testing abstraction theorem proving better together
play

Testing, Abstraction, Theorem Proving: Better Together Authors: - PowerPoint PPT Presentation

Apr 02, 2023 •210 likes •1.12k views

Testing, Abstraction, Theorem Proving: Better Together Authors: Greta Yorsh Thomas Ball Mooly Sagiv Presenter: Michael Rudolph Seminar Program Analysis and Software Testing University of Freiburg 2016 Motivation Program No Proof no error

  1. Testing, Abstraction, Theorem Proving: Better Together Authors: Greta Yorsh Thomas Ball Mooly Sagiv Presenter: Michael Rudolph Seminar Program Analysis and Software Testing University of Freiburg 2016

  2. Motivation Program No Proof no error Execute tests error Test set Real error Dynamic Analysis

  3. Motivation Proof no error Program Analysis Abstraction error Potential error Static Analysis

  4. False error Unreachable concrete states Reachable concrete states false error Abstract state = +

  5. Motivation Dynamic Analysis Static Analysis No Proof Real error Proof Potential error

  6. Motivation Dynamic Analysis Static Analysis No Proof Real error Proof Potential error solved by

  7. Motivation Dynamic Analysis Static Analysis No Proof Real error Proof Potential error solved by solved by

  8. Motivation ⇓ Idea: Combine both approaches.

  9. Table of Contents 1 Motivation 2 Overview method 3 Real error 4 Proof 5 False error 6 Conclusion

  10. Example Algorithm: foo(int x, int y) I int ∗ px = NULL ; A x = x + 1; B if x < 4 then px = & x ; C D if px == & y then x = x + 1; E F if x < 5 then ∗ px = ∗ px + 1; G (foo algorithm, G. Yorsh , T. Ball, and M. Sagiv , 2006.)

  11. Example Algorithm: foo(3, 0) I int ∗ px = NULL ; // (pc=I, x=3, y=0, px=NULL)

  12. Example Algorithm: foo(3, 0) I int ∗ px = NULL ; // (pc=I, x=3, y=0, px=NULL) A x = x + 1; // (pc=A, x=3, y=0, px=NULL)

  13. Example Algorithm: foo(3, 0) I int ∗ px = NULL ; // (pc=I, x=3, y=0, px=NULL) A x = x + 1; // (pc=A, x=3, y=0, px=NULL) B if x < 4 // (pc=B, x=4, y=0, px=NULL) then px = & x ; C

  14. Example Algorithm: foo(3, 0) I int ∗ px = NULL ; // (pc=I, x=3, y=0, px=NULL) A x = x + 1; // (pc=A, x=3, y=0, px=NULL) B if x < 4 // (pc=B, x=4, y=0, px=NULL) then px = & x ; C D if px == & y // (pc=D, x=4, y=0, px=NULL) then x = x + 1; // Dead code E

  15. Example Algorithm: foo(3, 0) I int ∗ px = NULL ; // (pc=I, x=3, y=0, px=NULL) A x = x + 1; // (pc=A, x=3, y=0, px=NULL) B if x < 4 // (pc=B, x=4, y=0, px=NULL) then px = & x ; C D if px == & y // (pc=D, x=4, y=0, px=NULL) then x = x + 1; // Dead code E F if x < 5 // (pc=F, x=4, y=0, px=NULL) then ∗ px = ∗ px + 1; // (pc=G, x=4, y=0, px=NULL) G

  16. Example Algorithm: foo(3, 0) I int ∗ px = NULL ; // (pc=I, x=3, y=0, px=NULL) A x = x + 1; // (pc=A, x=3, y=0, px=NULL) B if x < 4 // (pc=B, x=4, y=0, px=NULL) then px = & x ; C D if px == & y // (pc=D, x=4, y=0, px=NULL) then x = x + 1; // Dead code E F if x < 5 // (pc=F, x=4, y=0, px=NULL) then ∗ px = ∗ px + 1; // (pc=G, x=4, y=0, px=NULL) G ⇒ Null pointer dereference error =

  17. Execute program P test set T potential error Execute (Figure 1, G. Yorsh , T. Ball, and M. Sagiv , 2006.)

  18. Execute program P test set T potential error Execute (Figure 1, G. Yorsh , T. Ball, and M. Sagiv , 2006.)

  19. Execute Program P Test set foo(2,0) = foo (pc=I, x=2, y=0, px=NULL) An example input.

  20. Execute Algorithm: foo(2, 0) I int ∗ px = NULL ; // (pc=I, x=2, y=0, px=NULL)

  21. Execute Algorithm: foo(2, 0) I int ∗ px = NULL ; // (pc=I, x=2, y=0, px=NULL) A x = x + 1; // (pc=A, x=2, y=0, px=NULL)

  22. Execute Algorithm: foo(2, 0) I int ∗ px = NULL ; // (pc=I, x=2, y=0, px=NULL) A x = x + 1; // (pc=A, x=2, y=0, px=NULL) B if x < 4 // (pc=B, x=3, y=0, px=NULL) then px = & x ; // (pc=C, x=3, y=0, px=NULL) C

  23. Execute Algorithm: foo(2, 0) I int ∗ px = NULL ; // (pc=I, x=2, y=0, px=NULL) A x = x + 1; // (pc=A, x=2, y=0, px=NULL) B if x < 4 // (pc=B, x=3, y=0, px=NULL) then px = & x ; // (pc=C, x=3, y=0, px=NULL) C D if px == & y // (pc=D, x=3, y=0, px= ¬ NULL) then x = x + 1; E

  24. Execute Algorithm: foo(2, 0) I int ∗ px = NULL ; // (pc=I, x=2, y=0, px=NULL) A x = x + 1; // (pc=A, x=2, y=0, px=NULL) B if x < 4 // (pc=B, x=3, y=0, px=NULL) then px = & x ; // (pc=C, x=3, y=0, px=NULL) C D if px == & y // (pc=D, x=3, y=0, px= ¬ NULL) then x = x + 1; E F if x < 5 // (pc=F, x=3, y=0, px= ¬ NULL) then ∗ px = ∗ px + 1; // (pc=G, x=3, y=0, px= ¬ NULL) G

  25. Execute Execute test set ⇒ No Error. but Execute foo(3,0) ⇒ Error ⇓ Execute phase gives no proof.

  26. Abstract test set T program P potential error Execute C T Abstract

  27. Abstract Unreachable concrete states Reachable concrete states Abstract state = +

  28. Abstract α ( C ) = { ( pc , x < 5 , px = NULL ) | ( pc , x , y , px ) ∈ C } C T A T pc=I, x=2, y=0, px=NULL I, t, t Algorithm: foo(2,0) I int ∗ px = NULL ;

  29. Abstract α ( C ) = { ( pc , x < 5 , px = NULL ) | ( pc , x , y , px ) ∈ C } C T A T pc=I, x=2, y=0, px=NULL I, t, t Algorithm: foo(2,0) pc=A, x=2, y=0, px=NULL A, t, t I int ∗ px = NULL ; A x = x + 1;

  30. Abstract α ( C ) = { ( pc , x < 5 , px = NULL ) | ( pc , x , y , px ) ∈ C } C T A T pc=I, x=2, y=0, px=NULL I, t, t Algorithm: foo(2,0) pc=A, x=2, y=0, px=NULL A, t, t I int ∗ px = NULL ; A x = x + 1; pc=B, x=3, y=0, px=NULL B, t, t B if x < 4 then px = & x ; C

  31. Abstract α ( C ) = { ( pc , x < 5 , px = NULL ) | ( pc , x , y , px ) ∈ C } C T A T pc=I, x=2, y=0, px=NULL I, t, t Algorithm: foo(2,0) pc=A, x=2, y=0, px=NULL A, t, t I int ∗ px = NULL ; A x = x + 1; pc=B, x=3, y=0, px=NULL B, t, t B if x < 4 then px = & x ; C pc=C, x=3, y=0, px=NULL C, t, t

  32. Abstract α ( C ) = { ( pc , x < 5 , px = NULL ) | ( pc , x , y , px ) ∈ C } C T A T pc=I, x=2, y=0, px=NULL I, t, t Algorithm: foo(2,0) pc=A, x=2, y=0, px=NULL A, t, t I int ∗ px = NULL ; A x = x + 1; pc=B, x=3, y=0, px=NULL B, t, t B if x < 4 then px = & x ; C pc=C, x=3, y=0, px=NULL C, t, t D if px == & y then x = x + 1; E pc=D, x=3, y=0, px= ¬ NULL D, t, f

  33. Abstract α ( C ) = { ( pc , x < 5 , px = NULL ) | ( pc , x , y , px ) ∈ C } C T A T pc=I, x=2, y=0, px=NULL I, t, t Algorithm: foo(2,0) pc=A, x=2, y=0, px=NULL A, t, t I int ∗ px = NULL ; A x = x + 1; pc=B, x=3, y=0, px=NULL B, t, t B if x < 4 then px = & x ; C pc=C, x=3, y=0, px=NULL C, t, t D if px == & y then x = x + 1; E pc=D, x=3, y=0, px= ¬ NULL D, t, f F if x < 5 then ∗ px = ∗ px +1; G pc=F, x=3, y=0, px= ¬ NULL F, t, f

  34. Abstract α ( C ) = { ( pc , x < 5 , px = NULL ) | ( pc , x , y , px ) ∈ C } C T A T pc=I, x=2, y=0, px=NULL I, t, t Algorithm: foo(2,0) pc=A, x=2, y=0, px=NULL A, t, t I int ∗ px = NULL ; A x = x + 1; pc=B, x=3, y=0, px=NULL B, t, t B if x < 4 then px = & x ; C pc=C, x=3, y=0, px=NULL C, t, t D if px == & y then x = x + 1; E pc=D, x=3, y=0, px= ¬ NULL D, t, f F if x < 5 then ∗ px = ∗ px +1; G pc=F, x=3, y=0, px= ¬ NULL F, t, f pc=G, x=3, y=0, px= ¬ NULL G, t, f

  35. Check adequacy test set T program P potential error Execute C T Abstract A T Check adequacy

  36. Check adequacy What are successor states ? Let’s look at our example. Algorithm: part of foo(int x, int y) A x = x + 1; B if x < 4 then px = & x ; // If B is true. C D if px == & y // If B is false. then x = x + 1; E F if x < 5 then ∗ px = ∗ px + 1; G Successor states of B

  37. Check adequacy A set of tests T is adequate under a given abstraction ⇔ for all concrete states which are represented by A T it holds that their successor states are covered by A T , too. � A T : abstract states covered by T concrete state c successor states of c

  38. Check adequacy A set of tests T is adequate under a given abstraction ⇔ for all concrete states which are represented by A T it holds that their successor states are covered by A T , too. A T : abstract states covered by T concrete state c successor states of c

  39. Check adequacy α ( C ) = { ( pc , x < 5 , px = NULL ) | ( pc , x , y , px ) ∈ C } A T I, t, t Algorithm: foo(int x, int y) A, t, t I int ∗ px = NULL ; A x = x + 1; B, t, t B if x < 4 then px = & x ; // (pc=C, x<4, px=Null) C C, t, t D if px == & y then D, t, f x = x + 1; E F if x < 5 then F, t, f ∗ px = ∗ px + 1; G G, t, f

  40. Check adequacy α ( C ) = { ( pc , x < 5 , px = NULL ) | ( pc , x , y , px ) ∈ C } A T I, t, t Algorithm: foo(int x, int y) A, t, t I int ∗ px = NULL ; A x = x + 1; B, t, t B if x < 4 then px = & x ; C C, t, t D if px == & y // (pc=D, x>=4, px=NULL) then D, t, f x = x + 1; E F if x < 5 then F, t, f ∗ px = ∗ px + 1; G G, t, f

  41. Check adequacy The successor state (D,4,0,NULL) is not covered by A T ⇓ adequacy check fails.

  42. Fabricate test test set T program P potential error Execute C T Abstract ′ A T T Check adequacy Fabricate test failed

  43. Fabricate test The successor state (D,4,0,NULL) is not covered by A T ⇓ adequacy check fails. ⇓ model generator fabricates a pair of concrete states, e.g. (B,4,0,NULL), (D,4,0,NULL) concrete states need not to be reachable. ⇓ extend test set T by the generated concrete states.

  44. Check safety property program P test set T potential error C T Execute Abstract ′ A T T Check adequacy Fabricate test failed adequate potential error Check safety verified properties

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

On Theorem Proving for Program Checking Historical perspective and recent developments Maria

On Theorem Proving for Program Checking Historical perspective and recent developments Maria

Outline Introduction Where is theorem proving in program checking Inside theorem proving Big and little engines together: a new theorem proving style Decision procedures with speculative inferences Current and future challenges On Theorem

944 views • 69 slides
Visual theorem proving with the Incredible Proof Machine The idea Theorem Proving without

Visual theorem proving with the Incredible Proof Machine The idea Theorem Proving without

Interactive Theorem Proving, Nancy August 22, 2016 Joachim Breitner Karlsruhe Institute of Technology University of Pennsylvania, Philadelphia Visual theorem proving with the Incredible Proof Machine The idea Theorem Proving without Syntax

579 views • 43 slides
Automated Theorem Proving 1/4: Introduction and Propositional Theorem Proving A.L. Lamprecht

Automated Theorem Proving 1/4: Introduction and Propositional Theorem Proving A.L. Lamprecht

Automated Theorem Proving 1/4: Introduction and Propositional Theorem Proving A.L. Lamprecht Course Program Semantics and Verfication 2020, Utrecht University September 21, 2020 Lecture Notes Automated Reasoning by Gerard A.W. Vreeswijk.

609 views • 40 slides
Automated Theorem Proving 2/4: First-Order Theorem Proving A.L. Lamprecht Course Program

Automated Theorem Proving 2/4: First-Order Theorem Proving A.L. Lamprecht Course Program

Automated Theorem Proving 2/4: First-Order Theorem Proving A.L. Lamprecht Course Program Semantics and Verfication 2020, Utrecht University September 23, 2020 Lecture Notes Automated Reasoning by Gerard A.W. Vreeswijk. Available for

1.03k views • 54 slides
Theorem-Proving Environments Nathan Ng CSC2547: Learning to Search Theorem Proving What is a

Theorem-Proving Environments Nathan Ng CSC2547: Learning to Search Theorem Proving What is a

Theorem-Proving Environments Nathan Ng CSC2547: Learning to Search Theorem Proving What is a theorem? Statement proven based on basis of previously established statements Premise: If I attend UofT, I am a student Premise: I attend

375 views • 25 slides
Artificial Intelligence in Theorem Proving Cezary Kaliszyk VTSA Overview Last Lecture theorem

Artificial Intelligence in Theorem Proving Cezary Kaliszyk VTSA Overview Last Lecture theorem

Artificial Intelligence in Theorem Proving Cezary Kaliszyk VTSA Overview Last Lecture theorem proving problems premise selection deep learning for theorem proving state estimation Today automated reasoning learning in classical ATPs

1.18k views • 97 slides
Theorem Proving and Testing for Autonomous Systems Kerstin Eder University of Bristol and

Theorem Proving and Testing for Autonomous Systems Kerstin Eder University of Bristol and

Theorem Proving and Testing for Autonomous Systems Kerstin Eder University of Bristol and Bristol Robotics Laboratory Verification and Validation for Safety in Robots To develop techniques and methodologies that can be used to design

476 views • 45 slides
Health Warning Principles, Techniques, Applications Theorem Proving is addictive Gerwin Klein

Health Warning Principles, Techniques, Applications Theorem Proving is addictive Gerwin Klein

W HAT YOU WILL LEARN how to use a theorem prover background, how it works how to prove and specify NICTA Advanced Course Slide 1 Slide 3 Theorem Proving Health Warning Principles, Techniques, Applications Theorem Proving is

262 views • 9 slides
Artificial Intelligence in Theorem Proving Cezary Kaliszyk VTSA 2019 Computer Theorem Proving

Artificial Intelligence in Theorem Proving Cezary Kaliszyk VTSA 2019 Computer Theorem Proving

Artificial Intelligence in Theorem Proving Cezary Kaliszyk VTSA 2019 Computer Theorem Proving Computer used to automate reasoning in a logic Traditionally part of artificial intelligence (not machine learning) Field of research since the

1.25k views • 101 slides
Formal Verification Methods 4: Theorem Proving John Harrison Intel Corporation Need for

Formal Verification Methods 4: Theorem Proving John Harrison Intel Corporation Need for

Formal Verification Methods 4: Theorem Proving Formal Verification Methods 4: Theorem Proving John Harrison Intel Corporation Need for general theorem proving Set theory vs. higher-order logic Herbrand-based approaches

475 views • 18 slides
Testing Overview Introduction (Proving and Testing) Types of Testing Unit,

Testing Overview Introduction (Proving and Testing) Types of Testing Unit,

CPSC 310 Software Engineering Testing Overview Introduction (Proving and Testing) Types of Testing Unit, Integration, Regression, System, Acceptance Testing Tactics Functional (Black Box), Structural (White Box)

982 views • 61 slides
Learning theorem proving through self-play Stanisaw Purga Overview AlphaZero Proving

Learning theorem proving through self-play Stanisaw Purga Overview AlphaZero Proving

Learning theorem proving through self-play Stanisaw Purga Overview AlphaZero Proving game adjusting MCTS for proving game some results 2019-10 1 Neural black box game state S move policy expected outcome R n v

455 views • 45 slides
Saturation-based Theorem Proving and ML Course Machine Learning and Reasoning 2020 MLR 2020 1 1

Saturation-based Theorem Proving and ML Course Machine Learning and Reasoning 2020 MLR 2020 1 1

First-order Logic and Theorem Proving Saturation-based Proving Further Tuning and the Role of Strategies Summary Saturation-based Theorem Proving and ML Course Machine Learning and Reasoning 2020 MLR 2020 1 1 Czech Technical Univeristy in

913 views • 64 slides
Mechanical Theorem Proving in Tarskis Geometry. Julien Narboux under the supervision of Hugo

Mechanical Theorem Proving in Tarskis Geometry. Julien Narboux under the supervision of Hugo

Mechanical Theorem Proving in Tarskis Geometry. Julien Narboux under the supervision of Hugo Herbelin LIX, INRIA Futurs, Ecole Polytechnique 31/08/2006, Pontevedra, Spain Outline 1 Interactive proof / Automated theorem proving 2

1.1k views • 73 slides
Proving In fi nite Satis fi ability Peter Baumgartner Joshua Bax Goal Theorem Proving in

Proving In fi nite Satis fi ability Peter Baumgartner Joshua Bax Goal Theorem Proving in

Proving In fi nite Satis fi ability Peter Baumgartner Joshua Bax Goal Theorem Proving in Hierarchic Combinations of Speci fi cations Dis Background theory linear integer arithmetic Data structures ? Conjecture list axioms/arrays

443 views • 15 slides
Theorem Proving and the Real Numbers Applications and Challenges Lawrence C Paulson 1.

Theorem Proving and the Real Numbers Applications and Challenges Lawrence C Paulson 1.

Theorem Proving and the Real Numbers Applications and Challenges Lawrence C Paulson 1. Interactive Theorem Proving A partial, biased history A UTOMATH L. S. van Benthem Jutting, Checking Landaus Grundlagen in the A UTOMATH

920 views • 37 slides
how a semantic web will change web interaction Tom Heath Knowledge Media Institute The Open

how a semantic web will change web interaction Tom Heath Knowledge Media Institute The Open

how a semantic web will change web interaction Tom Heath Knowledge Media Institute The Open University HCI Interest Group, Department of Computing 12/02/2007 the web as we know it a web of linked resources (mostly documents) Tom Heath 2

659 views • 20 slides
Social Impact of Open Data by Sandra Moscoso, World Bank World Bank Group Open Finances,

Social Impact of Open Data by Sandra Moscoso, World Bank World Bank Group Open Finances,

Photo Credit: Andrea, Flickr Social Impact of Open Data by Sandra Moscoso, World Bank World Bank Group Open Finances, https://finances.worldbank.org World Bank Groups Media Development Program, Social Impact The net effect of an activity

373 views • 19 slides
Memory Layout, File I/O Bryce Boe 2013/06/27 CS24, Summer

Memory Layout, File I/O Bryce Boe 2013/06/27 CS24, Summer

Memory Layout, File I/O Bryce Boe 2013/06/27 CS24, Summer 2013 C Outline Review HW1 (+command line arguments) Memory Layout File I/O HW1

343 views • 30 slides
Automated theorem proving by resolution in non-classical logics Viorica Sofronie-Stokkermans

Automated theorem proving by resolution in non-classical logics Viorica Sofronie-Stokkermans

Automated theorem proving by resolution in non-classical logics Viorica Sofronie-Stokkermans Max-Planck-Institut f ur Informatik, Saarbr ucken, Germany JIM03: Knowledge Discovery and Discrete Mathematics Metz, September 36, 2003

1.22k views • 68 slides
The Complexity of Theorem Proving in Autoepistemic Logic Olaf Beyersdorff School of Computing

The Complexity of Theorem Proving in Autoepistemic Logic Olaf Beyersdorff School of Computing

The Complexity of Theorem Proving in Autoepistemic Logic Olaf Beyersdorff School of Computing University of Leeds, UK 1 What is autoepistemic logic? Autoepistemic Logic a non-monotone logic, introduced 1985 by Moore models

520 views • 23 slides
Intuitionistic Type Theory Lecture 2 Peter Dybjer Chalmers tekniska hgskola, Gteborg Summer

Intuitionistic Type Theory Lecture 2 Peter Dybjer Chalmers tekniska hgskola, Gteborg Summer

1972-84 Meaning explanations Inductive definitions Intuitionistic Type Theory Lecture 2 Peter Dybjer Chalmers tekniska hgskola, Gteborg Summer School on Types, Sets and Constructions Hausdorff Research Institute for Mathematics Bonn, 3

535 views • 35 slides
Set Theory in Type Theory Gert Smolka Saarland University Types 2015, Tallinn, May 19, 2015 1 /

Set Theory in Type Theory Gert Smolka Saarland University Types 2015, Tallinn, May 19, 2015 1 /

Set Theory in Type Theory Gert Smolka Saarland University Types 2015, Tallinn, May 19, 2015 1 / 15 How would you teach set theory to students who are familiar with type theory and proof assistants? Classical set theory with

277 views • 15 slides
Higher Inductive Types in Homotopy Type Theory Steve Awodey Institute for Advanced Study and

Higher Inductive Types in Homotopy Type Theory Steve Awodey Institute for Advanced Study and

Higher Inductive Types in Homotopy Type Theory Steve Awodey Institute for Advanced Study and Carnegie Mellon University TYPES 2013 Toulouse, April 2013 Introduction A new connection has come to light between Logic and Topology in the form

1.69k views • 154 slides

More recommend