|
138 | 138 | {"key": "fu2019coda", "year": "2019", "title":"Coda: An End-to-End Neural Program Decompiler", "abstract": "<p>Reverse engineering of binary executables is a critical problem in the computer security domain. On the one hand, malicious parties may recover interpretable source codes from the software products to gain commercial advantages. On the other hand, binary decompilation can be leveraged for code vulnerability analysis and malware detection. However, efficient binary decompilation is challenging. Conventional decompilers have the following major limitations: (i) they are only applicable to specific source-target language pair, hence incurs undesired development cost for new language tasks; (ii) their output high-level code cannot effectively preserve the correct functionality of the input binary; (iii) their output program does not capture the semantics of the input and the reversed program is hard to interpret. To address the above problems, we propose Coda1, the first end-to-end neural-based framework for code decompilation. Coda decomposes the decompilation task into of two key phases: First, Coda employs an instruction type-aware encoder and a tree decoder for generating an abstract syntax tree (AST) with attention feeding during the code sketch generation stage. Second, Coda then updates the code sketch using an iterative error correction machine guided by an ensembled neural error predictor. By finding a good approximate candidate and then fixing it towards perfect, Coda achieves superior with performance compared to baseline approaches. We assess Coda’s performance with extensive experiments on various benchmarks. Evaluation results show that Coda achieves an average of 82% program recovery accuracy on unseen binary samples, where the state-of-the-art decompilers yield 0% accuracy. Furthermore, Coda outperforms the sequence-to-sequence model with attention by a margin of 70% program accuracy. Our work reveals the vulnerability of binary executables and imposes a new threat to the protection of Intellectual Property (IP) for software development.</p>\n", "tags": ["decompilation"] }, |
139 | 139 | {"key": "gao2019neural", "year": "2019", "title":"A Neural Model for Method Name Generation from Functional Description", "abstract": "<p>The names of software artifacts, e.g., method names, are important for software understanding and maintenance, as good names can help developers easily understand others’ code. However, the existing naming guidelines are difficult for developers, especially novices, to come up with meaningful, concise and compact names for the variables, methods, classes and files. With the popularity of open source, an enormous amount of project source code can be accessed, and the exhaustiveness and instability of manually naming methods could now be relieved by automatically learning a naming model from a large code repository. Nevertheless, building a comprehensive naming system is still challenging, due to the gap between natural language functional descriptions and method names. Specifically, there are three challenges: how to model the relationship between the functional descriptions and formal method names, how to handle the explosion of vocabulary when dealing with large repositories, and how to leverage the knowledge learned from large repositories to a specific project. To answer these questions, we propose a neural network to directly generate readable method names from natural language description. The proposed method is built upon the encoder-decoder framework with the attention and copying mechanisms. Our experiments show that our method can generate meaningful and accurate method names and achieve significant improvement over the state-of-the-art baseline models. We also address the cold-start problem using a training trick to utilize big data in GitHub for specific projects.</p>\n", "tags": ["naming","summarization"] }, |
140 | 140 | {"key": "garg2022deepperf", "year": "2022", "title":"DeepPERF: A Deep Learning-Based Approach For Improving Software Performance", "abstract": "<p>Improving software performance is an important yet challenging part of the software development cycle. Today, the majority of performance inefficiencies are identified and patched by performance experts. Recent advancements in deep learning approaches and the wide-spread availability of open source data creates a great opportunity to automate the identification and patching of performance problems. In this paper, we present DeepPERF, a transformer-based approach to suggest performance improvements for C# applications. We pretrain DeepPERF on English and Source code corpora and followed by finetuning for the task of generating performance improvement patches for C# applications. Our evaluation shows that our model can generate the same performance improvement suggestion as the developer fix in ~53% of the cases, getting ~34% of them verbatim in our expert-verified dataset of performance changes made by C# developers. Additionally, we evaluate DeepPERF on 50 open source C# repositories on GitHub using both benchmark and unit tests and find that our model is able to suggest valid performance improvements that can improve both CPU usage and Memory allocations. So far we’ve submitted 19 pull-requests with 28 different performance optimizations and 11 of these PRs have been approved by the project owners.</p>\n", "tags": ["Transformer","optimization"] }, |
| 141 | +{"key": "gharibi2024t5apr", "year": "2024", "title":"T5APR: Empowering Automated Program Repair across Languages through Checkpoint Ensemble", "abstract": "<p>Automated program repair (APR) using deep learning techniques has become an important area of research in recent years, aiming to automatically generate bug-fixing patches that can improve software reliability and maintainability. However, most existing methods either target a single language or require high computational resources to train multilingual models. In this paper, we propose T5APR, a novel neural program repair approach that provides a unified solution for bug fixing across multiple programming languages. T5APR leverages CodeT5, a powerful pre-trained text-to-text transformer model, and adopts a checkpoint ensemble strategy to improve patch recommendation. We conduct comprehensive evaluations on six well-known benchmarks in four programming languages (Java, Python, C, JavaScript), demonstrating T5APR’s competitiveness against state-of-the-art techniques. T5APR correctly fixes 1,985 bugs, including 1,442 bugs that none of the compared techniques has fixed. We further support the effectiveness of our approach by conducting detailed analyses, such as comparing the correct patch ranking among different techniques. The findings of this study demonstrate the potential of T5APR for use in real-world applications and highlight the importance of multilingual approaches in the field of APR.</p>\n", "tags": ["repair","Transformer"] }, |
141 | 142 | {"key": "gholamian2021naturalness", "year": "2021", "title":"On the Naturalness and Localness of Software Logs", "abstract": "<p>Logs are an essential part of the development and\nmaintenance of large and complex software systems as they\ncontain rich information pertaining to the dynamic content and\nstate of the system. As such, developers and practitioners rely\nheavily on the logs to monitor their systems. In parallel, the\nincreasing volume and scale of the logs, due to the growing\ncomplexity of modern software systems, renders the traditional\nway of manual log inspection insurmountable. Consequently, to\nhandle large volumes of logs efficiently and effectively, various\nprior research aims to automate the analysis of log files. Thus, in\nthis paper, we begin with the hypothesis that log files are natural\nand local and these attributes can be applied for automating log\nanalysis tasks. We guide our research with six research questions\nwith regards to the naturalness and localness of the log files, and\npresent a case study on anomaly detection and introduce a tool\nfor anomaly detection, called ANALOG, to demonstrate how our\nnew findings facilitate the automated analysis of logs.</p>\n", "tags": ["logging","language model"] }, |
142 | 143 | {"key": "glassman2015overcode", "year": "2015", "title":"OverCode: visualizing variation in student solutions to programming problems at scale", "abstract": "<p>In MOOCs, a single programming exercise may produce thousands of solutions from learners. Understanding solution variation is important for providing appropriate feedback to students at scale. The wide variation among these solutions can be a source of pedagogically valuable examples and can be used to refine the autograder for the exercise by exposing corner cases. We present OverCode, a system for visualizing and exploring thousands of programming solutions. OverCode uses both static and dynamic analysis to cluster similar solutions, and lets teachers further filter and cluster solutions based on different criteria. We evaluated OverCode against a nonclustering baseline in a within-subjects study with 24 teaching assistants and found that the OverCode interface allows teachers to more quickly develop a high-level view of students’ understanding and misconceptions, and to provide feedback that is relevant to more students’ solutions.</p>\n", "tags": ["repair"] }, |
143 | 144 | {"key": "goens2019case", "year": "2019", "title":"A case study on machine learning for synthesizing benchmarks", "abstract": "<p>Good benchmarks are hard to find because they require a substantial effort to keep them representative for the constantly changing challenges of a particular field. Synthetic benchmarks are a common approach to deal with this, and methods from machine learning are natural candidates for synthetic benchmark generation. In this paper we investigate the usefulness of machine learning in the prominent CLgen benchmark generator. We re-evaluate CLgen by comparing the benchmarks generated by the model with the raw data used to train it. This re-evaluation indicates that, for the use case considered, machine learning did not yield additional benefit over a simpler method using the raw data. We investigate the reasons for this and provide further insights into the challenges the problem could pose for potential future generators.</p>\n", "tags": ["code generation"] }, |
|
0 commit comments