Samenvatting
Nowadays, many developers heavily rely on feedback from bug-detection tools to help ensure the quality of the code they produce. Such tools are underlain by static analysis. It is, however, critical for analysis results to be produced fast. To this end, incremental static analysis can be used. Upon a program change, an incremental analysis updates the previous results rather than recomputing the results from scratch.
Incremental static analyses may suffer from cyclic reinforcement of lattice values, where the computation of some values within the analysis relies on the values themselves, due to the abstractions made by the analysis. This can cause the incremental analysis to produce less precise results, reducing its usability.
In this work, we provide a solution to cyclic reinforcement of lattice values for incremental dependency-driven analyses. We compute the information flow within the analysis and show how this information flow can be used to detect cyclic reinforcements. We establish a criterion to detect when a cyclic reinforcement contains outdated information that needs to be removed, and show how precision can be regained. Our results show that using our method, an incremental analysis produces results matching a from-scratch analysis for all but one benchmark program, at the cost of a performance hit in some cases.
Incremental static analyses may suffer from cyclic reinforcement of lattice values, where the computation of some values within the analysis relies on the values themselves, due to the abstractions made by the analysis. This can cause the incremental analysis to produce less precise results, reducing its usability.
In this work, we provide a solution to cyclic reinforcement of lattice values for incremental dependency-driven analyses. We compute the information flow within the analysis and show how this information flow can be used to detect cyclic reinforcements. We establish a criterion to detect when a cyclic reinforcement contains outdated information that needs to be removed, and show how precision can be regained. Our results show that using our method, an incremental analysis produces results matching a from-scratch analysis for all but one benchmark program, at the cost of a performance hit in some cases.
| Originele taal-2 | English |
|---|---|
| Titel | 2025 IEEE International Conference on Source Code Analysis and Manipulation (SCAM 2025) |
| Uitgeverij | IEEE |
| Pagina's | 13-24 |
| Aantal pagina's | 11 |
| ISBN van elektronische versie | 979-8-3315-9698-9 |
| ISBN van geprinte versie | 979-8-3315-9699-6 |
| DOI's | |
| Status | Published - okt. 2025 |
| Evenement | 25th IEEE International Conference on Source Code Analysis and Manipulation (SCAM 2025) - The University of Auckland, Auckland, New Zealand Duur: 8 sep. 2025 → 9 sep. 2025 Congresnummer: 25 https://conf.researchr.org/home/scam-2025 |
Publicatie series
| Naam | Proceedings IEEE International Conference on Source Code Analysis and Manipulation |
|---|---|
| Uitgeverij | IEEE |
| ISSN van geprinte versie | 1942-5430 |
| ISSN van elektronische versie | 2470-6892 |
Conference
| Conference | 25th IEEE International Conference on Source Code Analysis and Manipulation (SCAM 2025) |
|---|---|
| Verkorte titel | SCAM 2025 |
| Land/Regio | New Zealand |
| Stad | Auckland |
| Periode | 8/09/25 → 9/09/25 |
| Internet adres |
Bibliografische nota
Publisher Copyright:© 2025 IEEE.
Vingerafdruk
Duik in de onderzoeksthema's van 'Handling Cyclic Reinforcement of Lattice Values in Incremental Dependency-driven Static Analysis'. Samen vormen ze een unieke vingerafdruk.Projecten
- 1 Actief
-
VLAAI2: Cybersecurity Onderzoeksprogramma Vlaanderen – tweede cyclus
De Meuter, W. (Administrative Promotor), Braeken, A. (CoI (Co-Promotor)), Devriese, D. (Co-Promoter), Gonzalez Boix, E. (Co-Promoter) & De Roover, C. (Co-Promoter)
1/01/24 → 31/12/28
Project: Toegepast
Citeer dit
- APA
- Author
- BIBTEX
- Harvard
- Standard
- RIS
- Vancouver