Mining Specifications
|
|
- Maurice Wilcox
- 6 years ago
- Views:
Transcription
1 Mining Specifications Andreas Zeller Saarland University
2 WINNER OF JOLT PRODUCTIVITY AWARD ANDREAS ZELLER WHY PROGRAMS FAIL A GUIDE TO SYSTEMATIC DEBUGGING SECOND EDITION
3 FOSE 10
4 FSE 10 Keynote Avoiding the Classic Catastrophic Computer Science Failure Mode Ralph Johnson
5 Research Failures 1. Knowledge-Based Software Engineering no ontologies 2. Semantic Web no annotations 3. Software Verification no specifications
6 Research Failures no ontologies no annotations no specifications
7 Research Failures no specifications
8 Saarland Graduates Michael Backes Andrej Rybalchenko TR35 in 2009 TR35 in 2010
9 secure Michael protocols Backes Andrej loop termination Rybalchenko hard to verify
10 buffer overflow resource leaks information flow liveness secure protocols loop termination easy to specify hard to verify
11 i {0,..., x } : x [i] <x [i + 1] x = x i {0,..., x } : ιi {0,..., x } : x[i] =x [i ] i {0,..., x } : ιi {0,..., x } : x [i ]=x[i] easy to verify hard to specify
12 is-sorted(x ) is-permutation(x, x ) still hard to specify
13 microsoft word mobile phones travel booking operating systems airplane control banking systems easy to verify hard to specify
14 hard to specify new language duplicate effort can t abstract from details
15 no specifications
16 Specification Crisis
17 <init>() auth()! socket: null state: NOT_CON openport() socket: null state: PLAIN quit() socket: null state: AUTH auth()
18 Mining Specifications <init>() auth()! socket: null state: NOT_CON openport() socket: null state: PLAIN quit() socket: null state: AUTH auth()
19 <init>() auth()! socket: null state: NOT_CON openport() socket: null state: PLAIN quit() socket: null state: AUTH auth()
20 <init>() auth()! socket: null state: NOT_CON openport() socket: null state: PLAIN quit() socket: null state: AUTH auth()
21 what s the abstraction behind this?
22 state of the art
23 sqrt (x: REAL, eps: REAL): REAL is Square root of x with precision eps require x >= 0 eps > 0 precondition external csqrt (x: REAL, eps: REAL): REAL do Result := csqrt (x, eps) ensure postcondition abs (Result ^ 2 x) <= eps end sqrt
24 sqrt (x: REAL, eps: REAL): REAL is Square root of x with precision eps external csqrt (x: REAL, eps: REAL): REAL do Result := csqrt (x, eps) end sqrt How do we infer the postcondition?
25 sqrt (x: REAL, eps: REAL): REAL is Square root of x with precision eps end sqrt How do we infer the postcondition?
26 Static Analysis sqrt (x: REAL, eps: REAL): REAL is Square root of x with precision eps end sqrt Analysis applies to all possible runs Fails in presence of obscure code Hard to maintain precision while scaling
27 Dynamic Analysis sqrt (x: REAL, eps: REAL): REAL is Square root of x with precision eps end sqrt Analysis applies to observed runs Needs actual (many) executions Scales, but underapproximates
28 Daikon sqrt (x: REAL, eps: REAL): REAL is Square root of x with precision eps end sqrt require x 4 x 256 eps > 0 too specific ensure Result * Result x < eps Result 2 Result 16 abs() is missing is this important?
29 Mining Behavior We need to infer preconditions infer postconditions rank specifications Common behavior is correct behavior
30 Mining Behavior Learning behavior examples from real behavior generated behavior elicited behavior Common behavior is correct behavior
31 Mining Behavior Learning behavior examples from real behavior generated behavior elicited behavior Common behavior is correct behavior
32
33 <init>() auth()! socket: null state: NOT_CON openport() socket: null state: PLAIN quit() socket: null state: AUTH auth()
34 Specifications <init>() auth()! socket: null state: NOT_CON openport() socket: null state: PLAIN quit() socket: null state: AUTH auth() finite state models with pre- and postconditions (for now)
35 <init>() auth()! socket: null state: NOT_CON openport() socket: null state: PLAIN quit() socket: null state: AUTH auth()
36 <init>() auth()! socket: null state: NOT_CON openport() socket: null state: PLAIN quit() socket: null state: AUTH auth() Common behavior is correct behavior
37 <init>() auth()! socket: null state: NOT_CON openport() socket: null state: PLAIN quit() socket: null state: AUTH auth() Common behavior is correct behavior
38 AspectJ for (Iterator iter = itdfields.iterator(); iter.hasnext();) {... for (Iterator iter2 = worthretrying.iterator(); iter.hasnext();) {... should be iter2 } }
39 AspectJ public String getretentionpolicy () {... for (Iterator it =...; it.hasnext();) {... = it.next();... return retentionpolicy; }... should be fixed }
40 Conspire static int dcc_listen_init ( ) { dcc->sok = socket ( ); if ( ) { while ( ) { = bind (dcc->sok, ); } /* with a small port range, reuseaddr is needed */ setsockopt (dcc->sok,, SO_REUSEADDR, ); } listen (dcc->sok, ); } must occur before bind()
41 <init>() auth()! socket: null state: NOT_CON openport() socket: null state: PLAIN quit() socket: null state: AUTH auth() Common behavior is correct behavior
42 200,000, ,000, ,000, ,000, Lines of Code 0 C Projects
43
44
45 Mining Behavior Learning behavior examples from real behavior generated behavior elicited behavior Common behavior is correct behavior
46 Mining Behavior Learning behavior examples from real behavior generated behavior elicited behavior Common behavior is correct behavior
47 Enriching specifications void ProtocolTest() { Protocol p = new... p.conn(); p.send(x); p.quit(); } initial spec enriched spec Execute and extract initial spec Generate test mutants and enrich specs Dallmeier et al: Generating Test Cases for Specification Mining, ISSTA 2010
48 void ProtocolTest() { Protocol p = new... p.conn(); p.send(x); p.quit(); } void TestMutant1() { void Uncovered TestMutant2() Protocol p = new... Protocol new... 0: p.conn(); //p.conn(); send(x) p.send(x); p.send(x); p.conn(); quit() p.quit(); p.quit(); 1: conn() } SMTPProtocol <init>() 0 send(x)? send(x) start quit() conn() EX 1 send(x) conn()? conn() Dallmeier et al: Generating Test Cases for Specification Mining, ISSTA 2010
49 enriched initial Dallmeier et al: Generating Test Cases for Specification Mining, ISSTA 2010
50 Generate test cases to systematically explore specification Assess executions to learn about software behavior Dallmeier et al: Generating Test Cases for Specification Mining, ISSTA 2010
51 Evaluation
52 Do enriched specs contain more information? initial enriched SMTPProtocol Signature ZipOutputStream Enriched specs have more regular and exceptional transitions states exceptions transitions states exceptions transitions states exceptions transitions
53 How effective are enriched specifications? 100% 80% 60% 40% reported at correct location total reported SMTPProtocol Signature ZipOutputStream Enriched specs are can better almost suited as to effective finding as errors manually than initial crafted specs 20% 0% initial manual enriched initial manual enriched initial manual enriched
54 A new kind of Analysis Static analysis Dynamic analysis Experimental analysis 0 runs n given runs n generated runs
55 Mining Behavior Learning behavior examples from real behavior generated behavior elicited behavior Common behavior is correct behavior
56 Mining Behavior Learning behavior examples from real behavior generated behavior elicited behavior Common behavior is correct behavior
57 Generate test cases to systematically explore specification Assess executions to learn about software behavior Dallmeier et al: Generating Test Cases for Specification Mining, ISSTA 2010
58 Generate test cases to systematically explore specification Assess executions to learn about software behavior
59 Eliciting Behavior Generate test cases to systematically explore specification Assess executions to learn about software behavior
60 code initial test case
61 generated test case initial test case initial test case generated test case generated test case code
62 generated test case initial test case generated test case generated test case
63 generated test case generated test case initial test case generated test case generated test case
64 easy to understand include oracles act as specifications generated test case initial test case generated test case generated test case
65 sqrt (x: REAL, eps: REAL): REAL is Square root of x with precision eps end sqrt sqrt(4, 0) = 2?
66 sqrt (x: REAL, eps: REAL): REAL is Square root of x with precision eps end sqrt sqrt(9, 0) = 2?
67 sqrt (x: REAL, eps: REAL): REAL is Square root of x with precision eps end sqrt sqrt(9, 0) = 3?
68 sqrt (x: REAL, eps: REAL): REAL is Square root of x with precision eps end sqrt require x >= 0 eps > 0 sqrt( 1, 0) =? Oops!
69 sqrt (x: REAL, eps: REAL): REAL is Square root of x with precision eps end sqrt require x >= 0 eps > 0 Result ^ 2 = x?
70 sqrt (x: REAL, eps: REAL): REAL is Square root of x with precision eps end sqrt require x >= 0 eps > 0 ensure Result ^ 2 = x eps
71 Eliciting Behavior Generate test cases to systematically explore specification Assess test cases to refine software behavior
72 Eliciting Use Cases
73 Mining Behavior Learning behavior examples from real behavior generated behavior elicited behavior Common behavior is correct behavior
74 Mining Specifications
Experimental Program Analysis. Program Analysis. Static Analysis
Experimental Program Analysis Experimental Program Analysis Andreas Zeller Saarland University, Saarbrücken, Germany, zeller@cs.unisaarland.de, http://www.st.cs.unisaarland.de/zeller/ Andreas Zeller Saarland
More informationCarving Invariants. Andreas Zeller Saarland University. CREST Open Workshop The Oracle Problem for Automated Software Testing, London, May 2012
Carving Invariants Andreas Zeller Saarland University CREST Open Workshop The Oracle Problem for Automated Software Testing, London, May 2012 Concrete Tests Concrete Tests y = sqrt(4) assert(y == 2) Concrete
More informationMining Operational Preconditions. Andrzej Wasylkowski Andreas Zeller Saarland University
Mining Operational Preconditions Andrzej Wasylkowski Andreas Zeller Saarland University @interface A {} bug.aj aspect Test { declare @field : @A int var* : @A; declare @field : int var* : @A; interface
More informationCombined Static and Dynamic Automated Test Generation
Combined Static and Dynamic Automated Test Generation Sai Zhang University of Washington Joint work with: David Saff, Yingyi Bu, Michael D. Ernst 1 Unit Testing for Object-oriented Programs Unit test =
More informationMining Temporal Specifications from Object Usage. Andrzej Wasylkowski Andreas Zeller Saarland University
Mining Temporal Specifications from Object Usage Andrzej Wasylkowski Andreas Zeller Saarland University bug.aj @interface A { aspect Test { declare @field : @A int var* : @A; declare @field : int var*
More informationMutation-based Generation of Tests and Oracles. Gordon Fraser and Andreas Zeller Saarland University, Germany
Mutation-based Generation of Tests and Oracles Gordon Fraser and Andreas Zeller Saarland University, Germany LocalDate date = new LocalDate(2010, 7, 15); date.plusyears(1); assertequals(date.getyear(),
More informationUnit 9 Practice Test (AB27-30)
Unit 9 Practice Test (AB27-30) Name 1. Consider the following method: public static int checktree(treenode root) return 0; int x = checktree(root.getleft()); if ( x >= 0 && checktree(root.getright()) ==
More informationTesting, Debugging, Program Verification
Testing, Debugging, Program Verification Automated Test Case Generation, Part II Wolfgang Ahrendt & Vladimir Klebanov & Moa Johansson 12 December 2012 TDV: ATCG II /GU 2011-12-12 1 / 17 Recap Specification-/Model-Based
More informationSoftware Security: Vulnerability Analysis
Computer Security Course. Software Security: Vulnerability Analysis Program Verification Program Verification How to prove a program free of buffer overflows? Precondition Postcondition Loop invariants
More informationAutomated Software Testing in the Absence of Specifications
Automated Software Testing in the Absence of Specifications Tao Xie North Carolina State University Department of Computer Science Nov 2005 http://www.csc.ncsu.edu/faculty/xie/ Why Automate Testing? Software
More informationTranslating Code Comments to Procedure Specifications
Translating Code Comments to Procedure Specifications Arianna Blasi Alberto Goffi Konstantin Kuznetsov Alessandra Gorla Michael D. Ernst Mauro Pezzè Sergio Delgado USI Università della Svizzera italiana,
More informationPart II. Hoare Logic and Program Verification. Why specify programs? Specification and Verification. Code Verification. Why verify programs?
Part II. Hoare Logic and Program Verification Part II. Hoare Logic and Program Verification Dilian Gurov Props: Models: Specs: Method: Tool: safety of data manipulation source code logic assertions Hoare
More informationLeveraging Test Generation and Specification Mining for Automated Bug Detection without False Positives
Leveraging Test Generation and Specification Mining for Automated Bug Detection without False Positives Michael Pradel and Thomas R. Gross Department of Computer Science ETH Zurich 1 Motivation API usage
More informationChecking Program Properties with ESC/Java
Checking Program Properties with ESC/Java 17-654/17-765 Analysis of Software Artifacts Jonathan Aldrich 1 ESC/Java A checker for Java programs Finds null pointers, array dereferences Checks Hoare logic
More informationAn Annotated Language
Hoare Logic An Annotated Language State and Semantics Expressions are interpreted as functions from states to the corresponding domain of interpretation Operators have the obvious interpretation Free of
More informationAsserting Expectations. Your Submissions. Oral Exams
Asserting Expectations Andreas Zeller 1 Your Submissions Program must behave exactly as specified (i.e., input, output, flags, etc.) Program must use recent Python 2 version (i.e., Python 2.6 installed
More informationSoftware Engineering
Software Engineering Lecture 13: Testing and Debugging Testing Peter Thiemann University of Freiburg, Germany SS 2014 Recap Recap Testing detect the presence of bugs by observing failures Recap Testing
More informationAutomatic Defect Detection. Andrzej Wasylkowski
Automatic Defect Detection Andrzej Wasylkowski Overview Automatic Defect Detection Horizontal Techniques Specification-checking Techniques Mining-based Techniques Mining Repositories Mining Traces Mining
More informationCSI33 Data Structures
Outline Department of Mathematics and Computer Science Bronx Community College August 29, 2018 Outline Outline 1 Chapter 2: Data Abstraction Outline Chapter 2: Data Abstraction 1 Chapter 2: Data Abstraction
More informationSoftware Engineering Testing and Debugging Testing
Software Engineering Testing and Debugging Testing Prof. Dr. Peter Thiemann Universitt Freiburg 08.06.2011 Recap Testing detect the presence of bugs by observing failures Debugging find the bug causing
More informationReplaying and Isolating Failing Multi-Object Interactions. Martin Burger Andreas Zeller Saarland University
Replaying and Isolating Failing Multi-Object Interactions Martin Burger Andreas Zeller Saarland University e-mail client written in Java 100,200 LOC ~ 1,600 Java classes 17 developers Actively developed
More informationSoftwaretechnik. Lecture 08: Testing and Debugging Overview. Peter Thiemann SS University of Freiburg, Germany
Softwaretechnik Lecture 08: Testing and Debugging Overview Peter Thiemann University of Freiburg, Germany SS 2012 Literature Essential Reading Why Programs Fail: A Guide to Systematic Debugging, A Zeller
More informationProgram Verification. Aarti Gupta
Program Verification Aarti Gupta 1 Agenda Famous bugs Common bugs Testing (from lecture 6) Reasoning about programs Techniques for program verification 2 Famous Bugs The first bug: A moth in a relay (1945)
More informationSoftwaretechnik. Lecture 08: Testing and Debugging Overview. Peter Thiemann SS University of Freiburg, Germany
Softwaretechnik Lecture 08: Testing and Debugging Overview Peter Thiemann University of Freiburg, Germany SS 2012 Literature Essential Reading Why Programs Fail: A Guide to Systematic Debugging, A Zeller
More informationCS Lecture 19: Loop invariants
CS 1110 Lecture 19: Loop invariants Announcements Prelim 2 conflicts Today (April 2) is two weeks before the prelim, and the deadline for submitting prelim conflicts. Instructor travel This week and the
More information0/38. Detecting Invariants. Andreas Zeller + Andreas Gross. Lehrstuhl Softwaretechnik Universität des Saarlandes, Saarbrücken
0/38 Detecting Invariants Andreas Zeller + Andreas Gross Lehrstuhl Softwaretechnik Universität des Saarlandes, Saarbrücken Exam 1/38 on Tuesday, 2003-02-18, 11:15 in lecture room 45/001 (here) Written
More informationAssertions, pre/postconditions
Programming as a contract Assertions, pre/postconditions Assertions: Section 4.2 in Savitch (p. 239) Specifying what each method does q Specify it in a comment before method's header Precondition q What
More informationTesting Tactics. Structural Testing. Why Structural? Why Structural? Functional black box. Structural white box. Functional black box
ing Tactics Structural ing Functional black box Structural white box Software Engineering Andreas Zeller Saarland University s based on spec covers as much specified behavior as possible s based on code
More informationAutomated Fixing of Programs with Contracts
Automated Fixing of Programs with Contracts Yi Wei, Yu Pei, Carlo A. Furia, Lucas S. Silva, Stefan Buchholz, Bertrand Meyer and Andreas Zeller Chair of Software Engineering, ETH Zürich Software Engineering
More informationViolations of the contract are exceptions, and are usually handled by special language constructs. Design by contract
Specification and validation [L&G Ch. 9] Design patterns are a useful way to describe program structure. They provide a guide as to how a program fits together. Another dimension is the responsibilities
More informationProgramming with Contracts. Juan Pablo Galeotti, Alessandra Gorla Saarland University, Germany
Programming with Contracts Juan Pablo Galeotti, Alessandra Gorla Saarland University, Germany Contract A (formal) agreement between Method M (callee) Callers of M Rights Responsabilities Rights Responsabilities
More informationGenerating Parameterized Unit Tests
Generating Parameterized Unit Tests Gordon Fraser Saarland University Computer Science Saarbrücken, Germany fraser@cs.uni-saarland.de Andreas Zeller Saarland University Computer Science Saarbrücken, Germany
More information! Use of formal notations. ! in software system descriptions. ! for a broad range of effects. ! and varying levels of use. !
What Are Formal Methods? David S. Rosenblum ICS 221 Winter 2001! Use of formal notations! first-order logic, state machines, etc.! in software system descriptions! system models, constraints, specifications,
More informationTesting, Debugging, and Verification
Testing, Debugging, and Verification Formal Specification, Part II Srinivas Pinisetty 23 November 2017 Introduction Today: Introduction to Dafny: An imperative language with integrated support for formal
More informationObject Usage Models. Andrzej Wasylkowski Saarland University
Object Usage Models Andrzej Wasylkowski Saarland University A bug in AspectJ 2 A bug in AspectJ /** * This method looks through the type hierarchy for some target type - it is attempting to * find an existing
More informationAutomated Documentation Inference to Explain Failed Tests
Automated Documentation Inference to Explain Failed Tests Sai Zhang University of Washington Joint work with: Cheng Zhang, Michael D. Ernst A failed test reveals a potential bug Before bug-fixing, programmers
More informationOffline Model-based Testing and Runtime Monitoring
Offline Model-based Testing and Runtime Monitoring of the Sensor Voting Module Paolo Arcaini Angelo Gargantini Elvinia Riccobene Università of Bergamo- Italy Università di Milano - Italy Tolouse, ABZ 2014
More informationfor (i=1; i<=100000; i++) { x = sqrt (y); // square root function cout << x+i << endl; }
Ex: The difference between Compiler and Interpreter The interpreter actually carries out the computations specified in the source program. In other words, the output of a compiler is a program, whereas
More informationAutomatic Generation of Program Specifications
Automatic Generation of Program Specifications Jeremy Nimmer MIT Lab for Computer Science http://pag.lcs.mit.edu/ Joint work with Michael Ernst Jeremy Nimmer, page 1 Synopsis Specifications are useful
More informationa correct statement? You need to know what the statement is supposed to do.
Using assertions for correctness How can we know that software is correct? It is only correct if it does what it is supposed to do. But how do we know what it is supposed to do? We need a specification.
More informationTackling Lack of Software Specifications A Sustained, Sustainability and Productivity Crisis
Tackling Lack of Software Specifications A Sustained, Sustainability and Productivity Crisis Hridesh Rajan Collaboration with Hoan A. Nguyen, Tien Nguyen, Gary Leavens, Samantha Khairunnesa, John Singleton,
More informationDavid Glasser Michael D. Ernst CSAIL, MIT
static dynamic intraprocedural interprocedural Shay Artzi, Adam Kiezun, David Glasser Michael D. Ernst CSAIL, MIT Parameter P of method M is: Mutable if some execution of M can change the state of P s
More informationAutomatic Extraction of Abstract- Object-State Machines Based on Branch Coverage
Automatic Extraction of Abstract- Object-State Machines Based on Branch Coverage Hai YUAN Tao XIE Department of Computer Science North Carolina State University hyuan3@ncsu.edu xie@csc.ncsu.edu Agenda
More information1,000 Testers in a Shoe Box Advances in Automated Test Generation Andreas Zeller Saarland University, Saarbrücken, Germany
1,000 Testers in a Shoe Box Advances in Automated Test Generation Andreas Zeller Saarland University, Saarbrücken, Germany Visual Computing Institute Center for Information Security, Privacy and Accountability
More informationAbstract Data Types Chapter 1
Abstract Data Types Chapter 1 Part Two Bags A bag is a basic container like a shopping bag that can be used to store collections. There are several variations: simple bag grab bag counting bag 2 Bag ADT
More informationStructural Testing. Testing Tactics. Why Structural? Structural white box. Functional black box. Structural white box. Functional black box
From Pressman, Software Engineering a practitioner s approach, Chapter 14 and Pezze + Young, Software Testing and Analysis, Chapters 12-13 Structural Testing Software Engineering Andreas Zeller Saarland
More informationHaving a BLAST with SLAM
Having a BLAST with SLAM # #2 Topic: Software Model Checking via Counter-Example Guided Abstraction Refinement There are easily two dozen SLAM/BLAST/MAGIC papers; I will skim. #3 SLAM Overview INPUT: Program
More informationAn approach of security testing for third-party component based on state mutation
SECURITY AND COMMUNICATION NETWORKS Security Comm. Networks 2016; 9:2827 2842 Published online 23 January 2015 in Wiley Online Library (wileyonlinelibrary.com)..1189 SPECIAL ISSUE PAPER An approach of
More informationAnnouncements. Testing. Announcements. Announcements
Announcements Testing HW0, HW1, and HW2 are graded Grades and feedback in Submitty Email us at csci2600@cs.lists.rpi.edu Use Submitty discussion board! HW0, HW1, and HW2, Quiz 1 and 2 Grades in Submitty
More informationThe Pointer Assertion Logic Engine
The Pointer Assertion Logic Engine [PLDI 01] Anders Mφller Michael I. Schwartzbach Presented by K. Vikram Cornell University Introduction Pointer manipulation is hard Find bugs, optimize code General Approach
More informationComparing procedure specifications
Comparing procedure specifications CSE 331 University of Washington Michael Ernst Outline Satisfying a specification; substitutability Stronger and weaker specifications Comparing by hand Comparing via
More informationJML and Aspects: The Benefits of
JML and Aspects: The Benefits of Instrumenting JML Features with AspectJ Henrique Rebêlo Sérgio Soares Ricardo Lima Paulo Borba Márcio Cornélio Java Modeling Language Formal specification language for
More informationModel-based Development of Web Services using Design-by-Contract
Model-based Development of Web Services using Design-by-Contract Reiko Heckel University of Leicester, UK Lesster Joint work with M. Lohmann, A. Cherchago, J.H. Hausmann, Paderborn, TU Berlin, 5. 12. 2005
More informationDo not start the test until instructed to do so!
CS 1054: Programming in Java Page 1 of 6 Form A READ THIS NOW! Failure to read and follow the instructions below may result in severe penalties Failure to adhere to these directions will not constitute
More informationDynamic Inference of Change Contracts
2014 IEEE International Conference on Software Maintenance and Evolution Dynamic Inference of Change Contracts Tien-Duy B. Le 1, Jooyong Yi 2, David Lo 1, Ferdian Thung 1, and Abhik Roychoudhury 2 1 School
More informationStructuring an Abstract Interpreter through Value and State Abstractions: EVA, an Evolved Value Analysis for Frama C
Structuring an Abstract Interpreter through Value and State Abstractions: EVA, an Evolved Value Analysis for Frama C David Bühler CEA LIST, Software Safety Lab Frama-C & SPARK Day 2017 May 30th, 2017 David
More informationGoal. Overflow Checking in Firefox. Sixgill. Sixgill (cont) Verifier Design Questions. Sixgill: Properties 4/8/2010
Goal Overflow Checking in Firefox Brian Hackett Can we clean a code base of buffer overflows? Keep it clean? Must prove buffer accesses are in bounds Verification: prove a code base has a property Sixgill
More informationSeparation Logic 2: project: Annotation Assistant for Partially Specified Programs plus some high-level observations. Hengle Jiang & John-Paul Ore
Separation Logic 2: project: Annotation Assistant for Partially Specified Programs plus some high-level observations Hengle Jiang & John-Paul Ore 1/30 Recap : Separating Conjunction P Q 2/30 Recap : Frame
More informationn Specifying what each method does q Specify it in a comment before method's header n Precondition q Caller obligation n Postcondition
Programming as a contract Assertions, pre/postconditions and invariants Assertions: Section 4.2 in Savitch (p. 239) Loop invariants: Section 4.5 in Rosen Specifying what each method does q Specify it in
More informationLecture 10 Design by Contract
CS 5959 Writing Solid Code Fall 2015 Nov-23 Lecture 10 Design by Contract Zvonimir Rakamarić University of Utah Design by Contract Also called assume-guarantee reasoning Developers annotate software components
More information2 Experimental Methodology and Results
Developing Consensus Ontologies for the Semantic Web Larry M. Stephens, Aurovinda K. Gangam, and Michael N. Huhns Department of Computer Science and Engineering University of South Carolina, Columbia,
More informationCombined Static and Dynamic Mutability Analysis 1/31
Combined Static and Dynamic Mutability Analysis SHAY ARTZI, ADAM KIEZUN, DAVID GLASSER, MICHAEL D. ERNST ASE 2007 PRESENTED BY: MENG WU 1/31 About Author Program Analysis Group, Computer Science and Artificial
More informationExploiting Synergy Between Testing and Inferred Partial Specifications
Exploiting Synergy Between Testing and Inferred Partial Specifications Tao Xie David Notkin Department of Computer Science & Engineering, University of Washington {taoxie, notkin}@cs.washington.edu Technical
More informationTesting. Prof. Clarkson Fall Today s music: Wrecking Ball by Miley Cyrus
Testing Prof. Clarkson Fall 2017 Today s music: Wrecking Ball by Miley Cyrus Review Previously in 3110: Modules Specification (functions, modules) Today: Validation Testing Black box Glass box Randomized
More informationPart I: Preliminaries 24
Contents Preface......................................... 15 Acknowledgements................................... 22 Part I: Preliminaries 24 1. Basics of Software Testing 25 1.1. Humans, errors, and testing.............................
More informationFundamentals of Software Engineering
Fundamentals of Software Engineering Reasoning about Programs - Selected Features Ina Schaefer Institute for Software Systems Engineering TU Braunschweig, Germany Slides by Wolfgang Ahrendt, Richard Bubel,
More informationA Collaborative User-centered Approach to Fine-tune Geospatial
A Collaborative User-centered Approach to Fine-tune Geospatial Database Design Grira Joel Bédard Yvan Sboui Tarek 16 octobre 2012 6th International Workshop on Semantic and Conceptual Issues in GIS - SeCoGIS
More informationSTRUCTURAL TESTING. AKA White Box Testing. Thanks go to Andreas Zeller for allowing incorporation of his materials. F. Tip and M.
F. Tip and M. Weintraub STRUCTURAL TESTING AKA White Box Testing Thanks go to Andreas Zeller for allowing incorporation of his materials STRUCTURAL TESTING Testing based on the structure of the code Test
More informationJML. Outline. Métodos Formais em Engenharia de Software. MI, Braga these slides were prepared by adopting/adapting teaching material
Métodos Formais em Engenharia de Software JML José Carlos Bacelar Almeida Departamento de Informática Universidade do Minho MI, Braga 2008 Outline Design by Contract and JML Design by Contract Java Modeling
More informationF. Tip and M. Weintraub FUNCTIONAL TESTING
F. Tip and M. Weintraub FUNCTIONAL TESTING ACKNOWLEDGEMENTS Thanks go to Andreas Zeller for allowing incorporation of his materials 2 HOW TO TELL IF A SYSTEM MEETS EXPECTATIONS? Two options: 1. testing:
More informationStatic Analysis in Practice
in Practice 15-313: Foundations of Software Engineering Jonathan Aldrich 1 Outline: in Practice Case study: Analysis at ebay Case study: Analysis at Microsoft Analysis Results and Process Example: Standard
More informationAutomatic Repair of Real Bugs in Java: A Large-Scale Experiment on the Defects4J Dataset
Automatic Repair of Real Bugs in Java: A Large-Scale Experiment on the Defects4J Dataset Matias Martinez, Thomas Durieux, Romain Sommerard, Jifeng Xuan, Martin Monperrus 1 Automatic Software Repair Automatic
More informationTesting Library Specifications by Verifying Conformance Tests
Testing Library Specifications by Verifying Conformance Tests Joseph R. Kiniry, Daniel M. Zimmerman, Ralph Hyland ITU Copenhagen, UW Tacoma, UCD Dublin 6th International Conference on Tests & Proofs Prague,
More informationInput Space Partitioning
CMPT 473 Software Quality Assurance Input Space Partitioning Nick Sumner Recall Testing involves running software and comparing observed behavior against expected behavior Select an input, look at the
More informationData Structures. Subodh Kumar. Dept of Computer Sc. & Engg. IIT Delhi
Data Structures Subodh Kumar Dept of Computer Sc. & Engg. IIT Delhi OOP Quiz 2 Class Bird extends class Animal. class Cat { public Bird catchbird(bird birdtocatch) {... Later in a method Animal pigeon
More informationStructural Testing. Testing Tactics. Why Structural? Structural white box. Functional black box. Structural white box. Functional black box
From Pressman, Software Engineering a practitioner s approach, Chapter 14 and Pezze + Young, Software Testing and Analysis, Chapters 12-13 Structural Testing Software Engineering Andreas Zeller Saarland
More informationQueue Implemented with a CircularArray. Queue Implemented with a CircularArray. Queue Implemented with a CircularArray. Thursday, April 25, 13
Queue Implemented with 1 2 numitems = enqueue (); 1 Queue Implemented with 2 numitems = 2 enqueue (); enqueue (); 2 Queue Implemented with 2 numitems = 2 enqueue (); enqueue (); enqueue (5); enqueue (6);
More informationassertion-driven analyses from compile-time checking to runtime error recovery
assertion-driven analyses from compile-time checking to runtime error recovery sarfraz khurshid the university of texas at austin state of the art in software testing and analysis day, 2008 rutgers university
More informationReadability [Skrien 4.0] Programs must be written for people to read, and only incidentally for machines to execute.
Readability [Skrien 4.0] Programs must be written for people to read, and only incidentally for machines to execute. Abelson & Sussman Use a good set of coding conventions, such as the ones given in the
More informationLecture_Module3 Prof Saroj Kaushik, IIT Delhi
Lecture_Module3 Problem definition Method (how to solve it) Algorithm Data structure Verification for correctness Analysis for efficiency Coding in given programming language Understanding of computer
More information5.5 Behavioral Subtyping
5.5 Behavioral Subtyping Subtyping of programming languages enforces that - no type errors occur, and - there is a method implementation for each method invocation. It does not guarantee that subtype objects
More informationAutomated Debugging with Error Invariants
Automated Debugging with Error Invariants Thomas Wies New York University joint work with Jürgen Christ, Evren Ermis (Freiburg University), Martin Schäf (SRI), Daniel Schwartz-Narbonne (NYU) Faulty Shell
More informationSafety Checks and Semantic Understanding via Program Analysis Techniques
Safety Checks and Semantic Understanding via Program Analysis Techniques Nurit Dor Joint Work: EranYahav, Inbal Ronen, Sara Porat Goal Find properties of a program Anti-patterns that indicate potential
More informationSTRUCTURAL TESTING. AKA White Box Testing. Thanks go to Andreas Zeller for allowing incorporation of his materials. F. Tip and M.
F. Tip and M. Weintraub STRUCTURAL TESTING AKA White Box Testing Thanks go to Andreas Zeller for allowing incorporation of his materials STRUCTURAL TESTING Testing based on the structure of the code Test
More information11. Methods. Educational Objectives. Example Cookie Calculator. Methods
Educational Objectives You can encapsulate code fragments in methods. You know all elements of method declarations. You understand what happens to the parameters upon calling a method: pass by value You
More informationLab Instructor : Jean Lai
Lab Instructor : Jean Lai Group related statements to perform a specific task. Structure the program (No duplicate codes!) Must be declared before used. Can be invoked (called) as any number of times.
More informationStatically Detecting Likely Buffer Overflow Vulnerabilities
Overflow Vulnerabilities The Harvard community has made this article openly available. Please share how this access benefits you. Your story matters. Citation Published Version Accessed Citable Link Terms
More informationThe Apron Library. Bertrand Jeannet and Antoine Miné. CAV 09 conference 02/07/2009 INRIA, CNRS/ENS
The Apron Library Bertrand Jeannet and Antoine Miné INRIA, CNRS/ENS CAV 09 conference 02/07/2009 Context : Static Analysis What is it about? Discover properties of a program statically and automatically.
More informationComputer Science Foundation Exam
Computer Science Foundation Exam August 26, 2017 Section I A DATA STRUCTURES NO books, notes, or calculators may be used, and you must work entirely on your own. Name: UCFID: NID: Question # Max Pts Category
More information1. Stack overflow & underflow 2. Implementation: partially filled array & linked list 3. Applications: reverse string, backtracking
Review for Test 2 (Chapter 6-10) Chapter 6: Template functions & classes 1) What is the primary purpose of template functions? A. To allow a single function to be used with varying types of arguments B.
More informationLearning from 6,000 Projects: Lightweight Cross-Project Anomaly Detection
Learning from 6,000 Projects: Lightweight Cross-Project Anomaly Detection Natalie Gruska School of Computing, Queen s University Kingston, Ontario, Canada gruska@cs.queensu.ca Andrzej Wasylkowski Andreas
More informationFinding User/Kernel Pointer Bugs with Type Inference p.1
Finding User/Kernel Pointer Bugs with Type Inference Rob Johnson David Wagner rtjohnso,daw}@cs.berkeley.edu. UC Berkeley Finding User/Kernel Pointer Bugs with Type Inference p.1 User/Kernel Pointer Bugs
More informationObjects First with Java A Practical Introduction using BlueJ
Objects First with Java A Practical Introduction using BlueJ David J. Barnes Michael Kölling Extensions by H.-J. Bungartz and T. Neckel 2.1 Course Contents Introduction to object-oriented programming with
More informationAdvances in Programming Languages
T O Y H Advances in Programming Languages APL4: JML The Java Modeling Language David Aspinall (slides originally by Ian Stark) School of Informatics The University of Edinburgh Thursday 21 January 2010
More informationCombining Static and Dynamic Contract Checking for Curry
Michael Hanus (CAU Kiel) Combining Static and Dynamic Contract Checking for Curry LOPSTR 2017 1 Combining Static and Dynamic Contract Checking for Curry Michael Hanus University of Kiel Programming Languages
More informationTop Down Design. 2. Design Methodology
Top Down Design 1 A solution method where the problem is broken down into smaller subproblems, which in turn are broken down into smaller problems until each subproblem can be solved in a few steps. (Also
More informationChapter 1: Programming Principles
Chapter 1: Programming Principles Object Oriented Analysis and Design Abstraction and information hiding Object oriented programming principles Unified Modeling Language Software life-cycle models Key
More informationThe JML Tool. Faculty of Engineering Pontificia Universidad Javeriana. The JML Tool p.1/23
The JML Tool Néstor Cataño ncatano@puj.edu.co Faculty of Engineering Pontificia Universidad Javeriana The JML Tool p.1/23 Tools for JML 1. Parsing and type-checking 2. Checking assertions at runtime 3.
More informationCascade: A Universal Programmer-assisted Type Qualifier Inference Tool
Cascade: A Universal Programmer-assisted Type Qualifier Inference Tool Mohsen Vakilian* Amarin Phaosawasdi* Michael D. Ernst Ralph E. Johnson* *University of Illinois at Urbana-Champaign University of
More informationSpecifications and Modeling
12 Specifications and Modeling Peter Marwedel TU Dortmund, Informatik 12 2009/10/20 Graphics: Alexandra Nolte, Gesine Marwedel, 2003 Structure of this course 2: Specification Design repository Design Application
More information