A multi-agent driven software vulnerability automatic repair method and system
By employing a multi-agent-driven automatic software vulnerability repair method, which utilizes blind distillation and structured alignment, combined with agent diagnosis and closed-loop repair, the problems of distribution bias and noise amplifier in existing technologies are solved, achieving high-precision software vulnerability repair.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Applications(China)
- Current Assignee / Owner
- NANJING UNIV OF POSTS & TELECOMM
- Filing Date
- 2026-04-09
- Publication Date
- 2026-07-03
AI Technical Summary
Existing automatic software vulnerability repair methods based on large language models suffer from problems such as training and inference distribution bias, noise amplification, and open-loop generation, resulting in low repair accuracy and efficiency.
A multi-agent driven approach is adopted, which constructs a multi-partition vector index library through a blind distillation strategy. Combined with structured alignment and agent diagnosis, multi-view route retrieval and closed-loop repair are performed, and the repair strategy is adjusted using static analysis and test feedback.
It effectively solves the problems of distribution deviation and noise, improves the accuracy and efficiency of repair, and realizes high-precision automated repair.
Smart Images

Figure CN122333484A_ABST
Abstract
Description
Technical Field
[0001] This invention relates to the fields of software security and artificial intelligence technology, and in particular to a multi-agent driven method and system for automatic repair of software vulnerabilities. Background Technology
[0002] As software systems become increasingly complex, the number of software vulnerabilities is growing exponentially. Automated Program Remediation (APR) techniques based on Large Language Models (LLMs) have shown great potential. However, existing RAG-based remediation methods suffer from the following drawbacks:
[0003] 1. Training-Inference Distribution Shift: Offline retrieval library construction often utilizes information from known patches (Ground Truth Patches), resulting in indexes containing "God's-eye view" features. Specifically, these features originate from post-hoc information after defect repair, such as patch content, edit locations, change patterns, or semantic differences before and after the repair. Because this information is available during offline library construction but not during online repair, the model is prone to learning matching criteria that do not conform to real deployment conditions, thus causing a training-inference distribution inconsistency.
[0004] 2. Noise Amplifier: The root cause analysis (RCA) generated by LLM is illusory, and the tone drift of natural language leads to low retrieval precision.
[0005] 3. Open-Loop Generation: Traditional methods only generate code once and lack the ability to verify and self-correct compilation errors or logical errors. Summary of the Invention
[0006] Purpose of the invention: The purpose of this invention is to provide a multi-agent driven automatic software vulnerability repair method and system (i.e., MV-BDSR framework), which solves distribution bias through blind distillation strategy, solves retrieval noise through structured alignment, and solves generation quality problems through agent closure.
[0007] Technical Solution: A multi-agent-driven method and system for automatic software vulnerability repair, comprising four main stages:
[0008] 1) Offline Indexing Phase: The core of this phase is blind distillation. For historical vulnerability samples, the LLM is forced to generate blind RCAs from three perspectives—data flow, control flow, and API semantics—without checking patches. Subsequently, real patches are used to verify and distill the blind RCAs, generating an accurate yet unrevealing structured index, which is then stored in a logically isolated partitioned vector library.
[0009] 2) Agentic Diagnosis Phase: Deploy a diagnostic agent based on the ReAct pattern. Before generating search queries, this agent uses static analysis tools such as taint analysis and control dependency graphs to extract information from vulnerable code, such as variable sources and missing boundary conditions, thereby generating fact-based augmented queries to prevent illusions.
[0010] 3) Online Retrieval & Re-ranking: Enhanced queries are used for multi-view routed retrieval, and union pooling is used to ensure recall. Subsequently, a structure-aware soft voting mechanism is introduced, using GraphCodeBERT to extract code structure features, and weighting candidate samples (structure weight is higher than text weight) to remove noise with similar text descriptions but inconsistent code logic.
[0011] 4) Agent Iterative Repair Phase: Deploy a test-driven iterative repair agent. This agent generates candidate patches based on the retrieved Top-3 high-quality examples and enters a closed loop of coding-compiling-testing-fixing. The agent maintains a historical record list and dynamically adjusts the repair strategy based on compiler errors or test case feedback (negative / positive samples) until it passes verification.
[0012] The present invention specifically provides a multi-agent-driven automatic software vulnerability repair method, which includes the following steps:
[0013] 1) Perform multi-perspective blind generation and targeted distillation correction on historical vulnerability datasets, and build a multi-partition vector index library that includes data flow, control flow and API semantics;
[0014] 2) Utilize the diagnostic agent to invoke static analysis tools to extract facts from the vulnerability code to be patched, generating an enhanced context containing structured facts;
[0015] 3) Generate multi-view queries based on enhanced context, perform route retrieval in a multi-partition vector library, and use a structure-aware soft voting mechanism to select the Top-K reference examples;
[0016] 4) Use the iterative repair agent in conjunction with the reference example to generate candidate patches, and verify and self-correct them in the feedback loop of compilation and testing, and output the final repair patch.
[0017] Preferably, in step 1), the multi-view blind vision generation and directional distillation correction include the following sub-steps:
[0018] 1.1) Input the historical vulnerability code into the large language model, and generate hypothetical root cause analyses from three perspectives: data flow, control flow, and API semantics, while blocking real patches;
[0019] 1.2) Input the generated hypothetical root cause analysis and the real patch into the discriminant model at the same time. By inputting the prompt words designed for this step and the root cause analysis generated from the blind perspective into the large model, let it judge whether the hypothetical root cause accurately points to the repair logic of the real patch.
[0020] 1.3) If the judgment is negative, the actual patch is introduced in the prompt as a guide, forcing the large language model to regenerate the root cause analysis. The generated description must logically point to the patch, but only reference the vulnerability code features in the text, and obtain the distilled multi-perspective index key.
[0021] 1.4) Vectorize the distilled data flow, control flow, and API semantic index keys respectively, store them in logically isolated subspaces, and build a multi-partition vector index library.
[0022] Preferably, 2.1) Upon receiving the vulnerability code to be patched, the agent invokes the loaded static analysis tool to analyze the uncertain sources of variables or control dependencies in the code;
[0023] 2.2) The agent invokes the mounted static analysis tools, including taint analysis tools, control dependency graph extraction tools, and API specification checking tools;
[0024] 2.3) The tool returns definitive code facts, and the agent generates an enhanced context query based on these facts, which includes vulnerability triggering paths and logical constraints.
[0025] Preferably, 3.1) the candidate sample pool is obtained by retrieving the corresponding subspace index using multi-view queries and taking the union of the results;
[0026] 3.2) Extract the root cause text vector of the candidate samples, and use the code pre-trained model to extract the structure vector of the original code of the candidate samples;
[0027] 3.3) Calculate the comprehensive similarity score between the code to be repaired and the candidate samples. The formula is as follows:
[0028] (1),
[0029] in, For text semantic similarity, For code structure similarity, and weighted coefficients ;
[0030] 3.4) Sort the candidate samples in descending order according to the comprehensive score and select the Top-K examples.
[0031] Preferably, 4.1) the initial patch is generated by referring to the repair patterns of the Top-K examples;
[0032] 4.2) Call the compiler tools to perform a syntax check; if it fails, read the error log and correct the syntax.
[0033] 4.3) If compilation succeeds, run the negative sample test and the positive sample test in sequence;
[0034] 4.4) Based on the type of test failure, the agent retrieves historical modification records, generates a corrected patch, and continues until the test is passed or the maximum number of retries is reached.
[0035] Preferably, a multi-agent-driven automatic software vulnerability repair system based on the aforementioned method comprises: an offline index construction module, an agent diagnosis module, an online index module, and an agent iterative repair module, wherein:
[0036] An offline index building module is used to build a multi-partition vector index library through multi-view blind generation and directional distillation correction;
[0037] The agent diagnostic module is used to deploy diagnostic agents, extract code facts and generate enhanced context by calling static analysis tools;
[0038] The online retrieval module is used to perform multi-view route retrieval and structure-aware soft voting, and outputs reference examples;
[0039] The agent iterative repair module is used to deploy iterative repair agents and generate the final patch based on test feedback closed loop.
[0040] Preferably, the offline index building module includes a blind generation subunit, which is configured to perform a restricted context inference step: actively shielding the real patch and related repair instructions at the input layer, forcing the large language model to perform independent parsing under the single-modal condition of only inputting the original vulnerability code, and outputting the first-stage root cause analysis. This step actively cuts off the input of prior repair knowledge in the offline stage. Then, through the set distillation unit, which is configured to perform teacher-student mode correction generation, the LLM is allowed to refer to the Ground Truth Patch to first determine whether the blindly generated RCA is accurate. If it is inaccurate, it is corrected. Finally, the corrected RCA is returned as the index key, and it is ensured that the generated index key is semantically aligned with the real patch and distributedly aligned with the vulnerability code without a patch.
[0041] Preferably, the agent diagnostic module encapsulates the static analysis function into a standard interface for large models to call through an adapter; during operation, the system intercepts the diagnostic intent of the large model and converts it into a graph query instruction, and performs traversal on the code attribute graph built at the bottom layer; finally, the extracted objective code facts such as variable pollution paths and control flow boundaries are forcibly injected into the context window of the large model, thereby blocking the reasoning illusion generated by the large model based on probability prediction.
[0042] Preferably, the specific execution steps of the structure verification unit of the online retrieval module include: first, extracting the abstract syntax tree and data flow graph of the code to be repaired and the candidate code to be retrieved; second, jointly inputting the edge / node relationship of the code source token and the DFG into the structure-aware model and mapping it into a high-dimensional code structure vector; finally, calculating the cosine similarity of the two sets of vectors as the final structure score.
[0043] Preferably, a computer device includes a memory, a processor, and a computer program stored in the memory and executable on the processor, wherein the computer program, when executed by the processor, implements the steps of the method.
[0044] Compared with existing technologies, the beneficial effects of this invention are as follows: This invention eliminates the data distribution deviation between offline and online through blind distillation, ensuring the effectiveness of retrieval; it suppresses the illusionary noise of natural language by utilizing the objective structure of code through structure-aware reordering; and it achieves high-precision automated repair of closed loop by introducing factual constraints of static analysis and feedback correction of dynamic testing through dual-agent collaboration. Attached Figure Description
[0045] Figure 1 This is a flowchart illustrating the present invention;
[0046] Figure 2 , Figure 3 , Figure 4It is a prompt template used when generating RCA from multiple perspectives in a blind manner;
[0047] Figure 5 , Figure 6 This is the prompt template used in the directional distillation stage of this invention. Detailed Implementation
[0048] The present invention will be further explained and described below with reference to the accompanying drawings and specific embodiments.
[0049] Example
[0050] Please see Figure 1 , Figure 2 and Figure 3 As shown, the multi-agent-driven automatic software vulnerability repair method and system provided by the present invention includes the following steps in its specific implementation:
[0051] 1) Offline index building (Views A / B / C):
[0052] 1.1) Input: Vulnerable code repository .
[0053] 1.2) Multi-view blind generation: For each sample, LLM generates data without input... In the case of generating data stream perspectives respectively Control flow perspective and API perspective .
[0054] 1.3) Blind distillation alignment: Introducing a teacher model for comparison and If the blindfolded generation is inaccurate, a prompt will be added. Guide LLM rewriting, but restrict the rewritten content to only references. Features in, generate .
[0055] 1.4) Partitioned storage: The distilled RCA is vectorized and stored in three logical sub-libraries: Index_Data, Index_Control, and Index_API.
[0056] 2) Phase 1: Agent Diagnosis (Tool-Augmented Probe):
[0057] 2.1) Input: Vulnerability code to be patched .
[0058] 2.2) Packaging tools:
[0059] get_data_flow(variable, line): Returns the data flow direction (source and destination) of the specified variable.
[0060] get_control(line): Returns the control condition that affects the current line (in which if / while block it is located);
[0061] check_api_spec(function_name): Queries the security specifications of sensitive APIs.
[0062] 2.3) Run the Agent, call the tool to analyze and think about the vulnerable code, and finally generate a structured diagnostic report.
[0063] 3) Phase 2: Online retrieval and reordering.
[0064] 3.1) Retrieval: Generate queries from three perspectives based on the enhanced context (structured diagnostic report), retrieve them in their respective sub-databases, and merge them into the candidate pool;
[0065] 3.2) Structure-aware soft voting: Calculate the score of candidate sample Pi:
[0066] ,
[0067] in Use GraphCodeBERT for computation, ensuring a high degree of similarity in code structure. Select the top-3 examples.
[0068] 4) Stage 3: Iterative repair of the agent.
[0069] 4.1) Packaging tools:
[0070] Tool_compile(patch_code): Attempts to compile the patched program;
[0071] Tool_run_test(test_id): Runs the specified test case.
[0072] 4.2) Initial Attempt: Referencing the Top-3 examples, a candidate patch V1 was generated to fix the agent;
[0073] 4.3) Compilation and verification: The compilation tool is called to compile. If the compilation fails, the agent reads the error log and generates a new patch V2.
[0074] 4.4) Call the testing tool to run the negative sample test (PoC). If the test fails, the agent analyzes the cause and adjusts the logic to generate patch V3.
[0075] 4.5) If the negative sample test passes, call the testing tool again to run the positive sample test (regression test). If the test fails, the agent analyzes the cause and adjusts the logic to generate patch V4.
[0076] 4.6) Final output: After both the compilation test and the positive and negative sample test pass, the final patch is output.
[0077] It should be noted that the above content merely illustrates the technical concept of the present invention and should not be construed as limiting the scope of protection of the present invention. For those skilled in the art, various improvements and modifications can be made without departing from the principle of the present invention, and all such improvements and modifications fall within the scope of protection of the claims of the present invention.
Claims
1. A method for automatic software vulnerability repair based on multi-agent driving, characterized in that, Includes the following steps: 1) Perform multi-perspective blind generation and targeted distillation correction on historical vulnerability datasets, and build a multi-partition vector index library that includes data flow, control flow and API semantics; 2) Utilize the diagnostic agent to invoke static analysis tools to extract facts from the vulnerability code to be patched, generating an enhanced context containing structured facts; 3) Generate multi-view queries based on enhanced context, perform route retrieval in a multi-partition vector library, and use a structure-aware soft voting mechanism to select the Top-K reference examples; 4) Use the iterative repair agent in conjunction with the reference example to generate candidate patches, and verify and self-correct them in the feedback loop of compilation and testing, and output the final repair patch.
2. The method of claim 1, wherein, In step 1), the multi-view blind generation and directional distillation correction include the following sub-steps: 1) Input historical vulnerability code into a large language model, and generate hypothetical root cause analyses from three perspectives: data flow, control flow, and API semantics, while blocking real patches; 2) Input the generated hypothetical root cause analysis and the real patch into the discriminative model at the same time. Input the root cause analysis generated by the blind perspective and the prompt words designed for this step into the large model, and ask it to judge whether the hypothetical root cause accurately points to the repair logic of the real patch. 3) If the judgment is negative, the actual patch is introduced in the prompt as a guide, forcing the large language model to regenerate the root cause analysis. The generated description must logically point to the patch, but only reference the vulnerability code features in the text, and obtain the distilled multi-perspective index key. 4) Vectorize the distilled data flow, control flow, and API semantic index keys respectively, store them in logically isolated subspaces, and build a multi-partition vector index library.
3. The method of claim 1, wherein, In step 2), the diagnostic agent adopts the ReAct pattern, which includes the following sub-steps: 1) Upon receiving the vulnerability code to be patched, the agent invokes the loaded static analysis tool to analyze the uncertain sources of variables or control dependencies in the code; 2) The agent invokes the mounted static analysis tools, including taint analysis tools, control dependency graph extraction tools, and API specification checking tools; 3) The tool returns definitive code facts, and the agent generates an enhanced context query based on these facts, which includes vulnerability triggering paths and logical constraints.
4. The method according to claim 1, characterized in that, In step 3), the structure-aware soft voting mechanism includes the following sub-steps: 1) Use multi-view queries to retrieve data from the corresponding subspace indexes and take the union of the results to obtain the candidate sample pool; 2) Extract the root cause text vector of the candidate sample, and use the code pre-trained model to extract the structure vector of the original code of the candidate sample; 3) Calculate the overall similarity score between the code to be repaired and the candidate samples. The formula is as follows: (1), in, For text semantic similarity, For code structure similarity, and weighted coefficients ; 4) Sort the candidate samples in descending order according to the comprehensive score, and select the Top-K examples.
5. The method according to claim 1, characterized in that, Step 4), the workflow of iteratively repairing the agent, includes the following sub-steps: 1) Generate an initial patch by referring to the fix patterns of the Top-K examples; 2) Call the compiler tools to perform a syntax check; if it fails, read the error log and correct the syntax. 3) If compilation succeeds, run the negative sample test and the positive sample test in sequence; 4) Based on the type of test failure, the agent retrieves historical modification records, generates a corrected patch, and continues until the test is passed or the maximum number of retries is reached.
6. A multi-agent driven automatic software vulnerability repair system based on the method of any one of claims 1 to 5, characterized in that, It includes: an offline index building module, an agent diagnosis module, an online indexing module, and an agent iteration and repair module, among which: An offline index building module is used to build a multi-partition vector index library through multi-view blind generation and directional distillation correction; The agent diagnostic module is used to deploy diagnostic agents, extract code facts and generate enhanced context by calling static analysis tools; The online retrieval module is used to perform multi-view route retrieval and structure-aware soft voting, and outputs reference examples; The agent iterative repair module is used to deploy iterative repair agents and generate the final patch based on test feedback closed loop.
7. The multi-agent driven automatic software vulnerability repair system according to claim 6, characterized in that: The offline index building module includes a blind generation subunit, which is configured to perform a restricted context inference step: actively shielding the real patch and related remediation instructions at the input layer, forcing the large language model to perform independent parsing under the single-modal condition of only inputting the original vulnerability code, and outputting the first-stage root cause analysis. This step actively cuts off the input of prior remediation knowledge in the offline stage. Then, through the set distillation unit, which is configured to perform teacher-student mode correction generation, the LLM is asked to refer to the Ground Truth Patch to first determine whether the blindly generated RCA is accurate. If it is inaccurate, it is corrected. Finally, the corrected RCA is returned as the index key, and it is ensured that the generated index key is semantically aligned with the real patch and distributedly aligned with the vulnerability code without a patch.
8. The multi-agent driven software vulnerability automatic repair system according to claim 6, characterized in that: The intelligent agent diagnostic module encapsulates the static analysis function into a standard interface for large models to call through an adapter. During operation, the system intercepts the diagnostic intent of the large model and converts it into a graph query instruction, which is then traversed on the underlying code attribute graph. Finally, the extracted objective code facts, such as variable pollution paths and control flow boundaries, are forcibly injected into the context window of the large model to block the reasoning illusion generated by the large model based on probability prediction.
9. The multi-agent driven automatic software vulnerability repair system according to claim 6, characterized in that: The specific execution steps of the structure verification unit of the online retrieval module include: First, extracting the abstract syntax tree and data flow graph of the code to be repaired and the candidate code to be retrieved; Second, inputting the edge / node relationship of the code source token and the DFG into the structure-aware model and mapping it into a high-dimensional code structure vector; Finally, calculating the cosine similarity of the two sets of vectors as the final structure score.
10. A computer device, comprising a memory, a processor, and a computer program stored in the memory and executable on the processor, characterized in that, When the computer program is executed by a processor, it implements the steps of the method described in claims 1 to 5.