NDLI: Static detection of api error-handling bugs via mining source code.

Please wait, while we are loading the content...

Static detection of api error-handling bugs via mining source code.

Content Provider	CiteSeerX
Abstract	Incorrect handling of errors incurred after API invocations (in short, API errors) can lead to security and robustness problems, two primary threats to software reliability. Correct handling of API errors can be specified as formal specifications, verifiable by static checkers, to ensure dependable computing. But API error specifications are often unavailable or imprecise, and cannot be inferred easily by source code inspection. In this paper, we develop a novel framework for statically mining API error specifications automatically from software package repositories, without requiring any user input. Our framework adapts a compile-time push-down model-checker to generate interprocedural static traces, which approximate run-time API error behaviors. Data-mining techniques are used on these static traces to mine specifications that define the correct handling of errors for relevant APIs used in the software packages.The mined specifications are then used to uncover API error-handling bugs. We have implemented the framework, and validated the effectiveness of the framework on 82 widely used open-source software packages with approximately 300KLOC in total 1.
File Format	PDF
Access Restriction	Open
Subject Keyword	Data-mining Technique Mined Specification Open-source Software Package Compile-time Push-down Model-checker Interprocedural Static Trace Formal Specification Software Package Repository Software Package Api Error Specification Primary Threat Incorrect Handling Correct Handling Api Invocation Relevant Apis Mining Source Code Api Error-handling Bug User Input Static Detection Static Checker Api Error Robustness Problem Software Reliability Novel Framework Static Trace Run-time Api Error Behavior Source Code Inspection
Content Type	Text

Central Library (ISO-9001:2015 Certified)
Indian Institute of Technology Kharagpur
Kharagpur, West Bengal, India | PIN - 721302

See location in the Map
03222 282435
Mail: support@ndl.gov.in

Sl.	Authority	Responsibilities	Communication Details
1	Ministry of Education (GoI), Department of Higher Education	Sanctioning Authority	https://www.education.gov.in/ict-initiatives
2	Indian Institute of Technology Kharagpur	Host Institute of the Project: The host institute of the project is responsible for providing infrastructure support and hosting the project	https://www.iitkgp.ac.in
3	National Digital Library of India Office, Indian Institute of Technology Kharagpur	The administrative and infrastructural headquarters of the project	Dr. B. Sutradhar bsutra@ndl.gov.in
4	Project PI / Joint PI	Principal Investigator and Joint Principal Investigators of the project	Dr. B. Sutradhar bsutra@ndl.gov.in Prof. Saswat Chakrabarti will be added soon
5	Website/Portal (Helpdesk)	Queries regarding NDLI and its services	support@ndl.gov.in
6	Contents and Copyright Issues	Queries related to content curation and copyright issues	content@ndl.gov.in
7	National Digital Library of India Club (NDLI Club)	Queries related to NDLI Club formation, support, user awareness program, seminar/symposium, collaboration, social media, promotion, and outreach	clubsupport@ndl.gov.in
8	Digital Preservation Centre (DPC)	Assistance with digitizing and archiving copyright-free printed books	dpc@ndl.gov.in
9	IDR Setup or Support	Queries related to establishment and support of Institutional Digital Repository (IDR) and IDR workshops	idr@ndl.gov.in