Instead of repeatedly re-analyzing from scratch, an incremental static analysis only analyzes a codebase once completely, and then it updates the previous results based on the code changes. While this sounds promising to achieve speed-ups, the reality is that sophisticated static analyses typically employ features that can ruin incremental performance, such as inter-procedurality or context-sensitivity. In this study, we set out to explore whether incrementalization can help to achieve speed-ups for production CodeQL analyses that provide automated feedback on pull requests on GitHub. We first empirically validate the idea by measuring the potential for reuse on real-world codebases, and then we create a prototype incremental solver for CodeQL that exploits incrementality. We report on experimental results showing that we can indeed achieve update times proportional to the size of the code change, and we also discuss the limitations of our prototype.
Tue 5 DecDisplayed time zone: Pacific Time (US & Canada) change
14:00 - 15:30 | Program Analysis IResearch Papers / Demonstrations / Industry Papers at Golden Gate C3 Chair(s): Michael Pradel University of Stuttgart | ||
14:00 15mTalk | An Automated Approach to Extracting Local Variables Research Papers Xiaye Chi Beijing Institute of Technology, Hui Liu Beijing Institute of Technology, Guangjie Li National Innovation Institute of Defense Technology, Weixiao Wang Beijing Institute of Technology, Yunni Xia Chongqing University, Yanjie Jiang Peking University, Yuxia Zhang Beijing Institute of Technology, Weixing Ji Beijing Institute of Technology Media Attached | ||
14:15 15mTalk | Incrementalizing Production CodeQL Analyses Industry Papers Tamás Szabó GitHub Next DOI Media Attached | ||
14:30 15mTalk | Statistical Reachability Analysis Research Papers Seongmin Lee Max Planck Institute for Security and Privacy (MPI-SP), Marcel Böhme Max Planck Institute for Security and Privacy Media Attached | ||
14:45 15mTalk | PPR: Pairwise Program Reduction Research Papers Mengxiao Zhang University of Waterloo, Zhenyang Xu University of Waterloo, Yongqiang Tian The Hong Kong University of Science and Technology; University of Waterloo, Yu Jiang Tsinghua University, Chengnian Sun University of Waterloo Media Attached | ||
15:00 15mTalk | When Function Inlining Meets WebAssembly: Counterintuitive Impacts on Runtime Performance Research Papers Pre-print Media Attached | ||
15:15 7mTalk | Ad Hoc Syntax-Guided Program Reduction Demonstrations Jia Le Tian University of Waterloo, Mengxiao Zhang University of Waterloo, Zhenyang Xu University of Waterloo, Yongqiang Tian The Hong Kong University of Science and Technology; University of Waterloo, Yiwen Dong , Chengnian Sun University of Waterloo Media Attached | ||
