Static Code Analysis Patterns

Loop Construct

Static program analysis¹⁴¹ is used to eliminate certain coding errors that may lead to abnormal software behavior. Therefore, it is naturally a part of software diagnostics but at source code level. Our goal here is to identify certain patterns directly linkable to patterns we see in memory dumps and software logs and collect them into a catalog. One such pattern candidate covers conditional and unconditional loops, for example, in one of modern languages:

extern bool soonToBeTrue;
int mediumValue = ...;

while (true)
{
  TRACE("Waiting");
  sleep(mediumValue);
  if (soonToBeTrue)
  {
    break;
  }
  doHeavyWork();
}

while (--pControl->aFewPasses)
{
  TRACE("Waiting");
  sleep(mediumValue);
  doHeavyWork();
}

Such loops may potentially lead to Spiking Thread (Volume 1, page 305) memory dump analysis and High Message Current and Density (Volume 4, page 335) trace analysis patterns. Of course, we shouldn't suspect every loop but only some that have potential to be altered by Local Buffer Overflow (Volume 1, page 460, for mediumValue) or Shared Buffer Overwrite (Volume 5, page 120, for Control.aFewPasses) or by a race condition (soonToBeTrue).

We expect things to get more interesting when we start associating source code that uses certain API with patterns of abnormal behavior.

¹⁴¹ http://en.wikipedia.org/wiki/Static_program_analysis