Thomas Durieux

Experience

  • INRIA
    / Sep. 2015 - Aug. 2018

    PhD Student - The motivation of this PhD is to improve automated monitoring, diagnosis and correction of production bugs using search-based software engineering techniques.
  • INRIA
    / Sep. 2014 - Aug. 2015

    Research intern - I worked on the Nopol project, a test-suite-based tool for automated bug repair which outputs patches. First, relaying on the Java PathFinder (JPF) library, I integrated symbolic execution to Nopol in order to extend its repair scope to buggy arithmetic statements. Second, I worked on the synthesis of patches based on the context buggy statements. I used the approach proposed in CodeHint. This tool, developed at UC Berkeley, provides dynamic and interactive synthesis of code snippets.
  • CERN
    / Summer 2014

    Summer student - I was integrated to the CERN the security team. Where, I developed a set of tools which scans thousands of CERN WEB servers in order to detect misconfigurations. First, I made a first had to determine the common types of misconfigurations present in the CERN network. Second, I realized the 8 detection tools by focusing on the reduction of false positives. Third, the results were presented at the security team.
  • Microsoft Innovation Center
    / Feb. - Jun. 2013

    Industrial entrepreneurship at Aproove - In order to create a distributed system of the Aproove product, a leading annotation and validation tool for graphic document of high resolution. I developed in a very tight schedule, a new backend system for managing multiple instances of the Aproove product. This system allows database management and Aproove instance management on multiple hosts.
  • Emakina / Jun. 2012

    Student job - I had to continue and to correct JavaScript development in "jobs" section of ING Belgium. I interacted effectively with the team to meet the tight deadlines and precise requirements from the client. I was the only specialist of the team on this technology and the project manager gives me his entire confidence on the technical aspects.
  • Institut Paul Lambin
    / 2012

    Tutor - I provided support to first year students.

Teaching

  • University of Lille
    / Sep. 2016 - Jun. 2018

    Software Engineering (Master 1) and Algorithm and Programation (Bachelor 1)

Education

Publications

  • Production-Driven Patch Generation
    / 2017

    Durieux, T., Hamadi, Y., and Monperrus M. NIER ICSE
    We present an original concept for patch generation: we propose to do it directly in production. Our idea is to generate patches on-the-fly based on automated analysis of the failure context. By doing this in production, the repair process has complete access to the system state at the point of failure. We propose to perform live regression testing of the generated patches directly on the production traffic, by feeding a sandboxed version of the application with a copy of the production traffic, the "shadow traffic". Our concept widens the applicability of program repair, because it removes the requirements of having a failing test case.

    PDF
  • Dynamic Patch Generation for Null Pointer Exceptions Using Metaprogramming
    / 2017

    Durieux, T., Cornu, B., Seinturier, L.,and Monperrus, M. IEEE International Conference on Software Analysis, Evolution and Reengineering
    Null pointer exceptions (NPE) are the number one cause of uncaught crashing exceptions in production. In this paper, we aim at exploring the search space of possible patches for null pointer exceptions with metaprogramming. Our idea is to transform the program under repair with automated code transformation, so as to obtain a metaprogram. This metaprogram contains automatically injected hooks, that can be activated to emulate a null pointer exception patch. This enables us to perform a fine-grain analysis of the runtime context of null pointer exceptions. We set up an experiment with 16 real null pointer exceptions that have happened in the field. We compare the effectiveness of our metaprogramming approach against simple templates for repairing null pointer exceptions.

    PDFSlideSource CodeExperiment Results
  • Automatic repair of real bugs in java: a large-scale experiment on the defects4j dataset
    / 2016

    Martinez, M., Durieux, T., Sommerard, R. et al. Empir Software Eng
    Defects4J is a large, peer-reviewed, structured dataset of real-world Java bugs. Each bug in Defects4J comes with a test suite and at least one failing test case that triggers the bug. In this paper, we report on an experiment to explore the effectiveness of automatic test-suite based repair on Defects4J. The result of our experiment shows that the considered state-of-the-art repair methods can generate patches for 47 out of 224 bugs. However, those patches are only test-suite adequate, which means that they pass the test suite and may potentially be incorrect beyond the test-suite satisfaction correctness criterion. We have manually analyzed 84 different patches to assess their real correctness. In total, 9 real Java bugs can be correctly repaired with test-suite based repair. This analysis shows that test-suite based repair suffers from under-specified bugs, for which trivial or incorrect patches still pass the test suite. With respect to practical applicability, it takes on average 14.8 minutes to find a patch. The experiment was done on a scientific grid, totaling 17.6 days of computation time. All the repair systems and experimental results are publicly available on Github in order to facilitate future research on automatic repair.

    PDFExperiment Results
  • Nopol: Automatic Repair of Conditional Statement Bugs in Java Programs
    / 2016

    JXuan, J., Martinez, M., Demarco, F., Clément, M., Marcote, S.L., Durieux, T., Le Berre, D. and Monperrus, M. IEEE Transactions on Software Engineering, Institute of Electrical and Electronics Engineers.
    We propose Nopol, an approach to automatic repair of buggy conditional statements (i.e., if-then-else statements). This approach takes a buggy program as well as a test suite as input and generates a patch with a conditional expression as output. The test suite is required to contain passing test cases to model the expected behavior of the program and at least one failing test case that reveals the bug to be repaired. The process of Nopol consists of three major phases. First, Nopol employs angelic fix localization to identify expected values of a condition during the test execution. Second, runtime trace collection is used to collect variables and their actual values, including primitive data types and objected-oriented features (e.g., nullness checks), to serve as building blocks for patch generation. Third, Nopol encodes these collected data into an instance of a Satisfiability Modulo Theory (SMT) problem; then a feasible solution to the SMT instance is translated back into a code patch. We evaluate Nopol on 22 real-world bugs (16 bugs with buggy if conditions and six bugs with missing preconditions) on two large open-source projects, namely Apache Commons Math and Apache Commons Lang. Empirical analysis on these bugs shows that our approach can effectively fix bugs with buggy if conditions and missing preconditions. We illustrate the capabilities and limitations of Nopol using case studies of real bug fixes.

    PDFSource CodeExperiment Results
  • DynaMoth: Dynamic Code Synthesis for Automatic Program Repair
    / 2016

    Durieux, T., Monperrus, M. 11th International Workshop in Automation of Software Test (AST 2016), May 2016, Austin, United States.
    Automatic software repair is the process of automatically fixing bugs. The Nopol repair system repairs Java code using code synthesis. We have designed a new code synthesis engine for Nopol based on dynamic exploration, it is called DynaMoth. The main design goal is to be able to generate patches with method calls. We evaluate DynaMoth over 224 of the Defects4J dataset. The evaluation shows that Nopol with DynaMoth is capable of synthesizing patches and enables Nopol to repair new bugs of the dataset.

    PDFSlideSource Code
  • IntroClassJava: A Benchmark of 297 Small and Buggy Java Programs
    / 2016

    Durieux, T., Monperrus, M. IntroClassJava: A Benchmark of 297 Small and Buggy Java Programs
    Reproducible and comparative research requires well-designed and publicly available benchmarks. We present IntroClassJava, a benchmark of 297 small Java programs, specified by Junit test cases, and usable by any fault localization or repair system for Java. The dataset is based on the IntroClass benchmark and is publicly available on Github.

    PDFDataset

Projects

  • BanditRepair
    / 2016

    Researcher
  • DynaMoth
    / 2015

    Researcher - DynaMoth is an open-source research project that aims to generate Java expressions with methods, variables available on a project that respect a specific behaviour.
  • NPEFix
    / 2015

    Researcher - NPEFix is an open-source research project that aims to tolerate null pointer dereference at runtime.
  • NoPol
    / 2015

    Researcher - NoPol is an automatic software repair tool developed at INRIA Lille.
  • \BlueLaTeX
    / 2014 - current

    Developer - \BlueLaTeX is an open-source project and aims to provide a tool chain to easily write collaboratively LaTeX documents. I developed the new UI interface using the MVC framework Angular.js.
  • SyncTeX JS Parser
    / 2015

    Developer - SyncTeX JS Parser is a SyncTeX parser written in JavaScript. This parser is used in the \BlueLaTeX project.
  • MultiAgents
    / 2015

    Developer - A small multi-agent system writen in JavaScript.
  • BibTeX2Wiki
    / 2014

    Developer - BibTeX2Wiki is a small tool which transforms BibTeX file into a Wikipedia formated references.
Location:
Lille, France
GitHub:
LinkedIn: