A (hopefully comprehensive and systematic) collection of research papers on static analyzers, including analyzing, testing, and verifying static analyzers. Feel free to make a contribution to this repository.
| 2025 | 2024 | 2023 | 2022 | 2021 | 2020 |
Chenyuan Yang, Zijie Zhao, Zichen Xie, Haoyu Li, and Lingming Zhang. 2025. KNighter: Transforming Static Analysis with LLMSynthesized Checkers. In ACM SIGOPS 31st Symposium on Operating Systems Principles (SOSP ’25), October 13–16, 2025, Seoul, Republic of Korea. ACM, New York, NY, USA, 15 pages. https://doi.org/10.1145/3731569.3764827
Zongze Jiang, Ming Wen, Ge Wen, Hai Jin. 2025. Fact-Aligned and Template-Constrained Static Analyzer Rule Enhancement with LLMs.
Huaien Zhang, Yu Pei, Shuyun Liang, Zezhong Xing, and Shin Hwei Tan. 2024. Characterizing and Detecting Program Representation Faults of Static Analysis Frameworks. In Proceedings of the 33rd ACM SIGSOFT International
Symposium on Software Testing and Analysis (ISSTA ’24), September 16–20,
2024, Vienna, Austria. ACM, New York, NY, USA, 13 pages. https://doi.org/
10.1145/3650212.3680398
Kaixuan Li, Yue Xue, Sen Chen, Han Liu, Kairan Sun, Ming Hu, Haijun Wang, Yang Liu, and Yixiang Chen. 2024. Static Application Security Testing (SAST) Tools for Smart Contracts: How Far Are We? Proc. ACM Softw. Eng. 1, FSE, Article 65 (July 2024), 24 pages. https://doi.org/10.1145/3660772.
Weigang He, Peng Di, Mengli Ming, Chengyu Zhang, Ting Su, Shijie Li, and Yulei Sui. 2024. Finding and Understanding Defects in Static Analyzers by Constructing Automated Oracles. Proc. ACM Softw. Eng. 1, FSE, Article 74 (July 2024), 23 pages. https://doi.org/10.1145/3660781.
Huaien Zhang, Yu Pei, Shuyun Liang, and Shin Hwei Tan. 2024. Understanding and Detecting Annotation-Induced Faults of Static Analyzers. Proc. ACM Softw. Eng. 1, FSE, Article 33 (July 2024), 23 pages. https://doi.org/10.1145/3643759.
Wachiraphan Charoenwet, Patanamon Thongtanunam, Van-Thuan Pham, and Christoph Treude. 2024. An Empirical Study of Static Analysis Tools for Secure Code Review. In Proceedings of ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2024). ACM, New York, NY, USA, 13 pages. https://dl.acm.org/doi/pdf/10.1145/3650212.3680313.
Kaixuan Li, Sen Chen, Lingling Fan, Ruitao Feng, Han Liu, Chengwei Liu, Yang Liu, and Yixiang Chen. 2023. Comparison and Evaluation on Static Application Security Testing (SAST) Tools for Java. In Proceedings of the 31st ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE 2023). Association for Computing Machinery, New York, NY, USA, 921–933. https://doi.org/10.1145/3611643.3616262.
Huaien Zhang, Yu Pei, Junjie Chen, and Shin Hwei Tan. 2023. Statfier: Automated Testing of Static Analyzers via Semantic-Preserving Program Transformations. In Proceedings of the 31st ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE 2023). Association for Computing Machinery, New York, NY, USA, 237–249. https://doi.org/10.1145/3611643.3616272.
Han Liu, Sen Chen, Ruitao Feng, Chengwei Liu, Kaixuan Li, Zhengzi Xu, Liming Nie, Yang Liu, and Yixiang Chen. 2023. A Comprehensive Study on Quality Assurance Tools for Java. In Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2023). Association for Computing Machinery, New York, NY, USA, 285–297. https://doi.org/10.1145/3597926.3598056.
Junjie Wang, Yuchao Huang, Song Wang, Qing Wang. 2021. Find Bugs in Static Bug Finders. In Proceedings of The 30th International Conference on Program Comprehension (ICPC 2022). ACM, New York, NY, USA, 12 pages. https://doi.org/10.1145/3524610.3527899.
Contributions are welcome:
- Adding new papers
- Suggesting improvements
This documentation is licensed under CC0 1.0 Universal. Individual papers retain their original copyrights.