Options
2015
Report
Titel
Toward a just-in-time static analysis
Titel Supplements
TUD-CS-2015-1167
Abstract
Despite years if not decades of research and development on static analysis tools, industrial adaption of much of this tooling remains spotty. Some of this is due to familiar shortcomings with the tooling itself: the effect of false positives on developer satisfaction is well known. However, in this paper, we argue that static-analysis results often run against some cognitive barriers. In other words, the developer is not able to grasp the results easily, leading to higher abandonment rates for analysis tools. In this paper, we propose to improve the current situation with the idea of Just-In-Time (JIT) analyses. In a JIT analysis, results are presented to the user in order of difficulty, starting with easy-to- fix warnings. These warnings are designed to gently train" the developer and prepare them for reasoning about and xing more complex bugs. The analysis itself is designed to operate in layers, so that the next layer of results is being computed while the previous one is being examined. The desired effect is that static-analysis results are available just-in-time, with the developer never needing to wait for them to be computed.