Raymond P.L. Buse
Westley R. Weimer
ABSTRACT
Exception handling is a powerful and widely-used programming language abstraction for constructing robust software systems. Unfortunately, it introduces an inter-procedural flow of control that can be difficult to reason about. Failure to do so correctly can lead to security vulnerabilities, breaches of API encapsulation, and any number of safety policy violations.
We present a fully automated tool that statically infers and characterizes exception-causing conditions in Java programs. Our tool is based on an inter-procedural, context-sensitive analysis. The output of this tool is well-suited for use as human-readable documentation of exceptional conditions.
We evaluate the output of our tool by comparing it to over 900 instances of existing exception documentation in almost two million lines of code. We find that the output of our tool is at least as good as existing documentation 85% of the time and is better 25% of the time.
- G. Alonso, C. Hagen, D. Agrawal, A. E. Abbadi, and C. Mohan. Enhancing the fault tolerance of work flow management systems. IEEE Concurrency, 8(3):74--81, July 2000.]] Google Scholar
Digital Library
- T. Ball and J. R. Larus. Efficient path profiling. In International Symposium on Microarchitecture, pages 46--57, 1996.]] Google ScholarDigital Library
- M. Bruntink, A. van Deursen, and T. Tourwé. Discovering faults in idiom-based exception handling. In ICSE '06: Proceeding of the 28th international conference on Software engineering, pages 242--251, 2006.]] Google ScholarDigital Library
- T. Cargill. Exception handling: a false sense of security. C++ Report, 6(9), 1994.]]Google Scholar
- L. Carter, B. Simon, B. Calder, L. Carter, and J. Ferrante. Path analysis and renaming for predicated instruction scheduling. International Journal of Parallel Programming, 28(6):563--588, 2000.]] Google ScholarDigital Library
- B.-M. Chang, J.-W. Jo, K. Yi, and K.-M. Choe. Interprocedural exception analysis for java. In SAC '01: Proceedings of the 2001 ACM symposium on Applied computing, pages 620--625, 2001.]] Google ScholarDigital Library
- R. Chatterjee, B. G. Ryder, and W. Landi. Complexity of points-to analysis of java in the presence of exceptions. IEEE Trans. Software Eng., 27(6):481--512, 2001.]] Google ScholarDigital Library
- J.-D. Choi, D. Grove, M. Hind, and V. Sarkar. Efficient and precise modeling of exceptions for the analysis of java programs. In Workshop on Program Analysis for Software Tools and Engineering, pages 21--31, 1999.]] Google ScholarDigital Library
- M. Das, S. Lerner, and M. Seigle. ESP: path-sensitive program verification in polynomial time. SIGPLAN Notices, 37(5):57--68, 2002.]] Google ScholarDigital Library
- S. C. B. de Souza, N. Anquetil, and K. M. de Oliveira. A study of the documentation essential to software maintenance. In International Conference on Design of Communication, pages 68--75, 2005.]] Google ScholarDigital Library
- D. R. Engler, D. Y. Chen, and A. Chou. Bugs as inconsistent behavior: A general approach to inferring errors in systems code. In Symposium on Operating Systems Principles, pages 57--72, 2001.]] Google ScholarDigital Library
- R. V.-R. et. al. Soot -- a java optimization framework. In Proceedings of CASCON 1999, pages 125--135, 1999.]]Google Scholar
- C. Flanagan, K. R. M. Leino, M. Lillibridge, G. Nelson, J. B. Saxe, and R. Stata. Extended static checking for java. In Programming Language Design and Implementation PLDI), pages 234--245, 2002.]] Google ScholarDigital Library
- A. Forward and T. C. Lethbridge. The relevance of software documentation, tools and technologies: a survey. In DocEng '02: Proceedings of the 2002 ACM symposium on Document engineering, pages 26--33, 2002.]] Google ScholarDigital Library
- C. Fu and B. G. Ryder. Exception-chain analysis: Revealing exception handling architecture in java server applications. Software Engineering, 2007. ICSE 2007. 29th International Conference on, pages 230--239, 20--26 May 2007.]] Google ScholarDigital Library
- J. B. Goodenough. Exception handling: issues and a proposed notation. Communications of the ACM, 18(12):683--696, 1975.]] Google ScholarDigital Library
- M. Hind. Pointer analysis: haven't we solved this problem yet? In Workshop on Program Analysis for Software Tools and Engineering, pages 54--61, 2001.]] Google ScholarDigital Library
- S. Huang and S. Tilley. Towards a documentation maturity model. In International Conference on Documentation, pages 93--99, 2003.]] Google ScholarDigital Library
- R. Jhala and R. Majumdar. Path slicing. In Programming Language Design and Implementation (PLDI), pages 38--47, 2005.]] Google ScholarDigital Library
- D. Kramer. Api documentation from source code comments: a case study of javadoc. In International Conference on Computer Documentation, pages 147--153, 1999.]] Google ScholarDigital Library
- D. Malayeri and J. Aldrich. Practical exception specifications. In Advanced Topics in Exception Handling Techniques, pages 200--220, 2006.]] Google ScholarDigital Library
- K. L. McMillan. Applications of craig interpolants in model checking. In Tools and Algorithms for the Construction and Analysis of Systems, pages 1--12, 2005.]] Google ScholarDigital Library
- R. Miller and A. Tripathi. Issues with exception handling in object-oriented systems. In European Conference on Object-Oriented Programming, pages 85--103, 1997.]]Google ScholarCross Ref
- D. G. Novick and K. Ward. What users say they want in documentation. In Conference on Design of Communication, pages 84--91, 2006.]] Google ScholarDigital Library
- S. L. Pfleeger. Software Engineering: Theory and Practice. Prentice Hall PTR, Upper Saddle River, NJ, USA, 2001.]] Google ScholarDigital Library
- T. M. Pigoski. Practical Software Maintenance: Best Practices for Managing Your Software Investment. John Wiley & Sons, Inc., 1996.]] Google ScholarDigital Library
- M. P. Robillard and G. C. Murphy. Regaining control of exception handling. Technical Report TR--99--14, Dept. of Computer Science, University of British Columbia, 1, 1999.]] Google ScholarDigital Library
- M. P. Robillard and G. C. Murphy. Static analysis to support the evolution of exception structure in object-oriented systems. ACM Trans. Softw. Eng. Methodol., 12(2):191--221, 2003.]] Google ScholarDigital Library
- T. Robschink and G. Snelting. Efficient path conditions in dependence graphs. In International Conference on Software Engineering (ICSE), pages 478--488, 2002.]] Google ScholarDigital Library
- B. G. Ryder, D. Smith, U. Kremer, M. Gordon, and N. Shah. A static study of java exceptions using jesp. In International Conference on Compiler Construction, pages 67--81, London, UK, 2000. Springer-Verlag.]] Google ScholarDigital Library
- R. C. Seacord, D. Plakosh, and G. A. Lewis. Modernizing Legacy Systems: Software Technologies, Engineering Process and Business Practices. Addison-Wesley Longman Publishing Co., Inc., Boston, MA, USA, 2003.]] Google ScholarDigital Library
- M. I. Seltzer, Y. Endo, C. Small, and K. A. Smith. Dealing with disaster: Surviving misbehaved kernel extensions. In Symposium on Operating Systems Design and Implementation, pages 213--227, Seattle, Washington, 1996.]] Google ScholarDigital Library
- S. Sinha and M. J. Harrold. Criteria for testing exception-handling constructs in java programs. In ICSM, 265, 1999.]] Google ScholarDigital Library
- S. Sinha, A. Orso, and M. J. Harrold. Automated support for development, maintenance, and testing in the presence of implicit control flow. icse, 0:336--345, 2004.]] Google ScholarDigital Library
- B. Thomas and S. Tilley. Documentation for software engineers: what is needed to aid system understanding? In International Conference on Computer Documentation, pages 235--236, 2001.]] Google ScholarDigital Library
- S. Tilley and H. Müller. Info: a simple document annotation facility. In International Conference on Systems Documentation, pages 30--36, 1991.]] Google ScholarDigital Library
- W. Weimer and G. C. Necula. Finding and preventing run-time error handling mistakes. In Conference on Object-oriented programming, systems, languages, and applications, pages 419--431, 2004.]] Google ScholarDigital Library
- S. Yemini and D. Berry. A modular verifiable exception handling mechanism. ACM Transactions on Programming Languages and Systems, 7(2), Apr. 1985.]] Google ScholarDigital Library
- M. Gupta, J.-D. Choi, and M. Hind. Optimizing java programs in the presence of exceptions. In European Conference on Object-Oriented Programming, pages 422--446, London, UK, 2000. Springer-Verlag.]] Google ScholarDigital Library
- O. Lhoták and L. Hendren. Scaling Java points--to analysis using Spark. In G. Hedin, editor, Compiler Construction, 12th International Conference, volume 2622 of LNCS, pages 153--169, Warsaw, Poland, April 2003. Springer.]] Google ScholarDigital Library
Index Terms
- Automatic documentation inference for exceptions
Recommendations
A semantics for execution levels with exceptions
FOAL '11: Proceedings of the 10th international workshop on Foundations of aspect-oriented languagesAspect-oriented languages are usually formulated as an extension to existing languages, without paying any special attention to the underlying exception handling mechanisms. Consequently, aspect exceptions and handlers are no different than base ...
Accepting blame for safe tunneled exceptions
PLDI '16Unhandled exceptions crash programs, so a compile-time check that exceptions are handled should in principle make software more reliable. But designers of some recent languages have argued that the benefits of statically checked exceptions are not ...
Accepting blame for safe tunneled exceptions
PLDI '16: Proceedings of the 37th ACM SIGPLAN Conference on Programming Language Design and ImplementationUnhandled exceptions crash programs, so a compile-time check that exceptions are handled should in principle make software more reliable. But designers of some recent languages have argued that the benefits of statically checked exceptions are not ...
Comments