Tue 5 Dec 2023 12:00 - 12:15 at Golden Gate C3 - Automated Repair I Chair(s): Shin Hwei Tan

We present SmartFix, a new technique for repairing vulnerable smart contracts. There is an urgent need to develop automatic bug-repair techniques for smart contracts, as smart contracts are safety-critical software and manual debugging is burdensome and error-prone. While several repair approaches have been proposed recently, they are unsatisfactory since no existing techniques can achieve high repairability, full automation, and safety guarantee at the same time, posing significant problems for practical use. SmartFix aims to address these shortcomings by using a “generate-and-verify” approach that iteratively enumerates candidate patches while validating their correctness by invoking a safety verifier. However, in this approach, a technical challenge arises as the search space is huge and the verification-based patch validation is expensive. To address this challenge, we present a novel technique for accelerating the generate-and-verify repair procedure using statistical models derived from the verifier’s feedback. Experimental results on real-world Ethereum smart contracts show that SmartFix is able to achieve a fix success rate of 94.8% for critical classes of vulnerabilities, far outperforming sGuard, the existing state-of-the-art technique whose success rate is 65.4%.

Tue 5 Dec

Displayed time zone: Pacific Time (US & Canada) change

11:00 - 12:30
Automated Repair IResearch Papers / Industry Papers at Golden Gate C3
Chair(s): Shin Hwei Tan Concordia University
11:00
15m
Talk
RAP-Gen: Retrieval-Augmented Patch Generation with CodeT5 for Automatic Program Repair
Research Papers
Weishi Wang Nanyang Technological University, Yue Wang Salesforce Research, Shafiq Joty Salesforce Research, Steven C.H. Hoi Salesforce Research Asia
Media Attached
11:15
15m
Talk
From Leaks to Fixes: Automated Repairs for Resource Leak Warnings
Research Papers
Akshay Utture Uber Technologies Inc., Jens Palsberg University of California, Los Angeles (UCLA)
Pre-print Media Attached
11:30
15m
Talk
InferFix: End-to-End Program Repair with LLMs
Industry Papers
Matthew Jin , Syed Shahriar University of California at Los Angeles, Michele Tufano Microsoft, Xin Shi Microsoft Corporation, Shuai Lu Microsoft Research, Neel Sundaresan Microsoft, Alexey Svyatkovskiy Microsoft
DOI
11:45
15m
Research paper
Copiloting the Copilots: Fusing Large Language Models with Completion Engines for Automated Program Repair
Research Papers
Yuxiang Wei University of Illinois at Urbana-Champaign, Chunqiu Steven Xia University of Illinois at Urbana-Champaign, Lingming Zhang University of Illinois at Urbana-Champaign
Pre-print Media Attached
12:00
15m
Talk
SmartFix: Fixing Vulnerable Smart Contracts by Accelerating Generate-and-Verify Repair using Statistical Models
Research Papers
Sunbeom So Korea University, Hakjoo Oh Korea University
Media Attached
12:15
15m
Talk
Automatically Resolving Dependency-Conflict Building Failures via Behavior-Consistent Loosening of Library Version Constraints
Research Papers
Huiyan Wang Nanjing University, Shuguan Liu Nanjing University, Lingyu Zhang Nanjing University, Chang Xu Nanjing University
Media Attached