Static program analysis: Difference between revisions

; Technology Level: Analysis that takes into account interactions between unit programs to get a more holistic and semantic view of the overall program in order to find issues and avoid obvious false positives. For instance, it is possible to statically analyze the Android technology stack to find permission errors.<ref>{{cite journal |last1=Bartel |first1=Alexandre |last2=Klein |first2=Jacques |last3=Monperrus |first3=Martin |last4=Le Traon |first4=Yves |title=Static Analysis for Extracting Permission Checks of a Large Scale Framework: The Challenges and Solutions for Analyzing Android |journal=IEEE Transactions on Software Engineering |date=1 June 2014 |volume=40 |issue=6 |pages=617–632 |doi=10.1109/tse.2014.2322867 |url=https://hal.archives-ouvertes.fr/hal-01055656/document|arxiv=1408.3976 |s2cid=6563188 }}</ref>

Data-driven static analysis uses large amounts of code to infer coding rules.<ref name="dewes">{{cite web |title=Learning from other's mistakes: Data-driven code analysis. |url=https://www.slideshare.net/japh44/talk-handout-46938511 |website=www.slideshare.net |date=13 April 2015 |language=en}}</ref>{{Better source needed|date=September 2020}} For instance, one can use all Java open-source packages on GitHub to learn a good analysis strategy. The rule inference can use machine learning techniques.<ref name="OhYang2015">{{cite book|last1=Oh|first1=Hakjoo|title=Proceedings of the 2015 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications - OOPSLA 2015|last2=Yang|first2=Hongseok|last3=Yi|first3=Kwangkeun|chapter=Learning a strategy for adapting a program analysis via bayesian optimisation|year=2015|pages=572–588|doi=10.1145/2814270.2814309|isbn=9781450336895|s2cid=13940725|url=https://ora.ox.ac.uk/objects/uuid:f656bcfd-ec1b-477c-9185-ff2c7490a207}}</ref> For instance, it has been shown that when one deviates too much in the way one uses an object-oriented API, it is likely to be a bug.<ref name="MonperrusMezini2013">{{cite journal|last1=Monperrus|first1=Martin|last2=Mezini|first2=Mira|title=Detecting missing method calls as violations of the majority rule|journal=ACM Transactions on Software Engineering and Methodology|volume=22|issue=1|year=2013|pages=1–25|url=https://hal.archives-ouvertes.fr/hal-00702196/document|doi=10.1145/2430536.2430541|arxiv=1306.0762|s2cid=1212778}}</ref> It is also possible to learn from a large amount of past fixes and warnings.<ref name="dewes"/>{{Better source needed|date=September 2020}}

Static analyzers produce warnings. For certain types of warnings, it is possible to design and implement [[Automatic bug fixing|automated remediation]] techniques. For example, Logozzo and Ball have proposed automated remediations for C# ''cccheck''.<ref>{{Cite journal |last1=Logozzo |first1=Francesco |last2=Ball |first2=Thomas |date=2012-11-15 |title=Modular and verified automatic program repair |url=http://dx.doi.org/10.1145/2398857.2384626 |journal=ACM SIGPLAN Notices |volume=47 |issue=10 |pages=133–146 |doi=10.1145/2398857.2384626 |issn=0362-1340}}</ref> and Etemadi and colleagues use program transformation to automatically fix [[SonarQube]]'s warnings.<ref>{{Cite journal |last1=Etemadi Someoliayi |first1=Khashayar |last2=Harrand |first2=Nicolas Yves Maurice |last3=Larsen |first3=Simon |last4=Adzemovic |first4=Haris |last5=Luong Phu |first5=Henry |last6=Verma |first6=Ashutosh |last7=Madeiral |first7=Fernanda |last8=Wikstrom |first8=Douglas |last9=Monperrus |first9=Martin |date=2022 |title=Sorald: Automatic Patch Suggestions for SonarQube Static Analysis Violations |url=https://ieeexplore.ieee.org/document/9756950 |journal=IEEE Transactions on Dependable and Secure Computing |pages=1 |doi=10.1109/TDSC.2022.3167316 |s2cid=232307680 |issn=1545-5971}}</ref>