Write a Blog >>
ICSE 2020
Wed 24 June - Thu 16 July 2020
Sat 11 Jul 2020 01:05 - 01:17 at Baekje - P28-Analysis and Verification Chair(s): Rahul Purandare

Static analysis is a proven technique for ensuring software quality automatically catching bugs early during development. However, analysis tooling must approximate, both theoretically and in the interest of practicality. False positives are a pervading manifestation of such approximations–tool configuration and customization is therefore crucial for usability and directing analysis behavior. To suppress false positives, developers readily disable bug checks or insert comments that suppress spurious bug reports. Existing work shows that these mechanisms fall short of developer needs and present a significant pain point for using or adopting analyses. We draw on the insight that an analysis user always has one notable ability to influence analysis behavior regardless of analysis options and implementation: modifying their program. Indeed, developers find that they can effectively suppress false positives by changing their code slightly; this exercise is however manual, ad-hoc, and can introduce awkward or redundant code. We present a new technique for automated, generic, and temporary code changes that tailor to suppress spurious analysis errors. We adopt a rule-based approach where simple, declarative templates describe general syntactic changes for code patterns that are known to be problematic for the analyzer. Our technique promotes program transformation as a general primitive for improving the fidelity of analysis reports (we treat any given analyzer as a black box). Our evaluation is the first systematic study to broadly demonstrate the applicability and benefits of this technique and perspective: we evaluate using five different static analyzers supporting three different languages (C, Java, and PHP) on large, real world programs (>800KLOC). We show that our approach is effective in sidestepping long-standing and complex issues in analysis implementations.

Sat 11 Jul
Times are displayed in time zone: (UTC) Coordinated Universal Time change

01:05 - 02:05: Paper Presentations - P28-Analysis and Verification at Baekje
Chair(s): Rahul PurandareIIIT-Delhi
icse-2020-papers01:05 - 01:17
Rijnard van TonderSourcegraph, Claire Le GouesCarnegie Mellon University
Demonstrations01:17 - 01:20
Hiroaki YoshidaFujitsu Laboratories of America, Inc., Rohan BavishiUC Berkeley, Keisuke HottaFujitsu Laboratories Ltd., Yusuke NemotoFujitsu Laboratories Ltd., Mukul PrasadFujitsu Laboratories of America, Inc, Shinji KikuchiFujitsu Laboratories Ltd.
icse-2020-papers01:20 - 01:32
Ramanathan RamuIowa State University, Ganesha UpadhyayaHarmony.one, Hoan Anh NguyenAmazon, Hridesh RajanIowa State University, USA
icse-2020-papers01:32 - 01:44
Li SuiMassey University, New Zealand, Jens DietrichVictoria University of Wellington, Amjed TahirMassey University, George FourtounisUniversity of Athens
icse-2020-Software-Engineering-in-Practice01:44 - 01:56
Chetan BansalMicrosoft Research, Sundararajan RenganathanStanford University, Ashima AsudaniMicrosoft, Olivier MidyMicrosoft, Mathru JanakiramanAmazon
Demonstrations01:56 - 01:59
Kush JainThe University of Texas at Austin, Karl PalmskogKTH Royal Institute of Technology, Ahmet CelikFacebook, Inc., Emilio JesĂşs Gallego AriasINRIA, Milos GligoricThe University of Texas at Austin