Automatically Finding and Patching Bad Error Handling

Bad error handling is the cause of many service outages. We address this problem by a novel approach to detect and patch bad error handling automatically. Our approach uses error injection to detect bad error handling and static analysis of binary code to determine which type of patch can be instantiated. We describe several measurements regarding the effectiveness of our approach to detect and patch bad error handling in several open source programs

[1]  Zhen Xiao,et al.  A flexible generator architecture for improving software dependability , 2002, 13th International Symposium on Software Reliability Engineering, 2002. Proceedings..

[2]  George C. Necula,et al.  Finding and preventing run-time error handling mistakes , 2004, OOPSLA.

[3]  Flaviu Cristian,et al.  Exception Handling and Tolerance of Software Faults , 1995 .

[4]  Peter M. Broadwell,et al.  FIG: A Prototype Tool for Online Verification of Recovery Mechanisms , 2002 .

[5]  Zhen Xiao,et al.  HEALERS: a toolkit for enhancing the robustness and security of existing applications , 2003, 2003 International Conference on Dependable Systems and Networks, 2003. Proceedings..

[6]  Angelos D. Keromytis,et al.  Countering network worms through automatic patch generation , 2005, IEEE Security & Privacy Magazine.

[7]  Philip Koopman,et al.  Comparing the robustness of POSIX operating systems , 1999, Digest of Papers. Twenty-Ninth Annual International Symposium on Fault-Tolerant Computing (Cat. No.99CB36352).

[8]  Philip Koopman,et al.  The Exception Handling Effectiveness of POSIX Operating Systems , 2000, IEEE Trans. Software Eng..

[9]  Ulrich Drepper,et al.  How To Write Shared Libraries , 2005 .

[10]  Yi-Min Wang,et al.  Xept: a software instrumentation method for exception handling , 1997, Proceedings The Eighth International Symposium on Software Reliability Engineering.