PanicKiller
This website provides supplementary materials for the paper "Towards Fixing Panic Bugs for Real-world Rust Programs".
Abstract
The Rust programming language has garnered significant attention due to its robust safety features and memory management capabilities. Despite its guaranteed memory safety, Rust programs still suffer from runtime errors that are unmanageable, i.e., panic errors. Notably, over half of the bugs in rustc, Rust’s own compiler, are attributable to crash errors stemming from panic errors. However, understanding the root causes and resolving these panics often requires substantial effort due to the limited information provided, and the stack backtrace could be intricate, often omitting the actual fault locations. Although numerous automated program repair techniques exist, we have observed that the prevailing fix patterns do not readily apply to Rust programs due to natural differences in language mechanisms.
To tackle the above challenges, this paper introduces a systematic study aimed at fixing Rust panic bugs. We commence by assembling a dataset, namely Panic4R, of real panic bugs and their corresponding fixes from the top 100 downloaded open-source crates. Utilizing this dataset, we then identify common patterns in panic bug resolution, which could guide the understanding and pattern-based rectification of such issues. Finally, we design and implement the first automated fixing tool PanicKiller for Rust panic bugs, which effectively generates correct patches on the real-world large-scale dataset, and has already assisted in the resolution of four panic bugs in open-source crates. All resolved issues have been validated by the developers and merged into the respective codebases.
The dataset Panic4R can be accessed via this link: https://anonymous.4open.science/r/PanicKiller-2024-828E/Panic4R/README.md
The source code of PanicKiller can be accessed via this link: https://anonymous.4open.science/r/PanicKiller-2024-828E/README.md
Here, we provide more details on Fix Pattern Mining, including more fix patterns PanicKiller uses.
Error Handling
2. Mutate Error Handler
Template Description
Replace the [original handler] with [new handler] to avoid panics caused by incorrect error handling like [original handler].
Related PRs
clap (PR 4480)
Binary Operation
2. Mutate Binary Call
Template Description
Replace basic arithmetic operations [binary call] with safer operations [call name] to handle arithmetic [operator] overflow panics. Note that [explanation].
Related PRs
serde_json (PR 493)
3. Insert Zero-Checker
Template Description
Insert a zero checker to check whether [variable] is zero when divided/moded to avoid the panics caused by division by zero.
Related PRs
chrono (PR 659)
4. Mutate Division-by-zero
Template Description
Modify a division-by-zero expression by incorporating max(1) to constrain the divisor [variable], thereby preventing panics resulting from division by zero.
Related PRs
nom (PR 1618)
5. Mutate Binary Expression
Template Description
Mutate a binary expression.
Related PRs
regex (PR 970)
Index and Range Expression
2. Mutate Index Expression
Template Description
Mutate [index] in indices [array name], avoiding panics caused by index out of bounds or exceed the boundary.
Related PRs
textwrap (PR 391)
If/If-let Expression
1. Mutate Condition
Template Description
Adjust conditions within if statements to check whether [condition].
Related PRs
idna (PR 865)
2. Negate Condition
Template Description
Negate conditions within if statements to handle NaN during [condition] check.
Related PRs
rand (PR 1005)
Unsafe
1. Insert Unsafe Block
Template Description
Insert an unsafe block when [precondition] is met to change the behaviour of [variable].
Related PRs
nom (PR 370)
Method Call
Closure
1. Mutate Map
Template Description
Change map to filter_map with mutated closure to avoid panics caused by unwrapping on None/Invalid value.
Related PRs
clap (PR 5306)
Return
1. Mutate Return
Template Description
Change the return value from [old return] to [new return].
Related PRs
regex (PR 1000)