ICSE 2024
Fri 12 - Sun 21 April 2024 Lisbon, Portugal
Thu 18 Apr 2024 14:30 - 14:45 at Luis de Freitas Branco - Analysis 2 Chair(s): Luís Cruz

Numerous third-party libraries introduced into client projects are not actually required, resulting in modern software being gradually bloated. Software developers may spend much unnecessary effort to manage the bloated dependencies: keeping the library versions up-to-date, making sure that heterogeneous licenses are compatible, and resolving dependency conflict or vulnerability issues.

However, the prior debloating techniques can easily produce false alarms of bloated dependencies since they are less effective in analyzing Java reflections. Besides, the solutions given by the existing approaches for removing bloated dependencies may induce new issues that are not conducive to dependency management. To address the above limitations, in this paper, we developed a technique, \textsc{Slimming}, to remove bloated dependencies from software projects reliably. \textsc{Slimming} statically analyzes the Java reflections that are commonly leveraged by popular frameworks (e.g., \emph{Spring Boot}) and resolves the reflective targets via parsing configuration files ({\mycode *.xml}, {\mycode *.yml} and {\mycode *.properties}). By modeling string manipulations, \textsc{Slimming} fully resolves the string arguments of our concerned reflection APIs to identify all the required dependencies. More importantly, it helps developers analyze the debloating solutions by weighing the benefits against the costs of dependency management. Our evaluation results show that the static reflection analysis capability of \textsc{Slimming} outperforms all the other existing techniques with 97.0% of \emph{Precision} and 98.8% of \emph{Recall}. Compared with the prior debloating techniques, \textsc{Slimming} can reliably remove the bloated dependencies with a 100% test passing ratio and improve the rationality of debloating solutions. In our large-scale study in the Maven ecosystem, \textsc{Slimming} reported 484 bloated dependencies to 66 open-source projects. 38 reports (57.6%) have been confirmed by developers.

Thu 18 Apr

Displayed time zone: Lisbon change

14:00 - 15:30
14:00
15m
Talk
RogueOne: Detecting Rogue Updates via Differential Data-flow Analysis Using Trust Domains
Research Track
Raphael J. Sofaer Columbia University, Yaniv David Columbia University, Mingqing Kang Johns Hopkins University, Jianjia Yu Johns Hopkins University, Yinzhi Cao Johns Hopkins University, Junfeng Yang Columbia University, Jason Nieh Columbia University
DOI Pre-print
14:15
15m
Talk
ACAV: A Framework for Automatic Causality Analysis in Autonomous Vehicle Accident Recordings
Research Track
Huijia Sun ShanghaiTech University, China, Chris Poskitt Singapore Management University, Yang Sun Singapore Management University, Jun Sun Singapore Management University, Yuqi Chen ShanghaiTech University, China
Pre-print
14:30
15m
Talk
Efficiently Trimming the Fat: Streamlining Software Dependencies with Java Reflection and Dependency Analysis
Research Track
Xiaohu Song Northeastern University, Ying Wang Northeastern University, Xiao Cheng Huawei Technologies Co., Ltd., Guangtai Liang Huawei Cloud Computing Technologies, Qianxiang Wang Huawei Technologies Co., Ltd, Zhiliang Zhu Northeastern University, China
14:45
7m
Talk
Probabilistic Safe WCET Estimation for Weakly Hard Real-Time Systems at Design Stages
Journal-first Papers
Jaekwon Lee University of Ottawa & University of Luxembourg, Seung Yeob Shin University of Luxembourg, Lionel Briand University of Ottawa, Canada; Lero centre, University of Limerick, Ireland, Shiva Nejati University of Ottawa
14:52
7m
Talk
Are automated static analysis tools worth it? An investigation into relative warning density and external software quality on the example of Apache open source projects
Journal-first Papers
Alexander Trautsch University of Passau, Steffen Herbold University of Passau, Jens Grabowski University of Göttingen
14:59
7m
Talk
Actor-driven Decomposition of Microservices through Multi-level Scalability Assessment
Journal-first Papers
Carmine Colarusso University of Sannio, Benevento, Matteo Camilli Politecnico di Milano, Barbara Russo , Eugenio Zimeo University of Sannio, Benevento
15:06
7m
Talk
TypeEvalPy: A Micro-benchmarking Framework for Python Type Inference Tools
Demonstrations
Ashwin Prasad Shivarpatna Venkatesh University of Paderborn, Samkutty Sabu University of Paderborn, Jiawei Wang Monash University, Amir Mir Delft University of Technology, Li Li Beihang University, Eric Bodden
15:13
7m
Talk
Toward Adaptive Tracing: Efficient System Behavior Analysis using Language Models
New Ideas and Emerging Results
Kasra Darvishi Brock University, Morteza Noferesti Brock University, Naser Ezzati Jivan
Link to publication