What Happens When We Fuzz? Investigating OSS-Fuzz Bug History
- URL: http://arxiv.org/abs/2305.11433v1
- Date: Fri, 19 May 2023 05:15:36 GMT
- Title: What Happens When We Fuzz? Investigating OSS-Fuzz Bug History
- Authors: Brandon Keller, Andrew Meneely, Benjamin Meyers
- Abstract summary: We analyzed 44,102 reported issues made public by OSS-Fuzz prior to March 12, 2022.
We identified the bug-contributing commits to estimate when the bug containing code was introduced, and measure the timeline from introduction to detection to fix.
- Score: 0.9772968596463595
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: BACKGROUND: Software engineers must be vigilant in preventing and correcting
vulnerabilities and other critical bugs. In servicing this need, numerous tools
and techniques have been developed to assist developers. Fuzzers, by
autonomously generating inputs to test programs, promise to save time by
detecting memory corruption, input handling, exception cases, and other issues.
AIMS: The goal of this work is to empower developers to prioritize their
quality assurance by analyzing the history of bugs generated by OSS-Fuzz.
Specifically, we examined what has happened when a project adopts fuzzing as a
quality assurance practice by measuring bug lifespans, learning opportunities,
and bug types.
METHOD: We analyzed 44,102 reported issues made public by OSS-Fuzz prior to
March 12, 2022. We traced the Git commit ranges reported by repeated fuzz
testing to the source code repositories to identify how long fuzzing bugs
remained in the system, who fixes these bugs, and what types of problems
fuzzers historically have found. We identified the bug-contributing commits to
estimate when the bug containing code was introduced, and measure the timeline
from introduction to detection to fix.
RESULTS: We found that bugs detected in OSS-Fuzz have a median lifespan of
324 days, but that bugs, once detected, only remain unaddressed for a median of
2 days. Further, we found that of the 8,099 issues for which a source
committing author can be identified, less than half (45.9%) of issues were
fixed by the same author that introduced the bug.
CONCLUSIONS: The results show that fuzzing can be used to makes a positive
impact on a project that takes advantage in terms of their ability to address
bugs in a time frame conducive to fixing mistakes prior to a product release.
Related papers
- Understanding Code Understandability Improvements in Code Reviews [79.16476505761582]
We analyzed 2,401 code review comments from Java open-source projects on GitHub.
83.9% of suggestions for improvement were accepted and integrated, with fewer than 1% later reverted.
arXiv Detail & Related papers (2024-10-29T12:21:23Z) - Leveraging Large Language Models for Efficient Failure Analysis in Game Development [47.618236610219554]
This paper proposes a new approach to automatically identify which change in the code caused a test to fail.
The method leverages Large Language Models (LLMs) to associate error messages with the corresponding code changes causing the failure.
Our approach reaches an accuracy of 71% in our newly created dataset, which comprises issues reported by developers at EA over a period of one year.
arXiv Detail & Related papers (2024-06-11T09:21:50Z) - Leveraging Stack Traces for Spectrum-based Fault Localization in the Absence of Failing Tests [44.13331329339185]
We introduce a new approach, SBEST, that integrates stack trace data with test coverage to enhance fault localization.
Our approach shows a significant improvement, increasing Mean Average Precision (MAP) by 32.22% and Mean Reciprocal Rank (MRR) by 17.43% over traditional stack trace ranking methods.
arXiv Detail & Related papers (2024-05-01T15:15:52Z) - Developers' Perception: Fixed Bugs Often Overlooked as Quality Contributions [0.0]
Only a third of programmers perceive the quantity of bugs found and rectified in a repository as indicative of higher quality.
This finding substantiates the notion that programmers often misinterpret the significance of testing and bug reporting.
arXiv Detail & Related papers (2024-03-16T04:40:19Z) - The Impact Of Bug Localization Based on Crash Report Mining: A Developers' Perspective [7.952391285456257]
We report our experience of using an approach for grouping crash reports and finding buggy code on a weekly basis for 18 months.
The approach investigated in this study correctly suggested the buggy file most of the time -- the approach's precision was around 80%.
arXiv Detail & Related papers (2024-03-16T01:23:01Z) - DebugBench: Evaluating Debugging Capability of Large Language Models [80.73121177868357]
DebugBench is a benchmark for Large Language Models (LLMs)
It covers four major bug categories and 18 minor types in C++, Java, and Python.
We evaluate two commercial and four open-source models in a zero-shot scenario.
arXiv Detail & Related papers (2024-01-09T15:46:38Z) - PreciseBugCollector: Extensible, Executable and Precise Bug-fix
Collection [8.79879909193717]
We introduce PreciseBugCollector, a precise, multi-language bug collection approach.
It is based on two novel components: a bug tracker to map the repositories with external bug repositories to trace bug type information, and a bug injector to generate project-specific bugs.
To date, PreciseBugCollector comprises 1057818 bugs extracted from 2968 open-source projects.
arXiv Detail & Related papers (2023-09-12T13:47:44Z) - Using Developer Discussions to Guide Fixing Bugs in Software [51.00904399653609]
We propose using bug report discussions, which are available before the task is performed and are also naturally occurring, avoiding the need for additional information from developers.
We demonstrate that various forms of natural language context derived from such discussions can aid bug-fixing, even leading to improved performance over using commit messages corresponding to the oracle bug-fixing commits.
arXiv Detail & Related papers (2022-11-11T16:37:33Z) - ADPTriage: Approximate Dynamic Programming for Bug Triage [0.0]
We develop a Markov decision process (MDP) model for an online bug triage task.
We provide an ADP-based bug triage solution, called ADPTriage, which reflects downstream uncertainty in the bug arrivals and developers' timetables.
Our result shows a significant improvement over the myopic approach in terms of assignment accuracy and fixing time.
arXiv Detail & Related papers (2022-11-02T04:42:21Z) - DapStep: Deep Assignee Prediction for Stack Trace Error rePresentation [61.99379022383108]
We propose new deep learning models to solve the bug triage problem.
The models are based on a bidirectional recurrent neural network with attention and on a convolutional neural network.
To improve the quality of ranking, we propose using additional information from version control system annotations.
arXiv Detail & Related papers (2022-01-14T00:16:57Z) - Self-Supervised Bug Detection and Repair [27.46717890823656]
We present BugLab, an approach for self-supervised learning of bug detection and repair.
A Python implementation of BugLab improves by up to 30% upon baseline methods on a test dataset of 2374 real-life bugs.
arXiv Detail & Related papers (2021-05-26T18:41:05Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.