Effective Error-Specification Inference via Domain-Knowledge Expansion

DeFreez, Daniel and Rubio-González, Cindy and Thakur, Aditya V.
Proceedings of the 27th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE’19) , 2019

Error handling code responds to the occurrence of runtime errors. Failure to correctly handle errors can lead to security vulnerabilities and data loss. This paper deals with error handling in software written in C that uses the return-code idiom: the presence and type of error is encoded in the return value of a function. The paper describes EESI, a static analysis that infers the set of values that a function can return on error. Such a function error-specification can then be used to identify bugs related to incorrect error handling. The key insight of the paper is to bootstrap the analysis by using and expanding domain knowledge related to error handling provided by a developer. EESI uses a combination of intraprocedural flow-sensitive analysis and interprocedural context-insensitive analysis to ensure precision and scalability. We demonstrated how the function error-specifications inferred by EESI can be used to automatically find bugs related to incorrect error handling. Such bugs manifest as missing or insufficient error checks in the code.

PDF     ACM©    

@inproceedings{defreez_rubio_thakur_FSE2019,
  author = {DeFreez, Daniel and Rubio{-}Gonz{\'{a}}lez, Cindy and Thakur, Aditya V.},
  title = {Effective Error-Specification Inference via Domain-Knowledge Expansion},
  booktitle = {Proceedings of the 27th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering {(ESEC/FSE'19)} },
  year = {2019},
  pages = {466--476},
  publisher = {ACM},
  doi = {10.1145/3338906.3338960}
}