e0 227 program analysis and verification
play

E0:227, Program Analysis and Verification 3:1, January - April 2009 - PowerPoint PPT Presentation

Dec 12, 2023 •47 likes •447 views

E0:227, Program Analysis and Verification 3:1, January - April 2009 E-Classroom, CSA, M-W 11:30am-1pm http://www.csa.iisc.ernet.in/~raghavan/pav09/index.html K. V. Raghavan and Deepak DSouza Software development is hard Average

  1. E0:227, Program Analysis and Verification 3:1, January - April 2009 E-Classroom, CSA, M-W 11:30am-1pm http://www.csa.iisc.ernet.in/~raghavan/pav09/index.html K. V. Raghavan and Deepak D’Souza

  2. Software development is hard Average software-development project [Barry Boehm, ICSE ’06 keynote] incurs: • 90% cost overrun • 121% time overrun • delivers only 61% of initially promised functionality

  3. Software development lifecycle For each release of the software: Requirements Analysis and Design Coding Testing Production/deployment; feedback from users

  4. Software development lifecycle For each release of the software: Requirements Analysis and Design Coding Testing Production/deployment; feedback from users Testing, finding and fixing bugs (i.e., Quality Assurance) com- sumes 50% of total cost and time of software development.

  5. Software development lifecycle For each release of the software: Requirements Analysis and Design Coding Testing Production/deployment; feedback from users Testing, finding and fixing bugs (i.e., Quality Assurance) com- sumes 50% of total cost and time of software development. The problem gets worse after multiple releases, because: • People lose knowledge of the code • Code becomes bigger, more complex, and poorer structured

  6. Why quality assurance takes so much effort • Defects are common • Are hard to find • often, get identified only after release • no good tools, and people don’t use ones that are there • When a program crashes, or gives wrong answer, hard to detect the root defect • Defects in requirements or design should be found before coding starts, else code will manifest it • however, no widely used formal techniques for these • Incorrect understanding of customers requirements

  7. Kinds of software defects • Crashes • Null pointers, uninitialized values • Array index out of bounds, buffer overrun • Memory leaks • Misuse of pointers and buffers (in languages like C) • Unreachable code • Does not interact with other software in the same way as the previous version. • Leaks information to unauthorized channels • Performs poorly • Logical errors (design-time errors)

  8. What’s wrong with this program? int middle(int x, int y, int z) { int m = z; if (y < z) if (x < y) m = y; else if (x < z) m = x; else if (x > y) m = y; else if (x > z) m = x; return m; }

  9. What’s wrong with this program? ⇒ int middle(int x, int middle(int x, int y, int y, int z) { int z) { int m = z; int m = z; if (y < z) if (y < z) if (x < y) if (x < y) m = y; m = y; else if (x < z) else if (x < z) m = x; m = x; else else if (x > y) if (x > y) m = y; m = y; else if (x > z) else if (x > z) m = x; m = x; return m; return m; } } Tool BLAST identifies the two lines before return as unreachable

  10. A common approach to software validation: Testing • A test suite (set of test cases) is created, and executed for each version. • Black box testing: Test cases are created manually by user, or generated randomly. • White box testing: Test cases are generated by an analysis of the program code to increase code coverage. • Typically needs tool support. • What’s good about testing? All bugs found are real bugs. • What’s bad about testing?

  11. A common approach to software validation: Testing • A test suite (set of test cases) is created, and executed for each version. • Black box testing: Test cases are created manually by user, or generated randomly. • White box testing: Test cases are generated by an analysis of the program code to increase code coverage. • Typically needs tool support. • What’s good about testing? All bugs found are real bugs. • What’s bad about testing? • 100% coverage of the program’s behavior is impossible. • Therefore, cannot find all bugs or prove the absence of bugs. • Very hard to test the portion inside the “if” statement! input x if (hash(x) == 10) { ... }

  12. Program verification The algorithmic discovery of properties of a program by inspection of the source text. – Manna and Pneuli, “Algorithmic Verification”

  13. Program verification The algorithmic discovery of properties of a program by inspection of the source text. – Manna and Pneuli, “Algorithmic Verification” Also known as: static analysis, static program analysis, formal methods, . . .

  14. Difficulty of program verification • What will we prove? • “Deep” specifications of complex software are as complex as the software itself • Are difficult to prove • State of the art tools and automation are not good enough • We will focus on “shallow” properties • That is, we will prove “partial correctness”, or absence of certain classes of errors (e.g., null pointer dereferences)

  15. Elusive triangle Large programs We will let go of this one! Deep Automation properties 11 11 Credit: Sriram Rajamani, Microsoft Research India

  16. Example: Determining whether variables are odd ( o ) or even ( e ) p = oddInput() (p, o ) q = evenInput() (p, o ) (q, e ) if (p > q) (p, o ) (q, e ) p = p*2 + q (p, e ) (q, e ) write(p) (p, oe ) (q, e ) if (p < = q) (p, o ) (q, e ) p = p+1 (p, e ) (q, e ) write(p) (p, e ) (q, e ) q = q+2 (p, e ) (q, e )

  17. A verification approach: abstract interpretation • A kind of program execution in which variables store abstract values from bounded domains, not concrete values • Input values are also from the abstract domains • Program statement semantics are modified to work on abstract variable values • We execute the program on all (abstract) inputs and observe the program properties from these runs

  18. Example: The abstraction • Possible values of each variable: { o , e , oe } . • Modified statement semantics: + ∗ o e oe o e oe o e o oe o o e oe e o e oe e e e e oe oe oe oe oe oe e oe

  19. Example: The abstract interpretation Abstract interpretation p = oddInput() < (p, o ) > q = evenInput() if (p > q) p = p*2 + q write(p) if (p < = q) p = p+1 write(p) q = q+2

  20. Example: The abstract interpretation Abstract interpretation p = oddInput() < (p, o ) > q = evenInput() < (p, o ), (q, e ) > if (p > q) p = p*2 + q write(p) if (p < = q) p = p+1 write(p) q = q+2

  21. Example: The abstract interpretation Abstract interpretation p = oddInput() < (p, o ) > q = evenInput() < (p, o ), (q, e ) > if (p > q) < (p, o ), (q, e ) > p = p*2 + q write(p) < (p, o ), (q, e ) > if (p < = q) p = p+1 write(p) q = q+2

  22. Example: The abstract interpretation Abstract interpretation p = oddInput() < (p, o ) > q = evenInput() < (p, o ), (q, e ) > if (p > q) < (p, o ), (q, e ) > p = p*2 + q < (p, e ), (q, e ) > write(p) < (p, o ), (q, e ) > if (p < = q) p = p+1 write(p) q = q+2

  23. Example: The abstract interpretation Abstract interpretation p = oddInput() < (p, o ) > q = evenInput() < (p, o ), (q, e ) > if (p > q) < (p, o ), (q, e ) > p = p*2 + q < (p, e ), (q, e ) > write(p) < (p, o ), (q, e ) > < (p, e ), (q, e ) > if (p < = q) p = p+1 write(p) q = q+2

  24. Example: The abstract interpretation Abstract interpretation p = oddInput() < (p, o ) > q = evenInput() < (p, o ), (q, e ) > if (p > q) < (p, o ), (q, e ) > p = p*2 + q < (p, e ), (q, e ) > write(p) < (p, o ), (q, e ) > < (p, e ), (q, e ) > if (p < = q) < (p, o ), (q, e ) > < (p, e ), (q, e ) > p = p+1 write(p) q = q+2

  25. Example: The abstract interpretation Abstract interpretation p = oddInput() < (p, o ) > q = evenInput() < (p, o ), (q, e ) > if (p > q) < (p, o ), (q, e ) > p = p*2 + q < (p, e ), (q, e ) > write(p) < (p, o ), (q, e ) > < (p, e ), (q, e ) > if (p < = q) < (p, o ), (q, e ) > < (p, e ), (q, e ) > p = p+1 < (p, e ), (q, e ) > < (p, o ), (q, e ) > write(p) q = q+2

  26. Example: The abstract interpretation Abstract interpretation p = oddInput() < (p, o ) > q = evenInput() < (p, o ), (q, e ) > if (p > q) < (p, o ), (q, e ) > p = p*2 + q < (p, e ), (q, e ) > write(p) < (p, o ), (q, e ) > < (p, e ), (q, e ) > if (p < = q) < (p, o ), (q, e ) > < (p, e ), (q, e ) > p = p+1 < (p, e ), (q, e ) > < (p, o ), (q, e ) > write(p) < (p, e ), (q, e ) > < (p, o ), (q, e ) > q = q+2

  27. Example: The abstract interpretation Abstract interpretation p = oddInput() < (p, o ) > q = evenInput() < (p, o ), (q, e ) > if (p > q) < (p, o ), (q, e ) > p = p*2 + q < (p, e ), (q, e ) > write(p) < (p, o ), (q, e ) > < (p, e ), (q, e ) > if (p < = q) < (p, o ), (q, e ) > < (p, e ), (q, e ) > p = p+1 < (p, e ), (q, e ) > < (p, o ), (q, e ) > write(p) < (p, e ), (q, e ) > < (p, o ), (q, e ) > q = q+2 < (p, e ), (q, e ) > < (p, o ), (q, e ) >

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Viktor Vafeiadis Software Analysis &amp; Verification Full functional verification

Viktor Vafeiadis Software Analysis &amp; Verification Full functional verification

Viktor Vafeiadis Software Analysis &amp; Verification Full functional verification Compilers , concurrent programs , theorem provers Program equivalence / Compositional reasoning Compositional compiler verification

266 views • 3 slides
Bayes Network Analysis by Program Verification Joost-Pieter Katoen Alan Turing Institute,

Bayes Network Analysis by Program Verification Joost-Pieter Katoen Alan Turing Institute,

Bayes Network Analysis by Program Verification Joost-Pieter Katoen Alan Turing Institute, January 2018 Joost-Pieter Katoen Bayes Network Analysis by Program Verification 1/62 Perspective There are several reasons why probabilistic

1.06k views • 62 slides
Abstract Interpretation and Program Verification Supratik Chakraborty IIT Bombay Program

Abstract Interpretation and Program Verification Supratik Chakraborty IIT Bombay Program

Abstract Interpretation and Program Verification Supratik Chakraborty IIT Bombay Program Analysis: An Example int x = 0, y = 0, z ; read(z); IDEAS? while ( f(x, z) &gt; 0) { Run test cases Get code analyzed by if ( g(z, y) &gt;

1.16k views • 76 slides
Formal Verification of x86 Machine-Code Programs Computer Architecture and Program Analysis

Formal Verification of x86 Machine-Code Programs Computer Architecture and Program Analysis

Formal Verification of x86 Machine-Code Programs Computer Architecture and Program Analysis Shilpi Goel shigoel@cs.utexas.edu Department of Computer Science The University of Texas at Austin Software and Reliability Can we rely on our

891 views • 65 slides
Program Verification (Rosen, Sections 5.5) TOPICS Program Correctness Preconditions &amp;

Program Verification (Rosen, Sections 5.5) TOPICS Program Correctness Preconditions &amp;

Program Verification (Rosen, Sections 5.5) TOPICS Program Correctness Preconditions &amp; Postconditions Program Verification Assignments Composition Conditionals Loops Proofs about Programs Why

537 views • 36 slides
Verification Verification, Performance Performance Analysis Performance Performance Analysis

Verification Verification, Performance Performance Analysis Performance Performance Analysis

Verification Verification, Performance Performance Analysis Performance Performance Analysis Analysis and Analysis and Synthesis Synthesis of Embedd f E E b dd d S b dded Sys ystems t ems Kim G. Larsen Kim G. Larsen Aalborg

1.44k views • 116 slides
Program Verification as a Toolbox 2005Now Todays Verification A Brief, Subjective History

Program Verification as a Toolbox 2005Now Todays Verification A Brief, Subjective History

Program Verification as a Toolbox David Cock Is Your System Correct? Verified Systems Program Verification as a Toolbox 2005Now Todays Verification A Brief, Subjective History Toolbox Whats Next? David Cock January 23, 2015 1

432 views • 32 slides
From Program Verification to Program Synthesis Overview Jaak Ristioja March 30, 2010 1 / 91

From Program Verification to Program Synthesis Overview Jaak Ristioja March 30, 2010 1 / 91

From Program Verification to Program Synthesis Overview Jaak Ristioja March 30, 2010 1 / 91 Reference From Program Verification to Program Synthesis. @ POPL10; January 17-23, 2010 Saurabh Srivastava , University of Maryland, College Park

1.21k views • 91 slides
Preparing for Re-Verification Brief Mr. Terrence Moultrie Chief, Verification and Executive

Preparing for Re-Verification Brief Mr. Terrence Moultrie Chief, Verification and Executive

The Center for Verification and Evaluation (CVE) Preparing for Re-Verification Brief Mr. Terrence Moultrie Chief, Verification and Executive Support Services Agenda What is Re-Verification? o Simplified Reverification Program VIP

320 views • 21 slides
Towards full verification of concurrent libraries Viktor Vafeiadis Program verification

Towards full verification of concurrent libraries Viktor Vafeiadis Program verification

Towards full verification of concurrent libraries Viktor Vafeiadis Program verification Programs considered: Small (&lt;100 LOC) Medium (KLOC) Large (MLOC) Simple

577 views • 45 slides
Program Verification using Hoare logic ThanhVu Nguyen CSCE 467 Adapted from Jonathan Aldrichs

Program Verification using Hoare logic ThanhVu Nguyen CSCE 467 Adapted from Jonathan Aldrichs

Program Verification using Hoare logic ThanhVu Nguyen CSCE 467 Adapted from Jonathan Aldrichs Program Analysis slides November 19, 2019 1 Big-Step Operational Semantics E a n E-Assign E x := a E { x n } E-Skip E

661 views • 26 slides
Quo Vadis Program Verification Krzysztof R. Apt CWI, Amsterdam, the Netherlands , University of

Quo Vadis Program Verification Krzysztof R. Apt CWI, Amsterdam, the Netherlands , University of

Quo Vadis Program Verification Krzysztof R. Apt CWI, Amsterdam, the Netherlands , University of Amsterdam Quo Vadis Program Verification p. 1/1 One Page Summary Assertional approach to program verification is here to stay. Gap between

629 views • 19 slides
Verification and Validation Steven Zeil February 13, 2013 Verification and Validation

Verification and Validation Steven Zeil February 13, 2013 Verification and Validation

Verification and Validation Verification and Validation Steven Zeil February 13, 2013 Verification and Validation Outline The Process 1 Non-Testing V&amp;V 2 Code Review Mathematically-based verification Static analysis tools

790 views • 55 slides
DIVS DL/ID Verification Systems Verification of Legal Status DIVS Passport Verification

DIVS DL/ID Verification Systems Verification of Legal Status DIVS Passport Verification

DIVS DL/ID Verification Systems Verification of Legal Status DIVS Passport Verification Projects Birth Record Verification State to State Verification DIVS State to State Verification Service (S2S) Program Benefits Mission

349 views • 8 slides
Verification &amp; Validation Verification is getting the system right : Verification and

Verification &amp; Validation Verification is getting the system right : Verification and

Verification &amp; Validation Verification is getting the system right : Verification and Validation Does the program you built do what you designed it to do? Dr. James A. Bednar Validation is getting the right system : jbednar@inf.ed.ac.uk

331 views • 8 slides
Static and dynamic verification Software inspections Concerned with analysis of the

Static and dynamic verification Software inspections Concerned with analysis of the

1 Static and dynamic verification Software inspections Concerned with analysis of the static system representation to discover problems (static verification) May be supplement by tool-based document and code analysis

310 views • 12 slides
ORIENTATIONS FOR MODULI SPACES IN SEVEN-DIMENSIONAL GAUGE THEORY MARKUS UPMEIER (JOINT WITH

ORIENTATIONS FOR MODULI SPACES IN SEVEN-DIMENSIONAL GAUGE THEORY MARKUS UPMEIER (JOINT WITH

ORIENTATIONS FOR MODULI SPACES IN SEVEN-DIMENSIONAL GAUGE THEORY MARKUS UPMEIER (JOINT WITH DOMINIC JOYCE) Contents 1. Plan of the talk 1 2. Preliminary statement of results. DonaldsonSegal programme 1 3. Orientation problem 1 4.

296 views • 5 slides
A tour on Bridgeland stability Paolo Stellari Hamburg, June 2015 Paolo Stellari A tour on

A tour on Bridgeland stability Paolo Stellari Hamburg, June 2015 Paolo Stellari A tour on

A tour on Bridgeland stability Paolo Stellari Hamburg, June 2015 Paolo Stellari A tour on Bridgeland stability Outline 1 Moduli spaces and stability Curves Stability Recasting Paolo Stellari A tour on Bridgeland stability Outline 1

723 views • 53 slides
Neural Networks These representations are inspired by neurons and their connections in the

Neural Networks These representations are inspired by neurons and their connections in the

Neural Networks These representations are inspired by neurons and their connections in the brain. Artificial neurons, or units, have inputs, and an output. The output can be connected to the inputs of other units. The output of a unit

344 views • 17 slides
t

t

t

499 views • 24 slides
s

s

s s

501 views • 6 slides
On Demand Online Credit Rates in the Banking Domain A proposal for dynamic on-demand credit

On Demand Online Credit Rates in the Banking Domain A proposal for dynamic on-demand credit

On Demand Online Credit Rates in the Banking Domain A proposal for dynamic on-demand credit rates computation based on event processing. An Idea by David Luckham, Stanford University, and CITT. Daniel Jobst, Benjamin Gebauer, Thomas Schfer,

311 views • 6 slides
Computational Expression Summary and Applications Janyl Jumadinova December 2, 2019 Janyl

Computational Expression Summary and Applications Janyl Jumadinova December 2, 2019 Janyl

Computational Expression Summary and Applications Janyl Jumadinova December 2, 2019 Janyl Jumadinova Computational Expression December 2, 2019 1 / 18 Computer Science is is a process of computation, Janyl Jumadinova Computational

413 views • 28 slides
Database Design and the Entity/Relationship Model Youve just been hired by Bank of America

Database Design and the Entity/Relationship Model Youve just been hired by Bank of America

Database Design and the Entity/Relationship Model Youve just been hired by Bank of America as their DBA for their online banking web site. You are asked to create a database that monitors: customers accounts loans

610 views • 48 slides

More recommend