Patch Space Exploration using Static Analysis Feedback

by   Yuntong Zhang, et al.

Automated Program Repair (APR) techniques typically rely on a given test-suite to guide the repair process. Apart from the need to provide test oracles, this makes the produced patches prone to test data over-fitting. In this work, instead of relying on test cases, we show how to automatically repair memory safety issues, by leveraging static analysis (specifically Incorrectness Separation Logic) to guide repair. Our proposed approach learns what a desirable patch is by inspecting how close a patch is to fixing the bug based on the feedback from incorrectness separation logic based static analysis (specifically the Pulse analyser), and turning this information into a distribution of probabilities over context free grammars. Furthermore, instead of focusing on heuristics for reducing the search space of patches, we make repair scalable by creating classes of equivalent patches according to the effect they have on the symbolic heap, and then invoking the validation oracle only once per class of patch equivalence. This allows us to efficiently discover repairs even in the presence of a large pool of patch candidates offered by our generic patch synthesis mechanism. Experimental evaluation of our approach was conducted by repairing real world memory errors in OpenSSL, swoole and other subjects. The evaluation results show the scalability and efficacy of our approach in automatically producing high quality patches.


page 1

page 2

page 3

page 4


Program Repair by Fuzzing over Patch and Input Space

Fuzz testing (fuzzing) is a well-known method for exposing bugs/vulnerab...

Accelerating Patch Validation for Program Repair with Interception-Based Execution Scheduling

Long patch validation time is a limiting factor for automated program re...

HyperGI: Automated Detection and Repair of Information Flow Leakage

Maintaining confidential information control in software is a persistent...

High-Quality Automated Program Repair

Automatic program repair (APR) has recently gained attention because it ...

Fixing Multiple Type Errors in Model Transformations with Alternative Oracles to Test Cases

This paper addresses the issue of correcting type errors in model transf...

Exploring Plausible Patches Using Source Code Embeddings in JavaScript

Despite the immense popularity of the Automated Program Repair (APR) fie...

Human-In-The-Loop Automatic Program Repair

We introduce Learn2fix, the first human-in-the-loop, semi-automatic repa...

Please sign up or login with your details

Forgot password? Click here to reset