Nafi Diallo Computer Science NJIT Advisor Dr Ali Mili Outline 1 Introduction 2 Progress 3 Prospects 4 Conclusion Introduction Research Progress Proposed work Conclusion ID: 315482
Download Presentation The PPT/PDF document "Loop Analysis and Repair" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1
Loop Analysis and Repair
Nafi Diallo
Computer Science
NJIT
Advisor: Dr. Ali MiliSlide2
Outline
1. Introduction
2. Progress
3. Prospects4. Conclusion
IntroductionResearch ProgressProposed workConclusion
Loop Analysis and Repair- RAMICS 2015
2Slide3
Loop Analysis and Repair
Loop
Analysis
Convergence
Termination + Absence of AbortCorrectness/IncorrectnessLoop RepairDiagnose/Remove FaultsVerification
Loop Analysis and Repair- RAMICS 20153
1. Introduction
2. Progress
3.
Prospects
4. ConclusionSlide4
Definition
We consider a while loop w of the form :
denotes
the state
space of
and
represent the function of the loop
:
Loop Analysis and Repair- RAMICS 2015
4
1. Introduction
2. Progress
3.
Prospects
4. ConclusionSlide5
Definition
T is the relational vector defined by:
The loop semantics is defined by means of the reflexive transitive closure of 𝑇∩𝐵
:
Loop Analysis and Repair- RAMICS 2015
5
1. Introduction
2. Progress
3.
Prospects
4. ConclusionSlide6
Invariant Relation
Interpretation:
pairs
of states (
s,s') that are separated by an arbitrary number of iterationsExample:
𝐰𝐡𝐢𝐥𝐞(𝐤! = 𝐧){𝐤 = 𝐤 + 𝟏; 𝐟 = 𝐟∗ 𝐤;}An invariant relation is :
Loop Analysis and Repair- RAMICS 2015
6
1. Introduction
2. Progress
3.
Prospects
4. ConclusionSlide7
Invariant Relations and Invariant Assertions
All invariant assertions stem from invariant relations
Only a subset of invariant relations can be derived from invariant assertions
Invariant Relation
Invariant Assertion
Inductive Invariant Relation
Invariant Assertion
Loop Analysis and Repair- RAMICS 2015
7
1. Introduction
2. Progress
3.
Prospects
4. Conclusion
R is an invariant relation
ν is a vector
A is an invariant assertionSlide8
Convergence:
Integrating Abort freedom with Termination
A general framework for Convergence
Theorem 1
We consider a while loop w of the form
on
space S, and
we let R be
an
invariant relation for w. Then:
Capturing aspects of abort freedom
Theorem
2
We consider a while loop w of the form
w: while (t) {b}
on space
,
and we let B′ be a superset of
If B′ satisfies the following conditions:
The
following relation
is transitive, for an arbitrary vector V .
( condition of concordance)
then
is
an invariant relation for w.
Loop Analysis and Repair- RAMICS 2015
8
1. Introduction
2. Progress
3.
Prospects
4. ConclusionSlide9
Abort-Freedom Invariant Relations
Logical form of Theorem 2
Applications
:
Array out of bounds
Illegal arithmetic operations
Arithmetic overflow
Illegal Pointer reference
Loop Analysis and Repair- RAMICS 2015
9
1. Introduction
2. Progress
3.
Prospects
4. ConclusionSlide10
Termination: Example
Abort condition: Illegal arithmetic operation
Termination condition
Loop Analysis and Repair- RAMICS 2015
10
1. Introduction
2. Progress
3.
Prospects
4. ConclusionSlide11
Termination: Example
Loop Analysis and Repair- RAMICS 2015
11
1. Introduction
2. Progress3.
Prospects4. ConclusionSlide12
Correctness/Incorrectness
A necessary
condition
of correctness
Proposition: Let w be a while loop of the form
that terminates
for all
states in
S. Let
R be an invariant relation for w, and let V be a
specification
on S.
If w is
correct with respect to V then
.
Interpretation
: Incorrect if the invariant relation is incompatible with the specification
A
sufficient condition of correctnessProposition: Given a while loop w of the form
that terminates
for all
states in its space
, and given a specification
on
, if an invariant relation R of
w satisfies
the condition
then
w is correct with respect
to
U.
Interpretation
: Correct only if the invariant relation subsumes the specification.
Loop Analysis and Repair- RAMICS 2015
12
1. Introduction
2. Progress
3.
Prospects
4. ConclusionSlide13
Algorithm
for Verifying Loop Correctness
13
S = S and
Termination
(w)
[
CumR
= L
]
More-
inv
-relation(w)?
yes
R=get-inv-relation(w)
Loop
w
,
Space
S
,
Specification
spec
Necessary(R,spec)
?
Correct
OR
Incorrect
OR
Undecided
INPUT
OUTPUT
No
No
yes
[
CumR=CumR∩R
]
sufficient(CumR,spec)
?
yes
No
Loop Analysis and Repair- RAMICS 2015
13
1. Introduction
2. Progress
3.
Prospects
4. ConclusionSlide14
Relative Correctness
Definition 1
Given
a specification R and
a program P
defines
the competence domain
of P and denotes the set
of states on which 𝑷 obeys 𝑹
.
Definition 2
Given
a specification R and
two programs P and P’, deterministic
𝑷
’ more-correct than 𝑷 with respect to 𝑹:
𝑷’ has a larger competence domain than 𝑷.
Denoted:
Loop Analysis and Repair- RAMICS 2015
14
1. Introduction
2. Progress
3.
Prospects
4. ConclusionSlide15
Relative Correctness
Therefore
Loop Analysis and Repair- RAMICS 2015
15
1. Introduction
2. Progress
3.
Prospects
4. ConclusionSlide16
Impact of Relative Correctness on Testing
Impact
on
Test Data Generation
: vs.
Impact on Oracle Design:
: oracle for absolute correctness.
: oracle for relative correctness
.
Loop Analysis and Repair- RAMICS 2015
16
1. Introduction
2. Progress
3.
Prospects
4. ConclusionSlide17
Absolute Correctness and Relative Correctness
Loop Analysis and Repair- RAMICS 2015
17
(Absolute) Correctness
Relative Correctness
Culminates
1. Introduction
2. Progress
3.
Prospects
4. ConclusionSlide18
A Formal Definition of fault
Definition 1
A feature in a program P is a
statement, condition, formula, or combination
thereofDefinition 2
Given Specification
, Program
, feature
in
:
A feature
is said to be a
fault
in
if and only if there exists a substitute
of
that would make
more-correct
.A pair of features
is said to be a
(monotonic) fault removal
of
if and only if program
obtained from
by substituting
for
is more-correct than
.
Loop Analysis and Repair- RAMICS 2015
18
1. Introduction
2. Progress
3.
Prospects
4. ConclusionSlide19
Loop Repair
Mutation Testing consists of :
Generating
Mutants
Testing Mutants against some sample test dataSelecting mutants that passRejecting mutants that failWe argueSelecting mutants that pass is wrong: a mutant may pass the test but still not be more-correct.Rejecting mutants that fail is also wrong: a mutant may fail and still be more-correct.Loop Analysis and Repair- RAMICS 2015
19
1. Introduction
2. Progress
3.
Prospects
4. ConclusionSlide20
Proving Relative Correctness
Traditionally
:
static
verification techniques applicable only to correct programs;dynamic testing techniques used to expose/ diagnose faults in incorrect programs.Using relative correctness: We remove a fault from a program, check a set of conditions statically and locally, and conclude that the new program is more-correct than the old, all
Without testing (and its attending uncertainties),Without remorse (final determination: no going back to question wisdom of fault removal).Loop Analysis and Repair- RAMICS 2015
20
1. Introduction
2. Progress
3.
Prospects
4. ConclusionSlide21
A Framework for Monotonic Fault Removal
Loop Analysis and Repair- RAMICS 2015
21
1. Introduction
2. Progress
3. Prospects
4. ConclusionSlide22
Proving Relative Correctness
Loop Analysis and Repair- RAMICS 2015
22
1. Introduction
2. Progress
3. Prospects
4. Conclusion
Theorem
Let R be a specification on space
and let
be a while loop of the form
which terminates for all
.
Let
be an invariant relation of
that is incompatible with
and let
be the largest invariant relation of such that Let
be the while loop that has as an invariant relation , terminates for all
and admits an invariant relation
that is compatible with
And satisfies the condition
Then
is strictly more correct that
Slide23
Illustration
Loop Analysis and Repair- RAMICS 2015
23
1. Introduction
2. Progress
3. Prospects
4. Conclusion
Specification
Invariant RelationsSlide24
Illustration
Loop Analysis and Repair- RAMICS 2015
24
1. Introduction
2. Progress
3. Prospects
4. Conclusion
Compute constraints
Pick
, thus consider
to be involved in fault
Working by elimination, we choose mutant 2.
Testing for absolute correctness fails but testing for relative correctness succeeds
We repeat the process and end up with one incompatible invariant relation
Compute constraints and remove 2
nd
fault
Slide25
Deployment
FxLoop
Analyzer (C++ based)
Client-server application
Thin clientServer(HTTP) has 2 componentsCCA compilerInvariant relation generator using semantic matchingDatabases of recognizers based on application domainComputing termination conditionTraditional senseIn combination with Abort-freedomCorrectness verification
Loop Analysis and Repair- RAMICS 201525
1. Introduction
2. Progress
3.
Prospects
4. ConclusionSlide26
Analytical Research
To further
explore the implications and applications of relative correctness,
To
derive techniques for proving relative correctness by static analysis of the source code.Loop Analysis and Repair- RAMICS 201526
1. Introduction2. Progress
3. Prospects
4. ConclusionSlide27
Thank you!
Loop Analysis and Repair- RAMICS 2015
27