UCL Discovery
UCL home » Library Services » Electronic resources » UCL Discovery

Crash-Avoiding Program Repair

Gao, X; Mechtaev, S; Roychoudhury, A; (2019) Crash-Avoiding Program Repair. In: Zhang, Dongmei and Groce, Alex, (eds.) Proceedings of the ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2019). (pp. pp. 8-18). ACM (Association for Computing Machinery): New York, USA. Green open access

[thumbnail of Mechtaev_Crash-Avoiding Program Repair_AAM.pdf]
Preview
Text
Mechtaev_Crash-Avoiding Program Repair_AAM.pdf - Accepted Version

Download (1MB) | Preview

Abstract

Existing program repair systems modify a buggy program so that the modified program passes given tests. The repaired program may not satisfy even the most basic notion of correctness, namely crash-freedom. In other words, repair tools might generate patches which over-fit the test data driving the repair, and the automatically repaired programs may even introduce crashes or vulnerabilities. We propose an integrated approach for detecting and discarding crashing patches. Our approach fuses test and patch generation into a single process, in which patches are generated with the objective of passing existing tests, and new tests are generated with the objective of filtering out over-fitted patches by distinguishing candidate patches in terms of behavior. We use crash-freedom as the oracle to discard patch candidates which crash on the new tests. In its core, our approach defines a grey-box fuzzing strategy that gives higher priority to new tests that separate patches behaving equivalently on existing tests. This test generation strategy identifies semantic differences between patch candidates, and reduces over-fitting in program repair. We evaluated our approach on real-world vulnerabilities and open-source subjects from the Google OSS-Fuzz infrastructure. We found that our tool Fix2Fit (implementing patch space directed test generation), produces crash-avoiding patches. While we do not give formal guarantees about crash-freedom, crossvalidation with fuzzing tools and their sanitizers provides greater confidence about the crash-freedom of our suggested patches.

Type: Proceedings paper
Title: Crash-Avoiding Program Repair
Event: ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2019), 15-19 July 2019, Beijing, China
Location: Beijing, China
Dates: 15 July 2019 - 19 July 2019
Open access status: An open access version is available from UCL Discovery
DOI: 10.1145/3293882.3330558
Publisher version: https://doi.org/10.1145/3293882.3330558
Language: English
Additional information: This version is the author accepted manuscript. For information on re-use, please refer to the publisher’s terms and conditions.
Keywords: Automated program repair, Overfitting, Fuzzing
UCL classification: UCL
UCL > Provost and Vice Provost Offices > UCL BEAMS
UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science
UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Dept of Computer Science
URI: https://discovery.ucl.ac.uk/id/eprint/10074296
Downloads since deposit
266Downloads
Download activity - last month
Download activity - last 12 months
Downloads by country - last 12 months

Archive Staff Only

View Item View Item