skip to main content
research-article
Open Access
Artifacts Evaluated & Functional

Effective interactive resolution of static analysis alarms

Published:12 October 2017Publication History
Skip Abstract Section

Abstract

We propose an interactive approach to resolve static analysis alarms. Our approach synergistically combines a sound but imprecise analysis with precise but unsound heuristics, through user interaction. In each iteration, it solves an optimization problem to find a set of questions for the user such that the expected payoff is maximized. We have implemented our approach in a tool, Ursa, that enables interactive alarm resolution for any analysis specified in the declarative logic programming language Datalog. We demonstrate the effectiveness of Ursa on a state-of-the-art static datarace analysis using a suite of 8 Java programs comprising 41-194 KLOC each. Ursa is able to eliminate 74% of the false alarms per benchmark with an average payoff of 12× per question. Moreover, Ursa prioritizes user effort effectively by posing questions that yield high payoffs earlier.

References

  1. 2015. UpWork. http://www.upwork.com . (2015). Accessed: 2015-11-19.Google ScholarGoogle Scholar
  2. Nathaniel Ayewah, David Hovemeyer, J. David Morgenthaler, John Penix, and William Pugh. 2008. Using static analysis to find bugs. IEEE Software (2008).Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. Thomas Ball, Mayur Naik, and Sriram K. Rajamani. 2003. From symptom to cause: localizing errors in counterexample traces. In POPL. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Osbert Bastani, Saswat Anand, and Alex Aiken. 2015. Specification inference using context-free language reachability. In POPL . Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. Al Bessey, Ken Block, Benjamin Chelf, Andy Chou, Bryan Fulton, Seth Hallem, Charles-Henri Gros, Asya Kamsky, Scott McPeak, and Dawson R. Engler. 2010. A few billion lines of code later: using static analysis to find bugs in the real world. Commun. ACM (2010).Google ScholarGoogle Scholar
  6. Sam Blackshear and Shuvendu Lahiri. 2013. Almost-correct specifications: a modular semantic framework for assigning confidence to warnings. In PLDI. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. Tom Copeland. 2005. PMD applied. (2005).Google ScholarGoogle Scholar
  8. Isil Dillig, Thomas Dillig, and Alex Aiken. 2012. Automated error diagnosis using abductive inference. In PLDI. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. Lisa Nguyen Quang Do, Karim Ali, Benjamin Livshits, Eric Bodden, Justin Smith, and Emerson Murphy-Hill. 2017. Just-intime static analysis. In ISSTA.Google ScholarGoogle Scholar
  10. Michael D. Ernst, Jake Cockrell, William G. Griswold, and David Notkin. 2001. Dynamically discovering likely program invariants to support program evolution. IEEE Trans. Software Eng. (2001).Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. Gurobi Optimization, Inc. 2016. Gurobi optimizer reference manual. http://www.gurobi.com . (2016).Google ScholarGoogle Scholar
  12. Seth Hallem, Benjamin Chelf, Yichen Xie, and Dawson R. Engler. 2002. A system and language for building system-specific, static analyses. In PLDI. Google ScholarGoogle ScholarCross RefCross Ref
  13. James A. Jones and Mary Jean Harrold. 2005. Empirical evaluation of the tarantula automatic fault-localization technique. In ASE. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. James A. Jones, Mary Jean Harrold, and John T. Stasko. 2002. Visualization of test information to assist fault localization. In ICSE . Google ScholarGoogle ScholarCross RefCross Ref
  15. Herbert Jordan, Bernhard Scholz, and Pavle Subotic. 2016. Soufflé: on synthesis of program analyzers. In CAV. Google ScholarGoogle ScholarCross RefCross Ref
  16. Yungbum Jung, Jaehwang Kim, Jaeho Shin, and Kwangkeun Yi. 2005. Taming false alarms from a domain-unaware C analyzer by a bayesian statistical post analysis. In SAS.Google ScholarGoogle Scholar
  17. Ted Kremenek, Ken Ashcraft, Junfeng Yang, and Dawson Engler. 2004. Correlation exploitation in error ranking. In FSE. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. Ted Kremenek and Dawson Engler. 2003. Z-Ranking: using statistical analysis to counter the impact of static analysis approximations. In SAS.Google ScholarGoogle Scholar
  19. Wei Le and Mary Lou Soffa. 2010. Path-based Fault Correlations. In FSE. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. Woosuk Lee, Wonchan Lee, and Kwangkeun Yi. 2012. Sound non-statistical clustering of static analysis alarms. In VMCAI. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. Ondrej Lhoták. 2002. Spark: A flexible points-to analysis framework for Java. (2002).Google ScholarGoogle Scholar
  22. Ben Liblit, Mayur Naik, Alice X. Zheng, Alexander Aiken, and Michael I. Jordan. 2005. Scalable statistical bug isolation. In PLDI . Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. Benjamin Livshits, Manu Sridharan, Yannis Smaragdakis, Ondrej Lhoták, José Nelson Amaral, Bor-Yuh Evan Chang, Samuel Z. Guyer, Uday P. Khedker, Anders Møller, and Dimitrios Vardoulakis. 2015. In defense of soundiness: a manifesto. CACM (2015).Google ScholarGoogle Scholar
  24. Magnus Madsen, Ming-Ho Yee, and Ondrej Lhoták. 2016. From Datalog to Flix: a declarative language for fixed points on lattices. In PLDI. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. Ravi Mangal, Xin Zhang, Aditya V. Nori, and Mayur Naik. 2015. A user-guided approach to program analysis. In FSE. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. Mayur Naik. 2006. Chord: A Program Analysis Platform for Java. http://jchord.googlecode.com/ . (2006).Google ScholarGoogle Scholar
  27. Mayur Naik, Alex Aiken, and John Whaley. 2006. Effective static race detection for Java. In PLDI. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. Mayur Naik, Hongseok Yang, Ghila Castelnuovo, and Mooly Sagiv. 2012. Abstractions from tests. In POPL. Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. Greg Nelson and Derek C. Oppen. 1979. Simplification by cooperating decision procedures. ACM TOPLAS (1979).Google ScholarGoogle Scholar
  30. Hakjoo Oh, Wonchan Lee, Kihong Heo, Hongseok Yang, and Kwangkeun Yi. 2016. Selective X-sensitive analysis guided by impact pre-analysis. ACM TOPLAS (2016).Google ScholarGoogle Scholar
  31. Oded Padon, Kenneth McMillan, Aurojit Panda, Mooly Sagiv, and Sharon Shoham. 2016. Ivy: safety verification by interactive generalization. In PLDI. Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. Christos H. Papadimitriou. 1981. On the complexity of integer programming. J. ACM (1981).Google ScholarGoogle Scholar
  33. J. Ross Quinlan. 1993. C4.5: Programs for Machine Learning. Morgan Kaufmann.Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. Manos Renieris and Steven P. Reiss. 2003. Fault localization with nearest neighbor queries. In ASE. Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. Henry Gordon Rice. 1953. Classes of recursively enumerable sets and their decision problems. Trans. Amer. Math. Soc. (1953).Google ScholarGoogle Scholar
  36. Yannis Smaragdakis and Martin Bravenboer. 2010. Using Datalog for fast and easy program analysis. In Datalog 2.0 Workshop .Google ScholarGoogle Scholar
  37. Yannis Smaragdakis, George Kastrinis, and George Balatsouras. 2014. Introspective analysis: context-sensitivity, across the board. In PLDI. Google ScholarGoogle ScholarDigital LibraryDigital Library
  38. Daniel von Dincklage and Amer Diwan. 2009. Optimizing programs with intended semantics. In OOPSLA. Google ScholarGoogle ScholarDigital LibraryDigital Library
  39. Daniel von Dincklage and Amer Diwan. 2011. Integrating program analyses with programmer productivity tools. Softw., Pract. Exper. (2011).Google ScholarGoogle Scholar
  40. Shiyi Wei, Omer Tripp, Barbara G. Ryder, and Julian Dolby. 2016. Revamping JavaScript static analysis via localization and remediation of root causes of imprecision. In FSE. Google ScholarGoogle ScholarDigital LibraryDigital Library
  41. John Whaley, Dzintars Avots, Michael Carbin, and Monica S. Lam. 2005. Using Datalog with binary decision diagrams for program analysis. In APLAS. Google ScholarGoogle ScholarDigital LibraryDigital Library
  42. Xin Zhang, Ravi Mangal, Radu Grigore, Mayur Naik, and Hongseok Yang. 2014. On abstraction refinement for program analyses in Datalog. In PLDI. Google ScholarGoogle ScholarDigital LibraryDigital Library
  43. Haiyan Zhu, Thomas Dillig, and Isil Dillig. 2013. Automated inference of library specifications for source-sink property verification. In APLAS 2013. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Effective interactive resolution of static analysis alarms

      Recommendations

      Comments

      Login options

      Check if you have access through your login credentials or your institution to get full access on this article.

      Sign in

      Full Access

      PDF Format

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader
      About Cookies On This Site

      We use cookies to ensure that we give you the best experience on our website.

      Learn more

      Got it!