大模型在软件缺陷检测与修复的应用发展综述
CSTR:
作者:
作者单位:

作者简介:

通讯作者:

中图分类号:

TP311

基金项目:

国家自然科学基金 (62372220)


Survey on Application and Development of Large Language Models in Software Defect Detection and Repair
Author:
Affiliation:

Fund Project:

  • 摘要
  • |
  • 图/表
  • |
  • 访问统计
  • |
  • 参考文献
  • |
  • 相似文献
  • |
  • 引证文献
  • |
  • 资源附件
  • |
  • 文章评论
    摘要:

    随着信息化的深入, 大量应用程序的开发和功能迭代不可避免引入软件缺陷, 并潜在地对程序可靠性和安全性造成了严重的威胁. 检测与修复软件漏洞, 已经成为开发者维护软件质量必要的任务, 同时也是沉重的负担. 对此, 软件工程的研究者在过去的数十年中提出大量相关技术, 帮助开发者解决缺陷相关问题. 然而这些技术都面对着一些严峻的挑战, 在工业实践落地上鲜有进展. 大模型, 如代码大模型CodeX和对话大模型ChatGPT, 通过在海量数据集上进行训练, 能够捕捉代码中的复杂模式和结构, 处理大量上下文信息并灵活地适应各种任务, 以其优秀的性能吸引了大量研究人员的关注. 在诸多软件工程任务中, 基于大模型的技术展现出显著的优势, 有望解决不同领域过去所面对的关键挑战. 因此, 尝试对目前已经存在基于大模型相关成熟技术的3个缺陷检测领域: 深度学习库的缺陷检测、GUI自动化测试、测试用例的自动生成, 与软件缺陷修复的成熟领域: 缺陷自动化修复, 进行分析和探究, 在阐述其发展脉络的同时对不同技术流派的特性和挑战进行深入的探讨. 最后, 基于对已有研究的分析, 总结这些领域和技术所面临的关键挑战及对未来研究的启示.

    Abstract:

    With the advancement of informationalization, the development of a variety of applications and iterative functions inevitably leads to software defects, posing significant threats to program reliability and security. Therefore, detecting and repairing software defects becomes essential yet onerous for developers in maintaining software quality. Accordingly, software engineering researchers have proposed numerous technologies over the past decades to help developers address defect-related issues. However, these technologies face serious challenges and make little progress in industrial implementation. Large language model (LLM), such as the code-based model CodeX and the prestigious ChatGPT, trained on massive datasets, can capture complex patterns and structures in code, process extensive contextual information, and flexibly adapt to various tasks. Their superior performance has attracted considerable attention from researchers. In many software engineering tasks, technologies based on LLM show significant advantages in addressing key challenges previously faced in different domains. Consequently, this study attempts to analyze and explore three defect detection domains where technologies based on LLM have been widely adopted: deep-learning library defect detection, GUI automated testing, and automated test case generation, along with one mature software defect repair domain: automated program repair (APR). This study delves into the progress of these domains and provides an in-depth discussion of their characteristics and challenges. Lastly, based on an analysis of existing research, this study summarizes the key challenges faced by these domains and technologies and offers insights for future research.

    参考文献
    相似文献
    引证文献
引用本文

香佳宏,徐霄阳,孔繁初,彭湃,张钊,张煜群.大模型在软件缺陷检测与修复的应用发展综述.软件学报,,():1-41

复制
分享
文章指标
  • 点击次数:
  • 下载次数:
  • HTML阅读次数:
  • 引用次数:
历史
  • 收稿日期:2023-12-06
  • 最后修改日期:2024-05-18
  • 录用日期:
  • 在线发布日期: 2025-01-08
  • 出版日期:
文章二维码
您是第位访问者
版权所有:中国科学院软件研究所 京ICP备05046678号-3
地址:北京市海淀区中关村南四街4号,邮政编码:100190
电话:010-62562563 传真:010-62562533 Email:jos@iscas.ac.cn
技术支持:北京勤云科技发展有限公司

京公网安备 11040202500063号