Gao, X;
Mechtaev, S;
Roychoudhury, A;
(2019)
Crash-Avoiding Program Repair.
In: Zhang, Dongmei and Groce, Alex, (eds.)
Proceedings of the ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2019).
(pp. pp. 8-18).
ACM (Association for Computing Machinery): New York, USA.
Preview |
Text
Mechtaev_Crash-Avoiding Program Repair_AAM.pdf - Accepted Version Download (1MB) | Preview |
Abstract
Existing program repair systems modify a buggy program so that the modified program passes given tests. The repaired program may not satisfy even the most basic notion of correctness, namely crash-freedom. In other words, repair tools might generate patches which over-fit the test data driving the repair, and the automatically repaired programs may even introduce crashes or vulnerabilities. We propose an integrated approach for detecting and discarding crashing patches. Our approach fuses test and patch generation into a single process, in which patches are generated with the objective of passing existing tests, and new tests are generated with the objective of filtering out over-fitted patches by distinguishing candidate patches in terms of behavior. We use crash-freedom as the oracle to discard patch candidates which crash on the new tests. In its core, our approach defines a grey-box fuzzing strategy that gives higher priority to new tests that separate patches behaving equivalently on existing tests. This test generation strategy identifies semantic differences between patch candidates, and reduces over-fitting in program repair. We evaluated our approach on real-world vulnerabilities and open-source subjects from the Google OSS-Fuzz infrastructure. We found that our tool Fix2Fit (implementing patch space directed test generation), produces crash-avoiding patches. While we do not give formal guarantees about crash-freedom, crossvalidation with fuzzing tools and their sanitizers provides greater confidence about the crash-freedom of our suggested patches.
| Type: | Proceedings paper |
|---|---|
| Title: | Crash-Avoiding Program Repair |
| Event: | ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2019), 15-19 July 2019, Beijing, China |
| Location: | Beijing, China |
| Dates: | 15 July 2019 - 19 July 2019 |
| Open access status: | An open access version is available from UCL Discovery |
| DOI: | 10.1145/3293882.3330558 |
| Publisher version: | https://doi.org/10.1145/3293882.3330558 |
| Language: | English |
| Additional information: | This version is the author accepted manuscript. For information on re-use, please refer to the publisher’s terms and conditions. |
| Keywords: | Automated program repair, Overfitting, Fuzzing |
| UCL classification: | UCL UCL > Provost and Vice Provost Offices > UCL BEAMS UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Dept of Computer Science |
| URI: | https://discovery.ucl.ac.uk/id/eprint/10074296 |
Archive Staff Only
 |
View Item |
