An Experimental Evaluation of Deliberate Unsoundness in a Static Program Analyzer
dc.contributor.author
Christakis, Maria
dc.contributor.author
Müller, Peter
dc.contributor.author
Wüstholz, Valentin
dc.date.accessioned
2017-10-27T12:09:54Z
dc.date.available
2017-06-11T09:25:19Z
dc.date.available
2017-10-27T12:09:54Z
dc.date.issued
2014
dc.identifier.uri
http://hdl.handle.net/20.500.11850/85052
dc.identifier.doi
10.3929/ethz-a-010166750
dc.description.abstract
Many practical static analyzers are not completely sound by design. Their designers trade soundness in order to increase automation, improve performance, and reduce the number of false positives or the annotation overhead. However, the impact of such design decisions on the effectiveness of an analyzer is not well understood. In this paper, we report on the first systematic effort to document and evaluate the sources of unsoundness in a static analyzer. We present a code Instrumentation that reflects the sources of deliberate unsoundness in the .NET static analyzer Clousot. We have instrumented code from several open source projects to evaluate how often concrete executions violate Clousot’s unsound assumptions. In our experiments, this was the case in 8–29% of all analyzed methods. Our approach and findings can guide users of static analyzers in using them fruitfully, and designers in finding good trade-offs.
en_US
dc.format
application/pdf
dc.language.iso
en
en_US
dc.publisher
ETH-Zürich
en_US
dc.rights.uri
http://rightsstatements.org/page/InC-NC/1.0/
dc.subject
TESTING + DEBUGGING (SOFTWARE ENGINEERING)
en_US
dc.subject
TESTEN + FEHLERSUCHEN (SOFTWARE ENGINEERING)
en_US
dc.subject
KORREKTHEIT (THEORIE DER PROGRAMMIERUNG)
en_US
dc.subject
CORRECTNESS (THEORY OF PROGRAMMING)
en_US
dc.title
An Experimental Evaluation of Deliberate Unsoundness in a Static Program Analyzer
en_US
dc.type
Report
dc.rights.license
In Copyright - Non-Commercial Use Permitted
dc.date.published
2014
ethz.journal.title
Technical Report / ETH Zurich, Department of Computer Science
ethz.size
Online-Ressource
en_US
ethz.code.ddc
DDC - DDC::0 - Computer science, information & general works::004 - Data processing, computer science
en_US
ethz.notes
Technical Reports D-INFK.
en_US
ethz.identifier.nebis
010166750
ethz.publication.place
Zürich
en_US
ethz.publication.status
published
en_US
ethz.leitzahl
ETH Zürich::00002 - ETH Zürich::00012 - Lehre und Forschung::00007 - Departemente::02150 - Dep. Informatik / Dep. of Computer Science::02664 - Inst. f. Programmiersprachen u. -systeme / Inst. Programming Languages and Systems::03653 - Müller, Peter / Müller, Peter
en_US
ethz.leitzahl
ETH Zürich::00002 - ETH Zürich::00012 - Lehre und Forschung::00007 - Departemente::02150 - Dep. Informatik / Dep. of Computer Science
en_US
ethz.leitzahl.certified
ETH Zürich::00002 - ETH Zürich::00012 - Lehre und Forschung::00007 - Departemente::02150 - Dep. Informatik / Dep. of Computer Science::02664 - Inst. f. Programmiersprachen u. -systeme / Inst. Programming Languages and Systems::03653 - Müller, Peter / Müller, Peter
ethz.date.deposited
2017-06-11T09:28:05Z
ethz.source
ECOL
ethz.source
ECIT
ethz.identifier.importid
imp593651f92bad370174
ethz.identifier.importid
imp59366b5d85ea313233
ethz.ecolpid
eth:8693
ethz.ecitpid
pub:134018
ethz.eth
yes
en_US
ethz.availability
Open access
en_US
ethz.rosetta.installDate
2017-07-25T17:43:56Z
ethz.rosetta.lastUpdated
2021-02-14T19:48:38Z
ethz.rosetta.versionExported
true
ethz.COinS
ctx_ver=Z39.88-2004&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.atitle=An%20Experimental%20Evaluation%20of%20Deliberate%20Unsoundness%20in%20a%20Static%20Program%20Analyzer&rft.jtitle=Technical%20Report%20/%20ETH%20Zurich,%20Department%20of%20Computer%20Science&rft.date=2014&rft.au=Christakis,%20Maria&M%C3%BCller,%20Peter&W%C3%BCstholz,%20Valentin&rft.genre=report&
Files in this item
Publication type
-
Report [6585]