Taras’ Blog

Static analysis can be a very fun pastime. One gets to sift through giant codebases looking for interesting clues, what could be more fun? A couple things qualify: a) static analysis accompanied by cool rewrites b) static analysis accompanied by cool visualizations. Cool Rewrite Michael Wu’s boolcheck tool is awesome. He wrote it to check [...]

I was invited to present a Galois tech talk on Mozilla static analysis. It was really cool to give a talk locally to such an expert audience. I was surprised to discover a vibrant Programming Languages + Analysis community in Portland. Edward Z. Yang did an excellent write-up on the talk. PLDi Robert O’Callahan mentioned [...]

A really good ACM article about static analysis from Coverity’s perspective has been making rounds in Mozilla. What struck me most was the following paragraph: At the most basic level, errors found with little analysis are often better than errors found with deeper tricks. A good error is probable, a true error, easy to diagnose; [...]

Mozilla has static analyses built into the buildsystem that can be turned on with –with-static-checking= flag. The analyses live in xpcom/analyses directory. The testcases (aka documentation) are in xpcom/tests/static-checker. Analyses are implemented in either Dehydra or Treehydra and run within a patched GCC 4.3. The currently landed checks are: final.js: Java-like “final” keyword for C++ [...]

Cool thing about static analysis is that you can ask painful-for-humans questions about your codebase AND have them answered. Here are two that got answered by Ehren: Where do function bodies continue after return statements (ie obviously dead/broken code)? Bug 535646. How many functions in Mozilla could/should be marked static? Bug 536427. Awesome!