2022
DOI: 10.48550/arxiv.2209.07211
|View full text |Cite
Preprint
|
Sign up to set email alerts
|

On the acceptance by code reviewers of candidate security patches suggested by Automated Program Repair tools

Abstract: Background: Testing and validation of the semantic correctness of patches provided by tools for Automated Program Repairs (APR) has received a lot of attention. Yet, the eventual acceptance or rejection of suggested patches for real world projects by humans patch reviewers has received a limited attention. Objective: To address this issue, we plan to investigate whether (possibly incorrect) security patches suggested by APR tools are recognized by human reviewers. We also want to investigate whether knowing th… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1

Citation Types

0
1
0

Year Published

2023
2023
2024
2024

Publication Types

Select...
2

Relationship

0
2

Authors

Journals

citations
Cited by 2 publications
(1 citation statement)
references
References 37 publications
0
1
0
Order By: Relevance
“…Human-competitiveness As mentioned by Monperrus et al (2019), there are two criteria for the tools to be human-competitive: (1) the tool generates the patch faster than the human developer, and (2) the human developer accepts the generated patch. The second criterion is out of scope for this paper (it has been studied by our prior work Papotti et al 2022). For the first criterion, most of the tools in our study (TBar, Cardumen, Kali-A, jKali, jMutRepair) halt immediately after the first E2E tested patch is found.…”
Section: The Technical Implementations Of Arja and Genprog-a Cause Ov...mentioning
confidence: 99%
“…Human-competitiveness As mentioned by Monperrus et al (2019), there are two criteria for the tools to be human-competitive: (1) the tool generates the patch faster than the human developer, and (2) the human developer accepts the generated patch. The second criterion is out of scope for this paper (it has been studied by our prior work Papotti et al 2022). For the first criterion, most of the tools in our study (TBar, Cardumen, Kali-A, jKali, jMutRepair) halt immediately after the first E2E tested patch is found.…”
Section: The Technical Implementations Of Arja and Genprog-a Cause Ov...mentioning
confidence: 99%