Human-like AI Auditor for Code Repositories
LLMs show promise for automated code analysis, but fall short in auditing real-world repositories due to context limitations and hallucinations. I present RepoAudit, an autonomous LLM-driven agent designed to perform precise, repository-level code auditing with high efficiency and accuracy. RepoAudit mimics expert auditors through demand-driven, path-sensitive reasoning over control and data-flow graphs—enabled by abstraction, pointer tracking, and validation mechanisms. Tested on 15 real-world projects in a controlled experiment, RepoAudit detected 38 true bugs with 65% precision, outperforming tools like Meta INFER and Amazon CodeGuru while costing only $2.54 per audit. A wider field-test has found 300 various kinds of zero-day bugs, ranging from classic bugs such as null pointer dereferences to functional bugs, in high-profile Github codebases, including Linux Kernel. This work represents a major step toward IDE-time, LLM-based auditing of large-scale software systems.
Sat 28 JunDisplayed time zone: Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna change
09:00 - 10:30 | Trustworthy AI for CodeEXPRESS at Cosmos 3B Chair(s): Peng Di Ant Group & UNSW Sydney, Puzhuo Liu Ant Group & Tsinghua University | ||
09:00 10mDay opening | Opening and Welcome EXPRESS | ||
09:10 60mKeynote | Human-like AI Auditor for Code Repositories EXPRESS Xiangyu Zhang Purdue University | ||
10:10 20mTalk | FuseApplyBench: Multilingual Benchmark for Trustworthy Code Edit Applying Task EXPRESS Ming Liang Ant Group, Qingyu Zhang the University of Hong Kong, Zhipeng Zuo Ant Group, Shaoqiang Zheng Ant Group, Dajun Chen Ant Group, Wei Jiang Ant Group, Yong Li Ant Group | ||
Cosmos 3B is the second room in the Cosmos 3 wing.
When facing the main Cosmos Hall, access to the Cosmos 3 wing is on the left, close to the stairs. The area is accessed through a large door with the number “3”, which will stay open during the event.
