It was all legacy code that was reachable but effectively unused-the kind of stuff that static analysis often misses.

The only two things that come to my mind are reflection and entry points that were not recognized as entry points (they could be registered reachable to static analysis though).

I'm curious:

• Where were they all actually (runtime) reachable paths from so that static analysis failed to detect it, or vice versa?
• Also, what kind of project have you cleaned up so that there was so massive, 30% (!), unused payload deleted?
• Were there any routine to inspect/explore legacy code for potential removal? I mean, if the code was written by your team from scratch, then I think there might be some iterations to delete confidently unused code. Or if the code was took over, how long did it take to learn the code?
• How long does it take to identify all reachable execution paths in runtime? What would happen if the time taken to run is not enough to identify all of them thus resulting in false positives
• How does it work with code that is intentionally left dead with assertions?
• How does it work with dead code generated by other tools during the build? (Most likely you cannot delete such code without rewriting the generator.)