Concolic Program Repair
19/10/2021, 10:30am
Speaker
Abstract
Automated program repair reduces the manual effort in fixing program errors. However, existing repair techniques modify a buggy program such that it passes given tests. Such repair techniques do not discriminate between correct patches and patches that overfit the available tests (breaking untested but desiredfunctionality).
This talk explores an integrated approach for detecting and discarding overfitting patches via systematic co-exploration of the patch space and input space, called Concolic Program Repair (CPR). It leverages concolic path exploration to systematically traverse the input space (and generate inputs) while ruling out significant parts of the patch space. Given a long enough time budget, this approach allows a significant reduction in the pool of patch candidates. CPR is evaluated on its efficacy in fixing real-world software vulnerabilities and defects, on fixing functionality errors in programs drawn from SV-COMP benchmarks used in software verification, as well as for test-suite guided repair. The results show a patch space reduction due to the concolic exploration of up to 74% for fixing software vulnerabilities and up to 63% for SV-COMP programs. Overall, this technique presents the viewpoint of gradual correctness - repair run over longer time leads to less overfitting fixes.
Speaker Bio
Yannic is a Research Fellow at the National University of Singapore (NUS), working with Prof. Abhik Roychoudhury in program repair. His general research interests lie in automated software engineering, software testing & verification & repair to provide reliable, trustworthy, and secure software systems. Before joining NUS in September 2020, he pursued his Ph.D. in the Software Engineering group (Prof. Lars Grunske) at the Humboldt-Universität zu Berlin, Germany. During this time, he focused on differential software testing, in particular, bycombining fuzzing and symbolic execution.