Effective interactive resolution of static analysis alarms

Abstract

We propose an interactive approach to resolve static analysis alarms. Our approach synergistically combines a sound but imprecise analysis with precise but unsound heuristics, through user interaction. In each iteration, it solves an optimization problem to find a set of questions for the user such that the expected payoff is maximized. We have implemented our approach in a tool, Ursa, that enables interactive alarm resolution for any analysis specified in the declarative logic programming language Datalog. We demonstrate the effectiveness of Ursa on a state-of-the-art static datarace analysis using a suite of 8 Java programs comprising 41-194 KLOC each. Ursa is able to eliminate 74% of the false alarms per benchmark with an average payoff of 12× per question. Moreover, Ursa prioritizes user effort effectively by posing questions that yield high payoffs earlier.

Document Details

Document Type
Pub Defense Publication
Publication Date
Oct 12, 2017
Source ID
10.1145/3133881

Entities

People

  • Mayur Naik
  • Radu Grigore
  • Xin Zhang
  • Xujie Si

Organizations

  • Defense Advanced Research Projects Agency
  • Georgia Tech
  • National Science Foundation
  • University of Kent
  • University of Pennsylvania

Tags

Fields of Study

  • Computer science

Readers

  • Distributed Systems and Data Platform Development
  • Operations Research
  • Positioning, Navigation, and Timing (PNT) Technology.