infer-repair-issta2006 - Inference and enforcement of data...

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: Inference and enforcement of data structure consistency specifications Brian Demsky 1 , Michael D. Ernst 2 , Philip J. Guo 2 , Stephen McCamant 2 , Jeff H. Perkins 2 , Martin Rinard 2 1 University of California at Irvine, Irvine, CA, USA 2 MIT Computer Science and Artificial Intelligence Lab, Cambridge, MA, USA, { mernst,pgbovine,smcc,jhp,rinard } ABSTRACT Corrupt data structures are an important cause of unacceptable pro- gram execution. Data structure repair (which eliminates inconsis- tencies by updating corrupt data structures to conform to consis- tency constraints) promises to enable many programs to continue to execute acceptably in the face of otherwise fatal data structure corruption errors. A key issue is obtaining an accurate and compre- hensive data structure consistency specification. We present a new technique for obtaining data structure consis- tency specifications for data structure repair. Instead of requir- ing the developer to manually generate such specifications, our approach automatically generates candidate data structure consis- tency properties using the Daikon invariant detection tool. The de- veloper then reviews these properties, potentially rejecting or gen- eralizing overly specific properties to obtain a specification suitable for automatic enforcement via data structure repair. We have implemented this approach and applied it to three siz- able benchmark programs: CTAS (an air-traffic control system), BIND (a widely-used Internet name server) and Freeciv (an inter- active game). Our results indicate that (1) automatic constraint gen- eration produces constraints that enable programs to execute suc- cessfully through data structure consistency errors, (2) compared to manual specification, automatic generation can produce more comprehensive sets of constraints that cover a larger range of data structure consistency properties, and (3) reviewing the properties is relatively straightforward and requires substantially less program- mer effort than manual generation, primarily because it reduces the need to examine the program text to understand its operation and extract the relevant consistency constraints. Moreover, when eval- uated by a hostile third party Red Team contracted to evaluate the effectiveness of the technique, our data structure inference and enforcement tools successfully prevented several otherwise fatal at- tacks. Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. To copy otherwise, to republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee....
View Full Document

Page1 / 11

infer-repair-issta2006 - Inference and enforcement of data...

This preview shows document pages 1 - 2. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online