Automatic error elimination by horizontal code transfer across multiple applications

We present Code Phage (CP), a system for automatically transferring correct code from donor applications into recipient applications that process the same inputs to successfully eliminate errors in the recipient. Experimental results using seven donor applications to eliminate ten errors in seven recipient applications highlight the ability of CP to transfer code across applications to eliminate out of bounds access, integer overflow, and divide by zero errors. Because CP works with binary donors with no need for source code or symbolic information, it supports a wide range of use cases. To the best of our knowledge, CP is the first system to automatically transfer code across multiple applications.

[1]  Martin Rinard,et al.  Horizontal Code Transfer via Program Fracture and Recombination , 2015 .

[2]  Miriam Barlow,et al.  What antimicrobial resistance has taught us about horizontal gene transfer. , 2009, Methods in molecular biology.

[3]  Daniel M. Roy,et al.  Enhancing Server Availability and Security Through Failure-Oblivious Computing , 2004, OSDI.

[4]  Martin C. Rinard,et al.  Bolt: on-demand infinite loop escape in unmodified binaries , 2012, OOPSLA '12.

[5]  Martin C. Rinard,et al.  Detecting and Escaping Infinite Loops with Jolt , 2011, ECOOP.

[6]  Vitaly Shmatikov,et al.  Fix Me Up: Repairing Access-Control Bugs in Web Applications , 2013, NDSS.

[7]  Liming Chen,et al.  N-VERSION PROGRAMMINC: A FAULT-TOLERANCE APPROACH TO RELlABlLlTY OF SOFTWARE OPERATlON , 1995, Twenty-Fifth International Symposium on Fault-Tolerant Computing, 1995, ' Highlights from Twenty-Five Years'..

[8]  Tevfik Bultan,et al.  Semantic differential repair for input validation and sanitization , 2014, ISSTA 2014.

[9]  Claire Le Goues,et al.  A systematic study of automated program repair: Fixing 55 out of 105 bugs for $8 each , 2012, 2012 34th International Conference on Software Engineering (ICSE).

[10]  Fan Long,et al.  Automatic input rectification , 2012, 2012 34th International Conference on Software Engineering (ICSE).

[11]  Martin Rinard,et al.  Automatic Error Elimination by Multi-Application Code Transfer , 2014 .

[12]  Angelos D. Keromytis,et al.  ASSURE: automatic software self-healing using rescue points , 2009, ASPLOS.

[13]  RinardMartin,et al.  Automatic error elimination by horizontal code transfer across multiple applications , 2015 .

[14]  Yuanyuan Zhou,et al.  Rx: treating bugs as allergies---a safe method to survive software failures , 2005, SOSP '05.

[15]  Ricardo Bianchini,et al.  Staged deployment in mirage, an integrated software upgrade testing and distribution system , 2007, SOSP.

[16]  Fan Long,et al.  Automatic runtime error repair and containment via recovery shepherding , 2014, PLDI.

[17]  Martin Rinard,et al.  Staged Program Repair in SPR , 2015 .

[18]  Brian Demsky,et al.  Self-stabilizing Java , 2012, PLDI '12.

[19]  Andrew Begel,et al.  Managing Duplicated Code with Linked Editing , 2004, 2004 IEEE Symposium on Visual Languages - Human Centric Computing.

[20]  Nancy G. Leveson,et al.  An experimental evaluation of the assumption of independence in multiversion programming , 1986, IEEE Transactions on Software Engineering.

[21]  Claire Le Goues,et al.  Automatically finding patches using genetic programming , 2009, 2009 IEEE 31st International Conference on Software Engineering.

[22]  Martin C. Rinard,et al.  Taint-based directed whitebox fuzzing , 2009, 2009 IEEE 31st International Conference on Software Engineering.

[23]  Fan Long,et al.  An analysis of patch plausibility and correctness for generate-and-validate patch generation systems , 2015, ISSTA.

[24]  Eric Lahtinen,et al.  Targeted Automatic Integer Overflow Discovery Using Goal-Directed Conditional Branch Enforcement , 2015, ASPLOS.

[25]  Westley Weimer,et al.  Leveraging program equivalence for adaptive program repair: Models and first results , 2013, 2013 28th IEEE/ACM International Conference on Automated Software Engineering (ASE).

[26]  Emery D. Berger,et al.  DieHard: probabilistic memory safety for unsafe languages , 2006, PLDI '06.

[27]  Vitaly Shmatikov,et al.  RoleCast: finding missing security checks when you do not know what checks are , 2011, OOPSLA '11.

[28]  Junfeng Yang,et al.  Scalable and systematic detection of buggy inconsistencies in source code , 2010, OOPSLA.

[29]  Thomas Ball,et al.  Modular and verified automatic program repair , 2012, OOPSLA '12.

[30]  Wei Zhang,et al.  Automated Concurrency-Bug Fixing , 2012, OSDI.

[31]  Alessandra Gorla,et al.  Automatic recovery from runtime failures , 2013, 2013 35th International Conference on Software Engineering (ICSE).

[32]  Rajiv Gupta,et al.  Self-recovery in server programs , 2009, ISMM '09.

[33]  Emery D. Berger,et al.  Exterminator: automatically correcting memory errors with high probability , 2007, PLDI '07.

[34]  Fan Long,et al.  Sound input filter generation for integer overflow errors , 2014, POPL.

[35]  Michael D. Ernst,et al.  Automatically patching errors in deployed software , 2009, SOSP '09.

[36]  Faith C. Belanger,et al.  Horizontal gene transfer of a bacterial insect toxin gene into the Epichloë fungal symbionts of grasses , 2014, Scientific Reports.

[37]  J. Palmer,et al.  Horizontal gene transfer in eukaryotic evolution , 2008, Nature Reviews Genetics.

[38]  Luigi Naldini,et al.  Viral vectors for gene therapy: the art of turning infectious agents into vehicles of therapeutics , 2001, Nature Medicine.

[39]  Yuanyuan Zhou,et al.  CP-Miner: A Tool for Finding Copy-paste and Related Bugs in Operating System Code , 2004, OSDI.

[40]  Miryung Kim,et al.  Sydit: creating and applying a program transformation from an example , 2011, ESEC/FSE '11.

[41]  Dawson R. Engler,et al.  From uncertainty to belief: inferring the specification within , 2006, OSDI '06.

[42]  Nicholas Nethercote,et al.  Valgrind: a framework for heavyweight dynamic binary instrumentation , 2007, PLDI '07.

[43]  Pedram Amini,et al.  Fuzzing: Brute Force Vulnerability Discovery , 2007 .

[44]  Frank Tip,et al.  Automated repair of HTML generation errors in PHP applications using string constraint solving , 2012, 2012 34th International Conference on Software Engineering (ICSE).

[45]  Stelios Sidiroglou,et al.  A source-to-source transformation tool for error fixing , 2013, CASCON.

[46]  Angelos D. Keromytis,et al.  Building a Reactive Immune System for Software Services , 2005, USENIX Annual Technical Conference, General Track.

[47]  Zhendong Su,et al.  Context-based detection of clone-related bugs , 2007, ESEC-FSE '07.

[48]  Miryung Kim,et al.  Lase: Locating and applying systematic edits by learning from examples , 2013, 2013 35th International Conference on Software Engineering (ICSE).

[49]  Martin C. Rinard,et al.  Parallelizing Sequential Programs with Statistical Accuracy Tests , 2013, TECS.