English
Related papers

Related papers: Validating Static Warnings via Testing Code Fragme…

200 papers

Turing completeness has made Ethereum smart contracts attractive to blockchain developers and attackers alike. To increase code security, many tools can now spot most known vulnerabilities$-$at the cost of production efficiency. Recent…

Cryptography and Security · Computer Science 2024-10-23 Tommaso Oss , Carlos E. Budde

Fuzzing has proven to be very effective for discovering certain classes of software flaws, but less effective in helping developers process these discoveries. Conventional crash-based fuzzers lack enough information about failures to…

Cryptography and Security · Computer Science 2024-11-04 Allison Naaktgeboren , Sean Noble Anderson , Andrew Tolmach , Greg Sullivan

Precise, correct feedback is crucial for effectively training large language models (LLMs) in code reinforcement learning. However, synthesizing high-quality test cases remains a profoundly challenging and unsolved problem. In this work, we…

Software Engineering · Computer Science 2025-09-12 Jia Fu , Xinyu Yang , Hongzhi Zhang , Yahui Liu , Jingyuan Zhang , Qi Wang , Fuzheng Zhang , Guorui Zhou

In games, and more generally in the field of software development, early detection of bugs is vital to maintain a high quality of the final product. Automated tests are a powerful tool that can catch a problem earlier in development by…

Machine Learning · Computer Science 2024-06-12 Leonardo Marini , Linus Gisslén , Alessandro Sestini

Bug finding tools can find defects in software source code us- ing an automated static analysis. This automation may be able to reduce the time spent for other testing and review activities. For this we need to have a clear understanding of…

Software Engineering · Computer Science 2017-11-15 Stefan Wagner , Jan Jürjens , Claudia Koller , Peter Trischberger

How to apply automated verification technology such as model checking and static program analysis to millions of lines of embedded C/C++ code? How to package this technology in a way that it can be used by software developers and engineers,…

Software Engineering · Computer Science 2013-01-03 Ralf Huuck

Just like other software, spreadsheets can contain significant faults. Static analysis is an accepted and well-established technique in software engineering known for its capability to discover faults. In recent years, a growing number of…

Software Engineering · Computer Science 2014-01-30 Daniel Kulesz , Jan-Peter Ostberg

Many software engineering techniques, such as fault localization, operate based on relevance relationships between tests and code. These relationships are often inferred through the use of dynamic test execution information (test execution…

Software Engineering · Computer Science 2022-03-23 Jeongju Sohn , Mike Papadakis

Manual development of automatic tests for embedded C software is a strenuous and time-consuming task that does not scale well. With the accelerating pace of software release cycles, verification increasingly becomes the bottleneck in the…

Software Engineering · Computer Science 2026-03-11 Maximilian Harnot , Sebastian Komarnicki , Michal Polok , Timo Oksanen

In this paper, we present a hybrid approach for buffer overflow detection in C code. The approach makes use of static and dynamic analysis of the application under investigation. The static part consists in calculating taint dependency…

Cryptography and Security · Computer Science 2013-05-17 Sanjay Rawat , Dumitru Ceara , Laurent Mounier , Marie-Laure Potet

Open source software vulnerabilities pose significant security risks to downstream applications. While vulnerability databases provide valuable information for mitigation, many security patches are released silently in new commits of OSS…

Software Engineering · Computer Science 2025-03-27 Yiran Cheng , Ting Zhang , Lwin Khin Shar , Zhe Lang , David Lo , Shichao Lv , Dongliang Fang , Zhiqiang Shi , Limin Sun

Despite various approaches being employed to detect vulnerabilities, the number of reported vulnerabilities shows an upward trend over the years. This suggests the problems are not caught before the code is released, which could be caused…

Cryptography and Security · Computer Science 2025-02-14 Karl Tamberg , Hayretdin Bahsi

Fuzzers and static analyzers find many bugs but struggle with logic bugs in mature codebases. Triggering such a bug often requires multi-step reasoning that produces no distinctive execution feedback, and variants can appear across…

Cryptography and Security · Computer Science 2026-05-12 Junyoung Park , Insu Yun

Precisely and automatically detection of faults in programs, is a software engineering dream. Every effort in this regard takes us one step closer to realizing it. Many efforts have been taken from the people of these areas on testing,…

Software Engineering · Computer Science 2013-08-13 Safeeullah Soomro , Zahid Hussain , Ayaz Keerio

Can one estimate the number of remaining faults in a software system? A credible estimation technique would be immensely useful to project managers as well as customers. It would also be of theoretical interest, as a general law of software…

Software Engineering · Computer Science 2013-08-14 Carlo A. Furia , Bertrand Meyer , Manuel Oriol , Andrey Tikhomirov , Yi Wei

Quantum error correction (QEC) is fundamental for suppressing noise in quantum hardware and enabling fault-tolerant quantum computation. In this paper, we propose an efficient verification framework for QEC programs. We define an assertion…

Programming Languages · Computer Science 2025-10-30 Qifan Huang , Li Zhou , Wang Fang , Mengyu Zhao , Mingsheng Ying

LLM-based assistants, such as GitHub Copilot and ChatGPT, have the potential to generate code that fulfills a programming task described in a natural language description, referred to as a prompt. The widespread accessibility of these…

Software Engineering · Computer Science 2024-05-24 Sylvain Kouemo Ngassom , Arghavan Moradi Dakhel , Florian Tambon , Foutse Khomh

Softwarization and virtualization in 5G and beyond necessitate thorough testing to ensure the security of critical infrastructure and networks, requiring the identification of vulnerabilities and unintended emergent behaviors from protocol…

Cryptography and Security · Computer Science 2023-07-24 Jingda Yang , Sudhanshu Arya , Ying Wang

Instrumenting programs for performing run-time checking of properties, such as regular shapes, is a common and useful technique that helps programmers detect incorrect program behaviors. This is specially true in dynamic languages such as…

Programming Languages · Computer Science 2018-04-09 Maximiliano Klemen , Nataliia Stulova , Pedro Lopez-Garcia , José F. Morales , Manuel V. Hermenegildo

Large Language Models (LLMs) for code generation boost productivity but frequently introduce Knowledge Conflicting Hallucinations (KCHs), subtle, semantic errors, such as non-existent API parameters, that evade linters and cause runtime…

Software Engineering · Computer Science 2026-01-28 Dipin Khati , Daniel Rodriguez-Cardenas , Paul Pantzer , Denys Poshyvanyk