English
Related papers

Related papers: On the Utility of Marrying GIN and PMD for Improvi…

200 papers

Static analyzers can reason about the properties and behaviors of programs and detect various issues without executing them. Hence, they should extract the necessary information to understand the analyzed program well. Annotation has been a…

Software Engineering · Computer Science 2024-02-23 Huaien Zhang , Yu Pei , Shuyun Liang , Shin Hwei Tan

Static analysis remains one of the most popular approaches for detecting and correcting poor or vulnerable program code. It involves the examination of code listings, test results, or other documentation to identify errors, violations of…

Artificial Intelligence · Computer Science 2021-08-27 Fitzroy D. Nembhard , Marco M. Carvalho

Context: Software metrics, as one form of static analyses, is a commonly used approach in software engineering in order to understand the state of a software system, in particular to identify potential areas prone to defects. Family-based…

Software Engineering · Computer Science 2021-10-13 Sascha El-Sharkawy , Adam Krafczyk , Klaus Schmid

Static analysis tools, or linters, detect violation of source code conventions to maintain project readability. Those tools automatically fix specific violations while developers edit the source code. However, existing tools are designed…

Software Engineering · Computer Science 2020-05-25 Yuki Ueda , Takashi Ishio , Akinori Ihara , Kenichi Matsumoto

Static code analysis tools are designed to aid software developers to build better quality software in less time, by detecting defects early in the software development life cycle. Even the most experienced developer regularly introduces…

Distributed, Parallel, and Cluster Computing · Computer Science 2021-02-05 Manuel Arenaz , Xavier Martorell

Static bug detection tools help developers detect problems in the code, including bad programming practices and potential defects. Recent efforts to integrate static bug detectors in modern software development workflows, such as in code…

Software Engineering · Computer Science 2024-01-24 Junjie Li , Jinqiu Yang

In this paper, we present a hybrid approach for buffer overflow detection in C code. The approach makes use of static and dynamic analysis of the application under investigation. The static part consists in calculating taint dependency…

Cryptography and Security · Computer Science 2013-05-17 Sanjay Rawat , Dumitru Ceara , Laurent Mounier , Marie-Laure Potet

Just like other software, spreadsheets can contain significant faults. Static analysis is an accepted and well-established technique in software engineering known for its capability to discover faults. In recent years, a growing number of…

Software Engineering · Computer Science 2014-01-30 Daniel Kulesz , Jan-Peter Ostberg

When programmers look for how to achieve certain programming tasks, Stack Overflow is a popular destination in search engine results. Over the years, Stack Overflow has accumulated an impressive knowledge base of snippets of code that are…

Software Engineering · Computer Science 2017-05-04 Di Yang , Pedro Martins , Vaibhav Saini , Cristina Lopes

Static code analyzers are widely used to help find program flaws. However, in practice the effectiveness and usability of such analyzers is affected by the problems of false negatives (FNs) and false positives (FPs). This paper aims to…

Software Engineering · Computer Science 2024-08-27 Han Cui , Menglei Xie , Ting Su , Chengyu Zhang , Shin Hwei Tan

Large language models trained on code have shown great potential to increase productivity of software developers. Several execution-based benchmarks have been proposed to evaluate functional correctness of model-generated code on simple…

Static analysis tools are widely used to detect software bugs and vulnerabilities but often struggle with scalability and efficiency in complex codebases. Traditional approaches rely on manually crafted annotations -- labeling functions as…

Bug detection and prevention is one of the most important goals of software quality assurance. Nowadays, many of the major problems faced by developers can be detected or even fixed fully or partially with automatic tools. However, recent…

Software Engineering · Computer Science 2021-03-18 Balázs Mosolygó , Norbert Vándor , Gábor Antal , Péter Hegedűs

Large language models (LLMs) have demonstrated impressive capabilities in code generation, achieving high scores on benchmarks such as HumanEval and MBPP. However, these benchmarks primarily assess functional correctness and neglect broader…

Software Engineering · Computer Science 2025-08-21 Scott Blyth , Sherlock A. Licorish , Christoph Treude , Markus Wagner

An important goal for programmers is to minimize cost of identifying and correcting defects in source code. Code review is commonly used for identifying programming defects. However, manual code review has some shortcomings: a) it is time…

Software Engineering · Computer Science 2018-09-13 Balwinder Sodhi , Shipra Sharma

Suboptimal code is prevalent in software systems. Developers often write low-quality code due to factors like technical knowledge gaps, insufficient experience, time pressure, management decisions, or personal factors. Once integrated, the…

Software Engineering · Computer Science 2025-11-11 In-on Wiratsin , Chaiyong Ragkhitwetsagul , Matheus Paixao , Denis De Sousa , Pongpop Lapvikai , Peter Haddawy

The sources of reliable, code-level information about vulnerabilities that affect open-source software (OSS) are scarce, which hinders a broad adoption of advanced tools that provide code-level detection and assessment of vulnerable OSS…

Software Engineering · Computer Science 2021-05-10 Therese Fehrer , Rocío Cabrera Lozoya , Antonino Sabetta , Dario Di Nucci , Damian A. Tamburri

Without quantitative data, deciding whether and how to use static analysis in a development workflow is a matter of expert opinion and guesswork rather than an engineering trade-off. Moreover, relevant data collected under real-world…

Software Engineering · Computer Science 2020-03-09 William R. Nichols

Repository-level code completion is challenging as it involves complicated contexts from multiple files in the repository. To date, researchers have proposed two technical categories to enhance LLM-based repository-level code completion,…

Software Engineering · Computer Science 2024-06-17 Junwei Liu , Yixuan Chen , Mingwei Liu , Xin Peng , Yiling Lou

Version control system tools empower developers to independently work on their development tasks. These tools also facilitate the integration of changes through merging operations, and report textual conflicts. However, when developers…

Software Engineering · Computer Science 2023-10-16 Galileu Santos de Jesus , Paulo Borba , Rodrigo Bonifácio , Matheus Barbosa de Oliveira