English
Related papers

Related papers: Learning to Reduce False Positives in Analytic Bug…

200 papers

Security vulnerabilities present in a code that has been written in diverse programming languages are among the most critical yet complicated aspects of source code to detect. Static analysis tools based on rule-based patterns usually do…

Cryptography and Security · Computer Science 2025-08-19 Hael Abdulhakim Ali Humran , Ferdi Sonmez

Static analysis is one of the most widely adopted techniques to find software bugs before code is put in production. Designing and implementing effective and efficient static analyses is difficult and requires high expertise, which results…

Software Engineering · Computer Science 2019-06-04 Andrew Habib , Michael Pradel

We propose a method combining machine learning with a static analysis tool (i.e. Infer) to automatically repair source code. Machine Learning methods perform well for producing idiomatic source code. However, their output is sometimes…

Software Engineering · Computer Science 2023-04-24 Ruba Mutasim , Gabriel Synnaeve , David Pichardie , Baptiste Rozière

Static analysis remains one of the most popular approaches for detecting and correcting poor or vulnerable program code. It involves the examination of code listings, test results, or other documentation to identify errors, violations of…

Artificial Intelligence · Computer Science 2021-08-27 Fitzroy D. Nembhard , Marco M. Carvalho

Data science pipelines to train and evaluate models with machine learning may contain bugs just like any other code. Leakage between training and test data can lead to overestimating the model's accuracy during offline evaluations, possibly…

Software Engineering · Computer Science 2022-09-08 Chenyang Yang , Rachel A Brower-Sinning , Grace A. Lewis , Christian Kästner

Bug finding tools can find defects in software source code us- ing an automated static analysis. This automation may be able to reduce the time spent for other testing and review activities. For this we need to have a clear understanding of…

Software Engineering · Computer Science 2017-11-15 Stefan Wagner , Jan Jürjens , Claudia Koller , Peter Trischberger

Machine learning-based program analyses have recently shown the promise of integrating formal and probabilistic reasoning towards aiding software development. However, in the absence of large annotated corpora, training these analyses is…

Machine Learning · Computer Science 2021-11-17 Miltiadis Allamanis , Henry Jackson-Flux , Marc Brockschmidt

Providing feedback is an integral part of teaching. Most open online courses on programming make use of automated grading systems to support programming assignments and give real-time feedback. These systems usually rely on test results to…

Software Engineering · Computer Science 2019-05-30 Rahul Gupta , Aditya Kanade , Shirish Shevade

We introduce SkipAnalyzer, a large language model (LLM)-powered tool for static code analysis. SkipAnalyzer has three components: 1) an LLM-based static bug detector that scans source code and reports specific types of bugs, 2) an LLM-based…

Software Engineering · Computer Science 2023-12-19 Mohammad Mahdi Mohajer , Reem Aleithan , Nima Shiri Harzevili , Moshi Wei , Alvine Boaye Belle , Hung Viet Pham , Song Wang

Deep Learning (DL) applications are being used to solve problems in critical domains (e.g., autonomous driving or medical diagnosis systems). Thus, developers need to debug their systems to ensure that the expected behavior is delivered.…

Software Engineering · Computer Science 2023-07-19 Mohammad Wardat , Breno Dantas Cruz , Wei Le , Hridesh Rajan

Programmers have long ignored warnings, especially those generated by static analysis tools, due to the potential for false-positives. In some cases, warnings may be indicative of larger issues, but programmers may not understand how a…

Software Engineering · Computer Science 2025-05-20 Hansen Chang , Christian DeLozier

This paper proposes a novel framework for audio deepfake detection with two main objectives: i) attaining the highest possible accuracy on available fake data, and ii) effectively performing continuous learning on new fake data in a…

Sound · Computer Science 2024-09-11 Tuan Duy Nguyen Le , Kah Kuan Teh , Huy Dat Tran

Static analysis tools come in many forms andconfigurations, allowing them to handle various tasks in a (secure) development process: code style linting, bug/vulnerability detection, verification, etc., and adapt to the specific requirements…

Static analysis tools are widely used to detect bugs, vulnerabilities, and code smells. Traditionally, developers must resolve these warnings manually. Because this process is tedious, developers sometimes ignore warnings, leading to an…

Software Engineering · Computer Science 2026-04-14 Pascal Joos , Islem Bouzenia , Michael Pradel

Pointers are a powerful, but dangerous feature provided by the C and C++ programming languages, and incorrect use of pointers is a common source of bugs and security vulnerabilities. Making secure software is crucial, as vulnerabilities…

Formal Languages and Automata Theory · Computer Science 2024-11-01 Vlad-Alexandru Teodorescu , Dorel Lucanu

Machine Learning approaches are good in solving problems that have less information. In most cases, the software domain problems characterize as a process of learning that depend on the various circumstances and changes accordingly. A…

Software Engineering · Computer Science 2015-06-26 Saiqa Aleem , Luiz Fernando Capretz , Faheem Ahmed

Static analysis tools typically address the problem of excessive false positives by requiring programmers to explicitly annotate their code. However, when faced with incomplete annotations, many analysis tools are either too conservative,…

Programming Languages · Computer Science 2021-07-16 Sam Estep , Jenna Wise , Jonathan Aldrich , Éric Tanter , Johannes Bader , Joshua Sunshine

We present an alternative approach to creating static bug finders. Instead of relying on human expertise, we utilize deep neural networks to train static analyzers directly from data. In particular, we frame the problem of bug finding as a…

Software Engineering · Computer Science 2020-03-30 Yu Wang , Fengjuan Gao , Linzhang Wang , Ke Wang

Static analysis tools (SATs) are widely adopted in both academia and industry for improving software quality, yet their practical use is often hindered by high false positive rates, especially in large-scale enterprise systems. These false…

Software Engineering · Computer Science 2026-01-28 Xueying Du , Jiayi Feng , Yi Zou , Wei Xu , Jie Ma , Wei Zhang , Sisi Liu , Xin Peng , Yiling Lou

Deep learning has recently achieved initial success in program analysis tasks such as bug detection. Lacking real bugs, most existing works construct training and test data by injecting synthetic bugs into correct programs. Despite…

Machine Learning · Computer Science 2022-06-22 Jingxuan He , Luca Beurer-Kellner , Martin Vechev