Repairing Leaks in Resource Wrappers
- URL: http://arxiv.org/abs/2510.03461v1
- Date: Fri, 03 Oct 2025 19:34:19 GMT
- Title: Repairing Leaks in Resource Wrappers
- Authors: Sanjay Malakar, Michael D. Ernst, Martin Kellogg, Manu Sridharan,
- Abstract summary: This paper makes four key contributions to improve resource leak repair in the presence of wrappers.<n>It integrates inference of resource management specifications into the repair pipeline.<n>It makes detection tools report problems closer to the root cause, often in a client of a resource wrapper rather than within the wrapper class itself.
- Score: 2.359867155288065
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: A resource leak occurs when a program fails to release a finite resource like a socket, file descriptor or database connection. While sound static analysis tools can detect all leaks, automatically repairing them remains challenging. Prior work took the output of a detection tool and attempted to repair only leaks from a hard-coded list of library resource types. That approach limits the scope of repairable leaks: real-world code uses resource wrappers that store a resource in a field and must themselves be closed. This paper makes four key contributions to improve resource leak repair in the presence of wrappers. (1) It integrates inference of resource management specifications into the repair pipeline, enabling extant fixing approaches to reason about wrappers. (2) It transforms programs into variants that are easier to analyze, making inference, detection, and fixing tools more effective; for instance, it makes detection tools report problems closer to the root cause, often in a client of a resource wrapper rather than within the wrapper class itself. (3) A novel field containment analysis reasons about resource lifetimes, enabling repair of more leaks involving resources stored in fields. (4) It introduces a new repair pattern and more precise reasoning to better handle resources stored in non-final fields. Prior work fixed 41% of resource leak warnings in the NJR benchmark suite; our implementation Arodnap fixes 68%.
Related papers
- RepoRepair: Leveraging Code Documentation for Repository-Level Automated Program Repair [30.23781155493087]
We propose RepoRepair, a novel documentation-enhanced approach for repository-level fault localization and program repair.<n>Our core insight is to leverage LLMs to generate hierarchical code documentation (from functions to files) for code repositories.<n>RepoRepair first employs a text-based LLM to generate file/function-level code documentation for repositories, which serves as auxiliary knowledge to guide fault localization.
arXiv Detail & Related papers (2026-03-01T11:06:24Z) - Detect Repair Verify for Securing LLM Generated Code: A Multi-Language Empirical Study [10.18490328199727]
Security is often addressed through a Detect--Repair--Verify (DRV) loop that detects issues, applies fixes, and verifies the result.<n>This work studies such a workflow for project-level artifacts and addresses four gaps: L1, the lack of project-level benchmarks with executable function and security tests; L2, limited evidence on pipeline-level effectiveness beyond studying detection or repair alone; L3, unclear reliability of detection reports as repair guidance; and L4, uncertain repair trustworthiness and side effects under verification.
arXiv Detail & Related papers (2026-03-01T03:41:24Z) - Outcome-Conditioned Reasoning Distillation for Resolving Software Issues [49.16055123488827]
We present an Outcome-Conditioned Reasoning Distillation(O-CRD) framework that uses resolved in-repository issues with verified patches as supervision.<n>Starting from a historical fix, the method reconstructs a stage-wise repair trace backward from the verified outcome.<n>On SWE-Bench Lite, this approach increases Pass@1 by 10.4% with GPT-4o, 8.6% with DeepSeek-V3, and 10.3% with GPT-5.
arXiv Detail & Related papers (2026-01-30T18:25:39Z) - InspectCoder: Dynamic Analysis-Enabled Self Repair through interactive LLM-Debugger Collaboration [71.18377595277018]
Large Language Models (LLMs) frequently generate buggy code with complex logic errors that are challenging to diagnose.<n>We present InspectCoder, the first agentic program repair system that empowers LLMs to actively conduct dynamic analysis via interactive debugger control.
arXiv Detail & Related papers (2025-10-21T06:26:29Z) - Scalable and Robust LLM Unlearning by Correcting Responses with Retrieved Exclusions [49.55618517046225]
Language models trained on web-scale corpora risk memorizing and exposing sensitive information.<n>We propose Corrective Unlearning with Retrieved Exclusions (CURE), a novel unlearning framework.<n>CURE verifies model outputs for leakage and revises them into safe responses.
arXiv Detail & Related papers (2025-09-30T09:07:45Z) - ReF Decompile: Relabeling and Function Call Enhanced Decompile [50.86228893636785]
The goal of decompilation is to convert compiled low-level code (e.g., assembly code) back into high-level programming languages.<n>This task supports various reverse engineering applications, such as vulnerability identification, malware analysis, and legacy software migration.
arXiv Detail & Related papers (2025-02-17T12:38:57Z) - Investigating the Transferability of Code Repair for Low-Resource Programming Languages [57.62712191540067]
Large language models (LLMs) have shown remarkable performance on code generation tasks.
Recent works augment the code repair process by integrating modern techniques such as chain-of-thought reasoning or distillation.
We investigate the benefits of distilling code repair for both high and low resource languages.
arXiv Detail & Related papers (2024-06-21T05:05:39Z) - Boosting Static Resource Leak Detection via LLM-based Resource-Oriented Intention Inference [14.783216988363804]
Existing static detection techniques rely on mechanical matching of predefined resource acquisition/release APIs and null-checking conditions to find unreleased resources.<n>We propose InferROI, a novel approach that directly infers resource-oriented intentions (acquisition, release, and reachability validation) in code.<n>We evaluate the effectiveness of InferROI in both resource-oriented intention inference and resource leak detection.
arXiv Detail & Related papers (2023-11-08T04:19:28Z) - Inference of Resource Management Specifications [2.8975089867684436]
A resource leak occurs when a program fails to free some finite resource after it is no longer needed.
Recent work proposed an approach to prevent resource leaks based on checking resource management specifications.
This paper presents a novel technique to automatically infer a resource management specification for a program.
arXiv Detail & Related papers (2023-06-21T00:42:42Z) - D2A: A Dataset Built for AI-Based Vulnerability Detection Methods Using
Differential Analysis [55.15995704119158]
We propose D2A, a differential analysis based approach to label issues reported by static analysis tools.
We use D2A to generate a large labeled dataset to train models for vulnerability identification.
arXiv Detail & Related papers (2021-02-16T07:46:53Z) - Instance-aware, Context-focused, and Memory-efficient Weakly Supervised
Object Detection [184.563345153682]
We develop an instance-aware and context-focused unified framework for weakly supervised learning.
It employs an instance-aware self-training algorithm and a learnable Concrete DropBlock while devising a memory-efficient sequential batch back-propagation.
Our proposed method state-of-the-art results on COCO ($12.1% AP$, $24.8% AP_50$), VOC 2007 ($54.9% AP$), and VOC 2012 ($52.1% AP$)
arXiv Detail & Related papers (2020-04-09T17:57:09Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.