Automatic Integer Error Repair by Proper-Type Inference

Abstract

C language plays a key role in system programming and applications. Integer error is a common yet important C program defect because arithmetic operations may produce unrepresentable values in certain integer types. Integer error is one of the major sources of software failures and vulnerabilities. Due to the complex semantics of C integers, manually repairing integer errors is prone to introducing additional errors even for experienced programmers. This paper presents an approach to automatically generate fixes for integer errors. Our approach infers, for each expression, a type that is capable of representing its possible values, and utilizes inferred types as program fixes based on common fix patterns codified from real world. We have developed our system IntPTI which is evaluated on the largest public benchmark of integer errors and 7 widely-used open-source projects. The evaluation results demonstrate the superior performance of IntPTI in terms of accuracy, scalability, runtime overhead and robustness of fixes. In addition, IntPTI is applied on the embedded software of a realistic train control system. It succeeds in both detecting 67 new integer errors and generating 101 fixes confirmed by developers. The study substantiates the feasibility and effectiveness of the proposed methodology.