(or what I learned from Neil about software testing) John Hughes Chalmers University/Quviq AB.

Slides:



Advertisements
Similar presentations
Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?
Advertisements

Software Testing with QuickCheck Lecture 1 Properties and Generators.
Control Structures Ranga Rodrigo. Control Structures in Brief C++ or JavaEiffel if-elseif-elseif-else-end caseinspect for, while, do-whilefrom-until-loop-end.
Semantics Static semantics Dynamic semantics attribute grammars
Rigorous Software Development CSCI-GA Instructor: Thomas Wies Spring 2012 Lecture 11.
Software Testing with QuickCheck Lecture 3 Testing Stateful Systems.
Annoucements  Next labs 9 and 10 are paired for everyone. So don’t miss the lab.  There is a review session for the quiz on Monday, November 4, at 8:00.
Programming Types of Testing.
ISBN Chapter 3 Describing Syntax and Semantics.
Copyright © 2006 Addison-Wesley. All rights reserved. 3.5 Dynamic Semantics Meanings of expressions, statements, and program units Static semantics – type.
CS 355 – Programming Languages
4 July 2005 overview Traineeship: Mapping of data structures in multiprocessor systems Nick de Koning
SE 450 Software Processes & Product Metrics Reliability: An Introduction.
1 These courseware materials are to be used in conjunction with Software Engineering: A Practitioner’s Approach, 5/e and are provided with permission by.
Software Reliability Methods Sorin Lerner. Software reliability methods: issues What are the issues?
OOP #10: Correctness Fritz Henglein. Wrap-up: Types A type is a collection of objects with common behavior (operations and properties). (Abstract) types.
Michael Ernst, page 1 Improving Test Suites via Operational Abstraction Michael Ernst MIT Lab for Computer Science Joint.
1 Advanced Material The following slides contain advanced material and are optional.
ITERATIVE COMPUTATIONS CONCURRENCY ID1218 Lecture Christian Schulte Software and Computer Systems School of Information and.
Describing Syntax and Semantics
Swami NatarajanJuly 14, 2015 RIT Software Engineering Reliability: Introduction.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,
Testing a Media Proxy with … QuickCheck Thomas Arts John Hughes Chalmers/ITU Joakim Johansson Ulf Wiger Ericsson.
REFACTORING Lecture 4. Definition Refactoring is a process of changing the internal structure of the program, not affecting its external behavior and.
DySy: Dynamic Symbolic Execution for Invariant Inference.
CS 501: Software Engineering Fall 1999 Lecture 16 Verification and Validation.
”Life is too short for imperative programming” John Hughes.
Introduction to Python
Software Engineering Prof. Dr. Bertrand Meyer March 2007 – June 2007 Chair of Software Engineering Static program checking and verification Slides: Based.
Erlang/QuickCheck Thomas Arts, IT University John Hughes, Chalmers University Gothenburg.
1 Debugging and Testing Overview Defensive Programming The goal is to prevent failures Debugging The goal is to find cause of failures and fix it Testing.
The Pipeline Processing Framework LSST Applications Meeting IPAC Feb. 19, 2008 Raymond Plante National Center for Supercomputing Applications.
1 Software Construction and Evolution - CSSE 375 Exception Handling – Logging & Special Situations Steve Chenoweth Office: Moench Room F220 Phone: (812)
Testing in Erlang. Different testing tools EUnit (standard lightweight xUnit solution for Erlang) Common Test (OTP based distributed testing tool) Qucik.
Chapter 25 Formal Methods Formal methods Specify program using math Develop program using math Prove program matches specification using.
Low-Level Detailed Design SAD (Soft Arch Design) Mid-level Detailed Design Low-Level Detailed Design Design Finalization Design Document.
ISBN Chapter 3 Describing Semantics -Attribute Grammars -Dynamic Semantics.
COP4020 Programming Languages Subroutines and Parameter Passing Prof. Xin Yuan.
CSC 142 D 1 CSC 142 Instance methods [Reading: chapter 4]
MAL 3 - Procedures Lecture 13. MAL procedure call The use of procedures facilitates modular programming. Four steps to transfer to and return from a procedure:
1 Muhammed Al-MulhemVisual Languages - 2 Visual Programming Languages ICS 539 Diagrams ICS Department KFUPM Sept. 1, 2007.
Testing Abstract Data Structures with QuickCheck Thomas Arts Quviq AB / Chalmers.
What is Testing? Testing is the process of finding errors in the system implementation. –The intent of testing is to find problems with the system.
ISBN Chapter 3 Describing Semantics.
Chapter 3 Part II Describing Syntax and Semantics.
I Power Higher Computing Software Development High Level Language Constructs.
Static Detection of Race Conditions in Erlang Maria Christakis National Technical University of Athens, Greece Joint work with Kostis Sagonas.
Using Cycle-Accurate Contract Specifications for Testing Hardware Models Alexander Kamkin Institute for System Programming of RAS
Software Engineering 2 -Prakash Shrestha.
13 Aug 2013 Program Verification. Proofs about Programs Why make you study logic? Why make you do proofs? Because we want to prove properties of programs.
ANU COMP2110 Software Design in 2003 Lecture 10Slide 1 COMP2110 Software Design in 2004 Lecture 12 Documenting Detailed Design How to write down detailed.
Static Techniques for V&V. Hierarchy of V&V techniques Static Analysis V&V Dynamic Techniques Model Checking Simulation Symbolic Execution Testing Informal.
1 Contractual Consistency Between BON Static and Dynamic Diagrams Ali Taleghani July 30, 2004.
Winter 2007SEG2101 Chapter 121 Chapter 12 Verification and Validation.
/ PSWLAB Evidence-Based Analysis and Inferring Preconditions for Bug Detection By D. Brand, M. Buss, V. C. Sreedhar published in ICSM 2007.
T EST T OOLS U NIT VI This unit contains the overview of the test tools. Also prerequisites for applying these tools, tools selection and implementation.
CSCI 161 Lecture 3 Martin van Bommel. Operating System Program that acts as interface to other software and the underlying hardware Operating System Utilities.
Testing Overview Software Reliability Techniques Testing Concepts CEN 4010 Class 24 – 11/17.
IST 210: PHP Basics IST 210: Organization of Data IST2101.
Chapter 6 CS 3370 – C++ Functions.
CSE 374 Programming Concepts & Tools
1. Introduction A microprocessor executes instructions given by the user Instructions should be in a language known to the microprocessor Microprocessor.
Aspect Validation: Connecting Aspects and Formal Methods
AdaCore Technologies for Cyber Security
Processor Organization and Architecture
Testing Telecoms Software with QuickCheck
Test Case Test case Describes an input Description and an expected output Description. Test case ID Section 1: Before execution Section 2: After execution.
Flowcharts and Pseudo Code
The Zoo of Software Security Techniques
Presentation transcript:

(or what I learned from Neil about software testing) John Hughes Chalmers University/Quviq AB

Company founded May 2006 – Tools for testing software – Profitable in the first year! Customers include… Soon TBA

QuickCheck Tests software automatically against a formal specification prop_reverse() -> ?FORALL({Xs,Ys}, {list(int()),list(int())}, reverse(Xs++Ys) == reverse(Xs)++reverse(Ys)). prop_reverse() -> ?FORALL({Xs,Ys}, {list(int()),list(int())}, reverse(Xs++Ys) == reverse(Xs)++reverse(Ys)).

Testing… 19> eqc:quickcheck(ex:prop_reverse()) Failed! After 10 tests. {[2],[3,2]} Shrinking....(4 times) {[0],[1]} false 19> eqc:quickcheck(ex:prop_reverse()) Failed! After 10 tests. {[2],[3,2]} Shrinking....(4 times) {[0],[1]} false

QuickCheck Tests software automatically against a formal specification prop_reverse() -> ?FORALL({Xs,Ys}, {list(int()),list(int())}, reverse(Xs++Ys) == reverse(Xs)++reverse(Ys)). prop_reverse() -> ?FORALL({Xs,Ys}, {list(int()),list(int())}, reverse(Xs++Ys) == reverse(Xs)++reverse(Ys)).

QuickCheck in Brief Specification Test case Test outcome GenerateExecute Simplify Minimal counter- example e.g. {[0],[1]}

A More Realistic Test Case A test case for the Erlang process registry test_register() -> Pid = spawn(), register(name,Pid), Pid2 = whereis(name), assert(Pid==Pid2), unregister(name). test_register() -> Pid = spawn(), register(name,Pid), Pid2 = whereis(name), assert(Pid==Pid2), unregister(name). Spawn a new process (set up test data) Register it—a side- effect Inspect the results Did the test pass? Restore the state, ready for next test

Industrial Test Cases A sequence of – Calls to an API under test – Checks on the results Not much like {[0],[1]}… How can we convert this kind of test case into a logical property?

QuickCheck in Industry Specification Test case: a program Test case: a program Test outcome GenerateExecute Simplify Minimal program provoking a fault

Programs as Data Objects Why? – So failing test cases can be printed – So failing test cases can be repeated – So failing test cases can be simplified

Can we mix generation and execution? Randomly generate and perform each call – Save a test case as a list of functions and actual parameters? – NO!!! When we repeat the test, Pid has a different value – We must use a symbolic variable! test_register() -> Pid = spawn(), register(name,Pid),… test_register() -> Pid = spawn(), register(name,Pid),…

Test Case Language Do we need conditionals? Tests should be deterministic – Check the right branch, don’t test Users need simplicity—straight-line code is simple, and suffices X = foo(…), case p(X) of true -> baz(X); false -> bar(X) end X = foo(…), case p(X) of true -> baz(X); false -> bar(X) end X = foo(…), assert not(p(X)), bar(X) X = foo(…), assert not(p(X)), bar(X)

Generating Test Cases How do we know – Which commands are valid at each point? – What test data is available at each point? – What results are expected? Track a test case state – Check preconditions before generating each command – Store available data in the state – Check postconditions wrt test case state

Process Registry State type state() = record pids::list(pid()), regs::list({atom(),pid()}) end. type state() = record pids::list(pid()), regs::list({atom(),pid()}) end. Available process ids Currently registered processes

Process Registry State Two-level programs! – Static = test case generation time – Dynamic = test execution time type state() = record pids::list(symbolic(pid())), regs::list({atom(),symbolic(pid())}) end. type state() = record pids::list(symbolic(pid())), regs::list({atom(),symbolic(pid())}) end. Available process ids Currently registered processes

Two-level State Machines Preconditions – Checked during generation, purely static Postconditions – Checked during execution, purely dynamic Next state function – Used at both times, two-level Command generator – Used during generation, two-level

Process Registry spawn() – Adds a (dynamic) pid to the state unregister(Name) – Pre: Name must be registered – Removes Name from the state register(Name,Pid) – Adds {Name,Pid} to the state – Post: exception if Name or Pid already registered

A Failing Test Case [{set,{var,2},{call,…,spawn,[]}}, {set,{var,3},{call,…,register,[a,{var,2}]}}, {set,{var,6},{call,…,register,[b,{var,2}]}}, {set,{var,8},{call,…,spawn,[]}}, {set,{var,9},{call,…,register,[b,{var,8}]}}] [{set,{var,2},{call,…,spawn,[]}}, {set,{var,3},{call,…,register,[a,{var,2}]}}, {set,{var,6},{call,…,register,[b,{var,2}]}}, {set,{var,8},{call,…,spawn,[]}}, {set,{var,9},{call,…,register,[b,{var,8}]}}] V2=spawn(), register(a,V2), register(b,V2), V8=spawn(), register(b,V8) V2=spawn(), register(a,V2), register(b,V2), V8=spawn(), register(b,V8) CodeSpec Inconsistency!

A Buggy Spec spawn() – Adds a (dynamic) pid to the state unregister(Name) – Pre: must be registered – Removes Name from the state register(Name,Pid) – Adds {Name,Pid} to the state – Post: exception if Name or Pid already registered …provided there is no exception!

”The Trick” What if we know part of the structure? – Check the known part in the postcondition – Add the known part statically to the state ”The Trick” is as useful as ever! [{set,{var,2},{call,…,spawn,[]}}, …] [{set,{var,2},{call,…,spawn,[]}}, …] Added to the state Purely dynamic

Test Case Generator Two-level languages are helping to find thorny bugs in industrial systems! Randomized Generating Extension =

Best Bug! In Ericsson’s Media Proxy (Multimedia IP- telephony product, SIP) A serious bug Obtained from a simple specification, by simplifying 160-command sequence! Add Sub Add Sub Add Sub

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.