Static Automated Program Repair for Heap Properties

@article{Tonder2018StaticAP,
  title={Static Automated Program Repair for Heap Properties},
  author={Rijnard van Tonder and Claire Le Goues},
  journal={2018 IEEE/ACM 40th International Conference on Software Engineering (ICSE)},
  year={2018},
  pages={151-162}
}
  • R. V. Tonder, Claire Le Goues
  • Published 27 May 2018
  • Computer Science
  • 2018 IEEE/ACM 40th International Conference on Software Engineering (ICSE)
Static analysis tools have demonstrated effectiveness at finding bugs in real world code. Such tools are increasingly widely adopted to improve software quality in practice. Automated Program Repair (APR) has the potential to further cut down on the cost of improving software quality. However, there is a disconnect between these effective bug-finding tools and APR. Recent advances in APR rely on test cases, making them inapplicable to newly discovered bugs or bugs difficult to test for… 

Figures and Tables from this paper

Practical program repair via bytecode mutation
TLDR
This paper implements the first practical bytecode-level APR technique, PraPR, and presents the first extensive study on fixing real-world bugs using JVM bytecode mutation, and demonstrates the overfitting problem of recent advanced APR tools for the first time.
HIPPODROME: Data Race Repair using Static Analysis Summaries
TLDR
This work shows how to harness compositional static analysis for concurrency bug detection to enable a new Automated Program Repair (APR) technique for data races in large concurrent Java codebases, and produces concurrency fixes similar to those proposed by the developers in the past.
Automatic Repair of Timestamp Comparisons
TLDR
A new strategy to automatically repair programs that suffer from timestamp overflows that are manifested in comparison expressions is proposed that unifies the benefits of static analysis and automatic program repair avoiding dependency on testing to identify and correct defected code.
Tailoring programs for static analysis via program transformation
TLDR
This work presents a new technique for automated, generic, and temporary code changes that tailor to suppress spurious analysis errors, and adopts a rule-based approach where simple, declarative templates describe general syntactic changes for code patterns that are known to be problematic for the analyzer.
Tailoring Programs for Static Analysis via Program Transformation
TLDR
This work presents a new technique for automated, generic, and temporary code changes that tailor to suppress spurious analysis errors, and adopts a rule-based approach where simple, declarative templates describe general syntactic changes for code patterns that are known to be problematic for the analyzer.
Phoenix: automated data-driven synthesis of repairs for static analysis violations
TLDR
The solution is implemented in a system, Phoenix, that implements a fully-automated pipeline that mines and cleans patches for static analysis violations from the wild, learns generalized executable repair strategies as programs in a novel Domain Specific Language (DSL), and then instantiates concrete repairs from them on new unseen violations.
Beyond Tests
TLDR
This work presents a repair method that fixes program vulnerabilities without the need for a voluminous test suite by generalizing observable hazards/vulnerabilities (as constraint) from a single failing test or exploit.
On the Effectiveness of Unified Debugging: An Extensive Study on 16 Program Repair Systems
TLDR
This work performs an extensive study of the unified-debugging approach on 16 state-of-the-art program repair systems for the first time and proposes an advanced unified debugging technique, UniDebug++, which can localize over 20% more bugs within Top-1 positions than state- of theart unified debugging technique, ProFL.
Beyond Tests: Program Vulnerability Repair via Crash Constraint Extraction
TLDR
This work presents a repair method which fixes program vulnerabilities without the need for a voluminous test-suite, by generalizing observable hazards/vulnerabilities from a single failing test or exploit.
Phoenix: A Tool for Automated Data-Driven Synthesis of Repairs for Static Analysis Violations
TLDR
This paper presents a tool Phoenix, implementing a novel technique for automatically generating high-quality patches for static analysis violations by learning from previous repair examples, and describes the architecture, user interfaces, and salient features of its technology.
...
1
2
3
4
5
...

References

SHOWING 1-10 OF 71 REFERENCES
History Driven Program Repair
TLDR
This work proposes a new technique that utilizes the wealth of bug fixes across projects in their development history to effectively guide and drive a program repair process, and can produce good-quality fixes for many more bugs as compared to the baselines while beingreasonably computationally efficient.
Leveraging program equivalence for adaptive program repair: Models and first results
TLDR
Generate-and-validate program repair is shown to be a dual of mutation testing, suggesting several possible cross-fertilizations and a novel deterministic repair algorithm that computes a patch quotient space with respect to an approximate semantic equivalence relation.
Repairing Programs with Semantic Code Search
TLDR
SearchRepair is proposed, a new kind of repair that uses the large body of existing open-source code to find potential fixes and produces higher-quality repairs than GenProg, TrpAutoRepair, and AE, and repairs some defects.
DirectFix: Looking for Simple Program Repairs
TLDR
This paper presents a novel semantics-based repair method that generates the simplest patch such that the program structure of the buggy program is maximally preserved and fuses fault localization and repair generation into one step.
Repairing Programs with Semantic Code Search (T)
TLDR
SearchRepair is proposed, a new kind of repair that uses the large body of existing open-source code to find potential fixes and produces higher-quality repairs than GenProg, TrpAutoRepair, and AE, and repairs some defects those tools cannot.
Defects4J: a database of existing faults to enable controlled testing studies for Java programs
TLDR
Defects4J, a database and extensible framework providing real bugs to enable reproducible studies in software testing research, and provides a high-level interface to common tasks in softwareTesting research, making it easy to con- duct and reproduce empirical studies.
Specification-Based Program Repair Using SAT
TLDR
An automated approach for generating likely bug fixes using behavioral specifications to replace a faulty statement that has deterministic behavior with one that has nondeterministic behavior, and to use the specification constraints to prune the ensuing nondeterminism and repair the faulty statement.
A systematic study of automated program repair: Fixing 55 out of 105 bugs for $8 each
TLDR
This paper evaluates GenProg, which uses genetic programming to repair defects in off-the-shelf C programs, and proposes novel algorithmic improvements that allow it to scale to large programs and find repairs 68% more often.
Patches as better bug reports
TLDR
This work proposes that bug reports additionally contain a specially-constructed patch describing an example way in which the program could be modified to avoid the reported policy violation, and presents an algorithm for automatically constructing such patches given model-checking and policy information typically already produced by most such analyses.
SemFix: Program repair via semantic analysis
TLDR
This paper presents an automated repair method based on symbolic execution, constraint solving and program synthesis, which reports a higher success-rate than genetic programming based repair, and produces a repair faster.
...
1
2
3
4
5
...