shadow of a doubt testing for divergences between
play

Shadow of a Doubt: Testing for Divergences Between Software - PowerPoint PPT Presentation

Jan 19, 2024 •118 likes •724 views

Shadow of a Doubt: Testing for Divergences Between Software Versions Hristina Palikareva Tomasz Kuchta Cristian Cadar ICSE16, 20 th May 2016 This work is supported by EPSRC and Microsoft Research Motivation Software patches

  1. Shadow of a Doubt: Testing for Divergences Between Software Versions Hristina Palikareva Tomasz Kuchta Cristian Cadar ICSE’16, 20 th May 2016 This work is supported by EPSRC and Microsoft Research

  2. Motivation § Software patches § Frequent, at the core of software evolution § New features, bug fixes, better performance, usability § Poorly tested in practice § May introduce bugs 2

  3. Motivation: an example Old 01 int gt_100(unsigned x) { 02 unsigned y = x; 03 if (y > 100) 04 return 1; 05 else 06 return 0; 07 } 3

  4. Motivation: an example Old New 01 int gt_100(unsigned x) { 01 int gt_100(unsigned x) { 02 unsigned y = x; 02 unsigned y = x + 1 x + 1; 03 if (y > 100) 03 if (y > 100) 04 return 1; 04 return 1; 05 else 05 else 06 return 0; 06 return 0; 07 } 07 } § Test cases: x = 0, x = 100, x = 101 4

  5. Motivation: an example Old New 01 int gt_100(unsigned x) { 01 int gt_100(unsigned x) { 02 unsigned y = x; 02 unsigned y = x + 1 x + 1; 03 if (y > 100) 03 if (y > 100) 04 return 1; 04 return 1; 05 else 05 else 06 return 0; 06 return 0; 07 } 07 } § Test cases: x = 0, x = 100, x = 101, 100% 100% code coverage 5

  6. Motivation: an example Old New 01 int gt_100(unsigned x) { 01 int gt_100(unsigned x) { 02 unsigned y = x; 02 unsigned y = x + 1 x + 1; 03 if (y > 100) 03 if (y > 100) 04 return 1; 04 return 1; 05 else 05 else 06 return 0; 06 return 0; 07 } 07 } § Test cases: x = 0, x = 100, x = 101, 100% 100% code coverage § Only 50% 50% new behaviour coverage § Code coverage not sufficient! 6

  7. Contributions § Shadow symbolic execution technique § Focuses on the new behaviours of the patch § Technique for unifying two versions of a program § Execute in a single symbolic execution instance § A patch testing approach § Shadow symbolic execution § Enhanced cross-version checks 7

  8. Symbolic execution x is a symbolic variable 01 int gt_100(unsigned x) { 02 unsigned y = x + 1 x + 1; 03 if (y > 100) 04 return 1; 05 else 06 return 0; 07 } 8

  9. Symbolic execution x is a symbolic variable 01 int gt_100(unsigned x) { 02 unsigned y = x + 1 x + 1; 03 if (y > 100) x+1 ≤ 100 x+1 > 100 04 return 1; 05 else 06 return 0; 07 } 9

  10. Symbolic execution x is a symbolic variable 01 int gt_100(unsigned x) { 02 unsigned y = x + 1 x + 1; 03 if (y > 100) x+1 ≤ 100 x+1 > 100 04 return 1; 05 else 06 return 0; 07 } 10

  11. Symbolic execution x is a symbolic variable 01 int gt_100(unsigned x) { 02 unsigned y = x + 1 x + 1; 03 if (y > 100) x+1 ≤ 100 x+1 > 100 04 return 1; 05 else 06 return 0; 07 } 11

  12. Symbolic execution x is a symbolic variable 01 int gt_100(unsigned x) { 02 unsigned y = x + 1 x + 1; 03 if (y > 100) x+1 ≤ 100 x+1 > 100 04 return 1; 05 else 06 return 0; 07 } 12

  13. Symbolic execution x is a symbolic variable 01 int gt_100(unsigned x) { 02 unsigned y = x + 1 x + 1; 03 if (y > 100) x+1 ≤ 100 x+1 > 100 04 return 1; 05 else x + 1 > 100 06 return 0; 07 } x + 1 ≤ 100 13

  14. Symbolic execution x is a symbolic variable 01 int gt_100(unsigned x) { 02 unsigned y = x + 1 x + 1; 03 if (y > 100) x+1 ≤ 100 x+1 > 100 04 return 1; 05 else x + 1 > 100 06 return 0; 07 } x + 1 ≤ 100 e.g. x = 1000 e.g. x = 0 14

  15. Shadow symbolic execution

  16. Shadow symbolic execution § Old and new version in the same instance § The two versions are combined § Executed in lock-step fashion § The old version shadows the new one § Focus on the new behaviour § Versions take different sides of a branch 16

  17. Shadow symbolic execution Old New 01 int gt_100(unsigned x) { 01 int gt_100(unsigned x) { 02 unsigned y = x; 02 unsigned y = x + 1 x + 1; 03 if (y > 100) 03 if (y > 100) 04 return 1; 04 return 1; 05 else 05 else 06 return 0; 06 return 0; 07 } 07 } 17

  18. Shadow symbolic execution Combined 01 int gt_100(unsigned x) { 02 unsigned y = change(x, x + 1) change(x, x + 1); 03 if (y > 100) 04 return 1; 05 else 06 return 0; 07 } 18

  19. Shadow symbolic execution 01 int gt_100(unsigned x) { 02 unsigned y = change(x, x + 1) change(x, x + 1); 03 if (y > 100) 04 return 1; 05 else 06 return 0; 07 } 19

  20. Shadow symbolic execution 01 int gt_100(unsigned x) { 02 unsigned y = change(x, x + 1) change(x, x + 1); 03 if (y > 100) 04 return 1; 05 else 06 return 0; 07 } 20

  21. Shadow symbolic execution 01 int gt_100(unsigned x) { 02 unsigned y = change(x, x + 1) change(x, x + 1); 03 if (y > 100) 04 return 1; 4-way fork 05 else 06 return 0; 07 } 21

  22. Shadow symbolic execution 01 int gt_100(unsigned x) { 02 unsigned y = change(x, change(x, x + 1 x + 1); 03 if (y > 100) x+1 ≤ 100 x+1 > 100 04 return 1; 05 else 06 return 0; 07 } 22

  23. Shadow symbolic execution 01 int gt_100(unsigned x) { 02 unsigned y = change( change(x, x + 1) , x + 1); 03 if (y > 100) x+1 ≤ 100 x+1 > 100 04 return 1; 05 else x ≤ 100 x > 100 x ≤ 100 x > 100 06 return 0; 07 } 23

  24. Shadow symbolic execution 01 int gt_100(unsigned x) { 02 unsigned y = change( change(x, x + 1 x, x + 1); 03 if (y > 100) x+1 ≤ 100 x+1 > 100 04 return 1; 05 else x ≤ 100 x > 100 x ≤ 100 x > 100 06 return 0; new:else new:else new:then new:then old:else old:then old:else old:then 07 } 24

  25. Shadow symbolic execution 01 int gt_100(unsigned x) { 02 unsigned y = change( change(x, x + 1 x, x + 1); 03 if (y > 100) x+1 ≤ 100 x+1 > 100 04 return 1; 05 else x ≤ 100 x > 100 x ≤ 100 x > 100 06 return 0; new:else new:else new:then new:then old:else old:then old:else old:then 07 } 25

  26. Shadow symbolic execution 01 int gt_100(unsigned x) { 02 unsigned y = change( change(x, x + 1 x, x + 1); 03 if (y > 100) x+1 ≤ 100 x+1 > 100 04 return 1; 05 else x ≤ 100 x > 100 x ≤ 100 x > 100 06 return 0; new:else new:else new:then new:then old:else old:then old:else old:then 07 } 100 ✓ 26

  27. Shadow symbolic execution 01 int gt_100(unsigned x) { 02 unsigned y = change( change(x, x + 1 x, x + 1); 03 if (y > 100) x+1 ≤ 100 x+1 > 100 04 return 1; 05 else x ≤ 100 x > 100 x ≤ 100 x > 100 06 return 0; new:else new:else new:then new:then old:else old:then old:else old:then 07 } 100 ✓ Max Int 27

  28. Shadow symbolic execution Divergence not always possible 01 int gt_100(unsigned x) { 02 unsigned y = x; y > 200 03 if (change(y > 100, y change(y > 100, y ≥ 100) 100)) 04 return 1; 05 else 06 return 0; y < 100 y < 100 y ≥ 100 y ≥ 100 y ≤ 100 y > 100 y ≤ 100 y > 100 07 } 28

  29. Shadow symbolic execution § Advantages of shadow symbolic execution § Pruning execution paths – smaller search space § Space efficiency § Two versions combined into one § Expression sharing via shadow expressions § Does not execute unchanged path prefix twice 29

  30. Patch annotations

  31. Expressing patches § Annotations § change(old, new) macro § Currently manual, automation possible § A set of 15 rules § See project web-site for annotated patches http://srg.doc.ic.ac.uk/projects/shadow/ 31

  32. Annotation rules § Modifying an rvalue expression Old New 01 if (argc – optind argc – optind < 1 < 1) 01 if (n_args n_args < 1 < 1) 02 { 02 { 03 error (...); 03 error (...); 04 usage (EXIT_FAILURE); 04 usage (EXIT_FAILURE); 05 } 05 } Combined 01 if (change(argc - optind, n_args) change(argc - optind, n_args) < 1 < 1) 02 { 03 error (...); 04 usage (EXIT_FAILURE); 05 } 32

  33. Annotation rules § Adding an assignment Old New 01 byte_idx = 0; 01 byte_idx = 0; 02 print_delimiter = false; 02 print_delimiter = false; 03 03 current_rp = rp; current_rp = rp; Combined 01 byte_idx = 0; 02 print_delimiter = false; 03 current_rp = change(current_rp, rp) change(current_rp, rp); 33

  34. Patch testing approach

  35. Shadow approach overview Old New Test suite version version 35

  36. Shadow approach overview Old New Test suite version version Unify Select Enhanced Shadow checks versions test cases 36

  37. Shadow approach overview Old New Test suite version version Unify Select Enhanced Shadow checks versions test cases Regression Expected bugs divergences 37

  38. Shadow approach overview Old New Test suite version version Unify Select Enhanced Shadow checks versions test cases Regression Expected bugs divergences 38

  39. Shadow approach overview Unify Select Enhanced Shadow checks versions test cases § Combine old and new version § change() macro § Set of rules 39

  40. Shadow approach overview Unify Select Enhanced Shadow checks versions test cases § Select test cases that touch the patch § Run test suite on the new version § Use coverage data § Cover at least one line of the patch 40

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Rnyi divergences and hypothesis testing problems Miln Mosonyi 1 , 2 1 Fsica Terica:

Rnyi divergences and hypothesis testing problems Miln Mosonyi 1 , 2 1 Fsica Terica:

Rnyi divergences and hypothesis testing problems Miln Mosonyi 1 , 2 1 Fsica Terica: Informaci i Fenomens Quntics Universitat Autnoma Barcelona 2 Mathematical Institute Budapest University of Technology and Economics Paris 2015

695 views • 30 slides
the shadow knows Shadow Algorithms Who knows what evil lurks in the hearts of men? Why

the shadow knows Shadow Algorithms Who knows what evil lurks in the hearts of men? Why

the shadow knows Shadow Algorithms Who knows what evil lurks in the hearts of men? Why shadows? Anatomy of a shadow Increase realism Umbra Area completely obscured by object Shows relationships between objects. Hard

445 views • 5 slides
Bridging the gap between Optimal Transport and MMD with Sinkhorn Divergences Aude Genevay MIT

Bridging the gap between Optimal Transport and MMD with Sinkhorn Divergences Aude Genevay MIT

Distances Entropic Regularization Sinkhorn Divergences Conclusion Bridging the gap between Optimal Transport and MMD with Sinkhorn Divergences Aude Genevay MIT CSAIL CIRM Workshop - March 2020 Joint work with Gabriel Peyr, Marco Cuturi,

1.27k views • 64 slides
SHADOW PINES Town Of Penfield 3100 Atlantic Avenue Penfield, New York 14526 SHADOW PINES

SHADOW PINES Town Of Penfield 3100 Atlantic Avenue Penfield, New York 14526 SHADOW PINES

SHADOW PINES Town Of Penfield 3100 Atlantic Avenue Penfield, New York 14526 SHADOW PINES OVERVIEW REVIEW OF SHADOW LAKES/ SHADOW PINES COMMUNITY ADVISORY REPORT (SEPT. 2016) SHADOW PINES LAND USE ADVISORY COMMITTEE FINAL

249 views • 11 slides
Ultraviolet and Infrared Divergences in Superstring Theory Ashoke Sen Harish-Chandra Research

Ultraviolet and Infrared Divergences in Superstring Theory Ashoke Sen Harish-Chandra Research

Ultraviolet and Infrared Divergences in Superstring Theory Ashoke Sen Harish-Chandra Research Institute, Allahabad, India Florence, May 2016 1. Summary of this talk 2. Review of ultraviolet (UV) and infrared (IR) divergences in quantum field

548 views • 31 slides
11 Shadow Volumes Steve Marschner CS5625 Spring 2019 References F . Crow, Shadow Algorithms

11 Shadow Volumes Steve Marschner CS5625 Spring 2019 References F . Crow, Shadow Algorithms

11 Shadow Volumes Steve Marschner CS5625 Spring 2019 References F . Crow, Shadow Algorithms for Computer Graphics. SIGGRAPH 1977. http://dx.doi.org/10.1145/965141.563901 M. McGuire, E ffi cient Shadow Volume Rendering. GPU Gems ,

510 views • 27 slides
10 Shadow Volumes Steve Marschner CS5625 Spring 2015 References F . Crow, Shadow Algorithms

10 Shadow Volumes Steve Marschner CS5625 Spring 2015 References F . Crow, Shadow Algorithms

10 Shadow Volumes Steve Marschner CS5625 Spring 2015 References F . Crow, Shadow Algorithms for Computer Graphics. SIGGRAPH 1977. http://dx.doi.org/10.1145/965141.563901 M. McGuire, E ffi cient Shadow Volume Rendering. GPU Gems ,

152 views • 12 slides
An Efficient Hybrid Shadow Rendering Algorithm Eric Chan Frdo Durand Massachusetts Institute

An Efficient Hybrid Shadow Rendering Algorithm Eric Chan Frdo Durand Massachusetts Institute

An Efficient Hybrid Shadow Rendering Algorithm Eric Chan Frdo Durand Massachusetts Institute of Technology Not Another Talk on Shadows?! Main ideas: combination of shadow maps + shadow volumes computation masks + Classic Shadow

629 views • 48 slides
CSS3 new properties http://www.w3schools.com/cssref 1 shadows 2 box-shadow TRY IT! The

CSS3 new properties http://www.w3schools.com/cssref 1 shadows 2 box-shadow TRY IT! The

CSS3 new properties http://www.w3schools.com/cssref 1 shadows 2 box-shadow TRY IT! The box-shadow property attaches one or more shadows to an element. 3 text-shadow TRY IT! The text-shadow property adds shadow to text. 4 gradient 5

347 views • 24 slides
Shadow Banking Financial Stability Board (FSB) and its work on Shadow Banking Yasushi Shiina,

Shadow Banking Financial Stability Board (FSB) and its work on Shadow Banking Yasushi Shiina,

Shadow Banking Financial Stability Board (FSB) and its work on Shadow Banking Yasushi Shiina, Member of Secretariat 9 November 2011 Note: The views expressed in this slides are those of the author and do not necessarily reflect those of the

363 views • 21 slides
Capturing Translational Divergences with Zhechev &amp; Andy Way a Statistical Tree-to-Tree

Capturing Translational Divergences with Zhechev &amp; Andy Way a Statistical Tree-to-Tree

Capturing Translational Divergences with a Statistical Tree-to-Tree Aligner Mary Hearne, John Tinsley, Ventsislav Capturing Translational Divergences with Zhechev &amp; Andy Way a Statistical Tree-to-Tree Aligner Tree Alignments

574 views • 32 slides
Beyond Differential Privacy: Composition Theorems and Relational Logic for f -divergences between

Beyond Differential Privacy: Composition Theorems and Relational Logic for f -divergences between

Beyond Differential Privacy: Composition Theorems and Relational Logic for f -divergences between Probabilistic Programs Gilles Barthe Federico Olmedo IMDEA Software Institute, Madrid, Spain 40 th International Colloquium on Automata, Languages

514 views • 32 slides
Machine Translation Classification of divergences Classical and Statistical Approaches

Machine Translation Classification of divergences Classical and Statistical Approaches

Session 4: Interlingua-based MT Dorr (1992, 1994): UNITRAN system Machine Translation Classification of divergences Classical and Statistical Approaches Lexical Conceptual Structure Translation mappings between syntactic

130 views • 12 slides
Dealing with Doubt While Making Disciples Dr. Rich Knopp Professor of Philosophy &amp; Christian

Dealing with Doubt While Making Disciples Dr. Rich Knopp Professor of Philosophy &amp; Christian

Dealing with Doubt While Making Disciples Dr. Rich Knopp Professor of Philosophy &amp; Christian Apologetics Project Coordinator, Room For Doubt www.roomfordoubt.com Lincoln Christian University Top 10 Differences If the Bible Had Been

718 views • 54 slides
Learn How to Transform Judgement, Doubt &amp; Fear into Success Monika Becker Clear Directions

Learn How to Transform Judgement, Doubt &amp; Fear into Success Monika Becker Clear Directions

Learn How to Transform Judgement, Doubt &amp; Fear into Success Monika Becker Clear Directions Coaching Top 3 Takeaways: Understand the causes of your judgment, doubt &amp; fears the limitations of traditional healing &amp; coping

866 views • 69 slides
Acceleration Data Structures for Ray Tracing Most slides are taken from Fredo Durand Shadows

Acceleration Data Structures for Ray Tracing Most slides are taken from Fredo Durand Shadows

Acceleration Data Structures for Ray Tracing Most slides are taken from Fredo Durand Shadows one shadow ray per intersection per point light source no shadow rays one shadow ray Soft Shadows multiple shadow rays to sample area light

660 views • 52 slides
CS412 Software Security Advanced Mitigations Mathias Payer EPFL, Spring 2019 Mathias Payer

CS412 Software Security Advanced Mitigations Mathias Payer EPFL, Spring 2019 Mathias Payer

CS412 Software Security Advanced Mitigations Mathias Payer EPFL, Spring 2019 Mathias Payer CS412 Software Security Model for Control-Flow Hijack Attacks Figure 1: Mathias Payer CS412 Software Security Advanced mitigations Stack integrity

298 views • 26 slides
Global illumination with many-light methods Jaroslav Kivnek Charles University, Prague

Global illumination with many-light methods Jaroslav Kivnek Charles University, Prague

Global illumination with many-light methods Jaroslav Kivnek Charles University, Prague Review: Path integral formulation of light transport Veach , 1998 Zobrazovac rovnice v 3b form ulaci o ' i

736 views • 58 slides
Shadows (07) RNDr. Martin Madaras, PhD. martin.madaras@stuba.sk Why shadows? 2 Shadows in

Shadows (07) RNDr. Martin Madaras, PhD. martin.madaras@stuba.sk Why shadows? 2 Shadows in

Principles of Computer Graphics and Image Processing Shadows (07) RNDr. Martin Madaras, PhD. martin.madaras@stuba.sk Why shadows? 2 Shadows in global methods ray-tracing radiosity 3 Lights and shadows Two basic approaches Hard

692 views • 37 slides
Shadow Mapping Outline Quick introduction to computer graphics. Why Shadows ? The

Shadow Mapping Outline Quick introduction to computer graphics. Why Shadows ? The

Shadow Mapping Outline Quick introduction to computer graphics. Why Shadows ? The shadow mapping algorithm. Strengths and weaknesses You will ... Get an abstract view of how Computer Graphics works. Be able to outline the

538 views • 16 slides
Virtual Frame Buffer for PV Xen Markus Armbruster, 2006 armbru@redhat.com Red Hat GmbH Why and

Virtual Frame Buffer for PV Xen Markus Armbruster, 2006 armbru@redhat.com Red Hat GmbH Why and

Virtual Frame Buffer for PV Xen Markus Armbruster, 2006 armbru@redhat.com Red Hat GmbH Why and Who Why? Want a graphical console! Just like a real machine, just like FV Whodunnit? Anthony Liguori Design and initial implementation

425 views • 8 slides
Medicare Care Choices Model Cindy Massuda and Gigi Kuberski Implementation Project Officers

Medicare Care Choices Model Cindy Massuda and Gigi Kuberski Implementation Project Officers

Medicare Care Choices Model Cindy Massuda and Gigi Kuberski Implementation Project Officers Model Purpose According to Medicare claims data, only 44 percent of Medicare patients use the hospice benefit at the end of life, and most use

382 views • 14 slides
Vectors, Signals &amp; Shannons Information Theory A/Prof. Vaughan Clarkson 10 PROCEEDINGS OF

Vectors, Signals &amp; Shannons Information Theory A/Prof. Vaughan Clarkson 10 PROCEEDINGS OF

Vectors, Signals &amp; Shannons Information Theory A/Prof. Vaughan Clarkson 10 PROCEEDINGS OF THE I.R.E. January through the attenuator to the receiver. In this manner, space-charge type illustrated in Fig. 5. The shape of this the gain

269 views • 10 slides
Learning Outcomes I can implement logic for any truth table by using Shannon's theorem to

Learning Outcomes I can implement logic for any truth table by using Shannon's theorem to

2-4.1 2-4.2 Learning Outcomes I can implement logic for any truth table by using Shannon's theorem to decompose the function to create two smaller functions and a 2-to-1 mux Spiral 2-4 I can recursively apply Shannon's theorem k times

409 views • 8 slides

More recommend