Static Analysis


My name is Taras Glek. I have been tasked with working on static analysis tools to automate deCOMtamination, verify code, etc.


C++ is a hard language to parse and no static analysis can be done before Mozilla source code be represented as an abstract syntax tree. My first step was to get the Mozilla trunk parsing with Elsa. With a small fix, Elsa now parses all files needed to build Firefox with -DNS_DISABLE_LITERAL_TEMPLATE (Elsa’s template support is incomplete).

Now that code parses we can move to the next step of writing tools that can analyze the Mozilla AST. These would prove certain parts of code correct or do source-to-source transformations such as the planned patch tool. More applications of static analysis here.
DeCOMtamination of the Gecko core is a time consuming task and is the main candidate for static analysis. I started formalizing the broad tasks collectively referred to as DeCOMtamination into an algorithm that could be implemented. I am prototyping the analysis in O’Caml using the Olmar binding to Elsa. O’Caml is a great language to this task because it has a lot of features for writing compilers and it allows me to load and traverse parts of the AST in an interactive console which greatly speeds up development. I am currently able to process class declarations, graph the class hierarchy into a giant pseudo-UML class diagram and am working on an ability to move class members up from the implementation class into the interface class while adding forward declarations, etc.

Additionally I am involved in garbage collection related analysis that prevents unsafe uses of the garbage collection API and improving LXR precision and functionality via feeding it data from Elsa/Olmar.

Update: This mini-presentation should clarify some of the reasons why we are doing deCOMtamination.

1 comment

  1. Hi,

    I’ve been following mozilla’s development for a few years now, and I’m quite puzzled by this deCOMtamination. I’ve been writing C++ for a few years too but obviously not long enough to understand what exactly this whole plan is about.

    Is there a chance you could explain more thoroughly what you are trying to do ? (I think the hurdle is that I don’t really know what XPCOM really is, what it does and why it’s wrong)

    Thanks for any insight and good luck for your upcoming work 🙂