Path-Aware Static Program Analyses for Specification Mining* - Mining Software Specifications: Methodologies and Applications - page 320

Databases Reference

In-Depth Information

TABLE 9.1: A Subset of Predicates Associated with the bind Calls

Shown in Figure 9.3

sshd.c

Variables Attributes

(*ai).aiaddrlen f(arg(3), bind )g

ai f(:=, options.listenaddrs ),(6=, 0 ) g

inetdflag f( = , 0 )g

listensock f(:=,res( socket )),(, 0 ),

(arg(1), bind ), (arg(1), setsockopt )g

numlistensocks f(<, 16 )g

ret f(:=, res( getnameinfo )),( = , 0 )g

ssh.c

Variables Attributes

addr.sunfamily f(:=, 1)g

addrlen f(:=, res( strlen ), (arg(3), bind )g

oldumask f(:=, res( umask )))g

controlfd f(:=, res( socket )),

(, 0 ),(arg(1), bind )g

options.controlmaster f(6=, 0 )g

options.controlpath f(6=, 0 )g

To improve precision, we collect properties from other call sites to bind .

Figure 9.3(b) presents one such call site in procedure sshcontrollistener

in ssh.c . For this call, we obtain properties that include the known require-

ments (see lines 1004, 1005, 1012) and also shown in Table 9.1. We also obtain

other irrelevant operations (e.g., the control path is checked at line 997, size

of path checked in 1008, etc.). Based on the properties here and the properties

previously obtained with respect to the bind call in Figure 9.3(a), an inter-

section of the derived properties can be computed. By repeated application of

this process to each call to bind at other call-sites, we obtain the necessary

operations that must be performed before every call to bind .

To summarize the example, observe that deriving the desired dataflow

conditions using intersection must account for the fact that (a) the names

of relevant variables in the two files are not comparable (e.g., listensock

in sshd.c and controlfd in ssh.c ); (b) operations relevant to the bind

call (e.g., listensock 0 in sshd.c and ((controlfd=...) 0) in

ssh.c ) are interspersed with irrelevant operations; (c) the types of correspond-

ing parameters to bind before casting are different ( structsockaddr* in

sshd.c and structsockaddrun* in ssh.c ); (d) there is no fixed order

of calls to procedures setting the address family and the call to socket in

the two files and (e) there can be different number of attributes associated

with the corresponding variables across call-sites (e.g., listensock is used

Next Page

Mining Software Specifications: Methodologies and Applications

Search WWH ::

Custom Search

Home