Ziying Dai

The strength of random search on automated program repair

Automated program repair recently received considerable attentions, and many techniques on this research area have been proposed. Among them, two genetic-programming-based techniques, GenProg and Par, have shown the promising results. In particular, GenProg has been used as the baseline technique to check the repair effectiveness of new techniques in much literature. Although GenProg and Par have shown their strong ability of fixing real-life bugs in nontrivial programs, to what extent GenProg and Par can benefit from genetic programming, used by them to guide the patch search process, is still unknown. To address the question, we present a new automated repair technique using random search, which is commonly considered much simpler than genetic programming, and implement a prototype tool called RSRepair. Experiment on 7 programs with 24 versions shipping with real-life bugs suggests that RSRepair, in most cases (23/24), outperforms GenProg in terms of both repair effectiveness (requiring fewer patch trials) and efficiency (requiring fewer test case executions), justifying the stronger strength of random search over genetic programming. According to experimental results, we suggest that every proposed technique using optimization algorithm should check its effectiveness by comparing it with random search.

Slice-based statistical fault localization

HighlightsWe propose a novel slice-based statistical fault localization approach to improve fault localization effectiveness.We present an approximate dynamic backward slicing approach to balance the size and accuracy of a slice.An experimental study on a sufficient number of faulty versions and fault localization techniques shows the high applicability and effectiveness of our approach. Recent techniques for fault localization statistically analyze coverage information of a set of test runs to measure the correlations between program entities and program failures. However, coverage information cannot identify those program entities whose execution affects the output and therefore weakens the aforementioned correlations. This paper proposes a slice-based statistical fault localization approach to address this problem. Our approach utilizes program slices of a set of test runs to capture the influence of a program entitys execution on the output, and uses statistical analysis to measure the suspiciousness of each program entity being faulty. In addition, this paper presents a new slicing approach called approximate dynamic backward slice to balance the size and accuracy of a slice, and applies this slice to our statistical approach. We use two standard benchmarks and three real-life UNIX utility programs as our subjects, and compare our approach with a sufficient number of fault localization techniques. The experimental results show that our approach can significantly improve the effectiveness of fault localization.

Effective Statistical Fault Localization Using Program Slices

Recent techniques for fault localization statistically analyze coverage information of a set of test runs to measure the correlations between program entities and program failures. However, coverage information cannot identify those program entities whose execution affects the output, which weakens the aforementioned correlations. Thus, this paper proposes a novel statistical fault localization approach to address this problem. Our statistical approach utilizes program slices of a set of test runs to capture the influence of a program entitys execution on the output, and uses statistical analysis to measure the suspiciousness of program entities to be faulty. In addition, this paper presents a new slicing approach called approximate dynamic backward slice to balance the size and accuracy of a slice, and applies this slice to our statistical approach. The experimental results on two standard benchmarks show that our statistical approach significantly outperforms eight representative fault localization techniques.

More efficient automatic repair of large-scale programs using weak recompilation

Automatically repairing a bug can be a time-consuming process especially for large-scale programs owing to the significant amount of time spent recompiling and reinstalling the patched program. To reduce this time overhead and speed up the repair process, in this paper we present a recompilation technique called weak recompilation. In weak recompilation, we assume that a program consists of a set of components, and for each candidate patch only the altered components are recompiled to a shared library. The original program is then dynamically updated by a function indirection mechanism. The advantage of weak recompilation is that redundant recompilation cost can be avoided, and while the reinstallation cost is completely eliminated as the original executable program is not modified at all. For maximum applicability of weak recompilation we created WAutoRepair, a scalable system for fixing bugs with high efficiency in large-scale C programs. The experiments on real bugs in widely used programs show that our repair system significantly outperforms Genprog, a well-known approach to automatic program repair. For the wireshark program containing over 2 million lines of code, WAutoRepair is over 128 times faster in terms of recompilation cost than Genprog.

Does Genetic Programming Work Well on Automated Program Repair

Automated program repair has made some important progress in the recent decade. One well-known repair tool is GneProg, which automates the patch generation process according to the guidance of genetic programming. Although GenProg has successfully fixed many legacy faulty programs, the guidance effectiveness of genetic programming used by GenProg has not been even justified through the comparison with random search algorithm. In this paper we try to make the guidance effectiveness comparison between genetic programming and random search algorithm on program repair. The experimental results show that genetic programming does not perform better than random search algorithm on guiding the patch generation process.

Light-Weight Test Oracles for Resource Leaks Based on Finalizers

Garbage collectors automatically manage memory in an elegant way. However, finalization performs poorly in reclaiming finite system resources such as file descriptors and database connections, especially in Java. Resource leaks degrade application performance and can even result in system crashes. Unfortunately, it is hard to test resource leaks because they have no immediate symptoms. In this paper, we first investigate Java API classes for the usage of finalizers. Based on the common usage pattern of these finalizers, we then propose a lightweight, easy-to-use yet effective resource leak testing approach called Orbaf. Orbaf instruments resource classes to inspect whether the cleanup method of a resource object is called before its finalizers execution. Test cases are also optionally instrumented to improve the incidence of object finalization. Orbaf can detect leaks of most system resources and does not require any formal specifications. It can be handily used by common software developers. Experiments show that Orbaf has high effectiveness and low overhead.

Empirical Effectiveness Evaluation of Spectra-Based Fault Localization on Automated Program Repair

Researchers have proposed many spectra-based fault localization (SBFL) techniques in the past decades. Existing studies evaluate the effectiveness of these techniques from the viewpoint of developers, and have drawn some important conclusions through either empirical study or theoretical analysis. In this paper, we present the first study on the effectiveness of SBFL techniques from the viewpoint of fully automated debugging including the program repair of automation, for which the activity of automated fault localization is necessary. We assess the accuracy of fault localization according to the repair effectiveness in the automated repair process guided by the localization technique. Our experiment on 14 popular SBFL techniques with 11 subject programs shipping with real-life field failures presents the evidence that some conclusions drawn in prior studies do not hold in our experiment. Based on experimental results, we suggest that Jaccard should be used with high priority before some more effective SBFL techniques specially proposed for automated program repair occur in the future.

Compositional mining of multiple object API protocols through state abstraction.

API protocols specify correct sequences of method invocations. Despite their usefulness, API protocols are often unavailable in practice because writing them is cumbersome and error prone. Multiple object API protocols are more expressive than single object API protocols. However, the huge number of objects of typical object-oriented programs poses a major challenge to the automatic mining of multiple object API protocols: besides maintaining scalability, it is important to capture various object interactions. Current approaches utilize various heuristics to focus on small sets of methods. In this paper, we present a general, scalable, multiple object API protocols mining approach that can capture all object interactions. Our approach uses abstract field values to label object states during the mining process. We first mine single object typestates as finite state automata whose transitions are annotated with states of interacting objects before and after the execution of the corresponding method and then construct multiple object API protocols by composing these annotated single object typestates. We implement our approach for Java and evaluate it through a series of experiments.

Fault localization via behavioral models

Software errors significantly impact software quality, and improvement of fault localization can reduce the expense of debugging. SBFL is promising approach and have received a lot of attention due to its simplicity and effectiveness. However, there are still some limits in this approach. In this paper we address these limits and present a technique to build a novel behavioral model, and propose a corresponding fault localization technique. Furthermore, we performed a study to empirically validate the effectiveness of our approach. And experimental results indicated that our method outperformed other representative SBFL techniques in locating faults in the benchmark. We show that the effectiveness of the technique comes from the guidance of hierarchical behavioral model.

Automatic recovery from resource exhaustion exceptions by collecting leaked resources

Despite the availability of garbage collectors, programmers must manually manage non-memory finite system resources such as file descriptors. Resource leaks can gradually consume all available resources and cause programs to raise resource exhaustion exceptions. However, programmers commonly provide no effective recovery approach for resource exhaustion exceptions, which often causes programs to halt without completing their tasks. In this paper, we propose to automatically recover programs from resource exhaustion exceptions caused by resource leaks. We transform programs to catch resource exhaustion exceptions, collect leaked resources, and then retry the failure code. A resource collector is designed to identify leaked resources and safely release them. We implement our approach for Java programs. Experimental results show that our approach can successfully handle resource exhaustion exceptions caused by reported resource leaks and allow programs to complete their tasks with an average execution time increase of 2.52% and negligible bytecode size increase.