Harnessing Evolution for Multi-Hunk Program Repair

06/21/2019 ∙ by Seemanta Saha, et al. ∙ FUJITSU The Regents of the University of California 0

Despite significant advances in automatic program repair (APR)techniques over the past decade, practical deployment remains an elusive goal. One of the important challenges in this regard is the general inability of current APR techniques to produce patches that require edits in multiple locations, i.e., multi-hunk patches. In this work, we present a novel APR technique that generalizes single-hunk repair techniques to include an important class of multi-hunk bugs, namely bugs that may require applying a substantially similar patch at a number of locations. We term such sets of repair locations as evolutionary siblings - similar looking code, instantiated in similar contexts, that are expected to undergo similar changes. At the heart of our proposed method is an analysis to accurately identify a set of evolutionary siblings, for a given bug. This analysis leverages three distinct sources of information, namely the test-suite spectrum, a novel code similarity analysis, and the revision history of the project. The discovered siblings are then simultaneously repaired in a similar fashion. We instantiate this technique in a tool called Hercules and demonstrate that it is able to correctly fix 49 bugs in the Defects4J dataset, the highest of any individual APR technique to date. This includes 15 multi-hunk bugs and overall 13 bugs which have not been fixed by any other technique so far.

READ FULL TEXT VIEW PDF
POST COMMENT

Comments

There are no comments yet.

Authors

page 1

page 2

page 3

page 4

This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.

1. Introduction

The past decade has seen significant research activity on automatic program repair (APR) techniques (Gazzola et al., 2018; Monperrus, 2018). These techniques bear the promise of helping automate the otherwise laborious process of debugging and patching bugs. However, this promise is yet to be realized in terms of practical deployment of APR techniques. One reason for this is perhaps the relatively limited classes of bugs that current state-of-the-art APR techniques can correctly fix (Le Goues et al., 2013; Zhong and Su, 2015). In particular, with one notable exception (Mechtaev et al., 2016), most APR techniques are designed to target single-hunk bugs – bugs with patches confined to a single contiguous chunk of code, at a single location. However, the vast majority of bug patches span multiple hunks. For instance, 64% of the bugs in the Defects4J dataset (Just et al., 2014) and 76% of bugs in the Bugs.jar dataset (Saha et al., 2018) require multi-hunk patches. Several previous works have acknowledged the challenges of doing multi-hunk repair (Zhong and Su, 2015; Mechtaev et al., 2016). Any simple-minded expansion of the search space to explore general multi-hunk patches would clearly explode the repair search space.

Given a buggy program P, failing at least one test in a test suite T, an APR tool (implicitly or explicitly) searches a space S of possible mutations to P for one that allows the mutated program to pass all tests in T.

In this work, we propose an APR technique that targets a specific but important class of multi-hunk repair problems. Our solution is broadly inspired by insights from two bodies of research. The first is research on detecting and using code clones (Kim and Notkin, 2005; Roy and Cordy, 2008; Duala-Ekoko and Robillard, 2007; Juergens et al., 2009; Kamiya et al., 2002; Jiang et al., 2007; Cordy and Roy, 2011; Meng et al., 2011, 2013, 2015). This research shows that code clones are plentiful in programs. Typically 5-25% (Roy and Cordy, 2007) and as much as 50% of a subject system can be comprised of cloned code (Rieger et al., 2004). Further, replication of bugs through code clones is a common phenomenon. Up to 10% of code clones contain bugs with 55% of bugs found in code clones being replicated bugs (Islam et al., 2016). The second body of work is APR techniques themselves, the vast majority of which, directly or indirectly, exploit the “plastic surgery hypothesis” – the ingredients for a repair can be obtained from existing code (Barr et al., 2014). This can take the form of using program transformation schemas (which define the repair space) derived from a corpus of existing patches (Kim et al., 2013; Tan and Roychoudhury, 2015; Tan et al., 2016; Long et al., 2017; Wen et al., 2018; Jiang et al., 2018). Alternatively, repair ingredients, such as program elements, expressions, statements, or whole snippets can be mined from existing code and re-purposed for creating a patch (Le Goues et al., 2012; Xiong et al., 2017; Xin and Reiss, 2017; Jiang et al., 2018). These two bodies of work point to the phenomenon that it is plausible to find “similar looking” pieces of code across a project, bearing similar kinds of bugs and warranting similar patches. Our work exploits this general insight as well.

Our proposed method generalizes single-hunk repair techniques to include bugs that may require applying a substantially similar patch at a number of locations, i.e., a multi-hunk patch. We term the underlying set of repair locations as evolutionary 111We use evolution as a metaphor for the environment, i.e., context, of a piece of code, in addition to the changes it undergoes over its lifetime. siblings – similar looking code, instantiated in similar contexts, that are expected to undergo similar changes, over the lifetime of the codebase. It is important to note, as established in RQ1 (Section 6.1) that these evolutionary siblings are not simply code clones, in the traditional sense. Further, our approach is orthogonal to use of the plastic surgery hypothesis which involves mining existing code (donor) for abstract schemas or concrete ingredients from which to compose the present repair (the donee), i.e., a donor-donee relationship. By contrast, our proposed analysis seeks to find evolutionary siblings exposed by the current bug, which can be repaired simultaneously and in a similar fashion. This is, in principle, independent of the actual technique used to perform the repair, and quite compatible with a donor-donee repair mechanism.

The key to our approach is to be able to accurately identify evolutionary siblings for a given bug. This presents the following technical challenges:

Challenge 1: Evolutionary siblings are not simply code clones. Thus, further analysis is required to expose the desired sibling relationships.

Challenge 2: The spectrum generated by the test cases may not expose or even cover all the sibling instances. Missing some of the siblings can produce a partial repair at best.

Challenge 3: Any imprecision in identifying these siblings can be potentially fatal to identifying a successful repair. Again, an under-approximation can produce a partial repair at best. Also, it is simply not computationally feasible to search the power set of an over-approximate set of potential siblings.

At the heart of our proposed method is an analysis that uses three distinct sources of information to accurately identify evolutionary siblings suitable for repair, for the bug at hand. First, it uses the test spectrum to implicate one or more of the siblings to provide a starting reference for the sibling identification. Second, it identifies all siblings of the reference sibling that have syntactic similarity but also semantic similarity of their context. This is done using a code similarity analysis that combines syntactic similarity with a limited scope data flow analysis to enforce similarity of the semantic context for identified siblings. This code similarity analysis may, in principle, identify potential siblings that are outside the scope of the test-spectra. This is an essential feature of our analysis that compensates for the weakness and incompleteness of typical test suites. Developers may often not add test-cases witnessing the bug for each of the siblings but rather only for some, or only one of them. Third, our method uses the revision history information to further enforce that the siblings thus identified bear a similar history of changes. This third feature discards false positives, that are not necessarily siblings in a co-evolutionary sense. Once evolutionary siblings are identified they can be handed off to any repair algorithm that should enforce simultaneously generating a substantially similar repair (modulo namespace variations) for all siblings. In principle, any traditional repair tool could be suitably retro-fitted to perform this part.

We have implemented the proposed technique in a tool Hercules 222Our tool kills multi-location bugs like the mythical Hercules killed the multi-headed monster Hydra. and evaluated it on the widely used Defects4J dataset. In our experiments Hercules was able to correctly fix 49 bugs, the highest of any single APR technique so far. This includes 15 multi-hunk bugs, and overall 13 bugs which have not been fixed by any other technique so far.

It is noteworthy that, although not specifically discussed in (Xiong et al., 2017) or (Jiang et al., 2018), the implementations of ACS and SimFix are in fact capable of performing simple instances of multi-hunk repair. The bug repair counts reported in (Xiong et al., 2017) and (Jiang et al., 2018) include such bugs. Specifically, these tools perform multi-hunk repairs when there are separate test-cases separately implicating each bug location. Then the tool simply iteratively repairs these bugs independently, one after another. This potentially increases the search space exponentially in the number of locations, but still turns out to be viable for the simplest instances. By contrast, our approach is much more general, exploiting the sibling relationship to keep the search space effectively the same as a single-location patch. It also patches locations not covered by the test spectrum. Angelix (Mechtaev et al., 2016) also performs multi-hunk repairs but again it does not exploit any relationship between the patched locations, beyond any dependencies inadvertently captured by the test suite. The main contributions of this paper are:

  • Technique: An APR technique generalizing traditional single-hunk repair to bugs that may require applying a substantially similar patch at a number of locations

  • Analysis: An analysis implementing accurate detection of evolutionary siblings in service of the above repair goal

  • Tool: An instantiation of the proposed repair technique in a tool Hercules

  • Evaluation: An evaluation of Hercules on the Defects4J dataset

The rest of the paper is organized as follows. Section 2 presents basic background material to orient the reader, followed by a motivating example illustrating our approach in Section 3. Section 4 presents our proposed approach in detail. Sections 5 and 6 present our experimental set-up and evaluation respectively. Section 7 discusses the limitations of our approach. followed by a discussion of related work in Section 8. Section 9 concludes the paper.

Relationship to the Hercules ICSE2019 paper (Saha et al., 2019): This manuscript reports on the latest experimental evaluation of Hercules as originally published (Saha et al., 2019). Specifically, while the technique is essentially unchanged from (Saha et al., 2019), some bug-fixes in the implementation led to Hercules generating some new patches, both correct and incorrect, which is reflected in the results reported in Section 6. Further, Tables 4 and 5 also provide the Bug IDs of all correct and plausible patches generated by Hercules as well as those of several recent APR techniques, for which results are available.

2. Terminology

2.1. Terminology & Definition

In this paper, we consistently use the following terminology and definitions.

Single vs. multi-hunk bugs. Single-hunk bugs require program edits (insertions, deletions, or modifications) at a single location or a set of contiguous locations. Multi-hunk bugs require program edits at multiple non-contiguous locations.

Repair location. A program statement that we want to modify, delete, or insert a new statement. It should be noted a repair location may or may not be the actual buggy location.

Repair schema. An abstract program transformation template, such as adding a null checker or inserting a method invocation to a given repair location.

Candidate patch. A concrete modification to a program realized by instantiating a repair schema.

Repair space. The pool of generated candidate patches. The size of the repair space refers to the number of generated candidate patches.

Plausible patch. A plausible patch is one that simply passes all test-cases in the test suite. It should be noted that a plausible patch may still be incorrect because the test-suite may provide an incomplete specification.

Correct vs. incorrect patch.

We classify a patch as

correct, if it is semantically equivalent to the developer-provided patch, based on a manual examination. This is consistent with the definition used in previous work (Qi et al., 2015; Long and Rinard, 2015; Durieux et al., 2015; Long and Rinard, 2016; Mechtaev et al., 2016). An incorrect patch is a patch that is not correct.

2.2. Generate and Validate Repair Approach

Search-based repair approaches or so-called generate and validate (G&V) approaches, start with a buggy version of the program, a test-suite with at least one failing test case (revealing the bug) and one passing test case, and a set of repair schemas or program mutations to use to repair the program. A typical G&V technique operates using the following basic steps:

Step 1: Fault localization. This step produces a ranked list of repair locations. This step is typically realized using spectrum based fault localization (SBFL) techniques such as Tarantula (Jones et al., 2002), Zoltar (Janssen et al., 2009), and Ochiai (Abreu et al., 2009).

Step 2: Generate candidate patches. The repair approach examines each repair location in the fault localization list and applies each of the repair schemas on this statement, one at a time, in some order, to produce potential candidate patches

. The order of repair schemas may be decided using genetic algorithms 

(Le Goues et al., 2012), random choice (Qi et al., 2014)

, heuristically 

(Weimer et al., 2013; Long and Rinard, 2015), or using a machine-learned model (Long and Rinard, 2016).

Step 3: Selection of candidate patches and validation. Each candidate patch is evaluated against the test suite, and if it passes, is output as a plausible patch. This step, which is computationally expensive, is generally optimized by first ranking candidate patches and selecting only a few of them for validation. The validation step is further optimized by first testing a candidate patch against a subset of the suite, e.g., only failing tests, before executing the complete suite.

3. Motivating Example

univariate/BrentOptimizer.java
public class BrentOptimizer extends BaseAbstractUnivariateOptimizer {
        :
142     UnivariatePointValuePair current = new UnivariatePointValuePair(x, isMinim ? fx : -fx);
        :
226           current = new UnivariatePointValuePair(u, isMinim ? fu : -fu);
        :
                 if (checker != null) {
                     if (checker.converged(iter, previous, current)) {
230     -                   return current;
230     +                   return best(current, previous, isMinim);
                     }
                 }
        :
                     }
                 }
             } else { // Default termination (Brent’s criterion).
267     -               return current;
267     +               return best(current, previous, isMinim);
            }
             ++iter;
         }
Figure 1. The fix for Math Defects4J ID: 24 with program context

In this section, we provide a brief overview of our approach with a motivating example, presented in Figure 1. The example is a real-world bug-fix in Apache Commons Math (Jira Official Bug ID: MATH-855), which is also a bug instance (Math-24) in the popular Defects4J dataset. The bug report says that Brent Optimizer was not always reporting the best point. As we can see in Figure 1, the assigned developer made two similar modifications at two locations to fix the bug, and the modifications are not trivial. Previously, the method was returning an object instance from two locations but actually they should be a method call at each location. Now we discuss how Hercules fixes this bug while overcoming the research challenges outlined in Section 1.

The repair locations may not be part of code clones. From the developer’s patch, we can easily observe that although the statements at the repair locations are the same, they are not code clones in a traditional sense. This is because the respective statements around the repair locations do not match. Generally, clone detection tools try to get a good trade-off between the number of minimum statements/tokens in a code snippet to be a clone to avoid producing a lot of false positives. Certainly, we can detect clones at a statement level. However, in that case, we would get many false positives. For our example, if we search the entire code-base using return current, we will get 10 instances. Furthermore, if we abstract the identifier, which is indeed required for multi-hunk bug-fix since the identifier names may vary in two snippets of code, and search return $x, we will get many more similar statements. Therefore, it is evident that the statement-level similarity does not work here. On the other hand, if we use any traditional clone detection that uses a sliding window approach to detect clones using adjacent context, these repair locations will not be part of any detected clone snippets.

In order to overcome the aforementioned problem, Hercules uses the notion of semantic context instead of the syntactic neighborhood. Specifically, Hercules uses reaching definition analysis (Section 4.2.3) to extract statements, within the method boundary, on which the statement at the repair location has a data-flow dependence. The extracted statements represent the semantic context of the repair location statement. This mechanism also allows Hercules to associate a variable-sized context with a repair location. Then Hercules performs a deeper statement-level AST analysis to determine (syntactic) similarity between the set of repair locations combined with their respective semantic contexts. For example, Figure 1 presents two contexts for two repair locations, highlighted by blue and orange color. For both hunks, the context statements are physically far from the corresponding repair location. Even more interestingly, they are interleaved. For the first hunk, the repair location is line number 230 but its reaching definition is at line number 226. For the second hunk, its reaching definition (line number 142) is 125 lines away from the repair location (line number 267). However, after Hercules extracted the semantic context, the two resulting code snippets become similar, although not identical (declaration vs. assignment). However, Hercules concludes that the both return statements are used in similar context, based on the AST analysis.

Weak Specification and Spurious Repair Locations. It is well known that test suites typically do not cover every program location. This issue has specific ramifications for multi-location bug fixing. For instance, in the current example, the failing test case covers the second location but not the first location. Therefore, any repair tool that solely relies on test cases for identifying repair locations, cannot generate the complete correct patch. On the other hand, if we apply program transformations in all the similar locations identified from the previous step, it may not be appropriate either. In order to find true evolutionary siblings, Hercules extracts the revision history of the target repair locations and analyzes whether these lines were revised independent of one another. For our example, although the first repair location is not covered by any test case, its revision history shows it was never modified independent of the second location. This allows Hercules to confidently apply similar changes to both locations.

Rich Repair Space. Another general limitation of G&V approaches is dealing with an enormous number of candidate patches. The number of candidate patches increases exponentially with the number of repair locations. For example, there are more than 14,000 repair expressions that are valid in each repair location. These repair expressions can be plugged into the program transformation schemas, resulting in thousands of candidate patches. Even if we are fortunate enough to determine the correct program transformation and API call (which itself is very difficult), there can be 18 valid concrete invocations of method call for different combinations of parameters. For two locations, the number of candidate patches would be . These statistics illustrate the enormity of the repair space for multi-hunk bug fixes, and show why a naive approach would not work in such scenarios. In order to overcome this problem, Hercules employs a strategy of simultaneous repair of evolutionary siblings. Furthermore, inspired by other existing approaches such as Prophet (Long and Rinard, 2016) and Elixir (Saha et al., 2017), Hercules uses machine learning techniques to rank and prune most of the candidate patches.

4. Hercules

Figure 2. Overview of Hercules.

4.1. An Overview

Figure 2 presents the basic workflow of Hercules. Given that there is a bug in a program (), Hercules takes the source code of with its version history, a test suite () with at least a failing test case, and optionally a bug report, and generates a correct single-hunk or a multi-hunk patch that fixes , in a successful run.

Hercules works in four major steps to mutate and eventually to generate a patch. In the first step, Hercules uses a spectrum based fault localization (SBFL) technique to identify potential repair locations. For a given repair location, in the second step, Hercules identifies evolutionary siblings (Definition 4.6) by leveraging reaching-definition (Section 4.2.3) and version history analysis (Section 4.2.4). If such evolutionary siblings are found, this step also produces the mapping between similar variables and objects among the evolutionary siblings. It is worth noting that Hercules can also repair one-hunk bugs. Therefore, if a evolutionary sibling is not found for a particular repair location, the rest of the steps are continued with only one repair location. In the third step, Hercules abstracts all the mapped variables and objects in all the repair locations, and instantiates repair schema simultaneously. After the patches are applied, the abstract variables are reverted back to their original variables. In the final step, Hercules selects the Top candidate patches for validation. Hercules repeats these steps for each repair location by SBFL until a plausible patch is generated or timed out. In summary, Hercules adds a novel step in the repair process that is not available in any conventional G&V approaches (Section 2). We refer this step as repair localization, i.e., identifying the evolutionary siblings (if they exist) that require changes together to fix the bug.

4.2. Identification of Evolutionary Siblings

In this work, by evolutionary siblings, we mean the repair locations that are similar, have used in a similar context, have similar evolution history, and at least one of the repair locations has been exercised by the fault reproducing test cases. Our motivating example in Section 3 already showed that a traditional clone detector is not sufficient to identify evolutionary siblings. The fact is further supported by our results in Section 6.1. Hercules works in three steps to find evolutionary siblings. Since code matching, especially at the AST level, is expensive, Hercules lazily applies the tree similarity algorithm first at the repair location level. Then only for similar repair locations, Hercules extracts the relevant context, and again applies the tree similarity algorithm for context. Finally, Hercules leverages version history to find the evolutionary siblings with high confidence. In the subsequent sections, we concretely define evolutionary siblings and describe each aforementioned step in more detail.

4.2.1. Preliminaries

Hercules represents and manipulates programs as abstract syntax trees to analyze programs and to instantiate repair schemas. Although the representation is standard, its relevant terms and assumptions vary based on usage, and thus deserve a concrete definition in our context. In this section, we formally define all the important terms in our context.

Definition 4.1 ().

An abstract syntax tree (AST) is an ordered tree () where each node () represents a program element (a method or a statement). is a tuple of where is a context free grammer, is a finite set of nodes in the tree, is the root node, and maps to its each children.

We also assume that for each node, there exists the following methods: returns the type of a repair expression such as int or double, returns the kind of AST node such as statement or method invocation, returns the parent node of , and returns that children of . It should be noted that the number of children nodes in vary based on , For example, a Binary Expression always has two children, whereas a block may have an arbitrary number of statements. Furthermore, we can also assume that all the subtrees under are also ASTs for simplicity, e.g., an AST at statement level. However, in this case, .

Definition 4.2 ().

Program spectra () is a set of AST nodes such that and exercised by the failing test cases.

Definition 4.3 ().

A repair location () is an AST node, , where at a location .

Definition 4.4 ().

Context of relevance () is a set of statements with respect to a repair location () such that where is a reaching-definition function.

Definition 4.5 ().

Edit history of a repair location () is a sequence of AST edit operations, also known as program differences, , where and denotes the commit in version history.

Definition 4.6 ().

Evolutionary siblings () with respect to a repair location are a set of repair locations such that and where and are two similarity functions and and are two user defined thresholds.

4.2.2. Step-1: Identification of Similar Repair Locations

In order to find the evolutionary siblings () with respect to , first we compute the similarity between and each location () in program spectra . The intuition is that if the repair locations do not match, there is no reason for analyzing their context and version history. To this end, we apply Zhang and Shasha (Zhang and Shasha, 1989) tree distance algorithm to compute the similarity between two candidate repair locations and . However, we introduce our own notion of similarity when comparing two AST nodes and .

Kind Compatibility. and are kind compatible if and have a super-class or sub-class relationship. For example, a variable access, an array access, or a method invocation returning a value are of similar kind since all of them are expression type. However, a return statement and a throw statement are not kind compatible.

Type Compatibility. and are type compatible if and have either a super-class or sub-class relationship or satisfies the implicit type casting criteria defined by the language.

Name Similarity. We extract the name of and , and use Levenshtein Distance algorithm to compute textual similarity.

It is worth noting that due to kind compatibility, similar but various kind of program constructs can be mapped to each other. For example, one developer may use area=length*width whereas another may use area=table.getLength()*table.getWidth(). Although a human can easily understand that length and table.getLength() represent similar data, in terms of ASTs, they are quite different. Hercules is able to find such similarity, which is important in dealing with object oriented programming language.

Input: Two AST Nodes and
     Output: Similar()?, Mapping of Elements

1:AstNodeSimilarity (, )
2: KindCompatibility(, )
3:if  then
4:      TypeCompatibility(, )
5:     if  then
6:          ComputeNameSim(, )
7:         if  then
8:              return ;
9:         end if
10:     end if
11:end if
12:return ;
Algorithm 1 AST Node Similarity

Finally, we use Algorithm 1 to determine whether and are similar, and eventually Zhang-Shasha algorithm to determine whether and are similar. In the case of similar and , we create a one-to-one node level mapping between the similar nodes in and .

4.2.3. Step-2: Determining the Relevance of Repair Locations

Step-1 certainly would remove most of the irrelevant repair locations. However, there may be still a lot of false positives since any two random statements can be similar at a statement level, especially small statements. Therefore, Hercules enhance the analysis with program context to make sure that the repair locations are indeed similar and used in a similar context.

Significance of Program Context. Program context (i.e., surrounding code around a target location) has been used in many software engineering tasks including program repair (Saha et al., 2017). To determine program context, the number of statements around the repair location is one of the important parameters. While a small context ( statement) may not be sufficient to capture the developers’ intent, a large context ( statements) may be difficult to generalize. To find evolutionary siblings, using adjacent program context is even further challenging since many of them are not clones in a traditional sense (as discussed in Section 3).

Extraction of Program Context. In order to overcome this challenge, unlike other repair tools (Saha et al., 2017) that use a fixed size adjacent context, Hercules uses a variable size non-contiguous relevant context (Definition 4.4). More specifically, Hercules uses reaching-definition based analysis within a method boundary to extract only relevant context, even though those statements are far away from the repair location. In compiler theory, a reaching definition for a given statement () is the closest earlier statement whose target variable can reach without an intervening assignment.

Input: A repair location (), Source Code ()
     Output: Set of statements representing context ()

1:ExtractRelevantContext (, )
2: ExtractVariableAccesses()
3:
4:for each  in  do
5:      ReachingDefinition()
6:     
7:end for
8:if  = 1 then
9:      PreviousStatement()
10:end if
11: SortByLineNumber()
12:return ;
Algorithm 2 Extract Relevant Context

We use Algorithm 2 to extract the relevant non-contiguous repair context for a given repair location (). In words, we first extract all the variable accesses from . Then for each variable access, we determine the statement that satisfies the reaching definition property based on data-flow analysis. We take a union of all the statements obtained from the analysis sorted by the line number to form the context . If contains only , we add previous statement of in .

Analysis of Program Context. Once the program context for each repair location pair () is extracted, Hercules applies the same tree matching algorithm from the previous step to determine whether the context are similar and the node mappings are still consistent. If they are similar, Hercules marks them as potential evolutionary siblings.

4.2.4. Step-3: Revising Evolutionary Siblings Leveraging Version History

Since the accuracy of identifying evolutionary siblings is a direct impact on the repair, we further leverage version history to revise them. There may be two potential scenarios. One, some repair locations in the candidate evolutionary siblings, identified in Step-2, are independent of each other. Two, some true evolutionary siblings are not in the list due to weak test specification. Our insight is that true evolutionary siblings may have a similar evolution history, i.e., they went through similar AST operations in the past. Therefore, version history may be helpful two mitigate both problems.

Lets assume that we have three candidate evolutionary siblings (). In order to revise the list with confidence, Hercules first identifies all the commits () where the candidate repair locations were edited. Then it extracts the differences in each commit (before and after the changes) at the AST level (insertion, deletion, and modification). Hercules further investigates each commit to identify if there are any other similar repair locations that have been also changed with the candidate siblings (applying Step-1). If Hercules finds any similar repair locations (), it analyzes their context as well (applying Step-2). If the results of both steps are positive, Hercules adds such repair locations in the list of candidate evolutionary siblings. Therefore, for this example, Hercules would get five candidate siblings. However, even if Hercules adds some plausible siblings in this phase, it can safely discard them during validation (Section 4.4), if they introduce any regression failure, to eventually generate a correct patch. Finally, Hercules removes the repair locations that do not have the similar evolution history based on the edit operations. Hercules passes the final evolutionary siblings along with the mapping of similar nodes among the repair locations to the next step for the generation of candidate patches.

It should be noted that in the whole process of finding evolutionary siblings, Hercules applies AST matching algorithm lazily in several steps. It is indeed possible to find all the evolutionary siblings in the entire code-base and then analyze their version history. However, this approach would be inefficient.

4.3. Generation of Candidate Patches

In this step, Hercules generates a single or multi-hunk patch depending on the results from the previous step. For a single repair location (), Hercules follows the traditional patch generation approach, i.e., it instantiates a select repair schema () with the repair expressions in scope. However, for multiple repair locations (), where evolutionary siblings are involved, Hercules instantiates the selected repair schema at an abstract level. More specifically, given a group of repair locations () and a mapping between similar AST nodes in , denoted by , Hercules abstracts all repair locations to remove the differences due to various identifier names. Then the same repair schema, is instantiated at the abstract level at each repair location simultaneously. Once the transformation, is applied, Hercules generates the concrete candidate patches by reverting the original variables using . Therefore, the repair space generated by Hercules may have both single or multi-hunk patches. It is worth noting that, due to simultaneous repair schema instantiation, Hercules keeps the repair space comparable to the repair tools that only focuses on generating single-hunk patch.

4.4. Ranking of Candidate Patches and Validation

Once the candidate patches are generated, Hercules can use any ranking models (heuristic based or machine learning based) proposed in the existing repair tools to rank the candidate patches, and selects Top candidate patches for validation, one at a time. During the validation phase for each candidate (single or multi-hunk) patch, Hercules first runs the failing tests, and if they pass, Hercules runs the regression tests. If the regression test suite pass, Hercules stops and reports that patch as a final patch.

5. Experimental Setup

5.1. Implementation

Hercules is a G&V-style repair tool implemented in Java. It includes a spectrum-based fault localizer as well as a source code and version history analyzer. Hercules also implements a mechanism for applying repair schemas simultaneously at several locations, to effect multi-hunk repairs. Inspired by previous well-known program repair tools (Kim et al., 2013; Xiong et al., 2017; Saha et al., 2017), Hercules includes repair schemas such as checking null pointer check, changing and inserting method invocation, changing and inserting if conditions, and so on. Further, it incorporates a machine learning based patch ranking model similar to Elixir (Saha et al., 2017). For the details of each of the repair schemas and the ranking model of candidate patches, the reader is referred to the corresponding papers (Kim et al., 2013; Xiong et al., 2017; Saha et al., 2017). We also implement several baseline versions of Hercules to demonstrate the effectiveness of its various components (Section 6.4).

5.2. Dataset

We used the popular Defects4J dataset (Just et al., 2014) to evaluate Hercules, specifically the five subjects: Math, Lang, Chart, Time, and Closure.

5.3. Training Hercules

Since Hercules uses a machine learning technique to rank and prune candidate patches for validation, we train Hercules with real-world bugs. In order to train Hercules, we used another publicly available real-world bug dataset, Bugs.jar. There are 1,158 real-world bugs in Bugs.jar taken from eight well-known large Apache projects. Among them, Apache Commons Math is common to both Defects4J and Bugs.jar (Saha et al., 2018). Therefore, we removed Apache Commons Math from our training set, to keep the training and testing datasets mutually exclusive.

5.4. Research Questions

  • [noitemsep,topsep=1pt,parsep=1pt,partopsep=1pt,leftmargin=24pt]

  • How effective is Hercules for repair localization through evolutionary sibling detection compared to traditional clone detection?

  • How effectively does Hercules generalize the traditional single-hunk repair strategy of APR tools to perform both single-hunk as well as multi-hunk repair?

  • How effective is Hercules in repairing programs compared to state-of-the-art program repair tools?

  • What is the contribution of various components in Hercules to its overall bug-fixing capability?

5.5. Experimental Configurations

We ran all the experiments on a cluster of Virtual Machines (VM), where each VM was configured to have double core 3.6GHz processor and 4GB memory. We used Ubuntu 16.04 LTS operating system and Java 7. There are several configuration parameters in Hercules as well. Hercules used threshold value 0.8 for determining tree similarity, iterated through Top 200 repair locations and selected 50 candidate patches per repair schema. We set a time out of 5 hours following the recently introduced repair tool, SimFix (Jiang et al., 2018).

6. Results

6.1. RQ1: Effectiveness of Repair Localization

Motivation. The main contribution of Hercules is that it enables fixing a specific but prominent class of multi-hunk bugs by accurate repair localization, which is in turn achieved through the detection of evolutionary siblings. Therefore, it is important to evaluate how effective Hercules is in detecting evolutionary siblings, especially compared to a traditional clone detection tool since if a clone detector can detect all the evolutionary siblings accurately we do not need any sophisticated repair localization.

Experiment. In order to make a meaningful comparison, we first identify all the relevant bugs in Defects4J for this experiment. Here, by relevant bugs we mean all the bugs that involve either only a single-hunk patch or ones with a multi-hunk patch but similar edits in all hunks. The rest of the bugs are, by definition, out of scope and will only add noise to the experimental results. This gave us 154 bugs in total, 130 single-hunk bugs and 24 multi-hunk bugs. Recall from Section 4.2 that, for a given buggy location, the objective of repair localization is to identify all the relevant locations where similar changes are required to repair the bug correctly and completely. Therefore, in an ideal case, if we point a clone detector or Hercules to an actual buggy line (i.e., an input location), it should return only one repair location (the input location itself) for a single-hunk bug and all the relevant repair locations (including the input location) for an -hunk bug. To this end, we ran the repair localization component of Hercules and an established clone detector, Deckard (Jiang et al., 2007) on all the 154 bugs in Defects4J with respect to their actual buggy locations (or the one with the highest fault-localization rank, for a multi-hunk bug). For Deckard, we set the minimum number of tokens to 10 (approximately two lines of code) following (Meng et al., 2013).

Patch-Type Bugs Approach Correct Proportion
Single-hunk 130 Hercules 114 88%
Deckard 38 29%
Multi-hunk 24 Hercules 15 63%
Deckard 2 8%
Total 154 Hercules 129 84%
Deckard 40 26%
Table 1. Effectiveness of Hercules and Deckard for Repair Localization

Results. From Table 1, we see that Hercules identified the repair locations correctly for 84% (129 out of 154) bugs whereas Deckard found the correct locations only for 26% (40 out of 154) bugs. On closer inspection, we see that Deckard performed even poorer on multi-hunk bugs, which is the main target of repair localization, than single-hunk bugs. It detected correct repair locations for only 2 bugs, while Hercules correctly localized 15 out of 24 (63%) of these bugs. Even for single-hunk bugs, Deckard correctly localized only 29% (38/130) of the instances compared to Hercules’s 88%. In both single-hunk and multi-hunk instances Deckard produced false positives as well as false-negatives.

The reason is simply that many of the target repair locations are not clones in a traditional sense (like our motivating example in Figure 1), and beyond the scope of Deckard’s purely syntactic, fixed-context clone detection. By contrast, Hercules’s specialized evolutionary sibling analysis, which combines several orthgonal sources of information, is far more accurate, and hence indispensible, for the application at hand, i.e., multi-hunk program repair.

6.2. RQ2: Generalizing Single-hunk Repair

Motivation. In RQ1, we demonstrated that Hercules is effective in detecting evolutionary siblings. The current experiment evaluates how well this repair localization translates into the end goal of producing correct patches, not just for multi-hunk instances but also single-hunk patches.

Experiment. We first create a baseline, named Hercules-SH that has all the repair schemas in Hercules but only performs single hunk repair. Then we ran both Hercules and Hercules-SH on all the 154 bugs described in RQ1.

Subject Math Lang Time Chart Closure Total
Hercules 20/9 10/5 3/2 8/2 8/5 49/23
Hercules-SH 12/9 8/3 2/2 6/2 6/5 34/21
Table 2. Effectiveness of Hercules (Correct/Incorrect)

Results. As presented in Table 2, Hercules generates 49 correct patches and 23 incorrect patches while Hercules-SH generates 34 correct patches and 21 incorrect patches as well. A deeper look into the results reveals that Hercules fixed 34 single-hunk bugs and 15 multi-hunk bugs. By comparing the results with Hercules-SH, we observe that Hercules lost no single-hunk bug due to incorrect simultaneous repair. Moreover, Hercules

generates only two additional incorrect patches due to simultaneous multi-hunk repair. The reason is that in multi-hunk repair, since program changes happen in two or more repair locations, the probability of detecting regression bugs by the test suite increases significantly. Even if a test case detects regression in one repair location out of

, the whole candidate patch is discarded.

Figure 3. Distribution of Multi-Hunk Bugs in Our Study

An analysis of the distribution of multi-hunk bugs and patches, in terms of number of hunks, offers some interesting observations. As presented in Figure 3, Hercules fixed a variety of multi-hunk bugs, ranging in size from 2 hunks to as large as 7 hunks.

6.3. Rq3: Hercules vs. State of the art

Motivation. In RQ2, we demonstrated that Hercules is effective in fixing multi-hunk bugs as well as single-hunk bugs. In this section, we evaluate the effectiveness of Hercules with respect to the state-of-the-art program repair approaches.

Experiment. We choose six of the most recent (Java) APR tools: SimFix (Jiang et al., 2018), CapGen (Wen et al., 2018), JAID (Chen et al., 2017), Elixir (Saha et al., 2017), ssFix (Xin and Reiss, 2017), and ACS (Xiong et al., 2017) as representative of the state of the art. Since all these tools have already been evaluated on Defects4J, we simply take the results from the respective papers.

Results. Table 3 presents the number of correct and incorrect patches generated by various tools. From the results, we see that Hercules generated 49 correct patches, which is the most among all tools. It fixes 15 more patches than the next best tool, SimFix. In Table 4 and Table 5, we provide more detailed results at the individual bug level. More specifically, Table 4 and Table 5 present all the single and multi-hunk bug IDs in Defects4J respectively, for which at least one tool generated a correct patch. For each table, a check-mark (✓) and a cross (✗) represent a correct patch and an incorrect patch respectively. A hyphen (-) denotes that the corresponding tool did not generate any patch for that bug ID. Finally, the ! sign denotes that we are not aware of the results reported by the tool.

Since SimFix and ACS have also the ability to fix multi-hunk bugs, we investigated the results at the level of individual bugs. We found that Hercules fixes 9 unique multi-hunk bugs that SimFix and ACS cannot fix. Furthermore, if we consider all the bugs, Hercules fixed 13 unique bugs that no existing approaches could fix. Overall the results demonstrate that Hercules advances the state of the art significantly.

Subject Math Lang Time Chart Closure Total
Hercules 20/9 10/5 3/2 8/2 8/5 49/23
SimFix 14/12 9/4 1/0 4/4 6/2 34/22
CapGen 13/! 5/! 0/! 4/! -/- 22/!
JAID 1/! 1/! 0/! 2/! 5/! 9/!
Elixir 12/7 8/4 2/1 4/3 -/- 26/15
ssFix 10/16 5/7 0/4 3/4 2/9 20/40
ACS 12/4 3/1 1/0 2/0 -/- 18/5
Table 3. Statistics of Patch Generation by Various Techniques (Correct/Incorrect)
Bug ID Hercules SimFix CapGen ssFix Elixir ACS
Chart-1 -
Chart-3 ! - -
Chart-8 - - -
Chart-9 - ! -
Chart-11 - - -
Chart-12 ! - - -
Chart-20 - ! - -
Chart-24 - - - -
Closure-14 ! - -
Closure-57 - ! - - -
Closure-62* ! - - -
Closure-63* ! - - -
Closure-73 ! - - -
Closure-86 - ! - - -
Closure-92 - ! - - -
Closure-109 - ! - -
Lang-6 - -
Lang-16 - - - -
Lang-21 - - ! - -
Lang-24 - ! -
Lang-26 - ! - -
Lang-33 ! -
Lang-38 - ! - -
Lang-39 !
Lang-43 -
Lang-57 - - -
Lang-58 ! -
Lang-59 - -
Math-3 - - ! - -
Math-5 -
Math-25 - ! - -
Math-30 - -
Math-33 -
Math-34 - ! - -
Math-41 - ! - -
Math-50 ! -
Math-53 - - -
Math-57 -
Math-58 - - -
Math-59 -
Math-61 - - ! - -
Math-63 - -
Math-70 -
Math-75 - -
Math-80 -
Math-82 ! -
Math-85
Math-89 - - ! - -
Time-4 - ! -
Time-7 - ! - - -
Time-15 - ! -

* Closure-62 and Closure-63 are duplicate bugs. We removed any duplication from Hercules’s bug count.

Table 4. Results for Single-hunk Bug IDs
Bug ID Hercules SimFix CapGen ssFix Elixir ACS
Chart-7 - ! - -
Chart-14 ! - -
Chart-19 - ! - -
Closure-4 - ! - - -
Closure-78 - ! - - -
Closure-115 - ! - -
Lang-7 - - ! - -
Lang-27 - ! - -
Lang-35 - - ! - -
Lang-41 - ! - - -
Lang-47 - ! - - -
Lang-50 - ! - - -
Lang-60 ! - - -
Math-4 - ! - -
Math-24 - ! - - -
Math-35 ! - -
Math-43 - ! - - -
Math-46 - ! - - -
Math-49 - ! - - -
Math-65 - - - - -
Math-71 - ! - - -
Math-72 ! - - -
Math-79 - ! - -
Math-90 - - ! - -
Math-93 - - ! - -
Math-98 ! - - -
Math-99 - - ! - -
Time-26 - ! - - -
Table 5. Results for Multi-hunk Bug IDs

6.4. RQ4: Contribution of Various Components of Hercules

Motivation. Evaluations in the previous RQs demonstrate that Hercules overall outperforms existing tools. The next experiment evaluates the contribution of various features of Hercules to its overall bug-fixing capability.

Experiment. In order to investigate the contribution of various components, we create three versions of Hercules.

  • Hercules-FixedContext uses a fixed number of lines before and after the buggy location as its context, rather than the semantic context. For this version we experimented with and reported the best results.

  • Hercules-MinusHistory ignores the version history in repair.

  • Hercules-Incr implements an incremental repair strategy where there is no notion of evolutionary siblings. Each location is fixed independently, one after another, as long as each successive repair decreases the number of failing tests. This strategy broadly mimics the one implemented in SimFix (Jiang et al., 2018) and ACS (Xiong et al., 2017).

We run this experiment only for the 49 bugs that Hercules correctly fixed.

Results. Table 6 presents the aggregated results in terms of number of correct patches. From the results, we observe that when we used a fixed size context, Hercules lost 11 bugs. Similarly, version history was crucial in fixing six bugs correctly. Finally, the results further show that when Hercules does not leverage the information of evolutionary siblings, i.e., works in an incremental fashion, it cannot fix 9 bugs. In summary, the results demonstrate that all the features of Hercules contributed in fixing multi-hunk bugs.

Approach Number of Correct Patches
Hercules 49
Hercules-FixedContext 38
Hercules-MinusHistory 43
Hercules-Incr 40
Table 6. Comparison among variants of Hercules

7. Limitations & Threats to Validity

Scope of multi-hunk repairs. Our current technique addresses only a specific class of multi-hunk repairs, namely ones with substantially similar patches for each hunk. While this does boost the successful repairs by almost 50% compared to the baseline tool, future research needs to address other classes of multi-hunk bugs, the vast majority of which are still out of scope for Hercules or any other APR tool.

Accuracy of version history analysis. Our version history analysis can be impacted by noise in the revision history introduced by major structural changes to the repository, such as to the directory or package structure, or other systemic re-factoring changes. We use several heuristics to compensate for such disruptions and manually inspected the history of a few sampled bug instances to verify the accuracy of the heuristics. However, we cannot guarantee the soundness of the analysis.

Generalizability of the results. Our evaluation was only carried out on the Defects4J dataset, which is a widely used benchmark for program repair research. However, the dataset’s 5 subject systems cannot capture the wide variety of Java applications and their bugs. Further validation of this technique on other subjects should necessarily be done in future. Further, our current repair results depend on the capabilities of the baseline repair tool, on which our multi-hunk repair technique is implemented. Although our baseline APR tool is quite competitive with the state of the art, using a different or improved APR tool, such as SimFix (Jiang et al., 2018) for example, could change or improve the results. Lastly, our technique has been instantiated for Java program repair but could, in principle, be applied to C/C++ program repair as well. But its efficacy in that setting remains to be investigated.

8. Related Work

Automatic program repair. A decade of research has generated a rich body of work on program repair, summarized in two excellent recent surveys (Gazzola et al., 2018; Monperrus, 2018). With the notable exception of Angelix (Mechtaev et al., 2016) APR research so far does not target multi-location bugs, which is our main focus. However, APR research most related to Hercules’s approach can be classified into techniques that: (1) mine existing code or patches for repair fragments, e.g., variables, expressions, statements, or complete code snippets, etc. , (2) learn abstract repair spaces, e.g., program transformations from existing patches, and (3) can produce multi-hunk patches.

APR - Mining repair fragments: GenProg (Le Goues et al., 2012), which pioneered this area, uses genetic search on a space of repair mutations formed by code snippets copied from elsewhere in the program. RSRepair (Qi et al., 2014) and AE (Weimer et al., 2013) follow GenProg, using random and deterministic search respectively, instead. Scalpel (Barr et al., 2015) transplants code snippets mined from a donor application to repair bugs in a donee application. CodePhage (Sidiroglou-Douskos et al., 2015) also performs transplantation but targets missing if-condition related bugs. ACS (Xiong et al., 2017) performs if condition repairs using predicates mined from Github. SearchRepair (Ke et al., 2015) mines repair fragments using a semantic search, based on SMT formulas and constraint solving. ssFix (Xin and Reiss, 2017) performs the same search using a general purpose search engine. SimFix (Jiang et al., 2018) also searches for a donor snippet, but further uses a mined space of abstract schemas to prune the search. Prophet (Long and Rinard, 2016) and Elixir (Saha et al., 2017) do not directly mine repair artifacts but rather use a corpus of existing patches to train a classifier, which is then used to rank the space of concrete patches. As a whole the above techniques search for compatible code fragments (or features thereof) to contribute to the repair of the bug at hand i.e., a donor-donee relationship. By contrast, Hercules’s search for “similar” code is used to find a set of evolutionary siblings that can be repaired concurrently.

APR - Learning abstract repair spaces: PAR (Kim et al., 2013) first used this approach, defining its repair space using a set of specialized repair templates manually derived from human-written patches. Relifix (Tan and Roychoudhury, 2015) uses specialized repair schemas customized for software regression errors. History-driven repair (Le et al., 2016) prioritizes its pool of candidate repairs based on the frequency of occurrence of the repair in a corpus of past (human-written) patches. Tan et al. (Tan et al., 2016) propose a blacklist abstract repair space defined by a set of anti-patterns, to curb the generation of incorrect patches. Genesis (Long et al., 2017) automatically extracts a set of repair schemas for specific classes of bugs by solving an optimization problem on the set of previous patches for each bug class. CapGen (Wen et al., 2018) mines a set of 30 frequently occurring AST-level transformations from a corpus of previous patches, and uses them for repair. Our contribution is fundamentally orthogonal to the above body of work in that our identification of evolutionary siblings seeks to identify where the repair should be performed while the above informs how the repair at a given location should be performed.

APR - Multi-hunk repair: So far Angelix (Mechtaev et al., 2016) is the only APR tool to specifically target multi-hunk patches. It generates a symbolic oracle for potential changes to the top ‘k’ locations given by fault localization and then independently synthesizes patches for each location from the oracle. The oracle may implicitly capture any inter-location dependencies reflected in the test suite. By contrast, Hercules uses multiple sources of information to pro-actively derive and exploit sibling relationships between repair locations. Although not specifically described in (Xiong et al., 2017; Jiang et al., 2018) the implementations of ACS (Xiong et al., 2017) and SimFix (Jiang et al., 2018) are in fact capable of performing simple instances of multi-hunk repair. Specifically, when there are distinct test-cases separately implicating each of many bug locations, the tool independently repairs these bug locations, one after another, using the number of passing tests as a progress metric. Our key contribution is that we employ sibling relationships between locations to significantly cut down the search space by repairing locations simultaneously, localize the repair more accurately, and can even repair locations not directly implicated by the test spectrum.

Code Clone Detection. Our work is broadly inspired by research on code clone detection and extraction of code clone genealogies. Deckard (Jiang et al., 2007), NiCad (Cordy and Roy, 2011), and CCFinder (Kamiya et al., 2002) are some of the popular clone detectors. Kim et al. (Kim and Notkin, 2005) were the first to extracted and analyze clone genealogies across multiple revisions of a software system to understand the evolution of code clones. However, as demonstrated in RQ3, the evolutionary siblings that form the basis of our approach may or may not be traditional code clones.

Systematic Edits. Our approach is also inspired by research on systematic edits (Kim and Notkin, 2009; Meng et al., 2011), with LASE (Meng et al., 2013) and Rase (Meng et al., 2015) being the most advanced tools in this area. The key idea in this research is to learn a common abstract edit script from a few examples instances of it, which is then replicated at target locations in the code, also identified using the learned edit script. Hercules also shares the notion of similar edits at multiple locations. However, we do not rely on examples for identifying sibling locations.

9. Conclusion

Automatic program repair techniques have made significant advances over the past decade. However, practical deployment remains an elusive goal. One of the significant obstacles to achieving this goal, is the inability of current APR techniques to produce multi-hunk patches. In this work, we presented a novel APR technique that generalizes single-hunk repair to encompass a specific but significant class of multi-hunk repair problems, namely ones that require applying a substantially similar patch at a number of locations. We term such sets of repair locations as evolutionary siblings – similar looking code, instantiated in similar contexts, that are expected to undergo similar changes over time. We proposed a novel analysis to accurately identify a set of evolutionary siblings, for a given bug. This analysis combines three orthogonal sources of information, namely, the test-suite spectrum, a novel code similarity analysis that compares both syntactic and semantic features, and the revision history of the project. We implemented this technique in a tool Hercules and demonstrated that it is able to correctly fix 49 bugs in the Defects4J dataset, the highest of any individual APR technique to date. This includes 15 multi-hunk bugs, and 13 bugs which have not been fixed by any other technique so far. We see this contribution as a small but important step on the road to achieving practical deployment of APR tools.

References

  • (1)
  • Abreu et al. (2009) Rui Abreu, Peter Zoeteweij, Rob Golsteijn, and Arjan J. C. van Gemund. 2009. A Practical Evaluation of Spectrum-based Fault Localization. Journal of Systems and Software 82, 11 (Nov. 2009), 1780–1792.
  • Barr et al. (2014) Earl T Barr, Yuriy Brun, Premkumar Devanbu, Mark Harman, and Federica Sarro. 2014. The plastic surgery hypothesis. In Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering. ACM, 306–317.
  • Barr et al. (2015) Earl T. Barr, Mark Harman, Yue Jia, Alexandru Marginean, and Justyna Petke. 2015. Automated Software Transplantation. In Proceedings of the 2015 International Symposium on Software Testing and Analysis (ISSTA 2015). ACM, New York, NY, USA, 257–269.
  • Chen et al. (2017) Liushan Chen, Yu Pei, and Carlo A Furia. 2017. Contract-based program repair without the contracts. In Automated Software Engineering (ASE), 2017 32nd IEEE/ACM International Conference on. IEEE, 637–647.
  • Cordy and Roy (2011) James R. Cordy and Chanchal K. Roy. 2011. The NiCad Clone Detector. In Proceedings of the 2011 IEEE 19th International Conference on Program Comprehension (ICPC ’11). IEEE Computer Society, Washington, DC, USA, 219–220.
  • Duala-Ekoko and Robillard (2007) Ekwa Duala-Ekoko and Martin P Robillard. 2007. Tracking code clones in evolving software. In Software Engineering, 2007. ICSE 2007. 29th International Conference on. IEEE, 158–167.
  • Durieux et al. (2015) Thomas Durieux, Matias Martinez, Martin Monperrus, Romain Sommerard, and Jifeng Xuan. 2015. Automatic Repair of Real Bugs: An Experience Report on the Defects4J Dataset. CoRR abs/1505.07002 (2015). http://arxiv.org/abs/1505.07002
  • Gazzola et al. (2018) L. Gazzola, D. Micucci, and L. Mariani. 2018. Automatic Software Repair: A Survey. IEEE Transactions on Software Engineering (2018), 1–1.
  • Islam et al. (2016) Judith F Islam, Manishankar Mondal, and Chanchal K Roy. 2016. Bug replication in code clones: An empirical study. In Software Analysis, Evolution, and Reengineering (SANER), 2016 IEEE 23rd International Conference on, Vol. 1. IEEE, 68–78.
  • Janssen et al. (2009) Tom Janssen, Rui Abreu, and Arjan J.C. van Gemund. 2009. Zoltar: a spectrum-based fault localization tool. In SINTER ’09: Proceedings of the 2009 ESEC/FSE workshop on Software integration and evolution @ runtime. ACM, New York, NY, USA, 23–30.
  • Jiang et al. (2018) Jiajun Jiang, Yingfei Xiong, Hongyu Zhang, Qing Gao, and Xiangqun Chen. 2018. Shaping Program Repair Space with Existing Patches and Similar Code. In Proceedings of the 27th ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2018). ACM, New York, NY, USA, 298–309.
  • Jiang et al. (2007) Lingxiao Jiang, Ghassan Misherghi, Zhendong Su, and Stephane Glondu. 2007. Deckard: Scalable and accurate tree-based detection of code clones. In Proceedings of the 29th international conference on Software Engineering. IEEE Computer Society, 96–105.
  • Jones et al. (2002) James A. Jones, Mary Jean Harrold, and John Stasko. 2002. Visualization of Test Information to Assist Fault Localization. In Proceedings of the 24th International Conference on Software Engineering (ICSE ’02). ACM, New York, NY, USA, 467–477.
  • Juergens et al. (2009) Elmar Juergens, Florian Deissenboeck, Benjamin Hummel, and Stefan Wagner. 2009. Do code clones matter?. In Software Engineering, 2009. ICSE 2009. IEEE 31st International Conference on. IEEE, 485–495.
  • Just et al. (2014) René Just, Darioush Jalali, and Michael D Ernst. 2014. Defects4J: A database of existing faults to enable controlled testing studies for Java programs. In Proceedings of the 2014 International Symposium on Software Testing and Analysis. ACM, 437–440.
  • Kamiya et al. (2002) Toshihiro Kamiya, Shinji Kusumoto, and Katsuro Inoue. 2002. CCFinder: A Multilinguistic Token-based Code Clone Detection System for Large Scale Source Code. IEEE Trans. Softw. Eng. 28, 7 (July 2002), 654–670.
  • Ke et al. (2015) Y. Ke, K. T. Stolee, C. Le Goues, and Y. Brun. 2015. Repairing Programs with Semantic Code Search. In 2015 30th IEEE/ACM International Conference on Automated Software Engineering (ASE). 295–306.
  • Kim et al. (2013) Dongsun Kim, Jaechang Nam, Jaewoo Song, and Sunghun Kim. 2013. Automatic Patch Generation Learned from Human-written Patches. In Proceedings of the 2013 International Conference on Software Engineering (ICSE ’13). IEEE Press, Piscataway, NJ, USA, 802–811.
  • Kim and Notkin (2005) Miryung Kim and David Notkin. 2005. Using a clone genealogy extractor for understanding and supporting evolution of code clones. In ACM SIGSOFT Software Engineering Notes, Vol. 30. ACM, 1–5.
  • Kim and Notkin (2009) Miryung Kim and David Notkin. 2009. Discovering and Representing Systematic Code Changes. In Proceedings of the 31st International Conference on Software Engineering (ICSE ’09). IEEE Computer Society, Washington, DC, USA, 309–319.
  • Le et al. (2016) X. B. D. Le, D. Lo, and C. Le Goues. 2016. History Driven Program Repair. In 2016 IEEE 23rd International Conference on Software Analysis, Evolution, and Reengineering (SANER), Vol. 1. IEEE Press, Piscataway, NJ, USA, 213–224.
  • Le Goues et al. (2012) Claire Le Goues, Michael Dewey-Vogt, Stephanie Forrest, and Westley Weimer. 2012. A Systematic Study of Automated Program Repair: Fixing 55 out of 105 Bugs for $8 Each. In Proceedings of the 34th International Conference on Software Engineering (ICSE ’12). IEEE Press, Piscataway, NJ, USA, 3–13.
  • Le Goues et al. (2013) Claire Le Goues, Stephanie Forrest, and Westley Weimer. 2013. Current challenges in automatic software repair. Software quality journal 21, 3 (2013), 421–443.
  • Long et al. (2017) Fan Long, Peter Amidon, and Martin Rinard. 2017. Automatic Inference of Code Transforms for Patch Generation. In Proceedings of the 2017 11th Joint Meeting on Foundations of Software Engineering (ESEC/FSE 2017). ACM, New York, NY, USA, 727–739.
  • Long and Rinard (2015) Fan Long and Martin Rinard. 2015. Staged Program Repair with Condition Synthesis. In Proceedings of the 2015 10th Joint Meeting on Foundations of Software Engineering (ESEC/FSE 2015). ACM, New York, NY, USA, 166–178.
  • Long and Rinard (2016) Fan Long and Martin Rinard. 2016. Automatic Patch Generation by Learning Correct Code. In Proceedings of the 43rd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL ’16). ACM, New York, NY, USA, 298–312.
  • Mechtaev et al. (2016) Sergey Mechtaev, Jooyong Yi, and Abhik Roychoudhury. 2016. Angelix: Scalable Multiline Program Patch Synthesis via Symbolic Analysis. In Proceedings of the 38th International Conference on Software Engineering (ICSE ’16). ACM, New York, NY, USA, 691–701.
  • Meng et al. (2015) Na Meng, Lisa Hua, Miryung Kim, and Kathryn S. McKinley. 2015. Does Automated Refactoring Obviate Systematic Editing?. In Proceedings of the 37th International Conference on Software Engineering - Volume 1 (ICSE ’15). IEEE Press, Piscataway, NJ, USA, 392–402.
  • Meng et al. (2011) Na Meng, Miryung Kim, and Kathryn S. McKinley. 2011. Systematic Editing: Generating Program Transformations from an Example. In Proceedings of the 32Nd ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI ’11). ACM, New York, NY, USA, 329–342.
  • Meng et al. (2013) Na Meng, Miryung Kim, and Kathryn S. McKinley. 2013. LASE: Locating and Applying Systematic Edits by Learning from Examples. In Proceedings of the 2013 International Conference on Software Engineering (ICSE ’13). IEEE Press, Piscataway, NJ, USA, 502–511.
  • Monperrus (2018) Martin Monperrus. 2018. Automatic Software Repair: A Bibliography. Comput. Surveys 51, 1, Article 17 (Jan. 2018), 24 pages.
  • Qi et al. (2014) Yuhua Qi, Xiaoguang Mao, Yan Lei, Ziying Dai, and Chengsong Wang. 2014. The Strength of Random Search on Automated Program Repair. In Proceedings of the 36th International Conference on Software Engineering (ICSE 2014). ACM, New York, NY, USA, 254–265.
  • Qi et al. (2015) Zichao Qi, Fan Long, Sara Achour, and Martin Rinard. 2015. An Analysis of Patch Plausibility and Correctness for Generate-and-validate Patch Generation Systems. In Proceedings of the 2015 International Symposium on Software Testing and Analysis (ISSTA 2015). ACM, New York, NY, USA, 24–36.
  • Rieger et al. (2004) Matthias Rieger, Stéphane Ducasse, and Michele Lanza. 2004. Insights into system-wide code duplication. In Reverse Engineering, 2004. Proceedings. 11th Working Conference on. IEEE, 100–109.
  • Roy and Cordy (2007) Chanchal Kumar Roy and James R Cordy. 2007. A survey on software clone detection research. Queen?s School of Computing TR 541, 115 (2007), 64–68.
  • Roy and Cordy (2008) Chanchal K Roy and James R Cordy. 2008. An empirical study of function clones in open source software. In 2008 15th Working Conference on Reverse Engineering. IEEE, 81–90.
  • Saha et al. (2018) Ripon K Saha, Yingjun Lyu, Wing Lam, Hiroaki Yoshida, and Mukul R Prasad. 2018. Bugs. jar: a large-scale, diverse dataset of real-world Java bugs. In Proceedings of the 15th International Conference on Mining Software Repositories. ACM, 10–13.
  • Saha et al. (2017) Ripon K. Saha, Yingjun Lyu, Hiroaki Yoshida, and Mukul R. Prasad. 2017. ELIXIR: Effective Object Oriented Program Repair. In Proceedings of the 32Nd IEEE/ACM International Conference on Automated Software Engineering (ASE 2017). IEEE Press, Piscataway, NJ, USA, 648–659.
  • Saha et al. (2019) Seemanta Saha, Ripon K. Saha, and Mukul R. Prasad. 2019. Harnessing Evolution for Multi-Hunk Program Repair. In Proceedings of the IEEE/ACM 41st International Conference on Software Engineering (ICSE ’19). IEEE Press, Piscataway, NJ, USA, 13–24.
  • Sidiroglou-Douskos et al. (2015) Stelios Sidiroglou-Douskos, Eric Lahtinen, Fan Long, and Martin Rinard. 2015. Automatic Error Elimination by Horizontal Code Transfer Across Multiple Applications. In Proceedings of the 36th ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI ’15). ACM, New York, NY, USA, 43–54.
  • Tan and Roychoudhury (2015) Shin Hwei Tan and Abhik Roychoudhury. 2015. Relifix: Automated Repair of Software Regressions. In Proceedings of the 37th International Conference on Software Engineering - Volume 1 (ICSE ’15). IEEE Press, Piscataway, NJ, USA, 471–482.
  • Tan et al. (2016) Shin Hwei Tan, Hiroaki Yoshida, Mukul R. Prasad, and Abhik Roychoudhury. 2016. Anti-patterns in Search-based Program Repair. In Proceedings of the 2016 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering (FSE 2016). ACM, New York, NY, USA, 727–738.
  • Weimer et al. (2013) W. Weimer, Z. P. Fry, and S. Forrest. 2013. Leveraging program equivalence for adaptive program repair: Models and first results. In Automated Software Engineering (ASE), 2013 IEEE/ACM 28th International Conference on. IEEE Press, Piscataway, NJ, USA, 356–366.
  • Wen et al. (2018) Ming Wen, Junjie Chen, Rongxin Wu, Dan Hao, and Shing-Chi Cheung. 2018. Context-aware Patch Generation for Better Automated Program Repair. In Proceedings of the 40th International Conference on Software Engineering (ICSE ’18). ACM, New York, NY, USA, 1–11.
  • Xin and Reiss (2017) Qi Xin and Steven P. Reiss. 2017. Leveraging Syntax-related Code for Automated Program Repair. In Proceedings of the 32Nd IEEE/ACM International Conference on Automated Software Engineering (ASE 2017). IEEE Press, Piscataway, NJ, USA, 660–670.
  • Xiong et al. (2017) Yingfei Xiong, Jie Wang, Runfa Yan, Jiachen Zhang, Shi Han, Gang Huang, and Lu Zhang. 2017. Precise Condition Synthesis for Program Repair. In Proceedings of the 39th International Conference on Software Engineering (ICSE ’17). IEEE Press, Piscataway, NJ, USA, 416–426.
  • Zhang and Shasha (1989) Kaizhong Zhang and Dennis Shasha. 1989. Simple fast algorithms for the editing distance between trees and related problems. SIAM journal on computing 18, 6 (1989), 1245–1262.
  • Zhong and Su (2015) Hao Zhong and Zhendong Su. 2015. An empirical study on real bug fixes. In Proceedings of the 37th International Conference on Software Engineering-Volume 1. IEEE Press, 913–923.