Research

I'm currently working in the research field of Software Engineering. During my Ph.D., I'm working on new patch generation techniques. I'm particularly interested in the integration of the patch generation technique in the production environment.

Publications

2018

  • Towards an automated approach for bug fix pattern detection 
    / 2018

    Madeiral, F.Durieux, T.Sobreira, V.Maia, M. - Proceedings of the VI Workshop on Software Visualization, Evolution and Maintenance (VEM '18) - The characterization of bug datasets is essential to support the evaluation of automatic program repair tools. In a previous work, we manually studied almost 400 human-written patches (bug fixes) from the Defects4J dataset and annotated them with properties, such as repair patterns. However, manually finding these patterns in different datasets is tedious and time-consuming. To address this activity, we designed and implemented PPD, a detector of repair patterns in patches, which performs source code change analysis at abstract-syntax tree level. In this paper, we report on PPD and its evaluation on Defects4J, where we compare the results from the automated detection with the results from the previous manual analysis. We found that PPD has overall precision of 91% and overall recall of 92%, and we conclude that PPD has the potential to detect as many repair patterns as human manual analysis.
    PDFSource code

  • Fully Automated HTML and Javascript Rewriting for Constructing a Self-healing Web Proxy 
    / 2018

    Durieux, T.Hamadi, Y.Monperrus, M. - Proceedings of the 29th IEEE International Symposium on Software Reliability Engineering (ISSRE 2018) - Over the last few years, the complexity of web applications has increased to provide more dynamic web applications to users. The drawback of this complexity is the growing number of errors in the front-end applications. In this paper, we present BikiniProxy, a novel technique to provide self-healing for the web. BikiniProxy is designed as an HTTP proxy that uses five self-healing strategies to rewrite the buggy HTML and Javascript code. We evaluate BikiniProxy with a new benchmark of 555 reproducible Javascript errors, DeadClick. We create DeadClick by randomly crawling the Internet and collect all web pages that contain Javascript errors. Then, we observe how BikiniProxy heals those errors by collecting and comparing the traces of the original and healed pages. To sum up, BikiniProxy is a novel fully-automated self-healing approach that is specific to the web, evaluated on 555 real Javascript errors, and based on original self-healing rewriting strategies for HTML and Javascript.
    PDFSource code

  • Alleviating Patch Overfitting with Automatic Test Generation: A Study of Feasibility and Effectiveness for the Nopol Repair System 
    / 2018

    Yu, Z.Martinez, M.Danglot, B.Durieux, T.Monperrus, M. - Proceedings at Empirical Software Engineering. - Among the many different kinds of program repair techniques, one widely studied family of techniques is called test suite based repair. However, test suites are in essence input-output specifications and are thus typically inadequate for completely specifying the expected behavior of the program under repair. Consequently, the patches generated by test suite based repair techniques can just overfit to the used test suite, and fail to generalize to other tests. We deeply analyze the overfitting problem in program repair and give a classification of this problem. This classification will help the community to better understand and design techniques to defeat the overfitting problem. We further propose and evaluate an approach called UnsatGuided, which aims to alleviate the overfitting problem for synthesis-based repair techniques with automatic test case generation. The approach uses additional automatically generated tests to strengthen the repair constraint used by synthesis-based repair techniques. We analyze the effectiveness of UnsatGuided: 1) analytically with respect to alleviating two different kinds of overfitting issues; 2) empirically based on an experiment over the 224 bugs of the Defects4J repository. The main result is that automatic test generation is effective in alleviating one kind of overfitting issue–regression introduction, but due to oracle problem, has minimal positive impact on alleviating the other kind of overfitting issue–incomplete fixing.
    PDFSource code

  • Exhaustive Exploration of the Failure-oblivious Computing Search Space 
    / 2018

    Durieux, T.Hamadi, Y.Yu, Z.Baudry, B.Monperrus, M. - Proceedings of the 11th IEEE Conference on Software Testing, Validation and Verification (ICST'18) - High-availability of software systems requires automated handling of crashes in presence of errors. Failure-oblivious computing is one technique that aims to achieve high availability. We note that failure-obliviousness has not been studied in depth yet, and there is very few study that helps understand why failure-oblivious techniques work. In order to make failure-oblivious computing to have an impact in practice, we need to deeply understand failure-oblivious behaviors in software. In this paper, we study, design and perform an experiment that analyzes the size and the diversity of the failure-oblivious behaviors. Our experiment consists of exhaustively computing the search space of 16 field failures of large-scale open-source Java software. The outcome of this experiment is a much better understanding of what really happens when failure-oblivious computing is used, and this opens new promising research directions.
    PDFSource code

  • Dissection of a Bug Dataset: Anatomy of 395 Patches from Defects4J 
    / 2018

    Sobreira, V.Durieux, T.Madeiral, F.Monperrus, M.Maia, M. - Proceedings of the 25th IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER'18) - Well-designed and publicly available datasets of bugs are an invaluable asset to advance research fields such as fault localization and program repair as they allow directly and fairly comparison between competing techniques and also the replication of experiments. These datasets need to be deeply understood by researchers: the answer for questions like 'which bugs can my technique handle?' and 'for which bugs is my technique effective?'' depends on the comprehension of properties related to bugs and their patches. However, such properties are usually not included in the datasets, and there is still no widely adopted methodology for characterizing bugs and patches. In this work, we deeply study 395 patches of the Defects4J dataset. Quantitative properties (patch size and spreading) were automatically extracted, whereas qualitative ones (repair actions and patterns) were manually extracted using a thematic analysis-based approach. We found that 1) the median size of Defects4J patches is four lines, and almost 30% of the patches contain only addition of lines; 2) 92% of the patches change only one file, and 38% has no spreading at all; 3) the top-3 most applied repair actions are addition of method calls, conditionals, and assignments, occurring in 77% of the patches; and 4) nine repair patterns were found for 95% of the patches, where the most prevalent, appearing in 43% of the patches, is on conditional blocks. These results are useful for researchers to perform advanced analysis on their techniques' results based on Defects4J. Moreover, our set of properties can be used to characterize and compare different bug datasets.
    PDFSource codeWebSite

2017

  • Production-Driven Patch Generation 
    / 2017

    Durieux, T.Hamadi, Y.Monperrus, M. - Proceeding of ICSE NIER - We present an original concept for patch generation: we propose to do it directly in production. Our idea is to generate patches on-the-fly based on automated analysis of the failure context. By doing this in production, the repair process has complete access to the system state at the point of failure. We propose to perform live regression testing of the generated patches directly on the production traffic, by feeding a sandboxed version of the application with a copy of the production traffic, the 'shadow traffic'. Our concept widens the applicability of program repair because it removes the requirements of having a failing test case.
    PDFSlide

  • Dynamic Patch Generation for Null Pointer Exceptions Using Metaprogramming 
    / 2017

    Durieux, T.Cornu, B.Seinturier, L.Monperrus, M. - IEEE International Conference on Software Analysis, Evolution and Reengineering - Null pointer exceptions (NPE) are the number one cause of uncaught crashing exceptions in production. In this paper, we aim at exploring the search space of possible patches for null pointer exceptions with metaprogramming. Our idea is to transform the program under repair with automated code transformation, so as to obtain a metaprogram. This metaprogram contains automatically injected hooks, that can be activated to emulate a null pointer exception patch. This enables us to perform a fine-grain analysis of the runtime context of null pointer exceptions. We set up an experiment with 16 real null pointer exceptions that have happened in the field. We compare the effectiveness of our metaprogramming approach against simple templates for repairing null pointer exceptions.
    PDFSlideSource codeExperiment Results

2016

  • Automatic repair of real bugs in java: a large-scale experiment on the defects4j dataset 
    / 2016

    Martinez, M.Durieux, T.Sommerard, R.Xuan, J.Monperrus, M. - Proceedings at Empirical Software Engineering. - Defects4J is a large, peer-reviewed, structured dataset of real-world Java bugs. Each bug in Defects4J comes with a test suite and at least one failing test case that triggers the bug. In this paper, we report on an experiment to explore the effectiveness of automatic test-suite based repair on Defects4J. The result of our experiment shows that the considered state-of-the-art repair methods can generate patches for 47 out of 224 bugs. However, those patches are only test-suite adequate, which means that they pass the test suite and may potentially be incorrect beyond the test-suite satisfaction correctness criterion. We have manually analyzed 84 different patches to assess their real correctness. In total, 9 real Java bugs can be correctly repaired with a test-suite based repair. This analysis shows that test-suite based repair suffers from under-specified bugs, for which trivial or incorrect patches still pass the test suite. With respect to practical applicability, it takes on average 14.8 minutes to find a patch. The experiment was done on a scientific grid, totaling 17.6 days of computation time. All the repair systems and experimental results are publicly available on Github in order to facilitate future research on automatic repair.
    PDFSlideExperiment Results

  • Nopol: Automatic Repair of Conditional Statement Bugs in Java Programs 
    / 2016

    Xuan, J.Martinez, M.Demarco, F.Clement, M.Lamelas Marcote, S.Durieux, T.Le Berre, D.Monperrus, M. - IEEE Transactions on Software Engineering, Institute of Electrical and Electronics Engineers. - We propose Nopol, an approach to automatic repair of buggy conditional statements (i.e., if-then-else statements). This approach takes a buggy program as well as a test suite as input and generates a patch with a conditional expression as output. The test suite is required to contain passing test cases to model the expected behavior of the program and at least one failing test case that reveals the bug to be repaired. The process of Nopol consists of three major phases. First, Nopol employs angelic fix localization to identify expected values of a condition during the test execution. Second, runtime trace collection is used to collect variables and their actual values, including primitive data types and objected-oriented features (e.g., nullness checks), to serve as building blocks for patch generation. Third, Nopol encodes these collected data into an instance of a Satisfiability Modulo Theory (SMT) problem; then a feasible solution to the SMT instance is translated back into a code patch. We evaluate Nopol on 22 real-world bugs (16 bugs with a buggy if conditions and six bugs with missing preconditions) on two large open-source projects, namely Apache Commons Math and Apache Commons Lang. Empirical analysis on these bugs shows that our approach can effectively fix bugs with buggy if conditions and missing preconditions. We illustrate the capabilities and limitations of Nopol using case studies of real bug fixes.
    PDFSource codeExperiment Results

  • DynaMoth: Dynamic Code Synthesis for Automatic Program Repair 
    / 2016

    Durieux, T.Monperrus, M. - 11th International Workshop in Automation of Software Test (AST 2016), May 2016, Austin, United States. - Automatic software repair is the process of automatically fixing bugs. The Nopol repair system repairs Java code using code synthesis. We have designed a new code synthesis engine for Nopol based on dynamic exploration, it is called DynaMoth. The main design goal is to be able to generate patches with method calls. We evaluate DynaMoth over 224 of the Defects4J dataset. The evaluation shows that Nopol with DynaMoth is capable of synthesizing patches and enables Nopol to repair new bugs of the dataset.
    PDFSlideSource code

  • IntroClassJava: A Benchmark of 297 Small and Buggy Java Programs 
    / 2016

    Durieux, T.Monperrus, M. - Reproducible and comparative research requires well-designed and publicly available benchmarks. We present IntroClassJava, a benchmark of 297 small Java programs, specified by JUnit test cases, and usable by any fault localization or repair system for Java. The dataset is based on the IntroClass benchmark and is publicly available on Github.
    PDFBenchmark

Ph.D. Thesis

Title: From Runtime Failures to Patches: Study of Patch Generation in Production

Directors: Martin Monperrus and Lionel Seinturier

Started in: September 2015, Expected Defense: September 2018

Open-source Reasearch Tools

Last Updated: 8/5/2018, 11:57:22 AM