Catching Bugs in the Web of Program Invariants Proseminar „Programmanalyse”, Prof. Dr. Heike Wehrheim Universität Paderborn, WS 2011/2012 Anton Tonkushin.

Slides:



Advertisements
Similar presentations
CS3012: Formal Languages and Compilers Static Analysis the last of the analysis phases of compilation type checking - is an operator applied to an incompatible.
Advertisements

Good Programming Practices rules every programmer should know and follow.
Modular and Verified Automatic Program Repair Francesco Logozzo, Thomas Ball RiSE - Microsoft Research Redmond.
Semantics Static semantics Dynamic semantics attribute grammars
A System to Generate Test Data and Symbolically Execute Programs Lori A. Clarke September 1976.
Intermediate Code Generation
Chapter 6 Type Checking. The compiler should report an error if an operator is applied to an incompatible operand. Type checking can be performed without.
Context-Sensitive Interprocedural Points-to Analysis in the Presence of Function Pointers Presentation by Patrick Kaleem Justin.
3-Valued Logic Analyzer (TVP) Tal Lev-Ami and Mooly Sagiv.
Telecooperation/RBG Technische Universität Darmstadt Copyrighted material; for TUD student use only Introduction to Computer Science I Topic 16: Exception.
Compiler Construction
Lecture - 1 on Data Structures. Prepared by, Jesmin Akhter, Lecturer, IIT,JU Data Type and Data Structure Data type Set of possible values for variables.
CMPT 225 Data Structures and Programming. Course information Lecturer: Jan Manuch (Jano), TASC TAs: Osama Saleh,
Lecture Roger Sutton CO331 Visual programming 15: Debugging 1.
Safety as a Software Metric Matthias Felleisen and Robert Corky Cartwright Rice University.
Slides prepared by Rose Williams, Binghamton University Chapter 1 Getting Started 1.1 Introduction to Java.
CS 290C: Formal Models for Web Software Lecture 10: Language Based Modeling and Analysis of Navigation Errors Instructor: Tevfik Bultan.
Static and Dynamic Contract Verifiers For Java Hongming Liu.
1 Program Analysis Mooly Sagiv Tel Aviv University Textbook: Principles of Program Analysis.
Chapter 9: Subprogram Control
Java Review 2 – Errors, Exceptions, Debugging Nelson Padua-Perez Chau-Wen Tseng Department of Computer Science University of Maryland, College Park.
A UNIFIED APPROACH TO GLOBAL PROGRAM OPTIMIZATION Proseminar „Programmanalyse”, Prof. Dr. Heike Wehrheim Universität Paderborn, WS 2011/2012.
Program Analysis Mooly Sagiv Tel Aviv University Sunday Scrieber 8 Monday Schrieber.
UNIT 6.15 Special Solutions: Graphing I can identify special solutions within a system of equations graphically.
1/25 Pointer Logic Changki PSWLAB Pointer Logic Daniel Kroening and Ofer Strichman Decision Procedure.
Data Structures and Programming.  John Edgar2.
1 Exception and Event Handling (Based on:Concepts of Programming Languages, 8 th edition, by Robert W. Sebesta, 2007)
Thinking Mathematically Algebra: Graphs, Functions and Linear Systems 7.3 Systems of Linear Equations In Two Variables.
Course Revision Contents  Compilers  Compilers Vs Interpreters  Structure of Compiler  Compilation Phases  Compiler Construction Tools  A Simple.
Extended Prelude to Programming Concepts & Design, 3/e by Stewart Venit and Elizabeth Drake Chapter 2: Developing a Program.
MrFlow: Why MrSpidey Failed Philippe Meunier Paul Steckler.
By: Pashootan Vaezipoor Path Invariant Simon Fraser University – Spring 09.
Types for Programs and Proofs Lecture 1. What are types? int, float, char, …, arrays types of procedures, functions, references, records, objects,...
June 27, 2002 HornstrupCentret1 Using Compile-time Techniques to Generate and Visualize Invariants for Algorithm Explanation Thursday, 27 June :00-13:30.
A First Book of ANSI C Fourth Edition
1 Semantic Analysis Aaron Bloomfield CS 415 Fall 2005.
1 Programming Fundamentals AITI-GP. 2 Introduction to Programming.
Warm up: Solve the given system by elimination
410/510 1 of 18 Week 5 – Lecture 1 Semantic Analysis Compiler Construction.
Problem Solving Techniques. Compiler n Is a computer program whose purpose is to take a description of a desired program coded in a programming language.
May 31, May 31, 2016May 31, 2016May 31, 2016 Azusa, CA Sheldon X. Liang Ph. D. Computer Science at Azusa Pacific University Azusa Pacific University,
Introduction to Problem Solving. Steps in Programming A Very Simplified Picture –Problem Definition & Analysis – High Level Strategy for a solution –Arriving.
Algorithms & Flowchart
XP Tutorial 10New Perspectives on HTML and XHTML, Comprehensive 1 Working with JavaScript Creating a Programmable Web Page for North Pole Novelties Tutorial.
Java Basics Hussein Suleman March 2007 UCT Department of Computer Science Computer Science 1015F.
An Undergraduate Course on Software Bug Detection Tools and Techniques Eric Larson Seattle University March 3, 2006.
Chapter 1 Introduction Major Data Structures in Compiler
Design - programming Cmpe 450 Fall Dynamic Analysis Software quality Design carefully from the start Simple and clean Fewer errors Finding errors.
Data Structures Using C++ 2E
Principles of programming languages 6: Types Isao Sasano Department of Information Science and Engineering.
10-1 An Introduction to Systems A _______ is a set of sentences joined by the word ____ or by a ________________. Together these sentences describe a ______.
Data Structure Introduction Dr. Bernard Chen Ph.D. University of Central Arkansas Fall 2010.
How Are Computers Programmed? CPS120: Introduction to Computer Science Lecture 5.
Chapter 1 Java Programming Review. Introduction Java is platform-independent, meaning that you can write a program once and run it anywhere. Java programs.
Compiler Construction CPCS302 Dr. Manal Abdulaziz.
/ PSWLAB Evidence-Based Analysis and Inferring Preconditions for Bug Detection By D. Brand, M. Buss, V. C. Sreedhar published in ICSM 2007.
Onlinedeeneislam.blogspot.com1 Design and Analysis of Algorithms Slide # 1 Download From
©SoftMoore ConsultingSlide 1 Structure of Compilers.
ARRAYS IN C/C++ (1-Dimensional & 2-Dimensional) Introduction 1-D 2-D Applications Operations Limitations Conclusion Bibliography.
C H A P T E R E I G H T Functional Programming Programming Languages – Principles and Paradigms by Allen Tucker, Robert Noonan.
Microsoft Visual Basic 2012: Reloaded Fifth Edition Chapter One An Introduction to Visual Basic 2012.
CS223: Software Engineering Lecture 26: Software Testing.
Debuggers. Errors in Computer Code Errors in computer programs are commonly known as bugs. Three types of errors in computer programs –Syntax errors –Runtime.
Support for Program Analysis as a First-Class Design Constraint in Legion Michael Bauer 02/22/17.
Types for Programs and Proofs
Principles of programming languages 8: Types
Compiler Construction (CS-636)
CEN352 Dr. Nassim Ammour King Saud University
Linear Programming Objectives: Set up a Linear Programming Problem
Problem Solving Skill Area 305.1
Presentation transcript:

Catching Bugs in the Web of Program Invariants Proseminar „Programmanalyse”, Prof. Dr. Heike Wehrheim Universität Paderborn, WS 2011/2012 Anton Tonkushin

Static debugging Array indexing outside of its proper bounds Division by zero Referencing of null pointers Jumping to non-function pointers etc Identifying problems at compile- or runtime Solution: Magic Tool Assisting the programmer in verifying the preconditions of program operations Immediate errors’ signaling Programmanalyse, WS 2011/2012, Anton Tonkushin 2

MrSpidey Interactive, static debugger for Scheme Understanding complex programs Debugging complex programs Introduction & Goals Main functions: Describes the set of possible values for each program variable and expression (value set invariant) Identifies possibly unsafe program operations that may cause run-time errors Provides a supporting graphical explanation for these invariants Programmanalyse, WS 2011/2012, Anton Tonkushin 3

Set-based analysis in MrSpidey Introduction: Program variables and expressions are viewed as sets of values Possibly infinite sets of values represented finitely using abstract values Each abstract value corresponds to a particular constructor expression in the analyzed program Programmanalyse, WS 2011/2012, Anton Tonkushin 4

Sample source language Λ Programmanalyse, WS 2011/2012, Anton Tonkushin Introduction: P ∈ Program ::= (define x M)... M, N ∈ Λ ::= V l Ι (M M) l Ι (cons M M) l Ι (car M) l Ι (cdr M) l V ∈ Value ::= c Ι x Ι (λx.M) l Ι (cons V V) c ∈ Const=Num ∪ {nil,...} n ∈ Num={0, 1, 2,...} x ∈ Vars={x, y, z,...} l ∈ Label 5

Abstract values & abstract store Abstract values Abstract store Result of the set-based analysis Finite table Maps variables and labels to sets of abstract values S ∈ AbsStore = (Vars ∪ Label) → P(AbsValue P ) Programmanalyse, WS 2011/2012, Anton Tonkushin 6

Two stage algorithm of MrSpidey Deriving constraints in a syntax-directed manner from the program text Determining the minimal (i.e., most accurate) abstract store satisfying these constraints Programmanalyse, WS 2011/2012, Anton Tonkushin Example 7

A sample analysis: deriving constraints Programmanalyse, WS 2011/2012, Anton Tonkushin 8

A sample analysis: solving constraints Programmanalyse, WS 2011/2012, Anton Tonkushin 9

Value Flow & Value Flow Browser Programmanalyse, WS 2011/2012, Anton Tonkushin Construction of a value flow graph from the subset relations Each edge in this graph -> arrow overlaid on the program text 10

Questions? 11

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.