Abstract:
In open source software, it is known that there are many concurrenc ybugs. A previous study in Go revealed that a considerable number of such bugs are simple (for example, 9% of the bugs are the ones that forget to unlock a mutex,) through a manual program investigation. This paper tries to detect such bugs by applying a simple analysis in order to see how far such a tool can match the manual analysis. We built a simple intraprocedural control flow analysis in Go, and evaluated its performance with respect to the open source programs with concurrency bugs reported in the previous study. Consequently, as for quality, the recall is good at 88% and the precision is poor at 60%, and as for analysis time, it can be finished within practical amount of time (for example, 1 second per 5000 LoC).
Reference:
How Many Mutex Bugs can a Simple Analysis Find in Go Programs? (Fumi Takeuchi, Hidehiko Masuhara, Raffi Khatchadourian, Youyou Cong and Keisuke Ishibashi), In Proceedings of the 39th JSSST Annual Conference (Shimpei Hayashi, ed.), 2022.
Bibtex Entry:
@inproceedings{takeuchi2022jssst,
organization = {{J}apan Society for Software Science and Technology
({JSSST})},
month = aug,
url = {https://jssst2022.wordpress.com/program/},
date = {2022-08-31},
location = {Nanzan University / Online},
editor = {Shimpei Hayashi},
year = 2022,
howpublished = {The 39th JSSST Annual Conference},
booktitle = {Proceedings of the 39th JSSST Annual Conference},
author = {Fumi Takeuchi and Hidehiko Masuhara and Raffi Khatchadourian and Youyou Cong and Keisuke Ishibashi},
title = {How Many Mutex Bugs can a Simple Analysis Find in {Go} Programs?},
pdf = {jssst2022-23.pdf},
abstract = {In open source software, it is known that there are many concurrenc ybugs. A previous study in Go revealed that a considerable number of such bugs are simple (for example, 9\% of the bugs are the ones that forget to unlock a mutex,) through a manual program investigation. This paper tries to detect such bugs by applying a simple analysis in order to see how far such a tool can match the manual analysis. We built a simple intraprocedural control flow analysis in Go, and evaluated its performance with respect to the open source programs with concurrency bugs reported in the previous study. Consequently, as for quality, the recall is good at 88\% and the precision is poor at 60\%, and as for analysis time, it can be finished within practical amount of time (for example, 1 second per 5000 LoC).}
}