CONTEXT: Automated static analysis (ASA) identifies potential source code anomalies early
in the software development lifecycle that could lead to field failures. Excessive alert …

Static analysis (SA) tools can generate useful static warnings to reveal the problematic code
snippets in a software system without dynamically executing the corresponding source code …

Static analysis tools are widely used for vulnerability detection as they understand programs
with complex behavior and millions of lines of code. Despite their popularity, static analysis …

Several static analysis tools, such as Splint or FindBugs, have been proposed to the
software development community to help detect security vulnerabilities or bad programming …

Software is prone to security vulnerabilities. Program analysis tools to detect them have
limited effectiveness in practice. While large language models (or LLMs) have shown …

Aggressive random testing tools (" fuzzers") are impressively effective at finding compiler
bugs. For example, a single test-case generator has resulted in more than 1,700 bugs …

Static analysis tools are widely used for vulnerability detection as they can analyze
programs with complex behavior and millions of lines of code. Despite their popularity, static …

In this paper, we propose a new semantic clone detection technique by comparing
programs' abstract memory states, which are computed by a semantic-based static analyzer …

Program analysis tools often produce undesirable output due to various approximations. We
present an approach and a system EUGENE that allows user feedback to guide such …

Static analysis tools have showcased their importance and usefulness in automated
detection of code anomalies and defects. However, the large number of alarms reported and …