research-article

Static automated program repair for heap properties

Authors:

Rijnard van Tonder,

Claire Le GouesAuthors Info & Claims

ICSE '18: Proceedings of the 40th International Conference on Software Engineering

Pages 151 - 162

https://doi.org/10.1145/3180155.3180250

Published: 27 May 2018 Publication History

Abstract

Static analysis tools have demonstrated effectiveness at finding bugs in real world code. Such tools are increasingly widely adopted to improve software quality in practice. Automated Program Repair (APR) has the potential to further cut down on the cost of improving software quality. However, there is a disconnect between these effective bug-finding tools and APR. Recent advances in APR rely on test cases, making them inapplicable to newly discovered bugs or bugs difficult to test for deterministically (like memory leaks). Additionally, the quality of patches generated to satisfy a test suite is a key challenge. We address these challenges by adapting advances in practical static analysis and verification techniques to enable a new technique that finds and then accurately fixes real bugs without test cases. We present a new automated program repair technique using Separation Logic. At a high-level, our technique reasons over semantic effects of existing program fragments to fix faults related to general pointer safety properties: resource leaks, memory leaks, and null dereferences. The procedure automatically translates identified fragments into source-level patches, and verifies patch correctness with respect to reported faults. In this work we conduct the largest study of automatically fixing undiscovered bugs in real-world code to date. We demonstrate our approach by correctly fixing 55 bugs, including 11 previously undiscovered bugs, in 11 real-world projects.

References

[1]

2017. FindBugs Static Analyzer. https://github.com/findbugsproject/findbugs. (2017). Online; accessed 26 August 2017.

[2]

2017. Google Error-prone bug-fixing commit. https://github.com/google/error-prone/commit/3709338. (2017). Online; accessed 16 January 2017.

[3]

2017. Infer bug types. http://fbinfer.com/docs/infer-bug-types.html. (2017). Online; accessed 11 May 2017.

[4]

2017. Infer experimental checkers. http://fbinfer.com/docs/experimental-checkers.html. (2017). Online; accessed 11 May 2017.

[5]

2017. Infer Static Analyzer. http://fbinfer.com/. (2017). Online; accessed 11 May 2017.

[6]

2017. Resource Leak in C. http://fbinfer.com/docs/infer-bug-types.html#RESOURCE_LEAK. (2017). Online; accessed 16 January 2017.

[7]

Rui Abreu, Peter Zoeteweij, and Arjan J. C. van Gemund. 2007. On the Accuracy of Spectrum-based Fault Localization. In Testing: Academic and Industrial Conference Practice and Research Techniques - MUTATION (TAICPART-MUTATION '07). 89--98.

Digital Library

[8]

Nathaniel Ayewah, David Hovemeyer, J. David Morgenthaler, John Penix, and William Pugh. 2008. Using Static Analysis to Find Bugs. IEEE Software 25, 5 (2008), 22--29.

Digital Library

[9]

Titus Barik, Yoonki Song, Brittany Johnson, and Emerson R. Murphy-Hill. 2016. From Quick Fixes to Slow Fixes: Reimagining Static Analysis Resolutions to Enable Design Space Exploration. In IEEE International Conference on Software Maintenance and Evolution (ICSME '16). IEEE Computer Society, 211--221.

[10]

J Berdine, C Calcagno, and Peter W O'Hearn. 2005. Smallfoot: Modular Automatic Assertion Checking with Separation Logic. In Formal Methods for Components and Objects (FMCO '05). 115--137.

Digital Library

[11]

Josh Berdine, Cristiano Calcagno, and Peter WO'hearn. 2005. Symbolic Execution with Separation Logic. In Asian Symposium on Programming Languages and Systems (APLAS '05). 52--68.

Digital Library

[12]

Josh Berdine, Cristiano Calcagno, and Peter W. O'Hearn. 2012. Verification Condition Generation and Variable Conditions in Smallfoot. CoRR abs/1204.4804 (2012).

[13]

Josh Berdine, Arlen Cox, Samin Ishtiaq, and Christoph M. Wintersteiger. 2012. Diagnosing Abstraction Failure for Separation Logic-Based Analyses. In Computer Aided Verification (CAV '12). 155--173.

Digital Library

[14]

Al Bessey, Ken Block, Ben Chelf, Andy Chou, Bryan Fulton, Seth Hallem, Charles Henri-Gros, Asya Kamsky, Scott McPeak, and Dawson Engler. 2010. A Few Billion Lines of Code Later: Using Static Analysis to Find Bugs in the Real World. Commun. ACM 53, 2 (Feb. 2010), 66--75.

Digital Library

[15]

Tom Britton, Lisa Jeng, Graham Carver, Paul Cheak, and Tomer Katzenellenbogen. 2013. Reversible Debugging Software. Technical Report. University of Cambridge, Judge Business School.

[16]

Cristiano Calcagno and Dino Distefano. 2011. Infer: An Automatic Program Verifier for Memory Safety of C Programs. In NASA Formal Methods (NFM '11). 459--465.

Digital Library

[17]

Cristiano Calcagno, Dino Distefano, Jérémy Dubreil, Dominik Gabi, Pieter Hooimeijer, Martino Luca, Peter W. O'Hearn, Irene Papakonstantinou, Jim Purbrick, and Dulma Rodriguez. 2015. Moving Fast with Software Verification. In NASA Formal Methods (NFM 15). 3--11.

[18]

Cristiano Calcagno, Dino Distefano, Peter W. O'Hearn, and Hongseok Yang. 2011. Compositional Shape Analysis by Means of Bi-Abduction. J. ACM 58, 6 (2011), 26:1--26:66.

Digital Library

[19]

Loris D'Antoni, Roopsha Samanta, and Rishabh Singh. 2016. Qlose: Program Repair with Quantitative Objectives. In Computer Aided Verification (CAV '16). 383--401.

[20]

Dino Distefano and Ivana Filipovic. 2010. Memory Leaks Detection in Java byBiabductive Inference. In Fundamental Approaches to Software Engineering (FASE). 278--292.

Digital Library

[21]

Dino Distefano, Peter W O'Hearn, and Hongseok Yang. 2006. A Local Shape Analysis Based on Separation Logic. In International Conference on Tools and Algorithms for the Construction and Analysis of Systems. 287--302.

Digital Library

[22]

Dino Distefano and Matthew J Parkinson J. 2008. jStar: Towards Practical Verification for Java. ACM Sigplan Notices 43, 10 (2008), 213--226.

Digital Library

[23]

Divya Gopinath, Muhammad Zubair Malik, and Sarfraz Khurshid. 2011. Specification-Based Program Repair Using SAT. In Tools and Algorithms for the Construction and Analysis of Systems (TACAS'11). 173--188.

Digital Library

[24]

Andreas Griesmayer, Roderick Bloem, and Byron Cook. 2006. Repair of Boolean Programs with an Application to C. Computer Aided Verification (2006), 358--371.

Digital Library

[25]

Ciera Jaspan, I-Chin Chen, and Anoop Sharma. 2007. Understanding the Value of Program Analysis Tools. In Object-oriented Programming Systems and Applications (OOPSLA'07). 963--970.

Digital Library

[26]

Barbara Jobstmann, Andreas Griesmayer, and Roderick Bloem. 2005. Program Repair as a Game. In Computer Aided Verification (CAV '05). 226--238.

Digital Library

[27]

Brittany Johnson, Yoonki Song, Emerson Murphy-Hill, and Robert Bowdidge. 2013. Why Don't Software Developers Use Static Analysis Tools to Find Bugs?. In International Conference on Software Engineering (ICSE '13). 672--681.

Digital Library

[28]

René Just, Darioush Jalali, and Michael D Ernst. 2014. Defects4J: A Database of Existing Faults to Enable Controlled Testing Studies for Java Programs. In International Symposium on Software Testing and Analysis (ISSTA '14). 437--440.

Digital Library

[29]

Yalin Ke, Kathryn T. Stolee, Claire Le Goues, and Yuriy Brun. 2016. Repairing Programs with Semantic Code Search. In International Conference on Automated Software Engineering (ASE'15). 295--306.

[30]

Etienne Kneuss, Manos Koukoutos, and Viktor Kuncak. 2015. Deductive Program Repair. In Computer Aided Verification (CAV '15). 217--233.

[31]

Xuan Bach D Le, David Lo, and Claire Le Goues. 2016. History Driven Program Repair. In Software Analysis, Evolution, and Reengineering (SANER '16). 213--224.

[32]

Xuan-Bach D. Le, David Lo, and Claire Le Goues. 2016. History Driven Program Repair. In Software Analysis, Evolution, and Reengineering (SANER '16). 213--224.

[33]

Claire Le Goues, Michael Dewey-Vogt, Stephanie Forrest, and Westley Weimer. 2012. A Systematic Study of Automated Program Repair: Fixing 55 out of 105 Bugs for $8 Each. In International Conference on Software Engineering (ICSE '12). 3--13.

Digital Library

[34]

Benjamin Livshits, Manu Sridharan, Yannis Smaragdakis, Ondrej Lhoták, José Nelson Amaral, Bor-Yuh Evan Chang, Samuel Z. Guyer, Uday P. Khedker, Anders Møller, and Dimitrios Vardoulakis. 2015. In defense of soundiness: a manifesto. Commun. ACM 58, 2 (2015), 44--46.

Digital Library

[35]

Francesco Logozzo and Thomas Ball. 2012. Modular and Verified Automatic Program Repair. In Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA'12). 133--146.

Digital Library

[36]

Fan Long and Martin Rinard. 2016. Automatic Patch Generation by Learning Correct Code. In Principles of Programming Languages (POPL'16). 298--31.

Digital Library

[37]

Fan Long and Martin C. Rinard. 2016. An Analysis of the Search Spaces for Generate and Validate Patch Generation Systems. In International Conference on Software Engineering (ICSE'16). 702--713.

Digital Library

[38]

Sergey Mechtaev, Jooyong Yi, and Abhik Roychoudhury. 2015. DirectFix: Looking for Simple Program Repairs. In International Conference on Software Engineering (ICSE'15). 448--458.

Digital Library

[39]

Sergey Mechtaev, Jooyong Yi, and Abhik Roychoudhury. 2016. Angelix: Scalable Multiline Program Patch Synthesis via Symbolic Analysis. In International Conference on Software Engineering (ICSE'16). 691--701.

Digital Library

[40]

Nicholas Nethercote and Julian Seward. 2003. Valgrind: A Program Supervision Framework. Electronic notes in Theoretical Computer Science 89, 2 (2003), 44--66.

[41]

Hoang Duong Thien Nguyen, Dawei Qi, Abhik Roychoudhury, and Satish Chandra. 2013. SemFix: Program Repairvia Semantic Analysis. International Conference on Software Engineering, 772--781.

Digital Library

[42]

Huu Hai Nguyen, Cristina David, Shengchao Qin, and Wei-Ngan Chin. 2007. Automated Verification of Shape and Size Properties via Separation Logic. In International Workshop on Verification, Model Checking, and Abstract Interpretation (VMCAI'07). 251--266.

Digital Library

[43]

National Institute of Standards and Technology. 2002. The Economic Impacts of Inadequate Infrastructure for Software Testing. Technical Report NIST Planning Report 02--3. NIST. http://www.nist.gov/director/prog-ofc/report02-3.pdf

[44]

Peter O'Hearn. 2007. Resources, Concurrency, and Local Reasoning. Theoretical Computer Science 375, 1--3 (2007), 271--307.

Digital Library

[45]

Peter W. O'Hearn. 2015. From Categorical Logic to Facebook Engineering. In Symposium on Logic in Computer Science. 17--20.

Digital Library

[46]

Peter W. O'Hearn, John C. Reynolds, and Hongseok Yang. 2001. Local Reasoning about Programs that Alter Data Structures. In International Workshop on Computer Science Logic (CSL '01). 1--19.

Digital Library

[47]

Matthew J. Parkinson and Gavin M. Bierman. 2005. Separation Logic and Abstraction. In Symposium on Principles of Programming Languages (POPL '05). 247--258.

Digital Library

[48]

Yu Pei, Carlo A. Furia, Martin Nordio, Yi Wei, Bertrand Meyer, and Andreas Zeller. 2014. Automated Fixing of Programs with Contracts. IEEE Transactions on Software Engineering 40, 5 (2014), 427--449.

Digital Library

[49]

Jeff H Perkins, Sunghun Kim, Sam Larsen, Saman Amarasinghe, Jonathan Bachrach, Michael Carbin, Carlos Pacheco, Frank Sherwood, Stelios Sidiroglou, Greg Sullivan, et al. 2009. Automatically Patching Errors in Deployed Software. In Symposium on Operating Systems Principles (SIGOPS '09). 87--102.

Digital Library

[50]

Yuhua Qi, Xiaoguang Mao, Yan Lei, Ziying Dai, and Chengsong Wang. 2014. The Strength of Random Search on Automated Program Repair. In International Conference on Software Engineering (ICSE). 254--265.

Digital Library

[51]

Zichao Qi, Fan Long, Sara Achour, and Martin Rinard. 2015. An Analysis of Patch Plausibility and Correctness for Generate-and-validate Patch Generation Systems. In International Symposium on Software Testing and Analysis (ISSTA'15). 24--36.

Digital Library

[52]

Roopsha Samanta, Oswaldo Olivo, and E Allen Emerson. 2014. Cost-Aware Automatic Program Repair. In Static Analysis Symposium (SAS'14). 268--284.

[53]

Edward K. Smith, Earl T. Barr, Claire Le Goues, and Yuriy Brun. 2015. Is the Cure Worse than the Disease? Overfitting in Automated Program Repair. In Joint Meeting on Foundations of Software Engineering (ESEC/FSE '15). 532--543.

Digital Library

[54]

Edward K Smith, Earl T Barr, Claire Le Goues, and Yuriy Brun. 2015. Is the Cure Worse than the Disease? Overfitting in Automated Program Repair. In Joint Meeting of the European Software Engineering Conference and the Symposium on the Foundations of Software Engineering (ESEC/FSE'15). 532--543.

Digital Library

[55]

Zhaopeng Tu, Zhendong Su, and Premkumar Devanbu. 2014. On the Localness of Software. In Foundations of Software Engineering (FSE 2014). 269--280.

Digital Library

[56]

Christian von Essen and Barbara Jobstmann. 2015. Program Repair without Regret. Formal Methods in System Design 47, 1 (2015), 26--50.

Digital Library

[57]

Westley Weimer. 2006. Patches As Better Bug Reports. In Generative Programming and Component Engineering (GPCE '06). 181--190.

Digital Library

[58]

Westley Weimer, Zachary P Fry, and Stephanie Forrest. 2013. Leveraging Program Equivalence for Adaptive Program Repair: Models and First Results. In Automated Software Engineering (ASE '13). 356--366.

Digital Library

[59]

Westley Weimer and George C. Necula. 2005. Mining Temporal Specifications for Error Detection. In Tools and Algorithms for the Construction and Analysis of Systems (TACAS '05). 461--476.

Digital Library

[60]

Westley Weimer and George C. Necula. 2008. Exceptional Situations and Program Reliability. ACM Transactions on Programming Languages and Systems 30, 2, Article 8 (March 2008), 51 pages.

Digital Library

[61]

Jifeng Xuan, Matias Martinez, Favio Demarco, Maxime Clément, Sebastian Lamelas Marcote, Thomas Durieux, Daniel Le Berre, and Martin Monperrus. 2017. Nopol: Automatic Repair of Conditional Statement Bugs in Java Programs. IEEE Transactions on Software Engineering 43, 1 (2017), 34--55.

Digital Library

[62]

Hongseok Yang and Peter O'Hearn. 2002. A Semantic Basis for Local Reasoning. In International Conference on Foundations of Software Science and Computation Structures (FoSSaCS). 402--416.

Digital Library

Cited By

Fei ZGe JLi CWang TLi YZhang HHuang LLuo B(2024)Patch Correctness Assessment: A SurveyACM Transactions on Software Engineering and Methodology10.1145/370297234:2(1-50)Online publication date: 8-Nov-2024
https://dl.acm.org/doi/10.1145/3702972
Huang KXu ZYang SSun HLi XYan ZZhang Y(2024)Evolving Paradigms in Automated Program Repair: Taxonomy, Challenges, and OpportunitiesACM Computing Surveys10.1145/369645057:2(1-43)Online publication date: 10-Oct-2024
https://dl.acm.org/doi/10.1145/3696450
Mohajer MAleithan RHarzevili NWei MBelle APham HWang SAdams BZimmermann TOzkaya ILin DZhang J(2024)Effectiveness of ChatGPT for Static Analysis: How Far Are We?Proceedings of the 1st ACM International Conference on AI-Powered Software10.1145/3664646.3664777(151-160)Online publication date: 10-Jul-2024
https://dl.acm.org/doi/10.1145/3664646.3664777
Show More Cited By

Index Terms

Static automated program repair for heap properties
1. Software and its engineering
  1. Software creation and management

Recommendations

Reliable Fix Patterns Inferred from Static Checkers for Automated Program Repair
Fix pattern-based patch generation is a promising direction in automated program repair (APR). Notably, it has been demonstrated to produce more acceptable and correct patches than the patches obtained with mutation operators through genetic programming. ...
Comparing developer-provided to user-provided tests for fault localization and automated program repair
ISSTA 2018: Proceedings of the 27th ACM SIGSOFT International Symposium on Software Testing and Analysis

To realistically evaluate a software testing or debugging technique, it must be run on defects and tests that are characteristic of those a developer would encounter in practice. For example, to determine the utility of a fault localization or automated ...
Leveraging syntax-related code for automated program repair
ASE '17: Proceedings of the 32nd IEEE/ACM International Conference on Automated Software Engineering

We present our automated program repair technique ssFix which leverages existing code (from a code database) that is syntax-related to the context of a bug to produce patches for its repair. Given a faulty program and a fault-exposing test suite, ssFix ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

ICSE '18: Proceedings of the 40th International Conference on Software Engineering

May 2018

1307 pages

ISBN:9781450356381

DOI:10.1145/3180155

Conference Chair:
Michel Chaudron
Chalmers University of Technology, University of Gothenburg, Sweden
,
General Chair:
Ivica Crnkovic
Chalmers University of Technology, University of Gothenburg, Sweden
,
Program Chairs:
Marsha Chechik
University of Toronto, Canada
,
Mark Harman
Facebook and University College London, United Kingdom

Copyright © 2018 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGSOFT: ACM Special Interest Group on Software Engineering
IEEE-CS: Computer Society

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 27 May 2018

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Badges

Distinguished Paper

Author Tags

Qualifiers

Research-article

Conference

ICSE '18

Sponsor:

SIGSOFT
IEEE-CS

ICSE '18: 40th International Conference on Software Engineering

May 27 - June 3, 2018

Gothenburg, Sweden

Acceptance Rates

Overall Acceptance Rate 276 of 1,856 submissions, 15%

Upcoming Conference

ICSE 2025

2025 IEEE/ACM 46th International Conference on Software Engineering

April 26 - May 3, 2025

Ottawa , ON , Canada

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

56
Total Citations
View Citations
826
Total Downloads

Downloads (Last 12 months)105
Downloads (Last 6 weeks)32

Reflects downloads up to 01 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Fei ZGe JLi CWang TLi YZhang HHuang LLuo B(2024)Patch Correctness Assessment: A SurveyACM Transactions on Software Engineering and Methodology10.1145/370297234:2(1-50)Online publication date: 8-Nov-2024
https://dl.acm.org/doi/10.1145/3702972
Huang KXu ZYang SSun HLi XYan ZZhang Y(2024)Evolving Paradigms in Automated Program Repair: Taxonomy, Challenges, and OpportunitiesACM Computing Surveys10.1145/369645057:2(1-43)Online publication date: 10-Oct-2024
https://dl.acm.org/doi/10.1145/3696450
Mohajer MAleithan RHarzevili NWei MBelle APham HWang SAdams BZimmermann TOzkaya ILin DZhang J(2024)Effectiveness of ChatGPT for Static Analysis: How Far Are We?Proceedings of the 1st ACM International Conference on AI-Powered Software10.1145/3664646.3664777(151-160)Online publication date: 10-Jul-2024
https://dl.acm.org/doi/10.1145/3664646.3664777
Raj AGibbs WDong FVadayath JTompkins MWirsz SLiu YHu ZZhu CMenon GDolan-Gavitt BDoupé AWang RShoshitaishvili YBao TLuo BLiao XXu JKirda ELie D(2024)Fuzz to the Future: Uncovering Occluded Future Vulnerabilities via Robust FuzzingProceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security10.1145/3658644.3690278(3719-3733)Online publication date: 2-Dec-2024
https://dl.acm.org/doi/10.1145/3658644.3690278
Wadhwa NPradhan JSonwane ASahu SNatarajan NKanade AParthasarathy SRajamani S(2024)CORE: Resolving Code Quality Issues using LLMsProceedings of the ACM on Software Engineering10.1145/36437621:FSE(789-811)Online publication date: 12-Jul-2024
https://dl.acm.org/doi/10.1145/3643762
Song YGao XLi WChin WRoychoudhury A(2024)ProveNFix: Temporal Property-Guided Program RepairProceedings of the ACM on Software Engineering10.1145/36437371:FSE(226-248)Online publication date: 12-Jul-2024
https://dl.acm.org/doi/10.1145/3643737
Zhou XKim KXu BHan DLo DRoychoudhury APaiva AAbreu RStorey M(2024)Out of Sight, Out of Mind: Better Automatic Vulnerability Repair by Broadening Input Ranges and SourcesProceedings of the IEEE/ACM 46th International Conference on Software Engineering10.1145/3597503.3639222(1-13)Online publication date: 20-May-2024
https://dl.acm.org/doi/10.1145/3597503.3639222
Meem FSmith JJohnson BRoychoudhury APaiva AAbreu RStorey M(2024)Exploring Experiences with Automated Program Repair in PracticeProceedings of the IEEE/ACM 46th International Conference on Software Engineering10.1145/3597503.3639182(1-11)Online publication date: 20-May-2024
https://dl.acm.org/doi/10.1145/3597503.3639182
Qin BChen YLiu HZhang HWen QSong LZhang Y(2024)Understanding and Detecting Real-World Safety Issues in RustIEEE Transactions on Software Engineering10.1109/TSE.2024.338039350:6(1306-1324)Online publication date: Jun-2024
https://doi.org/10.1109/TSE.2024.3380393
Li YGuo J(2024)Research on Program Automatic Repair Method Combining Context Optimization Strategy and Large Language Models2024 4th International Symposium on Computer Technology and Information Science (ISCTIS)10.1109/ISCTIS63324.2024.10698980(26-34)Online publication date: 12-Jul-2024
https://doi.org/10.1109/ISCTIS63324.2024.10698980
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten