An Empirical Study of Nondeterministic Behavior and Its Causes in Static Analysis Tools
It is challenging to test static analysis tools which implement complicated algorithms. The lack of rigorous testing may lead to issues that can undermine the reliability and usability of these tools. This work systematically studies the nondeterministic behavior in static analysis tools to fill in the knowledge gap. First, we follow a rigorous methodology that studies how prevalent are nondeterministic results across a wide variety of static analysis tools under multiple dimensions. Based on the discovered nondeterminism, we then semi-automatically identify and categorize the common factors that cause the nondeterministic results. We have so far applied our methodology to two popular tools, FlowDroid and SOOT. We have detected nondeterminism in 11 configurations in the two tools. Our investigation of the root causes has led to one FlowDroid bug confirmed and fixed by its developers.