Table of Contents
Fetching ...

PatchIsland: Orchestration of LLM Agents for Continuous Vulnerability Repair

Wonyoung Kim, Seunggi Min, Minjae Gwon, Dowoo Baik, Haein Lee, Hyeon Heo, Minjae Lee, Min Woo Baek, Yonghwi Jin, Younggi Park, Yunjae Choi, Taesoo Kim, Sangdon Park, Insu Yun

TL;DR

PatchIsland tackles the bottleneck of manual vulnerability repair in continuous fuzzing by orchestrating an ensemble of diverse LLM agents within a CVR framework that is tightly integrated with OSS-Fuzz-like pipelines. It combines a novel Crete agent framework, two-phase deduplication, and FP$^2$ orchestration to achieve robust, scalable patch generation across diverse projects and bug types, demonstrated by repairing $84/92$ vulnerabilities in AIxCC benchmarks and $31/43$ patches with a $72.1\%$ success rate in the AIxCC final. Key contributions include the ensemble-based CVR architecture, the Crete framework for rapid agent development, and empirical evidence of improved patching effectiveness and operational robustness over baselines like RoboDuck and Buttercup. The work suggests PatchIsland can meaningfully reduce manual effort and improve scalability for real-world continuous fuzzing, including patches that reach upstream OSS maintainers (e.g., a pdfbox 0-day patch).

Abstract

Continuous fuzzing platforms such as OSS-Fuzz uncover large numbers of vulnerabilities, yet the subsequent repair process remains largely manual. Unfortunately, existing Automated Vulnerability Repair (AVR) techniques -- including recent LLM-based systems -- are not directly applicable to continuous fuzzing. This is because these systems are designed and evaluated on a static, single-run benchmark setting, making them ill-suited for the diverse, noisy, and failure-prone environments in continuous fuzzing. To address these issues, we introduce PatchIsland, a system for Continuous Vulnerability Repair (CVR) that tightly integrates with continuous fuzzing pipelines. PatchIsland employs an ensemble of diverse LLM agents. By leveraging multiple LLM agents, PatchIsland can cover a wider range of settings (e.g., different projects, bug types, and programming languages) and also improve operational robustness. In addition, PatchIsland utilizes a two-phase patch-based deduplication to mitigate duplicate crashes and patches, which can be problematic in continuous fuzzing. In our internal evaluation, PatchIsland repaired 84 of 92 vulnerabilities, demonstrating strong repair capability. In the official AIxCC competition, the system operated with no human intervention in a fully autonomous environment and successfully patched 31 out of 43 vulnerabilities, achieving a repair rate of 72.1\%.

PatchIsland: Orchestration of LLM Agents for Continuous Vulnerability Repair

TL;DR

PatchIsland tackles the bottleneck of manual vulnerability repair in continuous fuzzing by orchestrating an ensemble of diverse LLM agents within a CVR framework that is tightly integrated with OSS-Fuzz-like pipelines. It combines a novel Crete agent framework, two-phase deduplication, and FP orchestration to achieve robust, scalable patch generation across diverse projects and bug types, demonstrated by repairing vulnerabilities in AIxCC benchmarks and patches with a success rate in the AIxCC final. Key contributions include the ensemble-based CVR architecture, the Crete framework for rapid agent development, and empirical evidence of improved patching effectiveness and operational robustness over baselines like RoboDuck and Buttercup. The work suggests PatchIsland can meaningfully reduce manual effort and improve scalability for real-world continuous fuzzing, including patches that reach upstream OSS maintainers (e.g., a pdfbox 0-day patch).

Abstract

Continuous fuzzing platforms such as OSS-Fuzz uncover large numbers of vulnerabilities, yet the subsequent repair process remains largely manual. Unfortunately, existing Automated Vulnerability Repair (AVR) techniques -- including recent LLM-based systems -- are not directly applicable to continuous fuzzing. This is because these systems are designed and evaluated on a static, single-run benchmark setting, making them ill-suited for the diverse, noisy, and failure-prone environments in continuous fuzzing. To address these issues, we introduce PatchIsland, a system for Continuous Vulnerability Repair (CVR) that tightly integrates with continuous fuzzing pipelines. PatchIsland employs an ensemble of diverse LLM agents. By leveraging multiple LLM agents, PatchIsland can cover a wider range of settings (e.g., different projects, bug types, and programming languages) and also improve operational robustness. In addition, PatchIsland utilizes a two-phase patch-based deduplication to mitigate duplicate crashes and patches, which can be problematic in continuous fuzzing. In our internal evaluation, PatchIsland repaired 84 of 92 vulnerabilities, demonstrating strong repair capability. In the official AIxCC competition, the system operated with no human intervention in a fully autonomous environment and successfully patched 31 out of 43 vulnerabilities, achieving a repair rate of 72.1\%.
Paper Structure (30 sections, 9 figures, 7 tables, 1 algorithm)

This paper contains 30 sections, 9 figures, 7 tables, 1 algorithm.

Figures (9)

  • Figure 1: Workflow of patch generation. PatchIsland operates between the continuous fuzzing pipeline and the bug tracker, receiving crash reports and delivering generated patches to developers. The Coordinator delegates patch generation to distributed Workers.
  • Figure 2: FP$^2$ orchestration strategy with Ensemble
  • Figure 3: Comparison of patching outcomes between PatchIsland and other AIxCC systems, showing the number of successfully patched vulnerabilities and the proportion of error cases for each system.
  • Figure 4: Effect of repeated executions for a non-deterministic agent. The performance gains rapidly saturate, indicating diminishing returns from additional executions.
  • Figure 5: Time and cost comparison of patch generation across scheduling strategies (Sequential (S), Parallel (P), and FP$^2$) and baseline AIxCC systems. Each box shows the distribution of time and LLM inference cost required to produce successful patches, illustrating the latency (left) and LLM cost (right) trade-offs of different scheduling approaches.
  • ...and 4 more figures