MIT researchers want to fix software bugs by borrowing functionality from other apps.
“Over time, what you’d be doing is building this hybrid system that takes the best components from all these [other] implementations,” said Stelios Sidiroglou-Douskos, research scientist at MIT’s CSAIL.
(Related: Google expands bug bounty program to Android)
The researchers have developed CodePhage, an automatic bug-repair system designed to patch software errors by transferring code from a donor application to the program it’s repairing, regardless of programming language. The system uses the Directed Integer Overflow Discovery Engine to generate crash-inducing inputs. Once the system has imported the functionality, it rechecks the application to guarantee the bug has been fixed.
“We have tons of source code available in open-source repositories—millions of projects—and a lot of these projects implement similar specifications,” said Sidiroglou-Douskos. “Even though that might not be the core functionality of the program, they frequently have subcomponents that share functionality across a large number of projects.”
The system was tested against seven common open-source programs that had bugs, and it was able to repair the code in all instances between two to 10 minutes per patch, according to the research team behind it.
In the future, the researchers hope to see CodePhage decrease the time it takes to perform security checks. “The longer-term vision is that you never have to write a piece of code that somebody else has written before,” said Martin Rinard, professor of computer science and engineering at MIT. “The system finds that piece of code and automatically puts it together with whatever pieces of code you need to make your program work.”
