M.S. Final Oral Exam: Xiuyuan Guo

Xiuyuan Guo
Monday, May 8, 2023 - 2:00pm
Event Type: 

A Study of Static Warning Cascading Tools (Experience Paper)

Static analysis is widely used for software assurance. However, static analysis tools can report an overwhelming number of warnings, many of which are false positives. Applying static analysis to a new version, a large number of warnings can be only relevant to the old version. Inspecting these warnings is a waste of time and can prevent developers from finding the new bugs in the new version. In this paper, we report the challenges of cascading warnings generated from two versions of programs. We investigated program differencing tools and extent them to perform warning cascading automatically. Specifically, we used textual based diff tool, namely SCALe, abstract syntax tree (AST) based diff tool, namely GumTree, and control flow graph (CFG) based diff tool, namely Hydrogen. We reported our experience of applying these tools and hopefully our findings can provide developers understandings of pros and cons of each approach. In our evaluation, we used 96 pairs of benchmark programs that we know groundtruth bugs and fixes as well as 12 pairs of real-world opensource projects. Our tools and data are available at https: //github.com/WarningCas/WarningCascading_Data.

ACM Reference Format: Anonymous Author(s). 2023. A Study of Static Warning Cascading Tools (Experience Paper). In Proceedings of ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2023). ACM, New York, NY, USA, 11 pages. https: //doi.org/10.1145/nnnnnnn.nnnnnnn

Committee: Wei Le (major professor), Simanta Mitra, Wensheng Zhang

Join on Zoom: https://iastate.zoom.us/j/94392981253