We present the concept of Just-In-Time (JIT) static analysis that interleaves code development and bug fixing in an integrated development environment. Unlike traditional batch-style analysis tools, a JIT analysis tool presents warnings to code developers over time, providing the most relevant results quickly, and computing less relevant results incrementally later. In this paper, we describe general guidelines for designing JIT analyses. We also present a general recipe for transforming static data-flow analyses to JIT analyses through a concept of layered analysis execution. We illustrate this transformation through Cheetah, a JIT taint analysis for Android applications. Our empirical evaluation of Cheetah on real-world applicati...
Android is a programming language based on Java and an operating system for embedded and mobile devi...
textMany challenges in software quality can be tackled with dynamic analysis. However, these techniq...
This thesis proposes a framework for easy development of static analyses, whose results are incremen...
We present the concept of Just-In-Time (JIT) static analysis that interleaves code development and ...
We present the concept of Just-In-Time (JIT) static analysis that interleaves code development and b...
Current static-analysis tools are often long-running, which causes them to be sidelined into nightly...
Current static-analysis tools are often long-running, which causes them to be sidelined into nightly...
Although software developers are usually reluctant to use static analysis to detect issues in their ...
Developers make use of automation to perform repetitive and potentially error- prone tasks. One such...
Static code analysis is a powerful approach to detect quality deficiencies such as performance bottl...
Abstract This paper tells the story of how our organization introduced static analysis into its soft...
Context: Static analysis exploits techniques that parse program source code or bytecode, often trave...
The use of automatic static analysis has been a software engineering best practice for decades. Howe...
Context: Android is a programming language based on Java and an operating system for embedded and mo...
Static analysis on source code or binary code retrieves information about a software program. In obj...
Android is a programming language based on Java and an operating system for embedded and mobile devi...
textMany challenges in software quality can be tackled with dynamic analysis. However, these techniq...
This thesis proposes a framework for easy development of static analyses, whose results are incremen...
We present the concept of Just-In-Time (JIT) static analysis that interleaves code development and ...
We present the concept of Just-In-Time (JIT) static analysis that interleaves code development and b...
Current static-analysis tools are often long-running, which causes them to be sidelined into nightly...
Current static-analysis tools are often long-running, which causes them to be sidelined into nightly...
Although software developers are usually reluctant to use static analysis to detect issues in their ...
Developers make use of automation to perform repetitive and potentially error- prone tasks. One such...
Static code analysis is a powerful approach to detect quality deficiencies such as performance bottl...
Abstract This paper tells the story of how our organization introduced static analysis into its soft...
Context: Static analysis exploits techniques that parse program source code or bytecode, often trave...
The use of automatic static analysis has been a software engineering best practice for decades. Howe...
Context: Android is a programming language based on Java and an operating system for embedded and mo...
Static analysis on source code or binary code retrieves information about a software program. In obj...
Android is a programming language based on Java and an operating system for embedded and mobile devi...
textMany challenges in software quality can be tackled with dynamic analysis. However, these techniq...
This thesis proposes a framework for easy development of static analyses, whose results are incremen...