System Programming of the RAS, 2016, vol. 28, issue 5, pp. 145-158.

10. Klocwork Documentation – C and C++ checker reference – SV.RVT.RETVAL_NOTTESTED: Ignored return value. Available at: https://help.klocwork.com/current/en-us/reference/sv.rvt.retval_nottested.htm, accessed 19.02.2024.

11. SonarSource: Static Analysis Rules. Available at: https://rules.sonarsource.com, accessed 19.02.2024.

12. Splint Manual. 8.4 Suspicious Statements. 8.4.1 Statements with No Effects. 8.4.2 Ignored Return Values. Available at: https://splint.org/manual/manual.html#control, accessed 19.02.2024.

13. Coverity Scan – Success Stories: Sample of Defects found and fixed – ScummVM: USELESS_CAL. Available at: https://scan.coverity.com/o/oss_success_stories/86, accessed 19.02.2024.

14. GitHub: ScummVM repository – commit 95884c3. Available at: https://github.com/scummvm/scummvm/commit/95884c396b667e048af933292f40fc18da2cefd1, accessed 19.02.2024.