In this talk, I will discuss our journey in developing an AI-based program analysis tool for bug detection. We consider two types of bug detection methodologies, each focusing on bugs in general contexts or specific contexts. The first type focuses on identifying bugs in general contexts. In this case, the analysis designers formally define correctness conditions (e.g., “index < size” or “divisor != 0”) and design tools (e.g., abstract domains/semantics) that can be applied to any programs written in the target language. For this category, our system prioritizes alarms by calculating the relevance of each alarm to externally provided information, such as user feedback, program changes, or dynamic analysis results. All this information is incorporated into a probabilistic model based on a Bayesian network. The relevance computed by the model significantly reduces the burden of manual alarm inspection. The second type concentrates on bugs in specific contexts. Here, the designers specify particular scenarios that trigger the target bugs, such as “buffer overflows caused by reading a malicious image file”, and identify code patterns that resemble these scenarios. For this category, our system automatically extracts bug patterns from a large corpus of known faulty programs and calculates a similarity score for each alarm with respect to these patterns. The alarms are then prioritized based on their similarity scores, leading to a substantial improvement in bug detection precision. I will discuss our experiences in developing these systems.

Kihong Heo is an Assistant Professor of the School of Computing and Graduate School of Information Security at KAIST. His research aims to develop programming systems for safe, simple, and smart software. In particular, his work has focused on advanced program reasoning systems enabled by semantic-based program analysis and AI techniques. His research has been recognized by ACM SIGPLAN Distinguished Paper Award at PLDI 2019, ACM SIGSOFT Distinguished Paper Award at ICSE 2019, and Facebook’s Infer static analyzer. He obtained his Ph.D. and B.S. in Computer Science and Engineering from Seoul National University. Prior to joining KAIST, he was a postdoctoral researcher at the University of Pennsylvania.