One of the known computer programming error detection methods is referred to as “static analysis” since computer instructions making up computer program code are analyzed outside the context of the behaviour resulting from the execution of those instructions.
In many cases, source code static analysis tools perform inter-procedural dataflow analysis to detect programming errors in a computer program. To do so, such static analysis tools need to analyze functions which are called at one or more points in a computer program. Source code is the category of computer language instructions that is frequently written and read by software programmers. However, a computer cannot generally run a program in source code form. Typically, in order to be executed by a computer processor, source code is translated, with the use of an assembler or compiler, into a language form that contains instructions to the computer known as object code.
In an object oriented programming language (OOP), a virtual function is a function whose behaviour varies depending on the object runtime type. While some functions are non-virtual and thus the dataflow can easily be traced, the use of virtual functions can potentially make dataflow analysis difficult to track because it is unknown at the compile time which implementation of a virtual function (also known as a virtual method) will be called and how the state of the computer program will be transformed after the call.
Source code static analysis tools generally do not consider the behaviour of a virtual function once it has been called. Instead, such tools generally only verify whether the syntax of the call to the virtual function meets the requirements of the computer language of the computer program code under review. As a result, when virtual functions are used in computer program code, it can be difficult for a static analysis tool to perform a correct or precise analysis. Some tools process virtual function calls when it is possible to identify at the compile time that although the function is virtual, only one implementation could be used. Well known methods like Static Class Hierarchy Analysis or Rapid Type Analysis could be used for that purpose.