automating regression verification
play

Automating Regression Verification Dennis Felsing , Sarah Grebing, - PowerPoint PPT Presentation

Jul 03, 2023 •48 likes •408 views

Automating Regression Verification Dennis Felsing , Sarah Grebing, Vladimir Klebanov, Mattias Ulbrich, Philipp R ummer 2014-07-23 1 / 16 Introduction How to prevent regressions in software development? 2 / 16 Introduction How to prevent

  1. Automating Regression Verification Dennis Felsing , Sarah Grebing, Vladimir Klebanov, Mattias Ulbrich, Philipp R¨ ummer 2014-07-23 1 / 16

  2. Introduction How to prevent regressions in software development? 2 / 16

  3. Introduction How to prevent regressions in software development? Formal Verification Formally prove correctness of software ⇒ Requires formal specification Regression Testing Discover new bugs by testing for them ⇒ Requires test cases 2 / 16

  4. Introduction How to prevent regressions in software development? Formal Verification Formally prove correctness of software ⇒ Requires formal specification Regression Testing Discover new bugs by testing for them ⇒ Requires test cases Regression Verification Formally prove there are no new bugs 2 / 16

  5. Regression Verification Formally prove there are no new bugs • Goal: Proving the equivalence of two closely related programs • No formal specification or test cases required • Instead use old program version as reference • Tools for proving function equivalence in a simple programming language using SMT solvers 3 / 16

  6. Overview 1 Overapproximation using Uninterpreted Functions 2 Approximation using Uninterpreted Predicates 3 Results and Future Work 4 / 16

  7. Overview 1 Overapproximation using Uninterpreted Functions 2 Approximation using Uninterpreted Predicates 3 Results and Future Work 5 / 16

  8. Function Equivalence Existing approach by Strichman & Godlin Equivalent? Function f Function g (val n 1 ; ret r 1 ) (val n 2 ; ret r 2 ) Uninterpreted Function U for recursive calls in both f and g Function f Function g without recursion without recursion Static Single Static Single Assignment S f Assignment S g ( n 1 = n 2 ∧ S f ∧ S g ) → r 1 = r 2 SMT Solver Valid / Invalid 6 / 16

  9. Our Contribution: Extensions Equivalent? Function f Function g (val n 1 ; ret r 1 ) (val n 2 ; ret r 2 ) S f S g Single Static Assignment Form ( n 1 = n 2 ∧ S f ∧ S g ) → r 1 = r 2 SMT Solver Valid / Invalid 7 / 16

  10. Our Contribution: Extensions Equivalent? Function f Function g (val n 1 ; ret r 1 ) (val n 2 ; ret r 2 ) S f S g Single Static Assignment Form ( n 1 = n 2 ∧ S f ∧ S g ) → r 1 = r 2 SMT Solver Valid / Invalid Equivalent! 7 / 16

  11. Our Contribution: Extensions Equivalent? Function f Function g (val n 1 ; ret r 1 ) (val n 2 ; ret r 2 ) S f S g Single Static Assignment Form ( n 1 = n 2 ∧ S f ∧ S g ) → r 1 = r 2 SMT Solver Valid / Invalid Equivalent! Counterexample: r 1 = − 1 n = 0: r 2 = − 3 7 / 16

  12. Our Contribution: Extensions Equivalent? Function f Function g (val n 1 ; ret r 1 ) (val n 2 ; ret r 2 ) S f S g Single Static Assignment Form ( n 1 = n 2 ∧ S f ∧ S g ) → r 1 = r 2 SMT Solver f (0) = g (0) = 0 Valid / Invalid Execute Equivalent! Counterexample: r 1 = − 1 n = 0: r 2 = − 3 7 / 16

  13. Our Contribution: Extensions Equivalent? Function f Function g (val n 1 ; ret r 1 ) (val n 2 ; ret r 2 ) S f S g Single Static Assignment Form ( n 1 = n 2 ∧ S f ∧ S g ∧ U (0) = 0 ) → r 1 = r 2 Add rerun SMT Solver f (0) = g (0) = 0 Valid / Invalid Execute Equivalent! Counterexample: r 1 = − 1 n = 0: r 2 = − 3 7 / 16

  14. Overapproximation using uninterpreted functions Approach • Run the programs with input gathered from counterexamples • Detect whether CE is spurious or not • If spurious: Add additional constraints to the uninterpreted function ⇒ Is a simple form of Counter Example Guided Abstraction Refinement (CEGAR) Successful when • Finite number of constraints on the uninterpreted function imply equivalence • These are often the “base cases” of recursive implementations 8 / 16

  15. Overview 1 Overapproximation using Uninterpreted Functions 2 Approximation using Uninterpreted Predicates 3 Results and Future Work 9 / 16

  16. Approximation using Uninterpreted Predicates First approach (just shown) • Overapproximate recursion by uninterpreted Function U : ∀ U . constraints ( U ) ∧ S f ∧ S g ∧ ... → r 1 = r 2 New approach • Infer a predicate C which couples recursive calls: ∃ C . ( C ( ... ) ∧ ... → r 1 = r 2 ) ∧ “ C couples f and g ” • Use state-of-the-art SMT solvers (Eldarica, Z3) to automatically find such a C or prove that is does not exist ⇒ Example will show loops with coupling loop invariants 10 / 16

  17. Automatic Invariant Inference int f1 ( int n) { r = 0; int (n == 0) 1; i f return (n > 0) { while n /= 10; r++; } r ; return } 11 / 16

  18. Automatic Invariant Inference int f1 ( int n) { int f2 ( int n) { r = 0; r = 1; int int (n == 0) 1; i f return (n > 0) { ( true ) { while while n /= 10; r++; i f (n < 10) r ; return i f (n < 100) r +1; return i f (n < 1000) r +2; return i f (n < 10000) r +3; return } n /= 10000; r ; r += 4; return } } } 11 / 16

  19. Automatic Invariant Inference Loop synchronisation • To show: Equal input f1 f2 gives equal output 12 / 16

  20. Automatic Invariant Inference Loop synchronisation • To show: Equal input = f1 f2 gives equal output = 12 / 16

  21. Automatic Invariant Inference Loop synchronisation • To show: Equal input = f1 f2 gives equal output • Loops are synchronised = 12 / 16

  22. Automatic Invariant Inference Loop synchronisation • To show: Equal input = f1 f2 gives equal output • Loops are synchronised = = 12 / 16

  23. Automatic Invariant Inference Loop synchronisation • To show: Equal input = f1 f2 gives equal output • Loops are synchronised • ... at least loosely = synchronised = 12 / 16

  24. Automatic Invariant Inference Loop synchronisation • To show: Equal input = f1 f2 gives equal output • Loops are synchronised • ... at least loosely synchronised C = 12 / 16

  25. Automatic Invariant Inference Loop synchronisation • To show: Equal input = f1 f2 gives equal output • Loops are synchronised • ... at least loosely synchronised C ⇒ Use C as loop invariant for both programs. = ( → coupling invariant ) 12 / 16

  26. Automatic Invariant Inference Loop synchronisation • To show: Equal input = f1 f2 gives equal output • Loops are synchronised • ... at least loosely synchronised C ⇒ Use C as loop invariant for both programs. = ( → coupling invariant ) 12 / 16

  27. Automatic Invariant Inference Loop synchronisation • To show: Equal input = f1 f2 gives equal output • Loops are synchronised • ... at least loosely C synchronised ⇒ Use C as loop invariant for both programs. ( → coupling invariant ) 12 / 16

  28. Automatic Invariant Inference Loop synchronisation • To show: Equal input = f1 f2 gives equal output • Loops are synchronised • ... at least loosely C synchronised C ⇒ Use C as loop invariant for both programs. ( → coupling invariant ) 12 / 16

  29. Automatic Invariant Inference Loop synchronisation • To show: Equal input = f1 f2 gives equal output • Loops are synchronised • ... at least loosely C synchronised C ⇒ Use C as loop invariant C for both programs. ( → coupling invariant ) = 12 / 16

  30. Automatic Invariant Inference Loop synchronisation • To show: Equal input = f1 f2 gives equal output • Loops are synchronised • ... at least loosely C synchronised C ⇒ Use C as loop invariant C for both programs. ( → coupling invariant ) = Automatic Regression Verification: Do not specify C but infer it automatically. 12 / 16

  31. Automatic Invariant Inference Three cases to consider: 1 Initially coupling loop invariant C holds 2 After both loop steps (or one if other finished), C holds 3 After both loops finished, C implies equality of results 13 / 16

  32. Automatic Invariant Inference Three cases to consider: 1 Initially coupling loop invariant C holds 2 After both loop steps (or one if other finished), C holds 3 After both loops finished, C implies equality of results Automatically inferred coupling loop invariant: (Using Eldarica) ( n 1 > 0 → ( n 1 = n 2 ∧ r 1 + 1 = r 2 )) ∧ ( n 2 ≤ 0 → return 2 = r 1 ) ∧ n 1 ≥ n 2 13 / 16

  33. Automatic Invariant Inference Three cases to consider: 1 Initially coupling loop invariant C holds 2 After both loop steps (or one if other finished), C holds 3 After both loops finished, C implies equality of results Automatically inferred coupling loop invariant: (Using Eldarica) ( n 1 > 0 → ( n 1 = n 2 ∧ r 1 + 1 = r 2 )) ∧ ( n 2 ≤ 0 → return 2 = r 1 ) ∧ n 1 ≥ n 2 • Compare to loop invariant: n = n 0 10 r • Coupling invariant is not trivial, but linear and inferable! 13 / 16

  34. Overview 1 Overapproximation using Uninterpreted Functions 2 Approximation using Uninterpreted Predicates 3 Results and Future Work 14 / 16

  35. Evaluation and Results Approaches implemented for a subset of C: simplRV, Rˆ eve Usable with webinterface: http://formal.iti.kit.edu/ improve/deduktionstreffen2014/ Rˆ eve evaluation (uninterpreted predicates) • 32 short benchmarks of integer programs (10-50 lines) • Collected from literature • Good performance on most equivalent programs • Finds counterexample for non-equivalent programs as well 15 / 16

  36. Conclusion Regression Verification • Initial approach limited to strongly coupled recursions or user feedback • Automatic Invariant Inference: More powerful, using recent techniques in SMT solvers like Eldarica and Z3 Future Work • More examples (larger) • Support arrays, heaps, objects 16 / 16

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Automating Visual Regression using Galen and Wraith Deepshikha Singh| QA Lead |

Automating Visual Regression using Galen and Wraith Deepshikha Singh| QA Lead |

Automating Visual Regression using Galen and Wraith Deepshikha Singh| QA Lead | @deeps_qa Problems in Layout Testing Manual efforts are high. Possible chances of missing key areas of regression. Not possible to validate

463 views • 24 slides
Starling: automating concurrency verification Mike Dodds (1) , Matthew Parkinson (2) , Matt

Starling: automating concurrency verification Mike Dodds (1) , Matthew Parkinson (2) , Matt

Starling: automating concurrency verification Mike Dodds (1) , Matthew Parkinson (2) , Matt Windsor (1) (1) University of York (2) Microsoft Research Funding from Royal Society Industrial Fellowship for Dodds. Ticketed

232 views • 12 slides
Automating the Verification of Floating-point Algorithms Guillaume Melquiond Inria Saclay

Automating the Verification of Floating-point Algorithms Guillaume Melquiond Inria Saclay

Introduction Interval+Error Advanced Gappa Conclusion Automating the Verification of Floating-point Algorithms Guillaume Melquiond Inria Saclay Ile-de-France LRI, Universit e Paris Sud, CNRS 2014-07-18 Guillaume Melquiond

1.55k views • 126 slides
Regression Verification: Proving Partial Equivalence Talk by Dennis Felsing Seminar within the

Regression Verification: Proving Partial Equivalence Talk by Dennis Felsing Seminar within the

Regression Verification: Proving Partial Equivalence Talk by Dennis Felsing Seminar within the Projektgruppe Formale Methoden der Softwareentwicklung WS 2012/2013 1 / 24 Introduction Formal Verification Formally prove correctness of

457 views • 41 slides
Automating Inventory at Stitch Fix Using Beta Binomial Regression for Cold Start Problems Sally

Automating Inventory at Stitch Fix Using Beta Binomial Regression for Cold Start Problems Sally

Automating Inventory at Stitch Fix Using Beta Binomial Regression for Cold Start Problems Sally Langford - Data Scientist How Stitch Fix works: How Stitch Fix works: - Tell us about your style, fit and price preferences. How Stitch Fix works:

578 views • 47 slides
Relational Specification and Verification From Non-Interference to Regression-free Program

Relational Specification and Verification From Non-Interference to Regression-free Program

Relational Specification and Verification From Non-Interference to Regression-free Program Evolution Bernhard Beckert with M. Kirsten, V. Klebanov, M. Ulbrich, A. Weigl | RS3 Practitioner Event www.kit.edu KIT Universit at des Landes

818 views • 71 slides
iCoq : Regression Proof Selection for Large-Scale Verification Projects Karl Palmskog University

iCoq : Regression Proof Selection for Large-Scale Verification Projects Karl Palmskog University

iCoq : Regression Proof Selection for Large-Scale Verification Projects iCoq : Regression Proof Selection for Large-Scale Verification Projects Karl Palmskog University of Illinois at Urbana-Champaign Joint work with Ahmet Celik and Milos

837 views • 45 slides
piCoq: Parallel Regression Proving for Large-Scale Verification Projects Karl Palmskog , Ahmet

piCoq: Parallel Regression Proving for Large-Scale Verification Projects Karl Palmskog , Ahmet

piCoq: Parallel Regression Proving for Large-Scale Verification Projects piCoq: Parallel Regression Proving for Large-Scale Verification Projects Karl Palmskog , Ahmet Celik, and Milos Gligoric The University of Texas at Austin, USA 1 / 29

891 views • 65 slides
Regression Verification: Project Proposal Presentation by Dennis Felsing within the

Regression Verification: Project Proposal Presentation by Dennis Felsing within the

Regression Verification: Project Proposal Presentation by Dennis Felsing within the Projektgruppe Formale Methoden der Softwareentwicklung SS 2013 1 / 18 Introduction How to prevent regressions in software development? 2 / 18 Introduction

439 views • 27 slides
Verification-Aided Regression Testing Fabrizio Pastore 1 Leonardo Mariani 1 arinen 2 Grigory

Verification-Aided Regression Testing Fabrizio Pastore 1 Leonardo Mariani 1 arinen 2 Grigory

Verification-Aided Regression Testing Fabrizio Pastore 1 Leonardo Mariani 1 arinen 2 Grigory Fedyukovich 2 Antti E. J. Hyv Natasha Sharygina 2 Ondrej Sery 2 Stephan Sehestedt 3 Ali Muhammed 4 1 University of Milano-Bicocca, Italy 2 University of

670 views • 14 slides
Automating batch fecundity measurements Automating batch fecundity measurements using digital

Automating batch fecundity measurements Automating batch fecundity measurements using digital

W orking Group on Acoustic and Egg Surveys for Sardine and Anchovy in I CES Areas VI I I and I X, Nantes, 2 4 -2 8 / 1 1 / 2 0 0 8 Automating batch fecundity measurements Automating batch fecundity measurements using digital image analysis

391 views • 13 slides
Automating Formal Proofs for Reactive Systems Daniel Ricketts , Valentin Robert, Zachary

Automating Formal Proofs for Reactive Systems Daniel Ricketts , Valentin Robert, Zachary

Automating Formal Proofs for Reactive Systems Daniel Ricketts , Valentin Robert, Zachary Danger Tatlock Dongseok Jang, Sorin Lerner University of California, San Diego University of Washington Proof Assistant Based Verification Proof

1.93k views • 163 slides
Logistic Regression James H. Steiger Department of Psychology and Human Development Vanderbilt

Logistic Regression James H. Steiger Department of Psychology and Human Development Vanderbilt

Introduction The Logistic Regression Model Binary Logistic Regression Binomial Logistic Regression Interpreting Logistic Regression Parameters Examples Logistic Regression and Retrospective Studies Logistic Regression James H. Steiger

777 views • 54 slides
RANDOMIZING AND RANDOMIZING AND AUTOMATING ASSESSMENT AUTOMATING ASSESSMENT WITH R WITH R exams

RANDOMIZING AND RANDOMIZING AND AUTOMATING ASSESSMENT AUTOMATING ASSESSMENT WITH R WITH R exams

RANDOMIZING AND RANDOMIZING AND AUTOMATING ASSESSMENT AUTOMATING ASSESSMENT WITH R WITH R exams exams 1 THE THE exams exams PACKAGE PACKAGE by @AchimZeileis and others, Statistics, Universitt Innsbruck www.r-exams.org latest release

379 views • 14 slides
Automating the Automating the configuration of flow configuration of flow monitoring probes

Automating the Automating the configuration of flow configuration of flow monitoring probes

Zurich Research Laboratory Automating the Automating the configuration of flow configuration of flow monitoring probes monitoring probes Xenofontas (Fontas) Dimitropoulos (xed@zurich.ibm.com) Andreas Kind (ank@zurich.ibm.com) IBM | Dec 07

303 views • 14 slides
Automating Authority Work Automating authority work, or, Be your own authority control vendor

Automating Authority Work Automating authority work, or, Be your own authority control vendor

Mike Monaco Coordinator, Cataloging Services May 14, 2018 Automating Authority Work Automating authority work, or, Be your own authority control vendor Ohio Valley Group of Technical Services Librarians Mike Monaco 2018 Conference, May

1.06k views • 67 slides
Recursion operator for the Narita-Itoh-Bogoyavlensky lattice Jing Ping Wang School of

Recursion operator for the Narita-Itoh-Bogoyavlensky lattice Jing Ping Wang School of

Recursion operator for the Narita-Itoh-Bogoyavlensky lattice Jing Ping Wang School of Mathematics and Statistics University of Kent Solitons, Collapses and Turbulence: Achievements, Developments and perspectives Novosibirsk, June 8,

475 views • 28 slides
DNSharness: A Tool for DNS Researchers Paul Hoffman Tech Day, ICANN 50 June, 2014 v1

DNSharness: A Tool for DNS Researchers Paul Hoffman Tech Day, ICANN 50 June, 2014 v1

DNSharness: A Tool for DNS Researchers Paul Hoffman Tech Day, ICANN 50 June, 2014 v1 DNSharness in one slide A test harness for automated sending queries to numerous DNS authoritative and recursive servers Comes with lots of open

390 views • 13 slides
Math 217 - November 19, 2010 Series Solutions 1. Find the recursion relation for the equation

Math 217 - November 19, 2010 Series Solutions 1. Find the recursion relation for the equation

Math 217 - November 19, 2010 Series Solutions 1. Find the recursion relation for the equation x 3 y = 2 y 2. Find the recursion relation for the equation y + y = x 3. Find the recursion relation for the equation y 2 y

87 views • 7 slides
Commercial Lines A Potpourri of Reserving Issues September, 2011 Presented By: Kim Piersol,

Commercial Lines A Potpourri of Reserving Issues September, 2011 Presented By: Kim Piersol,

Commercial Lines A Potpourri of Reserving Issues September, 2011 Presented By: Kim Piersol, FCAS, MAAA Consulting Actuary, Huggins Actuarial Services, Inc. Antitrust Notice The Casualty Actuarial Society is committed to adhering strictly to

427 views • 6 slides
Model Checking in the Propositional -Calculus Ka I Violet Pun INF 9140 - Specification and

Model Checking in the Propositional -Calculus Ka I Violet Pun INF 9140 - Specification and

Model Checking in the Propositional -Calculus Ka I Violet Pun INF 9140 - Specification and Verification of Parallel Systems 13 th May, 2011 Overview Model Checking is a useful means to automatically ascertain the specification of a system

347 views • 24 slides
Composite Sieving Techniques: Dihedral Action on Cluster Complexes Zachary Stier Julian Wellman

Composite Sieving Techniques: Dihedral Action on Cluster Complexes Zachary Stier Julian Wellman

Composite Sieving Techniques: Dihedral Action on Cluster Complexes Zachary Stier Julian Wellman Zixuan Xu UMN REU July 25, 2019 Stier, Wellman, Xu Dihedral Sieving Phenomena July 25, 2019 1 / 29 Outline Motivation : cyclic and

569 views • 34 slides
Assessing the spatial, temporal and depth variation using electrical conductivity in Cape Flats

Assessing the spatial, temporal and depth variation using electrical conductivity in Cape Flats

Assessing the spatial, temporal and depth variation using electrical conductivity in Cape Flats Aquifer, Western Cape, South Africa By Danica Carnow 3244225@myuwc.ac.za Supervisors: Dr. T.O.B Kanyerere and Prof. Y. Xu UNESCO Chair on

270 views • 15 slides
Regular Expressions in Python L435/L555 Dept. of Linguistics, Indiana University Fall 2016 1 /

Regular Expressions in Python L435/L555 Dept. of Linguistics, Indiana University Fall 2016 1 /

Regular Expressions in Python RE Module Basics of REs RE functions Regular Expressions in Python L435/L555 Dept. of Linguistics, Indiana University Fall 2016 1 / 9 Regular expression module Regular Expressions in Python RE Module

200 views • 9 slides

More recommend