automated bug localization
play

Automated Bug Localization and Repair David Lo School of - PowerPoint PPT Presentation

Nov 29, 2022 •286 likes •898 views

Automated Bug Localization and Repair David Lo School of Information Systems Singapore Management University davidlo@smu.edu.sg Invited Talk, ISHCS 2016, China A Brief Self-Introduction Singapore 3 rd uni. Singapore Management Number

  1. Automated Bug Localization and Repair David Lo School of Information Systems Singapore Management University davidlo@smu.edu.sg Invited Talk, ISHCS 2016, China

  2. A Brief Self-Introduction  Singapore 3 rd uni. Singapore Management  Number of students: University  7000+ (UG)  1000+ (PG)  Schools:  Information Systems  Economics  Law  Business  Accountancy  Social Science 2

  3. A Brief Self-Introduction https://soarsmu.github.io/ @soarsmu

  4. A Brief Self-Introduction 4

  5. A Brief Self-Introduction Mailing Bugzilla Code List Dev. Execution SVN Network Traces 5

  6. 6

  7. Motivation  Software bugs cost the U.S. economy 59.5 billion dollars annually (Tassey, 2002)  Software debugging is an expensive and time consuming task in software projects ‒ Testing and debugging account 30-90% of the labor expended on a project (Beizer, 1990) 7

  8. Debugging “ Identify and remove error from (computer hardware or software)” – Oxford Dictionary Buggy Code Identification Program Repair (aka. Bug/Fault Localization) 8

  9. Information Retrieval and Spectrum Based Bug Localization: Better Together Tien-Duy B. Le, Richard J. Oentaryo, and David Lo School of Information Systems Singapore Management University 10 th Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on Foundations of Software Engineering ( ESEC-FSE 2015 ), Bergamo, Italy

  10. IR-Based Bug Localization Ranked List of Files Bug IR-Based Bug Report Localization File 1 Technique File 2 File 3 … (Thousands of) Source Code Files 10

  11. Spectrum-Based Bug Localization 11

  12. AML: Adaptive Multi-Modal Bug Localization AML 12

  13. AML: Main Features  Adaptive Bug Localization  Instance-specific vs. one-size-fits-all  Each bug is considered individually  Various parameters are tuned adaptively  Based on individual characteristics 13

  14. AML: Main Features  New word weighting scheme  Based on suspiciousness inferred from spectra  Nicely integrates bug reports + spectra  “future research … automatically highlight terms … related to a failure” (Parnin and Orso, 2011) 14

  15. AML: Adaptive Multi-Modal Bug Localization 15

  16. AML Text and AML Spectra  AML Text : use standard IR-based bug localization technique  Use VSM  AML Spectra : use standard spectrum-based bug localization technique  Use Tarantula 16

  17. AML SuspWord - Intuition  Word suspiciousness  For a bug, some words (in bug reports and files) are more suspicious (indicative of the bug)  Computed from program spectra  Method suspiciousness is inferred from those of its constituent words 17

  18. Integrator  Three parameters are tuned adaptively  Find the most similar k historical fixed reports  Find a near-optimal set of parameter values  Optimize performance for the k reports 18

  19. Dataset 19

  20. Baselines  LR A , LR B (Ye et al., FSE’14)  MULTRIC (Xuan and Monperrus, ICSME’14)  PROMESIR (Poshyvanyk et al., TSE’07)  DIT A , DIT B (Dit et al., EMSE’13) 20

  21. Evaluation Metrics  Top N : Number of bugs whose buggy methods are successfully localized at top-N positions  MAP (Mean Average Precision): 21

  22. Top-N Scores Locate 47.62%, 31.48%, and 27.78% more bugs than the best performing baseline at top- 1, 5, and 10 positions. 22

  23. MAP Scores Improve MAP by at least 28.80% . 23

  24. Takeaway  Multiple data sources can be leveraged to locate buggy code  Bug reports  Execution traces  IR-based and spectrum-based bug localization can be merged together to boost effectiveness  An adaptive solution that tunes itself given a target bug to locate can outperform a one-size-fits all solution 24

  25. Debugging “ Identify and remove error from (computer hardware of software)” – Oxford Dictionary Buggy Code Identification Program Repair (aka. Bug/Fault Localization) 25

  26. History Driven Program Repair Xuan-Bach D. Le 1 , David Lo 1 , and Claire Le Goues 2 1 Singapore Management University 2 Carnegie Mellon University 23rd IEEE International Conference on Software Analysis, Evolution, and Reengineering (SANER 2016), Osaka, Japan

  27. Program Repair Tools Mutates buggy program Candidate passing to create repair candidates all test cases Test Cases E.g., GenProg, PAR, etc 27

  28. Issues of Existing Repair Tools  Test-driven approaches: overfitting, nonsensical patches // Human fix: fa * fb > 0 If (fa * fb >= 0){ throw new ConvergenceException (“ .. ”) ; }  Long computation time to produce patches  Lack of knowledge on bug fix history  PAR: manually learned fix patterns 28

  29. History Driven Program Repair Candidates: Mutates buggy - frequently occur in program to create the knowledge repair candidates base Test Cases - pass negative tests Fast Knowledge base : Learned bug fix behaviors from history Avoid nonsensical patches 29

  30. Our Framework (HDRepair) Phase I : Bug Fix History Extraction Phase II: Bug Fix History Mining Phase III: Bug Fix Generation 30

  31. Phase I – Bug Fix History Extraction  Active, large and popular Java projects  Updated until 2014, >= 5 stars, >= 100MBs  Likely bug-fix commits  Commit message: fix, bug fix, fix typo, fix build, non-fix  Submission of at least one test case  Change no more than two source code lines  Result: 3,000 bug fixes from 700+ projects 31

  32. Phase II – Bug Fix History Mining Collection of Bug Fixes Graph Representation Pre-Fix AST GumTree Graph Bug Fix Post-Fix AST Collection of Graphs Closed Graph Mining Collection of Graph Patterns 32

  33. Phase III – Bug Fix Candidate Generation 4 Selection 1 Input Candidate 5 1 Mutation 2 Validation Fix Patterns Engine 6 Candidates Repair 3 Passed Candidates 33

  34. Experiment - Data Program #Bugs #Bugs Exp JFreeChart 26 5 Closure Compiler 133 29 Commons Math 106 36 Joda Time 27 2 Commons Lang 65 18 Total 357 90 Subset of Defects4J: bugs whose fixes involve fewer than 5 changed lines 38

  35. Number of Bugs Correctly Fixed 39

  36. Failure Cases Plausible vs Correct Fixes   Plausible fix passes all tests, but does not conform to certain desired behaviors //Fix by human and our approach: change condition to fa * fb > 0.0 if (fa * fb >= 0.0) { //Plausible fix by GenProg - throw new ConvergenceException("...") } 40

  37. Failure Cases Timeout   PAR and GenProg both have operators but timeout for(Node finallyNode : cfa.finallyMap.get(parent)){ - cfa.createEdge(fromNode, Branch.UNCOND, finallyNode); + cfa.createEdge(fromNode, Branch.ON_EX, finallyNode); } 41

  38. CDRep: Automatic Repair of Cryptographic Misuses in Android Applications Siqi Ma 1 , David Lo 1 , Teng Li 2 , Robert H. Deng 1 1 Singapore Management University, Singapore 2 Xidian University, China 11th ACM Symposium on Information, Computer and Communications Security ( AsiaCCS 2016 ), Xian, China

  39. What is a Cryptographic Misuse? # Cryptographic Misuse Patch Scheme 1 ECB mode CTR mode 2 A constant IV for CBC A randomized IV for CBC encryption encryption 3 A constant secret key A randomized secret key 4 A constant salt for PBE A randomized salt for PBE 5 Iteration < 1,000 in PBE Iterations = 1,000 6 A constant to seed SecureRandom.nextBytes() SecureRandom 7 MD5 hash function SHA-256 hash function 45

  40. CDRep: How Does Our System Work? Identification Smali Files Fault Android Identification Apps Vulnerable const/16 v4, 0x64 invoke-direct {v2, p2. v4}, Ljava/ Files crypto/spec/ PBEParameterSpec Repaired File ;-><init>([BI)V Patch const/16 v4, 0x64 Generation invoke-direct {v2, p2. v4}, Ljava/ crypto/spec/ PBEParameterSpec ;-><init>([BI)V Repaired File Patch Templates 46

  41. Evaluation data # Misuse Type # of Apps from # of Apps from # of Apps Google Play SlideMe 1 Use ECB mode 402 485 887 2 Use a constant IV for 379 600 979 CBC encryption 3 Use a constant secret 357 525 882 key 4 Use a constant salt for 4 3 7 PBE 5 Set # iteration < 1,000 7 4 10 6 Use a constant to seed 17 218 235 SecureRandom 7 Use MD5 hash function 1359 4224 5582 47

  42. Evaluation Results – Success Rate # # of # of Team # of Developer Apps Selected Acceptance Developer Acceptance Apps Response 1 887 100 91 (91%) 21 13 (61.9%) 2 979 110 92 (83.6%) 16 10 (62.5%) 3 882 100 83 (83%) 23 18 (78.2%) 4 7 7 5 (71.4%) 3 2 (66.7%) 5 10 10 10 (100%) 4 4 (100%) 6 235 235 212 (90.2%) 20 15 (75%) 7 5582 700 700 (100%) 143 138 (96.5%) 48

  43. Takeaway  Various kinds of bugs, including security loopholes, can be automatically repaired  A knowledge base can significantly boost the effectiveness of existing techniques  Built automatically by mining version control systems and bug tracking systems  Built manually by identifying a number of common cases  Knowledge base can reduce the likelihood of constructing nonsensical patches 49

  44. What’s Needed For Practitioners’ Adoption? 50

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Using Likely Invariants For Automated Software Fault Localization Swarup Sahoo, John Criswell,

Using Likely Invariants For Automated Software Fault Localization Swarup Sahoo, John Criswell,

Using Likely Invariants For Automated Software Fault Localization Swarup Sahoo, John Criswell, Chase Geigle, Vikram Adve Presented By: Matthew Perez and Thomas Rupp Motivation Detecting software bugs is time consuming and difficult Lots

150 views • 13 slides
Category-level localization Cordelia Schmid Category-level localization Localization of

Category-level localization Cordelia Schmid Category-level localization Localization of

Category-level localization Cordelia Schmid Category-level localization Localization of object outlines Learning shape-based models Localizing the objects with the learnt models Category-level localization Localization of object

1.1k views • 66 slides
Localization with GPS Localization with GPS From GPS Theory and Practice Fifth Edition

Localization with GPS Localization with GPS From GPS Theory and Practice Fifth Edition

Localization with GPS Localization with GPS From GPS Theory and Practice Fifth Edition Presented by Martin Constantine Introduction w GPS = Global Positioning System w Three segments: 1. Space (24 satellites) 2. Control (DOD) 3. User

859 views • 30 slides
E. Elnahrawy, X. Li, and R. Martin Rutgers U. WLAN-Based Localization Localization in

E. Elnahrawy, X. Li, and R. Martin Rutgers U. WLAN-Based Localization Localization in

Using Area-based Presentations and Metrics for Localization Systems in Wireless LANs E. Elnahrawy, X. Li, and R. Martin Rutgers U. WLAN-Based Localization Localization in indoor environments using 802.11 and Fingerprinting Numerous

941 views • 37 slides
Geography and CS Where am I? Localization Problem 2 How do I get there?

Geography and CS Where am I? Localization Problem 2 How do I get there?

Maps Problem 1 Geography and CS Where am I? Localization Problem 2 How do I get there? Philip Chan Navigation Localization--Where am I? Cell phone Localization GPSGlobal Positioning System Problem

488 views • 12 slides
PLB PRECISE LOCALIZATION OF PARTS IN BINS Robot guidance systems PLB ROBOT GUIDANCE SYSTEMS

PLB PRECISE LOCALIZATION OF PARTS IN BINS Robot guidance systems PLB ROBOT GUIDANCE SYSTEMS

P R O D U C T I N F O R M A T I O N PLB PRECISE LOCALIZATION OF PARTS IN BINS Robot guidance systems PLB ROBOT GUIDANCE SYSTEMS PROCESS OPTIMIZATION AND COST SAVINGS FOR AUTOMATED PARTS HANDLING IN PRODUCTION Robot-automated parts handling

409 views • 8 slides
Towards an Automated Fault Localizer while Designing Meta-models Adel Ferdjoukh and Jean-Marie

Towards an Automated Fault Localizer while Designing Meta-models Adel Ferdjoukh and Jean-Marie

Towards an Automated Fault Localizer while Designing Meta-models Adel Ferdjoukh and Jean-Marie Mottu MDEbug@MODELS 2018, Copenhagen (Kbenhavn) null Motivation Automated fault localization Tooling Ideas for improving Conclusion Synopsis 1

586 views • 25 slides
Category-level localization Cordelia Schmid Category-level localization Localization up to a

Category-level localization Cordelia Schmid Category-level localization Localization up to a

Category-level localization Cordelia Schmid Category-level localization Localization up to a bounding box Sliding window approach, previous course: Felzenszwalb 2010 Today: shape-based descriptor + sliding window Category-level

1.4k views • 110 slides
Design of Repair Operators for Automated Program Repair Shin Hwei Tan National University of

Design of Repair Operators for Automated Program Repair Shin Hwei Tan National University of

Design of Repair Operators for Automated Program Repair Shin Hwei Tan National University of Singapore What is automated program repair? BUG! Given a failing Test T , buggy program P 1.Fault localization Where to fix? 2. Patch Generation

517 views • 22 slides
CONTENT LOCALIZATION HUB by ABOUT US POSTMODERN is the largest post-production and localization

CONTENT LOCALIZATION HUB by ABOUT US POSTMODERN is the largest post-production and localization

CONTENT LOCALIZATION HUB by ABOUT US POSTMODERN is the largest post-production and localization facility in Ukraine. Its part of FILM.UA Group, a creative powerhouse and one of the largest in Eastern European media groups, operating in global

215 views • 6 slides
Automated Reasoning: Some Successes and New Challenges Predrag Jani ci c

Automated Reasoning: Some Successes and New Challenges Predrag Jani ci c

What is this talk about? What is automated reasoning? Automated reasoning in propositional logic Automated reasoning in first-order logic Automated reasoning in higher-order logic Automated reasoning in geometry Conclusions Automated

806 views • 52 slides
Localization 1 Odometric Localization planning and feedback control require the knowledge of

Localization 1 Odometric Localization planning and feedback control require the knowledge of

Autonomous and Mobile Robotics Prof. Giuseppe Oriolo Localization 1 Odometric Localization planning and feedback control require the knowledge of the robot configuration q (e.g., see Motion Control of WMRs: Trajectory Tracking, slide 3)

361 views • 9 slides
Search-Based Fault Localization Shaowei Wang, David Lo, Lingxiao Jiang, Lucia, and Hoong Chuin

Search-Based Fault Localization Shaowei Wang, David Lo, Lingxiao Jiang, Lucia, and Hoong Chuin

Search-Based Fault Localization Shaowei Wang, David Lo, Lingxiao Jiang, Lucia, and Hoong Chuin Lau School of Information Systems Singapore Management University ASE 2011: The 26th IEEE/ACM International Conference on Automated Software

271 views • 9 slides
Anderson Localization Alaska Subedi April 24, 2008 Alaska Subedi Anderson Localization

Anderson Localization Alaska Subedi April 24, 2008 Alaska Subedi Anderson Localization

Anderson Localization Alaska Subedi April 24, 2008 Alaska Subedi Anderson Localization Anderson Localization What happens to various electronic properties when perfect crystalline symmetry is broken by introduction of impurities? What is the

506 views • 12 slides
Simultaneous Localization &amp; Mapping Paril Jain Previous Week Localization IMU and PID

Simultaneous Localization &amp; Mapping Paril Jain Previous Week Localization IMU and PID

F1/10 th Autonomous Racing Simultaneous Localization &amp; Mapping Paril Jain Previous Week Localization IMU and PID Control LIDAR 2 Limitations : Basic Path Planning High Level Path Assignments 2 nd right, 2 nd right, 1 st right,

1.77k views • 49 slides
WHAT IF THE ROBOT GETS LOST? ML maintains a probability distribution over the entire space,

WHAT IF THE ROBOT GETS LOST? ML maintains a probability distribution over the entire space,

DEFINITION OF LOCALIZATION MONTE CARLO LOCALIZATION (MCL): &amp; INTRODUCTION TO SLAM Process where the robot finds its position in its CS486 environment using a global coordinate scheme (map). Introduction to AI GLOBAL LOCALIZATION Spring

295 views • 7 slides
A Unified Format for Language Documents Vadim Zaytsev and Ralf Lmmel Software Languages Team

A Unified Format for Language Documents Vadim Zaytsev and Ralf Lmmel Software Languages Team

A Unified Format for Language Documents Vadim Zaytsev and Ralf Lmmel Software Languages Team Universitt Koblenz-Landau Motivation Formal languages are defined by formal grammars Real languages are defined by their specifications

630 views • 27 slides
rvore Binria de Busca tima Siang Wun Song - Universidade de So Paulo - IME/USP MAC 5710 -

rvore Binria de Busca tima Siang Wun Song - Universidade de So Paulo - IME/USP MAC 5710 -

rvore Binria de Busca tima Siang Wun Song - Universidade de So Paulo - IME/USP MAC 5710 - Estruturas de Dados - 2008 Siang Wun Song - Universidade de So Paulo - IME/USP rvore Binria de Busca tima Referncia bibliogrfica Os

681 views • 45 slides
Adaptive content in Drupal http://goo.gl/A4ejvF What we can learn from technical writers follow

Adaptive content in Drupal http://goo.gl/A4ejvF What we can learn from technical writers follow

Adaptive content in Drupal http://goo.gl/A4ejvF What we can learn from technical writers follow along: http://goo.gl/A4ejvF Pronovix Introduction What's the big deal with mobile? A short history of screen resolutions And then mobile

620 views • 39 slides
Learning Control Decisions in Gas Networks Mark Turner Combinatorial Optimization @ Work 2020

Learning Control Decisions in Gas Networks Mark Turner Combinatorial Optimization @ Work 2020

Learning Control Decisions in Gas Networks Mark Turner Combinatorial Optimization @ Work 2020 Exact control decisions of Network Stations Listen to previous talks Provides descriptions of individual gas network elements Provides

697 views • 46 slides
Material Didtico Proposto 1 Programao Estruturada Comandos Condicionais (Deciso)

Material Didtico Proposto 1 Programao Estruturada Comandos Condicionais (Deciso)

Universidade Federal de Ouro Preto - UFOP Departamento de Computao - DECOM Comisso para Coordenao das Atividades Pedaggicas da Disciplina BCC701 CAP-BCC701 www.decom.ufop.br/bcc701 2014-1 Material Didtico Proposto 1

794 views • 57 slides
Europe Dr Liam Thornton, UCD Human Rights Network UCD School of Law [t]he treatment of

Europe Dr Liam Thornton, UCD Human Rights Network UCD School of Law [t]he treatment of

Law, Dignity &amp; Socio- Economic Rights: The Case of Asylum Seekers in Europe Dr Liam Thornton, UCD Human Rights Network UCD School of Law [t]he treatment of alienshas become a defining challenge to an important aspect of the

1.43k views • 11 slides
Lecture 14 Generics 1 Leah Perlmutter / Summer 2018 Announcements Announcements

Lecture 14 Generics 1 Leah Perlmutter / Summer 2018 Announcements Announcements

CSE 331 Software Design and Implementation Lecture 14 Generics 1 Leah Perlmutter / Summer 2018 Announcements Announcements Quiz 5 is due Thursday Homework 6 due Thursday Midterm grades and feedback will be out this

626 views • 37 slides
Parametricity Leo White Jane Street February 2016 1/ 59 Parametricity with multiple types.

Parametricity Leo White Jane Street February 2016 1/ 59 Parametricity with multiple types.

Parametricity Leo White Jane Street February 2016 1/ 59 Parametricity with multiple types. uniformly . from the outside world, parametricity hides details about the outside world from an implementation. 2/ 59 Polymorphism allows a

623 views • 60 slides

More recommend