MIT makes tool that automatically fixes crash bugs

Researchers at MIT have developed a tool that should be able to automatically fix crash bugs in software by ‘borrowing’ functionality from other software. Such bugs are not only annoying, but also pose a security risk.

The tool, dubbed CodePhage, can take over security checks from other software. By implementing that functionality in your own code, crash bugs can be fixed automatically, without the involvement of a developer. Then the software automatically analyzes whether the crash bug has actually been solved.

The tool works by ‘feeding’ the input that causes crashes to another software project, the donor. This happens together with input that does not cause crashes. Then CodePhage analyzes the steps that the software performs, and at which point the ‘donor project’ treats the input differently than its own project. This other treatment can then be integrated into the ‘own’ project.

Notably, CodePhage does not need to be able to access the source of software to borrow the implementation; analyzing the execution of the software is sufficient. Also, the software project from which the code is borrowed does not have to be written in the same language. If the code was borrowed from another software project, CodePhage analyzes whether the crash bug has been resolved. If not, the tool tries to borrow other functionality from the donor project to fix the bug anyway.

According to MIT, more than 80 percent of the code of software projects now consists of security checks. By automating those checks, developers would have to spend less time on them. The ultimate goal is that a programmer no longer has to program something that has already been programmed before.