Prioritizing Warning Categories by Analyzing Software History
MSR '07 Proceedings of the Fourth International Workshop on Mining Software Repositories
Which warnings should I fix first?
Proceedings of the the 6th joint meeting of the European software engineering conference and the ACM SIGSOFT symposium on The foundations of software engineering
Dependability for high-tech systems: an industry-as-laboratory approach
Proceedings of the conference on Design, automation and test in Europe
Proceedings of the Second ACM-IEEE international symposium on Empirical software engineering and measurement
Automatic construction of an effective training set for prioritizing static analysis warnings
Proceedings of the IEEE/ACM international conference on Automated software engineering
Information and Software Technology
Frequency estimation of virtual call targets for object-oriented programs
Proceedings of the 25th European conference on Object-oriented programming
Dynamically validating static memory leak warnings
Proceedings of the 2013 International Symposium on Software Testing and Analysis
A comparative evaluation of static analysis actionable alert identification techniques
Proceedings of the 9th International Conference on Predictive Models in Software Engineering
Hi-index | 0.00 |
Static software checking tools are useful as an additional automated software inspection step that can easily be integrated in the development cycle and assist in creating secure, reliable and high quality code. However, an often quoted disadvantage of these tools is that they generate an overly large number of warnings, including many false positives due to the approximate analysis techniques. This information overload effectively limits their usefulness. In this paper we present ELAN, a technique that helps the user prioritize the information generated by a software inspection tool, based on a demand-driven computation of the likelihood that execution reaches the locations for which warnings are reported. This analysis is orthogonal to other prioritization techniques known from literature, such as severity levels and statistical analysis to reduce false positives. We evaluate feasibility of our technique using a number of case studies and assess the quality of our predictions by comparing them to actual values obtained by dynamic profiling.