Export Citations
Save this search
Please login to be able to save your searches and receive alerts for new content matching your search criteria.
- posterDecember 2024
Poster: Protecting Source Code Privacy When Hunting Bugs
CCS '24: Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications SecurityPages 5030–5032https://doi.org/10.1145/3658644.3691407When proving to a third party that a software system is of high quality or bug-free, a software vendor may have to reveal the source code such that the third party can use a public or their own static code analyzer to check the code. However, revealing ...
- research-articleNovember 2024
- research-articleOctober 2024
Leveraging Large Language Model to Assist Detecting Rust Code Comment Inconsistency
ASE '24: Proceedings of the 39th IEEE/ACM International Conference on Automated Software EngineeringPages 356–366https://doi.org/10.1145/3691620.3695010Rust is renowned for its robust memory safety capabilities, yet its distinctive memory management model poses substantial challenges in both writing and understanding programs. Within Rust source code, comments are employed to clearly delineate ...
- research-articleSeptember 2024JUST ACCEPTED
ZigZagFuzz: Interleaved Fuzzing of Program Options and Files
ACM Transactions on Software Engineering and Methodology (TOSEM), Just Accepted https://doi.org/10.1145/3697014Command-line options (e.g., -l, -F, -R for ls) given to a command-line program can significantly alternate the behaviors of the program. Thus, fuzzing not only file input but also program options can improve test coverage and bug detection. In this paper, ...
- research-articleDecember 2024
Finding bugs in embedded external device drivers using emulation
WSSE '24: Proceedings of the 2024 The 6th World Symposium on Software Engineering (WSSE)Pages 129–132https://doi.org/10.1145/3698062.3698079Embedded devices use not only the microcontrollers, but also external devices to realize their functions. Due to lack of external device driver, developers may implement their own one, which can easily cause bugs. Once bugs are injected, debugging is ...
-
- research-articleSeptember 2024
Characterizing and Detecting Program Representation Faults of Static Analysis Frameworks
ISSTA 2024: Proceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and AnalysisPages 1772–1784https://doi.org/10.1145/3650212.3680398Static analysis frameworks (SAFs) such as Soot and WALA have been a fundamental support in today’s software analysis. They usually adopt various analysis techniques to transform programs into different representations which imply specific properties, ...
Testing Gremlin-Based Graph Database Systems via Query Disassembling
- Yingying Zheng,
- Wensheng Dou,
- Lei Tang,
- Ziyu Cui,
- Yu Gao,
- Jiansen Song,
- Liang Xu,
- Jiaxin Zhu,
- Wei Wang,
- Jun Wei,
- Hua Zhong,
- Tao Huang
ISSTA 2024: Proceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and AnalysisPages 1695–1707https://doi.org/10.1145/3650212.3680392Graph Database Systems (GDBs) support efficiently storing and retrieving graph data, and have become a critical component in many important applications. Many widely-used GDBs utilize the Gremlin query language to create, modify, and retrieve data in ...
- research-articleSeptember 2024Distinguished Paper
Precise Compositional Buffer Overflow Detection via Heap Disjointness
ISSTA 2024: Proceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and AnalysisPages 63–75https://doi.org/10.1145/3650212.3652110Static analysis techniques for buffer overflow detection still struggle with being scalable for millions of lines of code, while being precise enough to have an acceptable false positive rate. The checking of buffer overflow necessitates reasoning about ...
- research-articleAugust 2024
Detecting Data Races in OpenMP with Deep Learning and Large Language Models
ICPP Workshops '24: Workshop Proceedings of the 53rd International Conference on Parallel ProcessingPages 96–103https://doi.org/10.1145/3677333.3678160Transformer-based neural network models are increasingly employed to handle software engineering issues, such as bug localization and program repair. These models, equipped with a self-attention mechanism, excel at understanding source code context and ...
- research-articleJuly 2024
Learning to Detect and Localize Multilingual Bugs
Proceedings of the ACM on Software Engineering (PACMSE), Volume 1, Issue FSEArticle No.: 97, Pages 2190–2213https://doi.org/10.1145/3660804Increasing studies have shown bugs in multi-language software as a critical loophole in modern software quality assurance, especially those induced by language interactions (i.e., multilingual bugs). Yet existing tool support for bug detection/...
Analyzing Quantum Programs with LintQ: A Static Analysis Framework for Qiskit
Proceedings of the ACM on Software Engineering (PACMSE), Volume 1, Issue FSEArticle No.: 95, Pages 2144–2166https://doi.org/10.1145/3660802As quantum computing is rising in popularity, the amount of quantum programs and the number of developers writing them are increasing rapidly. Unfortunately, writing correct quantum programs is challenging due to various subtle rules developers need to ...
- short-paperJuly 2024
Detecting Code Comment Inconsistencies using LLM and Program Analysis
FSE 2024: Companion Proceedings of the 32nd ACM International Conference on the Foundations of Software EngineeringPages 683–685https://doi.org/10.1145/3663529.3664458Code comments are the most important medium for documenting program logic and design. Nevertheless, as modern software undergoes frequent updates and modifications, maintaining the accuracy and relevance of comments becomes a labor-intensive endeavor. ...
Enhancing Static Analysis for Practical Bug Detection: An LLM-Integrated Approach
Proceedings of the ACM on Programming Languages (PACMPL), Volume 8, Issue OOPSLA1Article No.: 111, Pages 474–499https://doi.org/10.1145/3649828While static analysis is instrumental in uncovering software bugs, its precision in analyzing large and intricate codebases remains challenging. The emerging prowess of Large Language Models (LLMs) offers a promising avenue to address these complexities. ...
- research-articleApril 2024
Drone-Based Bug Detection in Orchards with Nets: A Novel Orienteering Approach
ACM Transactions on Sensor Networks (TOSN), Volume 20, Issue 3Article No.: 68, Pages 1–28https://doi.org/10.1145/3653713The use of drones for collecting information and detecting bugs in orchards covered by nets is a challenging problem. The nets help in reducing pest damage, but they also constrain the drone’s flight path, making it longer and more complex. To address ...
- research-articleApril 2024
WELL: Applying bug detectors to bug localization via weakly supervised learning
Journal of Software: Evolution and Process (WSMR), Volume 36, Issue 9https://doi.org/10.1002/smr.2669AbstractBug localization, which is used to help programmers identify the location of bugs in source code, is an essential task in software development. Researchers have already made efforts to harness the powerful deep learning (DL) techniques to ...
Researchers have already made efforts to harness the powerful deep learning techniques to automate bug localization and further fixing. However, training bug localization model requires a large quantity of data labeled with the bug's exact location, ...
- research-articleJune 2024
SICode: Embedding-Based Subgraph Isomorphism Identification for Bug Detection
ICPC '24: Proceedings of the 32nd IEEE/ACM International Conference on Program ComprehensionPages 304–315https://doi.org/10.1145/3643916.3646556Given a known buggy code snippet, searching for similar patterns in a target project to detect unknown bugs is a reasonable approach. In practice, a search unit, such as a function, may appear quite different from the buggy snippet but actually contains ...
- research-articleApril 2024
Raisin: Identifying Rare Sensitive Functions for Bug Detection
ICSE '24: Proceedings of the IEEE/ACM 46th International Conference on Software EngineeringArticle No.: 175, Pages 1–12https://doi.org/10.1145/3597503.3639165Mastering the knowledge about the bug-prone functions (i.e., sensitive functions) is important to detect bugs. Some automated techniques have been proposed to identify the sensitive functions in large software systems, based on machine learning or ...
- research-articleJanuary 2024
Decoding Logic Errors: A Comparative Study on Bug Detection by Students and Large Language Models
- Stephen Macneil,
- Paul Denny,
- Andrew Tran,
- Juho Leinonen,
- Seth Bernstein,
- Arto Hellas,
- Sami Sarsa,
- Joanne Kim
ACE '24: Proceedings of the 26th Australasian Computing Education ConferencePages 11–18https://doi.org/10.1145/3636243.3636245Identifying and resolving logic errors can be one of the most frustrating challenges for novices programmers. Unlike syntax errors, for which a compiler or interpreter can issue a message, logic errors can be subtle. In certain conditions, buggy code may ...
Heterogeneous Testing for Coverage Profilers Empowered with Debugging Support
ESEC/FSE 2023: Proceedings of the 31st ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software EngineeringPages 670–681https://doi.org/10.1145/3611643.3616340Ensuring the correctness of code coverage profilers is crucial, given the widespread adoption of code coverage for various software engineering tasks. Existing validation techniques, such as differential testing and metamorphic testing, have shown ...
- research-articleNovember 2023
Assisting Static Analysis with Large Language Models: A ChatGPT Experiment
ESEC/FSE 2023: Proceedings of the 31st ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software EngineeringPages 2107–2111https://doi.org/10.1145/3611643.3613078Recent advances of Large Language Models (LLMs), e.g., ChatGPT, exhibited strong capabilities of comprehending and responding to questions across a variety of domains. Surprisingly, ChatGPT even possesses a strong understanding of program code. In this ...