检索结果-内蒙古大学图书馆

E-PRedictor: an approach for early prediction of pull request acceptance

Science China(Information Sciences) 2025年第5期68卷 380-395页

作者： Kexing CHEN Lingfeng BAO Xing HU Xin XIA Xiaohu YANG State Key Laboratory of Blockchain and Data Security Zhejiang University Software Engineering Application Technology Lab

A pull request(PR) is an event in Git where a contributor asks project maintainers to review code he/she wants to merge into a project. The PR mechanism greatly improves the efficiency of distributed software development in the opensource community. Nevertheless, the massive number of PRs in an open-source software(OSS) project increases the workload of developers. To reduce the burden on developers, many previous studies have investigated factors that affect the chance of PRs getting accepted and built prediction models based on these factors. However, most prediction models are built on the data after PRs are submitted for a while(e.g., comments on PRs), making them not useful in practice. Because integrators still need to spend a large amount of effort on inspecting PRs. In this study, we propose an approach named E-PRedictor(earlier PR predictor) to predict whether a PR will be merged when it is created. E-PRedictor combines three dimensions of manual statistic features(i.e., contributor profile, specific pull request, and project profile) and deep semantic features generated by BERT models based on the description and code changes of PRs. To evaluate the performance of E-PRedictor, we collect475192 PRs from 49 popular open-source projects on GitHub. The experiment results show that our proposed approach can effectively predict whether a PR will be merged or not. E-PRedictor outperforms the baseline models(e.g., Random Forest and VDCNN) built on manual features significantly. In terms of F1@Merge, F1@Reject, and AUC(area under the receiver operating characteristic curve), the performance of E-PRedictor is 90.1%, 60.5%, and 85.4%, respectively.

关键词： pull request prediction model GitHub

来源：评论

学校读者我要写书评

暂无评论

Ratchet: Retrieval Augmented Transformer for Program Repair 35

Ratchet: Retrieval Augmented Transformer for Program Repair

引用

35th IEEE International Symposium on software Reliability engineering, ISSRE 2024

作者： Wang, Jian Liu, Shangqing Xie, Xiaofei Siow, Jingkai Liu, Kui Li, Yi Singapore Management University Singapore Nanyang Technological University Singapore Software Engineering Application Technology Laboratory Huawei China

ISBN: (纸本)9798350353884

Automated Program Repair (APR) presents the promising momentum of releasing developers from the burden of manual debugging tasks by automatically fixing bugs in various ways. Recent advances in deep learning inspire many works in employing deep learning techniques to fixing buggy programs. However, several challenges remain unaddressed: (1) state-of-the-art fault localization techniques often require additional artifacts, such as bug-triggering test cases or bug reports. These artifacts are not always available in the early development phases;(2) Sequence-to-Sequence model-based APR often requires additional contexts with high quality to generate patches. Yet, it is challenging to identify high-quality contexts that are not common in *** this paper, with the redundancy assumption in program repair, we propose a dual deep learning-based APR tool, RATCHET, for localizing (RATCHET-FL) and repairing (Ratchet-PG) buggy programs. Ratchet-FL localizes buggy statements based on the feature learned by a simple BiLSTM model from the code, without any bug-triggering test cases or bug reports. Ratchet-PG relies on our proposed retrieval augmented transformer to learn the historical patches and generate patches for fixing bugs. We evaluate the effectiveness of Ratchet with in-the-lab DrRepair dataset and in-the-wild dataset Ratchet-DS (curated in this work). Our experimental results show that Ratchet outperforms state-of-the-art deep learning approaches on fault localization with 39.8-96.4% accuracy and patch generation with 18.4-46.4% repair accuracy. © 2024 IEEE.

关键词： Program debugging

来源：评论

学校读者我要写书评

暂无评论

Dual Prompt-Based Few-Shot Learning for Automated Vulnerability Patch Localization 31

Dual Prompt-Based Few-Shot Learning for Automated Vulnerabil...

引用

31st IEEE International Conference on software Analysis, Evolution and Reengineering, SANER 2024

作者： Zhang, Junwei Hu, Xing Bao, Lingfeng Xia, Xin Li, Shanping Zhejiang University The State Key Laboratory of Blockchain and Data Security Hangzhou China Software Engineering Application Technology Lab Huawei China

ISBN: (纸本)9798350330663

Vulnerabilities are disclosed with corresponding patches so that users can remediate them in time. However, there are instances where patches are not released with the disclosed vulnerabilities, causing hidden dangers, especially if dependent software remains uninformed about the affected code repository. Hence, it is crucial to automatically locate security patches for disclosed vulnerabilities among a multitude of commits. Despite the promising performance of existing learning-based localization approaches, they still suffer from the following limitations: (1) They cannot perform well in data scarcity scenarios. Most neural models require extensive datasets to capture the semantic correlations between the vulnerability description and code commits, while the number of disclosed vulnerabilities with patches is limited. (2) They struggle to capture the deep semantic correlations between the vulnerability description and code commits due to inherent differences in semantics and characters between code changes and commit messages. It is difficult to use one model to capture the semantic correlations between vulnerability descriptions and code commits. To mitigate these two limitations, in this paper, we propose a novel security patch localization approach named Prom VPat, which utilizes the dual prompt tuning channel to capture the semantic correlation between vulnerability descriptions and commits, especially in data scarcity (i.e., few-shot) scenarios. We first input the commit message and code changes with the vulnerability description into the prompt generator to generate two new inputs with prompt templates. Then, we adopt a pre-trained language model (i.e., PLM) as the encoder, utilize the prompt tuning method to fine-tune the encoder, and generate two correlation probabilities as the semantic features. In addition, we extract 26 handcrafted features from the vulnerability descriptions and the code commits. Finally, we utilize the attention mechanism to fuse the

关键词： Semantics

来源：评论

学校读者我要写书评

暂无评论

Investigating White-Box Attacks for On-Device Models 24

Investigating White-Box Attacks for On-Device Models

引用

44th ACM/IEEE International Conference on software engineering, ICSE 2024

作者： Zhou, Mingyi Gao, Xiang Wu, Jing Liu, Kui Sun, Hailong Li, Li Monash University MelbourneVIC Australia Beihang University Beijing China Huawei Software Engineering Application Technology Lab China Beihang University Beijing China Yunnan Key Laboratory of Software Engineering China

ISBN: (纸本)9798400702174

Numerous mobile apps have leveraged deep learning capabilities. However, on-device models are vulnerable to attacks as they can be easily extracted from their corresponding mobile apps. Although the structure and parameters information of these models can be accessed, existing on-device attacking approaches only generate black-box attacks (i.e., indirect white-box attacks), which are less effective and efficient than white-box strategies. This is because mobile deep learning (DL) frameworks like TensorFlow Lite (TFLite) do not support gradient computing (referred to as non-debuggable models), which is necessary for white-box attacking algorithms. Thus, we argue that existing findings may underestimate the harm-fulness of on-device attacks. To validate this, we systematically analyze the difficulties of transforming the on-device model to its debuggable version and propose a Reverse engineering framework for On-device Models (REOM), which automatically reverses the compiled on-device TFLite model to its debuggable version, enabling attackers to launch white-box attacks. Our empirical results show that our approach is effective in achieving automated transformation (i.e., 92.6%) among 244 TFLite models. Compared with previous attacks using surrogate models, REOM enables attackers to achieve higher attack success rates (10.23%→89.03%) with a hun-dred times smaller attack perturbations (1.0→0.01). Our findings emphasize the need for developers to carefully consider their model deployment strategies, and use white-box methods to evaluate the vulnerability of on-device models. Our artifacts11https://***/zhoumingyi/REOM are available. © 2024 ACM.

关键词： Deep learning

来源：评论

学校读者我要写书评

暂无评论

Practical Program Repair via Preference-based Ensemble Strategy 24

Practical Program Repair via Preference-based Ensemble Strat...

引用

46th IEEE/ACM International Conference on software engineering, ICSE 2024

作者： Zhong, Wenkang Xu, Tongtong Li, Chuanyi Ge, Jidong Liu, Kui Bissyandé, Tegawendé F. Luo, Bin Ng, Vincent National Key Laboratory for Novel Software Technology Nanjing University Nanjing China Huawei Software Engineering Application Technology Lab Hangzhou China University of Luxembourg Luxembourg Human Language Technology Research Institute University of Texas at Dallas RichardsonTX United States

ISBN: (纸本)9798400702174

To date, over 40 Automated Program Repair (APR) tools have been designed with varying bug-fixing strategies, which have been demonstrated to have complementary performance in terms of being effective for different bug classes. Intuitively, it should be feasible to improve the overall bug-fixing performance of APR via assembling existing tools. Unfortunately, simply invoking all available APR tools for a given bug can result in unacceptable costs on APR execution as well as on patch validation (via expensive testing). Therefore, while assembling existing tools is appealing, it requires an efficient strategy to reconcile the need to fix more bugs and the requirements for practicality. In light of this problem, we propose a Preference-based Ensemble Program Repair framework (P-EPR), which seeks to effectively rank APR tools for repairing different bugs. P-EPR is the first non-learning-based APR ensemble method that is novel in its exploitation of repair patterns as a major source of knowledge for ranking APR tools and its reliance on a dynamic update strategy that enables it to immediately exploit and benefit from newly derived repair results. Experimental results show that P-EPR outperforms existing strategies significantly both in flexibility and effectiveness. © 2024 IEEE Computer Society. All rights reserved.

关键词： Well testing

来源：评论

学校读者我要写书评

暂无评论

PS3: Precise Patch Presence Test Based on Semantic Symbolic Signature 24

PS3: Precise Patch Presence Test Based on Semantic Symbolic ...

引用

44th ACM/IEEE International Conference on software engineering, ICSE 2024

作者： Zhan, Qi Hu, Xing Li, Zhiyang Xia, Xin Lo, David Li, Shanping Zhejiang University The State Key Laboratory of Blockchain and Data Security Hangzhou China Zhejiang University Hangzhou China Software Engineering Application Technology Lab Huawei China Singapore Management University Singapore

ISBN: (纸本)9798400702174

During software development, vulnerabilities have posed a significant threat to users. Patches are the most effective way to combat vulnerabilities. In a large-scale software system, testing the presence of a security patch in every affected binary is crucial to ensure system security. Identifying whether a binary has been patched for a known vulnerability is challenging, as there may only be small differences between patched and vulnerable versions. Existing approaches mainly focus on detecting patches that are compiled in the same compiler options. However, it is common for developers to compile programs with very different compiler options in different situations, which causes inaccuracy for existing methods. In this paper, we propose a new approach named PS3, referring to precise patch presence test based on semantic-level symbolic signature. PS3 exploits symbolic emulation to extract signatures that are stable under different compiler options. Then PS3 can precisely test the presence of the patch by comparing the signatures between the reference and the target at semantic level. To evaluate the effectiveness of our approach, we constructed a dataset consisting of 3,631 (CVE, binary) pairs of 62 recent CVEs in four C/C++ projects. The experimental results show that PS3 achieves scores of 0.82, 0.97, and 0.89 in terms of precision, recall, and F1 score, respectively. PS3 outperforms the state-of-the-art baselines by improving 33% in terms of F1 score and remains stable in different compiler options. © 2024 ACM.

关键词： software design

来源：评论

学校读者我要写书评

暂无评论

NL2CTL: Automatic Generation of Formal Requirements Specifications via Large Language Models 1

引用

25th International Conference on Formal engineering Methods, ICFEM 2024

作者： Zhao, Mengyan Tao, Ran Huang, Yanhong Shi, Jianqi Qin, Shengchao Yang, Yang National Trusted Embedded Software Engineering Technology Research Center East China Normal University Shanghai China Hardware/Software Co-Design Technology and Application Engineering Research Center East China Normal University Shanghai China Guangzhou Institute of Technology Xidian University Xi’an China ICTT and ISN Laboratory Xidian University Xi’an China Software Engineering Institute East China Normal University Shanghai China

ISBN: (数字)9789819606177

ISBN: (纸本)9789819606160

Reducing the gap between natural language requirements and precise formal specifications is a critical task in requirements engineering. In recent years, requirement engineering is becoming increasingly complex alongside the growing intricacy of system engineering. Most requirements are expressed in natural language, which can be incomplete and ambiguous. However, formal languages with strict semantics can accurately represent certain temporal logic properties and allow for automated verification and analysis. This often limits the application of verification techniques, as writing formal specifications is a manual, error-prone, and time-consuming task. To address this, this paper proposes a framework that leverages Large Language Models (LLMs) to achieve automated conversion of natural language requirements to Computation Tree Logic (CTL). To address the issue of dataset scarcity, we leveraged the interactive and generative capabilities of LLMs. By constructing a random generation algorithm and utilizing prompt engineering, we generated an NL-CTL dataset using LLMs. The generated dataset was then used to fine-tune the T5-Large model, enhancing its generative capacity. To improve generalization, this paper proposes the use of the GPT-3.5 Atomic Proposition (AP) Recognition method, which eliminates the constraints of using the framework across different domains. A series of experimental evaluations showed that the fine-tuned LLM achieved an accuracy of 46.4%, whereas the LLM with few-shot learning using only prompt engineering achieved only 2% accuracy, demonstrating the feasibility of this approach. © The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2024.

关键词： Semantics

来源：评论

学校读者我要写书评

暂无评论

An Approach for Performance Calculation of AVS/RS in Multi-floor Workshop 3rd

An Approach for Performance Calculation of AVS/RS in Multi-f...

引用

3rd International Conference on Smart Manufacturing, Industrial and Logistics engineering, SMILE 2023 and the 7th Asian Conference of Management Science and applications, ACMSA 2023

作者： Liu, Xiaopeng Wu, Cuiying Zhang, Baolin Xi, An Chen, Xuanrui Ministry of Industry and Information Technology Key Laboratory of Industrial Software Engineering Application Technology China Electronic Product Reliability and Environmental Testing Research Institute Guangzhou510619 China School of Computer and Information Engineering Hanshan Normal University Guangdong Chaozhou521041 China

ISBN: (纸本)9789819701933

Warehouse management is an important part of the production process. As a result of the development of technology, more and more companies tend to use automated logistics technologies such as AVS/RS to handle the internal logistics of the production system. Especially in multi-floor workshops, the production process on each floor are connected with each other through AVS/RS. It is becoming more and more important to study the integration process of AVS/RS and multi-floor workshop production process. In this paper, an integrated queuing network model of multi-floor workshop and AVS/RS was established, and a calculation method of system performance index was proposed. The accuracy and efficiency of the proposed method are demonstrated by comparing the results with simulations from numerical experiments. The work of this article can provide a basis for the design of autonomous vehicle storage and retrieve systems in multi-floor workshop, and the calculation method can be used as the support of WMS technology base. © The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2024.

关键词： Floors

来源：评论

学校读者我要写书评

暂无评论

NOFTrack: Efficient Multi-Object Tracking with a Speed Advantage

NOFTrack: Efficient Multi-Object Tracking with a Speed Advan...

引用

2024 International Symposium on Digital Home, ISDH 2024

作者： Jiang, Ming Ke, Jiehao Guo, Biao Metaverse Application Engineering Center Guilin University of Electronic Technology Guilin China School of Computer Science and Information Security Guilin University of Electronic Technology Guilin China Guilin University of Electronic Technology Guangxi Key Laboratory of Trusted Software Guilin China

ISBN: (纸本)9798331509873

In the field of multi-object tracking (MOT), accurately tracking the position and characteristics of targets is crucial. However, traditional methods often overlook detection results with low confidence, which can lead to the omission of targets and the fragmentation of trajectories. To overcome these challenges, we have introduced a novel NOF algorithm. This algorithm efficiently handles detection boxes through a tiered strategy, initially using an adaptive Kalman filter for preliminary matching, followed by a secondary screening of detection boxes with lower confidence, and a final stage for processing dubious detection results. This approach not only enhances the speed and accuracy of tracking but also performs exceptionally well when dealing with complex scenes. Moreover, it is capable of achieving high efficiency, with a rate of over 300 frames per second (FPS), ensuring the efficiency and precision of the tracking process. © 2024 IEEE.

关键词： Target tracking

来源：评论

学校读者我要写书评

暂无评论

Image super‐resolution via dynamic network

引用

CAAI Transactions on Intelligence technology 2024年第4期9卷 837-849页

作者： Chunwei Tian Xuanyu Zhang Qi Zhang Mingming Yang Zhaojie Ju School of Software Northwestern Polytechnical UniversityXi'anChina National Engineering Laboratory for Integrated Aero‐Space‐Ground‐Ocean Big Data Application Technology Xi'anChina Research&Development Institute Northwestern Polytechnical UniversityShenzhenChina School of Economics and Management Harbin Institute of Technology at WeihaiWeihaiChina Tencent AI Lab ShenzhenChina School of Computing University of PortsmouthPortsmouthUK

Convolutional neural networks depend on deep network architectures to extract accurate information for image super‐***,obtained information of these con-volutional neural networks cannot completely express predicted high‐quality images for complex scenes.A dynamic network for image super‐resolution(DSRNet)is presented,which contains a residual enhancement block,wide enhancement block,feature refine-ment block and construction *** residual enhancement block is composed of a residual enhanced architecture to facilitate hierarchical features for image super‐*** enhance robustness of obtained super‐resolution model for complex scenes,a wide enhancement block achieves a dynamic architecture to learn more robust information to enhance applicability of an obtained super‐resolution model for varying *** prevent interference of components in a wide enhancement block,a refine-ment block utilises a stacked architecture to accurately learn obtained ***,a residual learning operation is embedded in the refinement block to prevent long‐term dependency ***,a construction block is responsible for reconstructing high‐quality *** heterogeneous architecture can not only facilitate richer structural information,but also be lightweight,which is suitable for mobile digital *** results show that our method is more competitive in terms of performance,recovering time of image super‐resolution and *** code of DSRNet can be obtained at https://***/hellloxiaotian/DSRNet.

关键词： CNN dynamic network image super‐resolution lightweight network

来源：评论

学校读者我要写书评

暂无评论

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案：

请选择收藏分类：

通借通还

建议与咨询 留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案： 新增检索档案 确定 取消

请选择收藏分类： 新增自定义分类 确定 取消

通借通还

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

请选择保存的检索档案：

请选择收藏分类：