Write a Blog >>
ICSE 2020
Wed 24 June - Thu 16 July 2020
Sat 11 Jul 2020 01:32 - 01:44 at Baekje - P28-Analysis and Verification Chair(s): Rahul Purandare

Static analyses have problems modelling dynamic language features soundly while retaining acceptable precision. The problem is well-understood in theory, but there is little evidence on how this impacts the analysis of real-world programs. We have studied this issue for call graph construction on a set of \datasetsize real-world Java programs using an oracle of actual program behaviour recorded from executions of built-in and synthesised test cases with high coverage, have measured the recall that is being achieved by various static analysis algorithms and configurations, and investigated which language features lead to static analysis false negatives.

We report that (1) the median recall is 0.884 suggesting that standard static analyses have significant gaps with respect to the proportion of the program modelled (2) built-in tests are significantly better to expose dynamic program behaviour than synthesised tests (3) adding precision to the static analysis has little impact on recall indicating that those are separate concerns (4) state-of-the-art support for dynamic language features can significantly improve recall (the median observed is 0.935), but it comes with a hefty performance penalty, and (5) the main sources of unsoundness are not reflective method invocations, but objects allocated or accessed via native methods, and invocations initiated by the JVM, without matching call sites in the program under analysis.

These results provide some novel insights into the interaction between static and dynamic program analyses that can be used to assess the utility of static analyse results and to guide the development of future static and hybrid analyses.

Sat 11 Jul

Displayed time zone: (UTC) Coordinated Universal Time change

01:05 - 02:05
P28-Analysis and VerificationSoftware Engineering in Practice / Technical Papers / Demonstrations at Baekje
Chair(s): Rahul Purandare IIIT-Delhi
01:05
12m
Talk
Tailoring Programs for Static Analysis via Program TransformationTechnicalArtifact Available
Technical Papers
Rijnard van Tonder Sourcegraph, Claire Le Goues Carnegie Mellon University
01:17
3m
Talk
Phoenix: A Tool for Automated Data-Driven Synthesis of Repairs for Static Analysis ViolationsDemo
Demonstrations
Hiroaki Yoshida Fujitsu Laboratories of America, Inc., Rohan Bavishi UC Berkeley, Keisuke Hotta Fujitsu Laboratories Ltd., Yusuke Nemoto Fujitsu Laboratories Ltd., Mukul Prasad Fujitsu Laboratories of America, Shinji Kikuchi Fujitsu Laboratories Ltd.
01:20
12m
Talk
BCFA: Bespoke Control Flow Analysis for CFA at ScaleTechnical
Technical Papers
Ramanathan Ramu Iowa State University, Ganesha Upadhyaya Harmony.one, Hoan Anh Nguyen Amazon, Hridesh Rajan Iowa State University, USA
01:32
12m
Talk
On the Recall of Static Call Graph Construction in PracticeArtifact ReusableTechnicalArtifact Available
Technical Papers
Li Sui Massey University, New Zealand, Jens Dietrich Victoria University of Wellington, Amjed Tahir Massey University, George Fourtounis University of Athens
Pre-print
01:44
12m
Talk
DeCaf: Diagnosing & Triaging Performance Issues in Large-Scale Cloud ServicesSEIP
Software Engineering in Practice
Chetan Bansal Microsoft Research, Sundararajan Renganathan Stanford University, Ashima Asudani Microsoft, Olivier Midy Microsoft, Mathru Janakiraman Amazon
Pre-print
01:56
3m
Talk
mCoq: Mutation Analysis for Coq Verification ProjectsDemo
Demonstrations
Kush Jain The University of Texas at Austin, Karl Palmskog KTH Royal Institute of Technology, Ahmet Celik Facebook, Inc., Emilio Jesús Gallego Arias INRIA, Milos Gligoric The University of Texas at Austin