improving the quality of error handling code in systems
play

Improving the Quality of Error-Handling Code in Systems Software - PowerPoint PPT Presentation

Oct 06, 2022 •238 likes •869 views

Improving the Quality of Error-Handling Code in Systems Software using Function-Local Information Suman Saha Laboratoire d'Informatique de Paris 6 Regal 25 th March, 2013 Outline Motivation Contribution 1: Understanding error-handling

  1. Improving the Quality of Error-Handling Code in Systems Software using Function-Local Information Suman Saha Laboratoire d'Informatique de Paris 6 Regal 25 th March, 2013

  2. Outline ● Motivation ● Contribution 1: Understanding error-handling code in systems software ● Contribution 2: Improving the structure of error-handling code ● Contribution 3: Finding omission faults in error-handling code ● Future work and Conclusion 2

  3. Motivation Research Questions: 1. Why are the faults in error-handling serious? 2. Why is it difficult to identify them? 3

  4. Reliability of Systems Code Reliability of systems code is critical – Handling transient run-time errors is essential – Cause deadlocks, memory leaks and crashes – Key to ensuring reliability 4

  5. Issues Error-handling code is not tested often – Research has shown there are many faults in error-handling code [Weimer OOPSLA:04 ] – Fixing these faults requires knowing what kind of error-handling code is required 5

  6. Existing work on Error-Handling Code ● Proposing new language features [Bruntink ICSE:06 ] – introducing macros ● Finding faults in Error-Handling Code – focused on error-detection and propagation [Gunawi FAST:08 , Banabic EuroSys:12 ] 6

  7. Error-Handling Code in C Programs Error-Handling code handles exceptions. – Returns the system to a coherent state. param = copy_dev_ioctl(user); … err = validate_dev_ioctl(command, param); if ( err ) goto out ; ... fn = lookup_dev_ioctl(cmd); if ( !fn ) { AUTOFS_WARN(“...”, command); return -ENOTTY ; } … out: free_dev_ioctl (param); return err; 7 Autofs4 code containing a fault

  8. Understanding Error-Handling Code in Systems Software Research Questions: 1. How is error-handling code important for systems software? 2. What are the typical ways to write error-handling code in systems software? 8

  9. Considered Systems Software SL Project Lines of code Version Description 1 Linux drivers 4.6 MLoC 2.6.34 Linux device drivers 2 Linux sound 0.4 MLoC 2.6.34 Linux sound drivers 3 Linux net 0.4 MLoC 2.6.34 Linux networking 4 Linux fs 0.7 MLoC 2.6.34 Linux file systems 5 Wine 2.1 MLoC 1.5.0 Windows emulator 6 PostgreSQL 0.6 MLoC 9.1.3 Database 7 Apache httpd 0.1 MLoC 2.4.1 HTTP server 8 Python 0.4 MLoC 2.7.3 Python runtime 9 Python 0.3 MLoC 3.2.3 Python runtime 10 PHP 0.6 MLoC 5.4.0 PHP runtime 9

  10. Error-Handling in Linux 10

  11. Error-Handling in Python 11

  12. Error-Handling in Systems Code Percentage of code found within functions that have 0 or more blocks of error-handling code. 12

  13. Error-Handling: Basic Strategy A typical, initial way to write error-handling code Basic strategy x = alloc(); … if(!y) { free(x); return -ENOMEM; } ... if(!z) { free(x); return -ENOMEM; } ... 13

  14. Basic Strategy: Problems Problems Basic strategy ● Duplicates code x = alloc(); … if(!y) { free(x); return -ENOMEM; } ... if(!z) { free(x); return -ENOMEM; } ... 14

  15. Basic Strategy: Problems Problems Basic strategy ● Duplicates code x = alloc(); ... ● Obscures what error handling if(!y) { free(x); code to use for new operations return -ENOMEM; } if(!m) { free(x); return -ENOMEM; } ... if(!z) { free(x); return -ENOMEM; 15 } ...

  16. Basic Strategy: Problems Basic strategy Problems x = alloc(); ● Duplicates code … n = alloc(); ● Obscures what error handling ... if(!y) { code to use for new operations free(n); free(x); ● Requires lots of changes when return -ENOMEM; } adding a new operation if(!m) { free(n); free(x); return -ENOMEM; } if(!z) { free(n); free(x); 16 return -ENOMEM; }

  17. Error-Handling: Goto-based Strategy Goto-based strategy ● State-restoring operations x = alloc(); appear in a single labelled ... sequence at the end of the if(!y) goto out; function ... if(!z) goto out; … out: free(x); return -ENOMEM; 17

  18. Goto-based Strategy: Benefits Goto-based strategy ● State-restoring operations x = alloc(); appear in a single labelled ... sequence at the end of the if(!y) goto out; function ... if(!z) ● No code duplication goto out; … out: free(x); return -ENOMEM; 18

  19. Goto-based Strategy: Benefits Goto-based strategy ● State-restoring operations x = alloc(); ... appear in a single labelled if(!y) sequence at the end of the goto out; … function if(!m) goto out; ● No code duplication if(!z) goto out; … out: free(x); return -ENOMEM; 19

  20. Goto-based Strategy: Benefits Goto-based strategy ● State-restoring operations x = alloc(); … appear in a single labelled n = alloc(); sequence at the end of the ... if(!y) function goto out; … ● No code duplication if(!m) goto out; if(!z) goto out; … out: free(n); free(x); 20 return -ENOMEM;

  21. Basic vs Goto-based strategies in Linux 21

  22. Basic vs Goto-based strategies in Python 22

  23. Summary ● The number of functions with error-handling code is increasing version by version ● Many more functions use the basic strategy than use the goto strategy – Leads to a lot of duplicate code – Difficult to maintain – Error prone – Hard to debug 23

  24. Improving the Structure of Error-Handling Code in Systems Software [ LCTES11 ] Three steps: 1. Find error handling code 2. Identify operations for sharing 3. Perform transformation 24

  25. 1. Find Error Handling Code  No recognizable error handling abstractions in C code  Heuristics: – An if branch ending in a return – An if branch containing at least one non-debugging function call (something to share) Examples: if(ns->bacct == NULL) { ... if(ns->bacct == NULL) { if(acct == NULL) { ns->bacct = acct; filp_close(file, NULL); acct = NULL; return -ENOMEM; } } } 25

  26. 2. Identify Operations for Sharing For each branch 1.Extract the code that is specific to the error condition 2.Extract the code that can be shared with other error handling code (cleanup code) if(x) { 1 ret = -ENOMEM; if(x) { h(“s”); ret = -ENOMEM; goto out; h(“s”); } f(a); return ret; out: } f(a); return ret; 26 2

  27. Reasons for no sharing 1. No state restoring operations if(x) { ret = -ENOMEM; h(“s”); if(x) { goto out; ret = -ENOMEM; } h(“s”); return ret; out: } return ret; 27

  28. Reasons for no sharing 2. Only one branch to f() { transform ... x = allocate(); … y = noallocate(); if(y) { ... free(x); return ret; } } 28

  29. Reasons for no sharing … if(y) { 3. Nothing in common with free(x); other error handling code return ret; } ... if(z) { free(x); return ret; } ... free(x); ... if(l) { action(z); 29 return ret; }

  30. 3. Transformation Classify the branches according to how difficult they are to transform 1. Simple 2. Hard 3. Harder 4.Hardest 30

  31. 3. Transformation: Simple ● Exactly same code in the branch and the label ● Reduce duplicate code by reusing the existing label ... if (!sl->data) { ... clear_bit(n,sbi-symlink_bitmap); if (!sl->data) unlock_kernel(); goto out; return ret; } … … out: out: clear_bit(n,sbi-symlink_bitmap); clear_bit(n,sbi-symlink_bitmap); unlock_kernel(); unlock_kernel(); return ret; return ret; 31

  32. 3. Transformation: Hard ● Code in the branch is a subset of the code in the label ● Reduce duplicate code by creating a new label in existing code ... ... if (!sl->data) { if (!sl->data) unlock_kernel(); goto out1; return ret; } … … out: out: clear_bit(n,sbi-symlink_bitmap); clear_bit(n,sbi-symlink_bitmap); out1: unlock_kernel(); unlock_kernel(); return ret; return ret; 32

  33. 3. Transformation: Harder ● Branches do have similar code but no label has ● Reduce duplicate code by creating a new label and moving code to that label ... if (!sl->data) { if (!sl->data) { clear_bit(n,sbi-symlink_bitmap); clear_bit(n,sbi-symlink_bitmap); unlock_kernel(); unlock_kernel(); return ret; return ret; } } ... ... if (!ent) if (!ent) { goto out; kfree(sl->data); … clear_bit(n,sbi-symlink_bitmap); out: unlock_kernel(); kfree(sl->data); return ret; clear_bit(n,sbi-symlink_bitmap); 33 } unlock_kernel(); ... return ret;

  34. 3. Transformation: Hardest ● Combination of Simple (common code in branch and label) and Harder (noncommon code in them). ... ... if (!ent){ if (!ent) kfree(sl->data); goto out1; clear_bit(n,sbi-symlink_bitmap); … unlock_kernel(); return 0; return ret; out1: } kfree(sl->data); … out: return 0; clear_bit(n,sbi-symlink_bitmap); out: unlock_kernel(); clear_bit(n,sbi-symlink_bitmap); return ret; unlock_kernel(); 34 return ret;

  35. Results ● Applied to 7 widely used systems including Linux, Python, Apache, PHP and PostgreSQL ● 46% of basic strategy functions have only one if . So, those are not transformed ● 54% of basic strategy functions are taken for transformation – 59% of these are not transformed due to lack of sharing – 41% are transformed 35

  36. Summary We proposed an automatic transformation that converts basic strategy error-handling code to the goto-based strategy – The algorithm identifies many opportunities for code sharing What about possible defects in error-handling code? 36

  37. Finding Omission Faults in Error-Handling Code [PLOS11, DSN13] 37

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Principles of Programming CM10227 Lecture D.11: Java: Error Handling & Writing Better Code

Principles of Programming CM10227 Lecture D.11: Java: Error Handling & Writing Better Code

Error Handling Input-Output Writing Better Code Principles of Programming CM10227 Lecture D.11: Java: Error Handling & Writing Better Code Dr. Marina De Vos University of Bath Ext: 5053 Academic Year 2012-2013 Lecture D.10. (MDV)

844 views • 81 slides
Functional Error Handling 1 / 13 Whats right with exceptions? Exceptions provide a way to

Functional Error Handling 1 / 13 Whats right with exceptions? Exceptions provide a way to

Functional Error Handling 1 / 13 Whats right with exceptions? Exceptions provide a way to consolidate error handling code and separate it from main logic, and an alternative to APIs that require callers of functions to know error

477 views • 13 slides
llvm::Error Rich Error Handling in LLVM Error Handling History LLVMs APIs historically

llvm::Error Rich Error Handling in LLVM Error Handling History LLVMs APIs historically

llvm::Error Rich Error Handling in LLVM Error Handling History LLVMs APIs historically used ad-hoc approaches bools, nullptrs, string errors std::error_code C++ standard library error type Enumerable errors only Lack

273 views • 9 slides
WRITING QUALITY CODE IDEAS, TECHNIQUES AND TOOLS FOR IMPROVING THE QUALITY OF WRITTEN CODE

WRITING QUALITY CODE IDEAS, TECHNIQUES AND TOOLS FOR IMPROVING THE QUALITY OF WRITTEN CODE

WRITING QUALITY CODE IDEAS, TECHNIQUES AND TOOLS FOR IMPROVING THE QUALITY OF WRITTEN CODE Radosaw Jankiewicz / @radek_j / radekj WHO AM I Programming in Python since 2007 Web applications (mostly) RANDOM FACT... AGENDA 1. Definition

881 views • 53 slides
Error Handling Marco Chiarandini Department of Mathematics & Computer Science University of

Error Handling Marco Chiarandini Department of Mathematics & Computer Science University of

DM560 Introduction to Programming in C++ Error Handling Marco Chiarandini Department of Mathematics & Computer Science University of Southern Denmark [ Based on slides by Bjarne Stroustrup ] Error Handling Outline 1. Error Handling 2

573 views • 36 slides
Compilers Error Handling Alex Aiken Error Handling Purpose of the compiler is To detect

Compilers Error Handling Alex Aiken Error Handling Purpose of the compiler is To detect

Compilers Error Handling Alex Aiken Error Handling Purpose of the compiler is To detect non-valid programs To translate the valid ones Many kinds of possible errors (e.g. in C) Error kind Example Detected

656 views • 9 slides
Reviewing Scientific Code Chris Morris STFC SECSE2008 Nearly silent error handling

Reviewing Scientific Code Chris Morris STFC SECSE2008 Nearly silent error handling

Some Lessons Learned Reviewing Scientific Code Chris Morris STFC SECSE2008 Nearly silent error handling ServerThread() { .... try { .... } catch (IOException ex) { ex.printStaceTrace(); } // what postcondition? } Hypothesis: Lack of

431 views • 9 slides
Exception Handling in C++ throw - try - catch ! class InvalidNumber { }; void main() {

Exception Handling in C++ throw - try - catch ! class InvalidNumber { }; void main() {

14 . Exception Handling: Mechanism and Usage Exception Handling Synchronous Errors Asynchronous Errors An Example function : Call may result in an error double sqrt(int number); Traditional Error Handling Exit the program Return an

453 views • 8 slides
Error Handling in RCMS Error Handling in RCMS An Overview Francesco Lelli

Error Handling in RCMS Error Handling in RCMS An Overview Francesco Lelli

CMS Error Handling in RCMS Error Handling in RCMS An Overview Francesco Lelli Francesco.lelli@lnl.infn.it L.N.L L.N.L D.S.I. Venezia Venezia D.S.I. CMS Overview Error Handler Principles An Error Handling Framemork: Purpose

729 views • 21 slides
Systematic Testing of Fault Handling Code in Linux Kernel Alexey Khoroshilov Andrey Tsyvarev

Systematic Testing of Fault Handling Code in Linux Kernel Alexey Khoroshilov Andrey Tsyvarev

Systematic Testing of Fault Handling Code in Linux Kernel Alexey Khoroshilov Andrey Tsyvarev Institute for System Programming of the Russian Academy of Sciences Fault Handling Code 821 error =

910 views • 46 slides
1 Handling exceptions (III) Handling exceptions (II) n try -statements can be nested and

1 Handling exceptions (III) Handling exceptions (II) n try -statements can be nested and

2.6 Error, exception and event Error and exception handling in handling Pascal n There are conditions that have to be fulfilled by a n While errors definitely can occur in Pascal programs, program that sometimes are not fulfilled, which Pascal

143 views • 3 slides
Outline Rollbacks idiosyncrasies and remedies CSCI 8220 Error Handling Dynamic Memory

Outline Rollbacks idiosyncrasies and remedies CSCI 8220 Error Handling Dynamic Memory

Outline Rollbacks idiosyncrasies and remedies CSCI 8220 Error Handling Dynamic Memory Allocation Parallel & Distributed Simulation Event Retraction Improving the cost of rollbacks Lazy Cancellation PDES: Time Warp

295 views • 6 slides
Outline Rollbacks idiosyncrasies and remedies Error Handling Dynamic Memory Allocation

Outline Rollbacks idiosyncrasies and remedies Error Handling Dynamic Memory Allocation

Outline Rollbacks idiosyncrasies and remedies Error Handling Dynamic Memory Allocation Advanced Simulation Event Retraction Improving the cost of rollbacks Lazy Cancellation PDES: Time Warp Mechanism Lazy Re-Evaluation

297 views • 7 slides
1 Benefits of exception handling Handling exceptions Generally, there are many ways to handle an

1 Benefits of exception handling Handling exceptions Generally, there are many ways to handle an

Java exception mechanism when an error or exceptional condition occurs, you throw an exception which is caught by an exception handler try { // statements that may throw an exception.. if (someCondition) Exceptions and error handling

289 views • 6 slides
Java Programming Unit 7 Error Handling. Excep8ons. (c)

Java Programming Unit 7 Error Handling. Excep8ons. (c)

Java Programming Unit 7 Error Handling. Excep8ons. (c) Yakov Fain 2014 Run8me errors An excep8on is an run-8me error that may stop

453 views • 20 slides
Control Exception Handling: Exception handling is the control of error conditions or other

Control Exception Handling: Exception handling is the control of error conditions or other

Control Exception Handling: Exception handling is the control of error conditions or other unusual events during the execution of a program. 1 Control In a language without exception handling: When an exception occurs, control

1.15k views • 19 slides
Amelioration Initiative Project Mayumi ISHIZUKA Department of Environmental Veterinary Sciences,

Amelioration Initiative Project Mayumi ISHIZUKA Department of Environmental Veterinary Sciences,

JICA SATREPS RESARCH PROJECT Kabwe Mining Pollution Amelioration Initiative Project Mayumi ISHIZUKA Department of Environmental Veterinary Sciences, Graduate School of Veterinary Medicine, Hokkaido University Background The current state of

381 views • 20 slides
Building a Global Asset Management Firm VINCENT DUHAMEL LUCAS PONTILLO Global President and

Building a Global Asset Management Firm VINCENT DUHAMEL LUCAS PONTILLO Global President and

May 2019 Building a Global Asset Management Firm VINCENT DUHAMEL LUCAS PONTILLO Global President and Executive Vice President and Global Chief Chief Operating Officer Financial Officer Forward-Looking Statements The accompanying Investor

766 views • 48 slides
EMI Modeling of a 32-bit Microcontroller in Wait Mode Jean-Pierre Leca 1,2 , Nicolas Froidevaux 1

EMI Modeling of a 32-bit Microcontroller in Wait Mode Jean-Pierre Leca 1,2 , Nicolas Froidevaux 1

EMI Modeling of a 32-bit Microcontroller in Wait Mode Jean-Pierre Leca 1,2 , Nicolas Froidevaux 1 , Henri Braquet 2 , Gilles Jacquemod 2 1 STMicroelectronics, 2 LEAT, UMR CNRS-UNS 6071 BMAS 2010 San Jose, California, USA Thursday, September 23

591 views • 24 slides
HOL O CAUST IPA: /hlkst/ pronounced [holuhkawst, hohluh] noun 1. a great or

HOL O CAUST IPA: /hlkst/ pronounced [holuhkawst, hohluh] noun 1. a great or

Study presentation.notebook March 13, 2017 Night HOL O CAUST IPA: /hlkst/ pronounced [holuhkawst, hohluh] noun 1. a great or complete devastation or destruction, especially by fire 2. a sacrifice completely consumed by fire

250 views • 13 slides
Professor Stuart B. Hill Social Ecology PowerPoint presentation ABSTRACTS All are

Professor Stuart B. Hill Social Ecology PowerPoint presentation ABSTRACTS All are

Professor Stuart B. Hill Social Ecology PowerPoint presentation ABSTRACTS All are downloadable from: www.stuartbhill.com [note: there is much overlap between presentations] Underground Ecosystems and the Subconscious: Their Neglect and

581 views • 9 slides
QCBFD Water System Update June 2020 Take Home Message RIDOH Absolute Mandate April - May 2020

QCBFD Water System Update June 2020 Take Home Message RIDOH Absolute Mandate April - May 2020

QCBFD Water System Update June 2020 Take Home Message RIDOH Absolute Mandate April - May 2020 1. Immediate chemical (chlorine) disinfection 4-log compliant well #1 a. This is an unprecedented concession by RIDOH 2. Submit plans for

1.11k views • 61 slides
DAMAGE DETECTION AND AMELIORATION BY ELECTRICAL RESISTANCE FOR SMART COMPOSITES T. J. Swait*, F.

DAMAGE DETECTION AND AMELIORATION BY ELECTRICAL RESISTANCE FOR SMART COMPOSITES T. J. Swait*, F.

18 TH INTERNATIONAL CONFERENCE ON COMPOSITE MATERIALS DAMAGE DETECTION AND AMELIORATION BY ELECTRICAL RESISTANCE FOR SMART COMPOSITES T. J. Swait*, F. R. Jones and S. A. Hayes Composite Systems Innovation Centre, Department of Materials Science

185 views • 5 slides
Atelier de Renforcement de Capacits en Gestion de Projet Bonnes Pratiques de Gestion de Projet

Atelier de Renforcement de Capacits en Gestion de Projet Bonnes Pratiques de Gestion de Projet

Atelier de Renforcement de Capacits en Gestion de Projet Bonnes Pratiques de Gestion de Projet Bureau des Services dAppuis aux Projets des Nations Unies (UNOPS) www.unops.org Bureau des Services dAppuis aux Projets des Nations Unies

1.33k views • 76 slides

More recommend