Back to overview

The False False Positives of Static Analysis

Type of publication Peer-reviewed
Publikationsform Proceedings (peer-reviewed)
Author Tymchuk Yuriy,
Project Agile Software Analysis
Show all

Proceedings (peer-reviewed)

Title of proceedings SATToSE'17: Pre-Proceedings of the 10th International Seminar Series on Advanced Techniques & Tools for Software Evolution

Open Access

Type of Open Access Website


Static analysis tools may produce false positive results, which negatively impact the overall usability of these tools. However, even a correct static analysis report is sometimes classified as a false positive if a developer does not understand it or does not agree with it. Lately developers' classification of false positives is treated on a par with the actual static analysis performance which may distort the knowledge about the real state of static analysis. In this paper we discuss various use cases where a false positive report is not false and the issue is caused by another aspects of static analysis. We provide an in-depth explanation of the issue for each use case followed by recommendations on how to solve it, and thus exemplify the importance of careful false positive classification.