Write a Blog >>
Wed 27 May 2020 15:00 - 15:20 at TBD5 - Analysis for Security

In this paper, we present SAVER, a new memory-error repair technique for C programs. Memory errors such as memory leak, double-free, and use-after-free are highly prevalent and fixing them requires significant effort from developers. Automated program repair techniques hold the promise of reducing this burden but the state-of-the-art is still unsatisfactory. In particular, no existing techniques are able to fix those errors in a scalable, precise, and safe way, all of which are required for a truly practical tool. SAVER~aims to address these shortcomings of existing techniques. To this end, we propose an approach based on a novel representation of the program called object flow graph, which summarizes the program’s heap-related behavior using static analysis. We show that fixing memory errors can be formulated as a graph labeling problem over this graph and present an efficient algorithm to solve it. We evaluated SAVER~in combination with an industrial-strength static bug-finder and show that 75% of the reported errors can be fixed automatically by SAVER~for a range of open-source C programs.

Wed 27 May

icse-2020-paper-presentations
14:00 - 15:40: Paper Presentations - Analysis for Security at TBD5
icse-2020-Software-Engineering-in-Practice14:00 - 14:20
Talk
Pei WangBaidu X-Lab, Yu DingBaidu X-Lab, Mingshen SunBaidu X-Lab, Huibo WangBaidu X-Lab, Tongxin LiBaidu X-Lab, Rundong ZhouBaidu X-Lab, Zhaofeng Chen, Yiming JingBaidu X-Lab
icse-2020-papers14:20 - 14:40
Talk
Peiming LiuTexas A&M University, Gang ZhaoTexas A&m University, Jeff HuangTexas A&M University
icse-2020-papers14:40 - 15:00
Talk
Changwei ZouThe University of New South Wales, Jingling XueUNSW Sydney
icse-2020-papers15:00 - 15:20
Talk
Seongjoon HongKorea University, Junhee LeeKorea University, South Korea, Jeongsoo LeeKorea University, Hakjoo OhKorea University
icse-2020-Software-Engineering-in-Practice15:20 - 15:40
Talk
Chen YangVeracode, Inc., Andrew SantosaVeracode, Inc., Asankhaya SharmaVeracode, Inc., David LoSingapore Management University
Pre-print