LineVul+: Towards Automated Program Repair via Line-level Defect Prediction

<p>In recent years, automated program repair (APR) has been conducted to reduce the cost of debugging. When performing APR, it is necessary to perform fault localization (FL) to identify the location of bugs. A challenge of FL is that most FL techniques rely on test case coverage. They become difficult to apply when there are insufficient test cases and low test coverage. To overcome this challenge, we have shifted from using FL techniques to employing line-level defect prediction for APR. The latter generally does not require test cases. Because line-level defect prediction targets bugs at the same level of granularity as existing FL techniques, it could be considered as an alternative to these FL techniques. In this paper, we construct and assess our proposed line-level defect prediction approach LineVul+, which is an enhanced version of LineVul, an existing line-level vulnerability detection approach, and discuss its applicability to APR. The proposed approach conducts a two-step defect prediction. Initially, it predicts bugs on sections of differences provided by Git (hunks). If a bug is predicted, it then performs the prediction at the line-level. Our prediction at the hunk-level yielded low precision but high recall. Meanwhile, for line-level prediction, we achieved a Top-5 Accuracy of 0.84, and a median IFA of 0. In conclusion, reducing the number of false positives is necessary to apply the proposed approach to APR.</p>