Reducing static analysis alarms based on non-impacting control dependencies

Tukaram Muske, Rohith Talluri, Alexander Serebrenik

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

6 Citations (Scopus)

Abstract

Static analysis tools help to detect programming errors but generate a large number of alarms. Repositioning of alarms is recently proposed technique to reduce the number of alarms by replacing a group of similar alarms with a small number of newly created representative alarms. However, the technique fails to replace a group of similar alarms with a fewer representative alarms mainly when the immediately enclosing conditional statements of the alarms are different and not nested. This limitation is due to conservative assumption that a conditional statement of an alarm may prevent the alarm from being an error. To address the limitation above, we introduce the notion of non-impacting control dependencies (NCDs). An NCD of an alarm is a transitive control dependency of the alarm’s program point, that does not affect whether the alarm is an error. We approximate the computation of NCDs based on the alarms that are similar, and then reposition the similar alarms by considering the effect of their NCDs. The NCD-based repositioning allows to merge more similar alarms together and represent them by a small number of representative alarms than the state-of-the-art repositioning technique. Thus, it can be expected to further reduce the number of alarms. To measure the reduction obtained, we evaluate the NCD-based repositioning using total 105,546 alarms generated on 16 open source C applications, 11 industry C applications, and 5 industry COBOL applications. The evaluation results indicate that, compared to the state-of-the-art repositioning technique, the NCD-based repositioning reduces the number of alarms respectively by up to 23.57%, 29.77%, and 36.09%. The median reductions are 9.02%, 17.18%, and 28.61%, respectively.
Original languageEnglish
Title of host publicationProgramming Languages and Systems
Subtitle of host publication17th Asian Symposium, APLAS 2019, Nusa Dua, Bali, Indonesia, December 1–4, 2019, Proceedings
EditorsAnthony Widjaja Lin
Place of PublicationCham
PublisherSpringer
Pages115-135
Number of pages21
ISBN (Electronic)978-3-030-34175-6
ISBN (Print)978-3-030-34174-9
DOIs
Publication statusPublished - 18 Nov 2019
Event17th Asian Symposium on Programming Languages and Systems, (APLAS 2019) - Bali, Indonesia
Duration: 1 Dec 20194 Dec 2019
Conference number: 17
https://conf.researchr.org/home/aplas-2019

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume11893 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference17th Asian Symposium on Programming Languages and Systems, (APLAS 2019)
Abbreviated titleAPLAS2019
Country/TerritoryIndonesia
CityBali
Period1/12/194/12/19
Internet address

Fingerprint

Dive into the research topics of 'Reducing static analysis alarms based on non-impacting control dependencies'. Together they form a unique fingerprint.

Cite this