International Symposium on Software Testing and An
International Symposium on Software Testing and Analysis Year 2017 Peer-reviewed
BibTeX PDF
Programming Languages · Static Analysis

Just-in-Time Static Analysis

Lisa Nguyen Quang Do Karim Ali Benjamin Livshits Eric Bodden Justin Smith Emerson Murphy-Hill
2017
Publication year
ISSTA
Venue
Peer-reviewed
Type
§ Abstract

Problem

We present the concept of Just-In-Time (JIT) static analysis that interleaves code development and bug fxing in an integrated devel- opment environment. Unlike traditional batch-style analysis tools, a JIT analysis tool presents warnings to code developers over time, providing the most relevant results quickly, and computing less rel- evant results incrementally later.

Approach

In this paper, we describe general guidelines for designing JIT analyses. We also present a general recipe for transforming static data-fow analyses to JIT analyses through a concept of layered analysis execution.

Results

We illustrate this transformation through Cheetah, a JIT taint analysis for Android applications. Our empirical evaluation of Cheetah on real-world applications shows that our approach returns warnings quickly enough to avoid disrupting the normal workfow of developers. This result is confrmed by our user study, in which developers fxed data leaks twice as fast when using Cheetah compared to an equivalent batch-style analysis.

Cite this paper — BibTeX 
@inproceedings{jit17-issta,
  title = "Just-in-Time Static Analysis",
  author = "Lisa Nguyen Quang Do and  Karim Ali and Benjamin Livshits and Eric Bodden and Justin Smith and Emerson Murphy-Hill",
  year = {2017},
  booktitle = {International Symposium on Software Testing and Analysis}
}
Copied