Automatic Error Elimination by Multi-Application Code Transfer

We present pDNA, a system for automatically transferring correct code from donor applications into recipient applications to successfully eliminate errors in the recipient. Experimental results using six donor applications to eliminate nine errors in six recipient applications highlight the ability of pDNA to transfer code across applications to eliminate otherwise fatal integer and buffer overflow errors. Because pDNA works with binary donors with no need for source code or symbolic information, it supports a wide range of use cases. To the best of our knowledge, pDNA is the first system to eliminate software errors via the successful transfer of correct code across applications.

[1]  Miriam Barlow,et al.  What antimicrobial resistance has taught us about horizontal gene transfer. , 2009, Methods in molecular biology.

[2]  Martin C. Rinard,et al.  Bolt: on-demand infinite loop escape in unmodified binaries , 2012, OOPSLA '12.

[3]  Jaechang Nam,et al.  Automatic patch generation learned from human-written patches , 2013, 2013 35th International Conference on Software Engineering (ICSE).

[4]  Stelios Sidiroglou,et al.  A source-to-source transformation tool for error fixing , 2013, CASCON.

[5]  Angelos D. Keromytis,et al.  Building a Reactive Immune System for Software Services , 2005, USENIX Annual Technical Conference, General Track.

[6]  Nicholas Nethercote,et al.  Valgrind: a framework for heavyweight dynamic binary instrumentation , 2007, PLDI '07.

[7]  Alessandra Gorla,et al.  Automatic recovery from runtime failures , 2013, 2013 35th International Conference on Software Engineering (ICSE).

[8]  Angelos D. Keromytis,et al.  ASSURE: automatic software self-healing using rescue points , 2009, ASPLOS.

[9]  Martin C. Rinard,et al.  Detecting and Escaping Infinite Loops with Jolt , 2011, ECOOP.

[10]  Daniel M. Roy,et al.  Enhancing Server Availability and Security Through Failure-Oblivious Computing , 2004, OSDI.

[11]  Angelos D. Keromytis,et al.  A network worm vaccine architecture , 2003, WET ICE 2003. Proceedings. Twelfth IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, 2003..

[12]  Liming Chen,et al.  N-VERSION PROGRAMMINC: A FAULT-TOLERANCE APPROACH TO RELlABlLlTY OF SOFTWARE OPERATlON , 1995, Twenty-Fifth International Symposium on Fault-Tolerant Computing, 1995, ' Highlights from Twenty-Five Years'..

[13]  Fan Long,et al.  Automatic input rectification , 2012, 2012 34th International Conference on Software Engineering (ICSE).

[14]  Michael D. Ernst,et al.  Automatically patching errors in deployed software , 2009, SOSP '09.

[15]  Thomas Ball,et al.  Modular and verified automatic program repair , 2012, OOPSLA '12.

[16]  Martin C. Rinard,et al.  Taint-based directed whitebox fuzzing , 2009, 2009 IEEE 31st International Conference on Software Engineering.

[17]  Claire Le Goues,et al.  A systematic study of automated program repair: Fixing 55 out of 105 bugs for $8 each , 2012, 2012 34th International Conference on Software Engineering (ICSE).

[18]  Fan Long,et al.  Sound input filter generation for integer overflow errors , 2014, POPL.

[19]  Rajiv Gupta,et al.  Self-recovery in server programs , 2009, ISMM '09.

[20]  Brian Demsky,et al.  Self-stabilizing Java , 2012, PLDI '12.

[21]  Yuanyuan Zhou,et al.  Rx: treating bugs as allergies---a safe method to survive software failures , 2005, SOSP '05.

[22]  Claire Le Goues,et al.  Automatically finding patches using genetic programming , 2009, 2009 IEEE 31st International Conference on Software Engineering.

[23]  Derek Bruening,et al.  An infrastructure for adaptive dynamic optimization , 2003, International Symposium on Code Generation and Optimization, 2003. CGO 2003..

[24]  Nikolaj Bjørner,et al.  Z3: An Efficient SMT Solver , 2008, TACAS.

[25]  Angelos D. Keromytis,et al.  A Dynamic Mechanism for Recovering from Buffer Overflow Attacks , 2005, ISC.

[26]  Luigi Naldini,et al.  Viral vectors for gene therapy: the art of turning infectious agents into vehicles of therapeutics , 2001, Nature Medicine.

[27]  Nancy G. Leveson,et al.  An experimental evaluation of the assumption of independence in multiversion programming , 1986, IEEE Transactions on Software Engineering.

[28]  Fan Long,et al.  Automatic runtime error repair and containment via recovery shepherding , 2014, PLDI.