Tue 5 Dec 2023 11:15 - 11:30 at Golden Gate C3 - Automated Repair I Chair(s): Shin Hwei Tan

Resource leaks are a common and elusive source of bugs that can result in crashes and security vulnerabilities. The most effective technique to identify such leaks during development is static analysis. However, empirical studies show that in addition to leak warnings, developers often need help in the form of automated fix suggestions to correctly repair such leaks. The only existing tool that can suggest resource-leak fixes is the general-purpose tool Footpatch. Footpatch, however, performs poorly at this task; it generates fixes for only 6% of the leaks, out of which only 27% are correct.

In this paper, we introduce RLFixer, a specialized repair tool that generates high-quality fixes for resource leaks identified by any resource-leak detector. A major challenge for RLFixer is that the most general version of the resource-leak repair problem is at least as hard as compile-time object deallocation, a well-known hard problem for compilers. RLFixer tackles this issue by separating the resource-leaks that are infeasible for a compile-time tool to fix from those that are feasible to fix. RLFixer achieves this separation by using a data-flow analysis of resource objects to classify how they escape the context of their methods. The same analysis also enables RLFixer to generate correct repairs for the feasible-to-fix leaks. RLFixer is demand-driven and hence only analyzes statements relevant to the leak, thereby keeping overhead low.

We evaluated RLFixer by applying it to warnings generated by five popular Java resource-leak detectors. We show that, on average, RLFixer generates repairs for 66% of their warnings, out of which 95% are correct. It has an average repair time of 14 seconds.

Tue 5 Dec

Displayed time zone: Pacific Time (US & Canada) change

11:00 - 12:30
Automated Repair IResearch Papers / Industry Papers at Golden Gate C3
Chair(s): Shin Hwei Tan Concordia University
11:00
15m
Talk
RAP-Gen: Retrieval-Augmented Patch Generation with CodeT5 for Automatic Program Repair
Research Papers
Weishi Wang Nanyang Technological University, Yue Wang Salesforce Research, Shafiq Joty Salesforce Research, Steven C.H. Hoi Salesforce Research Asia
Media Attached
11:15
15m
Talk
From Leaks to Fixes: Automated Repairs for Resource Leak Warnings
Research Papers
Akshay Utture Uber Technologies Inc., Jens Palsberg University of California, Los Angeles (UCLA)
Pre-print Media Attached
11:30
15m
Talk
InferFix: End-to-End Program Repair with LLMs
Industry Papers
Matthew Jin , Syed Shahriar University of California at Los Angeles, Michele Tufano Microsoft, Xin Shi Microsoft Corporation, Shuai Lu Microsoft Research, Neel Sundaresan Microsoft, Alexey Svyatkovskiy Microsoft
DOI
11:45
15m
Research paper
Copiloting the Copilots: Fusing Large Language Models with Completion Engines for Automated Program Repair
Research Papers
Yuxiang Wei University of Illinois at Urbana-Champaign, Chunqiu Steven Xia University of Illinois at Urbana-Champaign, Lingming Zhang University of Illinois at Urbana-Champaign
Pre-print Media Attached
12:00
15m
Talk
SmartFix: Fixing Vulnerable Smart Contracts by Accelerating Generate-and-Verify Repair using Statistical Models
Research Papers
Sunbeom So Korea University, Hakjoo Oh Korea University
Media Attached
12:15
15m
Talk
Automatically Resolving Dependency-Conflict Building Failures via Behavior-Consistent Loosening of Library Version Constraints
Research Papers
Huiyan Wang Nanjing University, Shuguan Liu Nanjing University, Lingyu Zhang Nanjing University, Chang Xu Nanjing University
Media Attached