The False False Positives of Static Analysis

Tymchuk, Yuriy (June 2017). The False False Positives of Static Analysis. In: Seminar Series on Advanced Techniques and Tools for Software Evolution SATToSE 2017. Madrid, Spain. 07.-09. Juni 2017.

[img]
Preview
Text
SATToSE_2017_paper_13.pdf - Published Version
Available under License Publisher holds Copyright.

Download (87kB) | Preview

Static analysis tools may produce false positive results, which negatively impact the overall usability of these tools. However, even a correct static analysis report is sometimes classified as a false positive if a developer does not understand it or does not agree with it. Lately developers' classification of false positives is treated on a par with the actual static analysis performance which may distort the knowledge about the real state of static analysis. In this paper we discuss various use cases where a false positive report is not false and the issue is caused by another aspects of static analysis. We provide an in-depth explanation of the issue for each use case followed by recommendations on how to solve it, and thus exemplify the importance of careful false positive classification.

Item Type:

Conference or Workshop Item (Paper)

Division/Institute:

08 Faculty of Science > Institute of Computer Science (INF)
08 Faculty of Science > Institute of Computer Science (INF) > Software Composition Group (SCG)

UniBE Contributor:

Tymchuk, Yuriy

Subjects:

000 Computer science, knowledge & systems
500 Science > 510 Mathematics

Language:

English

Submitter:

Oscar Marius Nierstrasz-Margiotta

Date Deposited:

11 Apr 2018 11:22

Last Modified:

11 Apr 2018 11:22

BORIS DOI:

10.7892/boris.113148

URI:

https://boris.unibe.ch/id/eprint/113148

Actions (login required)

Edit item Edit item
Provide Feedback