Write a Blog >>
ICSE 2020
Mon 5 - Sun 11 October 2020 Yongsan-gu, Seoul, South Korea
Tue 6 Oct 2020 14:20 - 14:40 at TBD6 - Static Analysis 2

Static analyses have problems modelling dynamic language features soundly while retaining acceptable precision. The problem is well-understood in theory, but there is little evidence on how this impacts the analysis of real-world programs. We have studied this issue for call graph construction on a set of \datasetsize real-world Java programs using an oracle of actual program behaviour recorded from executions of built-in and synthesised test cases with high coverage, have measured the recall that is being achieved by various static analysis algorithms and configurations, and investigated which language features lead to static analysis false negatives.

We report that (1) the median recall is 0.884 suggesting that standard static analyses have significant gaps with respect to the proportion of the program modelled (2) built-in tests are significantly better to expose dynamic program behaviour than synthesised tests (3) adding precision to the static analysis has little impact on recall indicating that those are separate concerns (4) state-of-the-art support for dynamic language features can significantly improve recall (the median observed is 0.935), but it comes with a hefty performance penalty, and (5) the main sources of unsoundness are not reflective method invocations, but objects allocated or accessed via native methods, and invocations initiated by the JVM, without matching call sites in the program under analysis.

These results provide some novel insights into the interaction between static and dynamic program analyses that can be used to assess the utility of static analyse results and to guide the development of future static and hybrid analyses.

Tue 6 Oct

14:00 - 15:40: Paper Presentations - Static Analysis 2 at TBD6
icse-2020-papers14:00 - 14:20
Ramanathan RamuIowa State University, Ganesha UpadhyayaHarmony.one, Hoan Anh NguyenAmazon, Hridesh RajanIowa State University
icse-2020-papers14:20 - 14:40
Li SuiMassey University, New Zealand, Jens DietrichVictoria University of Wellington, Amjed TahirMassey University, George FourtounisUniversity of Athens
icse-2020-papers14:40 - 15:00
Manuel BenzUniversity of Paderborn, Erik Krogh KristensenAarhus University, Denmark, Linghui LuoPaderborn University, Nataniel Borges Jr.CISPA Helmholtz Center for Information Security, Eric BoddenHeinz Nixdorf Institut, Paderborn University and Fraunhofer IEM, Andreas ZellerCISPA Helmholtz Center for Information Security
File Attached
Demonstrations15:00 - 15:10
Hiroaki YoshidaFujitsu Laboratories of America, Inc., Rohan BavishiUC Berkeley, Keisuke HottaFujitsu Laboratories Ltd., Yusuke NemotoFujitsu Laboratories Ltd., Mukul PrasadFujitsu Laboratories of America, Inc, Shinji KikuchiFujitsu Laboratories Ltd.
icse-2020-Journal-First15:10 - 15:25
Roman HaasCQSE GmbH, Rainer NiedermayrCQSE GmbH, Tobias RoehmCQSE GmbH, Sven ApelSaarland University
icse-2020-Journal-First15:25 - 15:40
Andreas DannPaderborn University, Ben HermannPaderborn University, Eric BoddenHeinz Nixdorf Institut, Paderborn University and Fraunhofer IEM