Exceptional Situations and Program Reliability

Опубликовано 6 сентября 2016, 5:29

Software quality and reliability are increasingly important, but software remains buggy. Static analyses can find bugs before a product ships, but I believe they are only one stage in a larger process. For a particular class of bugs I show how to find mistakes, I give tools for fixing the problem, and I infer some of what the program should be doing. I will present a static dataflow analysis for finding bugs in software routines that handle errors and exceptional situations. It is difficult to write iron-clad error-handling routines, and existing programming language features often provide poor support for executing clean-up code and for restoring invariants in such exceptional situations. This flow-sensitive analysis keeps track of outstanding obligations along program paths and does a precise modeling of control flow in the presence of exceptions. Using a set of standard specifications it has found over 1 thousand error handling bugs in almost 4 million lines of Java code. To address such bugs, I propose a language feature that keeps track of obligations at run time and ensures that they are discharged. I use case studies to demonstrate that this feature is natural, efficient, and can improve reliability; for example, retrofitting a 34kLOC program with it resulted in a 0.5 speed increase (from correctly deallocating resources in the presence of exceptions), and more consistent behavior. I will also discuss a novel specification mining technique that infers application-specific safety policies automatically. This mining algorithm uses information about error handling and exceptional situations to learn temporal safety rules with few false positives. The mined safety rules find more software bugs than standard specifications do.