Patch Space Exploration using Static Analysis Feedback
- URL: http://arxiv.org/abs/2308.00294v1
- Date: Tue, 1 Aug 2023 05:22:10 GMT
- Title: Patch Space Exploration using Static Analysis Feedback
- Authors: Yuntong Zhang, Andreea Costea, Ridwan Shariffdeen, Davin McCall, Abhik
Roychoudhury
- Abstract summary: We show how to automatically repair memory safety issues, by leveraging static analysis to guide repair.
Our proposed approach learns what a desirable patch is by inspecting how close a patch is to fixing the bug.
We make repair scalable by creating classes of equivalent patches according to the effect they have on the symbolic heap, and then invoking the validation oracle only once per class of patch equivalence.
- Score: 8.13782364161157
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: Automated Program Repair (APR) techniques typically rely on a given
test-suite to guide the repair process. Apart from the need to provide test
oracles, this makes the produced patches prone to test data over-fitting. In
this work, instead of relying on test cases, we show how to automatically
repair memory safety issues, by leveraging static analysis (specifically
Incorrectness Separation Logic) to guide repair. Our proposed approach learns
what a desirable patch is by inspecting how close a patch is to fixing the bug
based on the feedback from incorrectness separation logic based static analysis
(specifically the Pulse analyser), and turning this information into a
distribution of probabilities over context free grammars. Furthermore, instead
of focusing on heuristics for reducing the search space of patches, we make
repair scalable by creating classes of equivalent patches according to the
effect they have on the symbolic heap, and then invoking the validation oracle
only once per class of patch equivalence. This allows us to efficiently
discover repairs even in the presence of a large pool of patch candidates
offered by our generic patch synthesis mechanism. Experimental evaluation of
our approach was conducted by repairing real world memory errors in OpenSSL,
swoole and other subjects. The evaluation results show the scalability and
efficacy of our approach in automatically producing high quality patches.
Related papers
- STAMP: Outlier-Aware Test-Time Adaptation with Stable Memory Replay [76.06127233986663]
Test-time adaptation (TTA) aims to address the distribution shift between the training and test data with only unlabeled data at test time.
This paper pays attention to the problem that conducts both sample recognition and outlier rejection during inference while outliers exist.
We propose a new approach called STAble Memory rePlay (STAMP), which performs optimization over a stable memory bank instead of the risky mini-batch.
arXiv Detail & Related papers (2024-07-22T16:25:41Z) - A Case Study of LLM for Automated Vulnerability Repair: Assessing Impact of Reasoning and Patch Validation Feedback [7.742213291781287]
We present VRpilot, a vulnerability repair technique based on reasoning and patch validation feedback.
Our results show that VRpilot generates, on average, 14% and 7.6% more correct patches than the baseline techniques on C and Java.
arXiv Detail & Related papers (2024-05-24T16:29:48Z) - SKU-Patch: Towards Efficient Instance Segmentation for Unseen Objects in
Auto-Store [102.45729472142526]
In large-scale storehouses, precise instance masks are crucial for robotic bin picking.
This paper presents a new patch-guided instance segmentation solution, leveraging only a few image patches for each incoming new SKU.
SKU-Patch yields an average of nearly 100% grasping success rate on more than 50 unseen SKUs in a robot-aided auto-store logistic pipeline.
arXiv Detail & Related papers (2023-11-08T12:44:38Z) - RAP-Gen: Retrieval-Augmented Patch Generation with CodeT5 for Automatic
Program Repair [75.40584530380589]
We propose a novel Retrieval-Augmented Patch Generation framework (RAP-Gen)
RAP-Gen explicitly leveraging relevant fix patterns retrieved from a list of previous bug-fix pairs.
We evaluate RAP-Gen on three benchmarks in two programming languages, including the TFix benchmark in JavaScript, and Code Refinement and Defects4J benchmarks in Java.
arXiv Detail & Related papers (2023-09-12T08:52:56Z) - Accelerating Patch Validation for Program Repair with Interception-Based
Execution Scheduling [15.592392495402809]
We investigate existing mutation testing techniques and identify five classes of acceleration techniques that are suitable for general-purpose patch validation.
We propose two novel approaches: execution scheduling, which detects the equivalence between patches online, and interception-based instrumentation, which intercepts the changes of patches to the system state.
Our large-scale evaluation with four APR approaches shows that ExpressAPR accelerates patch validation by 137.1x over plainvalidation or 8.8x over the state-of-the-art approach.
arXiv Detail & Related papers (2023-05-06T06:45:25Z) - Patch-aware Batch Normalization for Improving Cross-domain Robustness [55.06956781674986]
Cross-domain tasks present a challenge in which the model's performance will degrade when the training set and the test set follow different distributions.
We propose a novel method called patch-aware batch normalization (PBN)
By exploiting the differences between local patches of an image, our proposed PBN can effectively enhance the robustness of the model's parameters.
arXiv Detail & Related papers (2023-04-06T03:25:42Z) - PatchZero: Zero-Shot Automatic Patch Correctness Assessment [13.19425284402493]
We propose toolname, the patch correctness assessment by adopting a large language model for code.
toolname prioritizes labeled patches from existing APR tools that exhibit semantic similarity to those generated by new APR tools.
Our experimental results showed that toolname can achieve an accuracy of 84.4% and an F1-score of 86.5% on average.
arXiv Detail & Related papers (2023-03-01T03:12:11Z) - Test-based Patch Clustering for Automatically-Generated Patches Assessment [21.051652050359852]
Overfitting happens when a patch is run and the test suite does not reveal any error, but the patch actually does not fix the underlying bug or it introduces a new defect that is not covered by the test suite.
Our work aims to minimize the number of plausible patches that programmers have to review, thereby reducing the time required to find a correct patch.
We introduce a novel light-weight test-based patch clustering approach called xTestCluster, which clusters patches based on their dynamic behavior.
arXiv Detail & Related papers (2022-07-22T13:39:27Z) - Segment and Complete: Defending Object Detectors against Adversarial
Patch Attacks with Robust Patch Detection [142.24869736769432]
Adversarial patch attacks pose a serious threat to state-of-the-art object detectors.
We propose Segment and Complete defense (SAC), a framework for defending object detectors against patch attacks.
We show SAC can significantly reduce the targeted attack success rate of physical patch attacks.
arXiv Detail & Related papers (2021-12-08T19:18:48Z) - Checking Patch Behaviour against Test Specification [4.723400023753107]
We propose a hypothesis on how the link between the patch behaviour and failing test specifications can be drawn.
We then propose BATS, an unsupervised learning-based system to predict patch correctness.
arXiv Detail & Related papers (2021-07-28T11:39:06Z) - Rethinking Generative Zero-Shot Learning: An Ensemble Learning
Perspective for Recognising Visual Patches [52.67723703088284]
We propose a novel framework called multi-patch generative adversarial nets (MPGAN)
MPGAN synthesises local patch features and labels unseen classes with a novel weighted voting strategy.
MPGAN has significantly greater accuracy than state-of-the-art methods.
arXiv Detail & Related papers (2020-07-27T05:49:44Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.