automating regression verification
play

Automating Regression Verification Dennis Felsing , Sarah Grebing, - PowerPoint PPT Presentation

Jul 03, 2023 •48 likes •408 views

Automating Regression Verification Dennis Felsing , Sarah Grebing, Vladimir Klebanov, Mattias Ulbrich, Philipp R ummer 2014-07-23 1 / 16 Introduction How to prevent regressions in software development? 2 / 16 Introduction How to prevent

  1. Automating Regression Verification Dennis Felsing , Sarah Grebing, Vladimir Klebanov, Mattias Ulbrich, Philipp R¨ ummer 2014-07-23 1 / 16

  2. Introduction How to prevent regressions in software development? 2 / 16

  3. Introduction How to prevent regressions in software development? Formal Verification Formally prove correctness of software ⇒ Requires formal specification Regression Testing Discover new bugs by testing for them ⇒ Requires test cases 2 / 16

  4. Introduction How to prevent regressions in software development? Formal Verification Formally prove correctness of software ⇒ Requires formal specification Regression Testing Discover new bugs by testing for them ⇒ Requires test cases Regression Verification Formally prove there are no new bugs 2 / 16

  5. Regression Verification Formally prove there are no new bugs • Goal: Proving the equivalence of two closely related programs • No formal specification or test cases required • Instead use old program version as reference • Tools for proving function equivalence in a simple programming language using SMT solvers 3 / 16

  6. Overview 1 Overapproximation using Uninterpreted Functions 2 Approximation using Uninterpreted Predicates 3 Results and Future Work 4 / 16

  7. Overview 1 Overapproximation using Uninterpreted Functions 2 Approximation using Uninterpreted Predicates 3 Results and Future Work 5 / 16

  8. Function Equivalence Existing approach by Strichman & Godlin Equivalent? Function f Function g (val n 1 ; ret r 1 ) (val n 2 ; ret r 2 ) Uninterpreted Function U for recursive calls in both f and g Function f Function g without recursion without recursion Static Single Static Single Assignment S f Assignment S g ( n 1 = n 2 ∧ S f ∧ S g ) → r 1 = r 2 SMT Solver Valid / Invalid 6 / 16

  9. Our Contribution: Extensions Equivalent? Function f Function g (val n 1 ; ret r 1 ) (val n 2 ; ret r 2 ) S f S g Single Static Assignment Form ( n 1 = n 2 ∧ S f ∧ S g ) → r 1 = r 2 SMT Solver Valid / Invalid 7 / 16

  10. Our Contribution: Extensions Equivalent? Function f Function g (val n 1 ; ret r 1 ) (val n 2 ; ret r 2 ) S f S g Single Static Assignment Form ( n 1 = n 2 ∧ S f ∧ S g ) → r 1 = r 2 SMT Solver Valid / Invalid Equivalent! 7 / 16

  11. Our Contribution: Extensions Equivalent? Function f Function g (val n 1 ; ret r 1 ) (val n 2 ; ret r 2 ) S f S g Single Static Assignment Form ( n 1 = n 2 ∧ S f ∧ S g ) → r 1 = r 2 SMT Solver Valid / Invalid Equivalent! Counterexample: r 1 = − 1 n = 0: r 2 = − 3 7 / 16

  12. Our Contribution: Extensions Equivalent? Function f Function g (val n 1 ; ret r 1 ) (val n 2 ; ret r 2 ) S f S g Single Static Assignment Form ( n 1 = n 2 ∧ S f ∧ S g ) → r 1 = r 2 SMT Solver f (0) = g (0) = 0 Valid / Invalid Execute Equivalent! Counterexample: r 1 = − 1 n = 0: r 2 = − 3 7 / 16

  13. Our Contribution: Extensions Equivalent? Function f Function g (val n 1 ; ret r 1 ) (val n 2 ; ret r 2 ) S f S g Single Static Assignment Form ( n 1 = n 2 ∧ S f ∧ S g ∧ U (0) = 0 ) → r 1 = r 2 Add rerun SMT Solver f (0) = g (0) = 0 Valid / Invalid Execute Equivalent! Counterexample: r 1 = − 1 n = 0: r 2 = − 3 7 / 16

  14. Overapproximation using uninterpreted functions Approach • Run the programs with input gathered from counterexamples • Detect whether CE is spurious or not • If spurious: Add additional constraints to the uninterpreted function ⇒ Is a simple form of Counter Example Guided Abstraction Refinement (CEGAR) Successful when • Finite number of constraints on the uninterpreted function imply equivalence • These are often the “base cases” of recursive implementations 8 / 16

  15. Overview 1 Overapproximation using Uninterpreted Functions 2 Approximation using Uninterpreted Predicates 3 Results and Future Work 9 / 16

  16. Approximation using Uninterpreted Predicates First approach (just shown) • Overapproximate recursion by uninterpreted Function U : ∀ U . constraints ( U ) ∧ S f ∧ S g ∧ ... → r 1 = r 2 New approach • Infer a predicate C which couples recursive calls: ∃ C . ( C ( ... ) ∧ ... → r 1 = r 2 ) ∧ “ C couples f and g ” • Use state-of-the-art SMT solvers (Eldarica, Z3) to automatically find such a C or prove that is does not exist ⇒ Example will show loops with coupling loop invariants 10 / 16

  17. Automatic Invariant Inference int f1 ( int n) { r = 0; int (n == 0) 1; i f return (n > 0) { while n /= 10; r++; } r ; return } 11 / 16

  18. Automatic Invariant Inference int f1 ( int n) { int f2 ( int n) { r = 0; r = 1; int int (n == 0) 1; i f return (n > 0) { ( true ) { while while n /= 10; r++; i f (n < 10) r ; return i f (n < 100) r +1; return i f (n < 1000) r +2; return i f (n < 10000) r +3; return } n /= 10000; r ; r += 4; return } } } 11 / 16

  19. Automatic Invariant Inference Loop synchronisation • To show: Equal input f1 f2 gives equal output 12 / 16

  20. Automatic Invariant Inference Loop synchronisation • To show: Equal input = f1 f2 gives equal output = 12 / 16

  21. Automatic Invariant Inference Loop synchronisation • To show: Equal input = f1 f2 gives equal output • Loops are synchronised = 12 / 16

  22. Automatic Invariant Inference Loop synchronisation • To show: Equal input = f1 f2 gives equal output • Loops are synchronised = = 12 / 16

  23. Automatic Invariant Inference Loop synchronisation • To show: Equal input = f1 f2 gives equal output • Loops are synchronised • ... at least loosely = synchronised = 12 / 16

  24. Automatic Invariant Inference Loop synchronisation • To show: Equal input = f1 f2 gives equal output • Loops are synchronised • ... at least loosely synchronised C = 12 / 16

  25. Automatic Invariant Inference Loop synchronisation • To show: Equal input = f1 f2 gives equal output • Loops are synchronised • ... at least loosely synchronised C ⇒ Use C as loop invariant for both programs. = ( → coupling invariant ) 12 / 16

  26. Automatic Invariant Inference Loop synchronisation • To show: Equal input = f1 f2 gives equal output • Loops are synchronised • ... at least loosely synchronised C ⇒ Use C as loop invariant for both programs. = ( → coupling invariant ) 12 / 16

  27. Automatic Invariant Inference Loop synchronisation • To show: Equal input = f1 f2 gives equal output • Loops are synchronised • ... at least loosely C synchronised ⇒ Use C as loop invariant for both programs. ( → coupling invariant ) 12 / 16

  28. Automatic Invariant Inference Loop synchronisation • To show: Equal input = f1 f2 gives equal output • Loops are synchronised • ... at least loosely C synchronised C ⇒ Use C as loop invariant for both programs. ( → coupling invariant ) 12 / 16

  29. Automatic Invariant Inference Loop synchronisation • To show: Equal input = f1 f2 gives equal output • Loops are synchronised • ... at least loosely C synchronised C ⇒ Use C as loop invariant C for both programs. ( → coupling invariant ) = 12 / 16

  30. Automatic Invariant Inference Loop synchronisation • To show: Equal input = f1 f2 gives equal output • Loops are synchronised • ... at least loosely C synchronised C ⇒ Use C as loop invariant C for both programs. ( → coupling invariant ) = Automatic Regression Verification: Do not specify C but infer it automatically. 12 / 16

  31. Automatic Invariant Inference Three cases to consider: 1 Initially coupling loop invariant C holds 2 After both loop steps (or one if other finished), C holds 3 After both loops finished, C implies equality of results 13 / 16

  32. Automatic Invariant Inference Three cases to consider: 1 Initially coupling loop invariant C holds 2 After both loop steps (or one if other finished), C holds 3 After both loops finished, C implies equality of results Automatically inferred coupling loop invariant: (Using Eldarica) ( n 1 > 0 → ( n 1 = n 2 ∧ r 1 + 1 = r 2 )) ∧ ( n 2 ≤ 0 → return 2 = r 1 ) ∧ n 1 ≥ n 2 13 / 16

  33. Automatic Invariant Inference Three cases to consider: 1 Initially coupling loop invariant C holds 2 After both loop steps (or one if other finished), C holds 3 After both loops finished, C implies equality of results Automatically inferred coupling loop invariant: (Using Eldarica) ( n 1 > 0 → ( n 1 = n 2 ∧ r 1 + 1 = r 2 )) ∧ ( n 2 ≤ 0 → return 2 = r 1 ) ∧ n 1 ≥ n 2 • Compare to loop invariant: n = n 0 10 r • Coupling invariant is not trivial, but linear and inferable! 13 / 16

  34. Overview 1 Overapproximation using Uninterpreted Functions 2 Approximation using Uninterpreted Predicates 3 Results and Future Work 14 / 16

  35. Evaluation and Results Approaches implemented for a subset of C: simplRV, Rˆ eve Usable with webinterface: http://formal.iti.kit.edu/ improve/deduktionstreffen2014/ Rˆ eve evaluation (uninterpreted predicates) • 32 short benchmarks of integer programs (10-50 lines) • Collected from literature • Good performance on most equivalent programs • Finds counterexample for non-equivalent programs as well 15 / 16

  36. Conclusion Regression Verification • Initial approach limited to strongly coupled recursions or user feedback • Automatic Invariant Inference: More powerful, using recent techniques in SMT solvers like Eldarica and Z3 Future Work • More examples (larger) • Support arrays, heaps, objects 16 / 16

Recommend

Automating Visual Regression using Galen and Wraith Deepshikha Singh| QA Lead |

Automating Visual Regression using Galen and Wraith Deepshikha Singh| QA Lead |

Automating Visual Regression using Galen and Wraith Deepshikha Singh| QA Lead | @deeps_qa Problems in Layout Testing Manual efforts are high. Possible chances of missing key areas of regression. Not possible to validate

463 views • 24 slides
Starling: automating concurrency verification Mike Dodds (1) , Matthew Parkinson (2) , Matt

Starling: automating concurrency verification Mike Dodds (1) , Matthew Parkinson (2) , Matt

Starling: automating concurrency verification Mike Dodds (1) , Matthew Parkinson (2) , Matt Windsor (1) (1) University of York (2) Microsoft Research Funding from Royal Society Industrial Fellowship for Dodds. Ticketed

232 views • 12 slides
Automating the Verification of Floating-point Algorithms Guillaume Melquiond Inria Saclay

Automating the Verification of Floating-point Algorithms Guillaume Melquiond Inria Saclay

Introduction Interval+Error Advanced Gappa Conclusion Automating the Verification of Floating-point Algorithms Guillaume Melquiond Inria Saclay Ile-de-France LRI, Universit e Paris Sud, CNRS 2014-07-18 Guillaume Melquiond

1.55k views • 126 slides
Regression Verification: Proving Partial Equivalence Talk by Dennis Felsing Seminar within the

Regression Verification: Proving Partial Equivalence Talk by Dennis Felsing Seminar within the

Regression Verification: Proving Partial Equivalence Talk by Dennis Felsing Seminar within the Projektgruppe Formale Methoden der Softwareentwicklung WS 2012/2013 1 / 24 Introduction Formal Verification Formally prove correctness of

457 views • 41 slides
Automating Inventory at Stitch Fix Using Beta Binomial Regression for Cold Start Problems Sally

Automating Inventory at Stitch Fix Using Beta Binomial Regression for Cold Start Problems Sally

Automating Inventory at Stitch Fix Using Beta Binomial Regression for Cold Start Problems Sally Langford - Data Scientist How Stitch Fix works: How Stitch Fix works: - Tell us about your style, fit and price preferences. How Stitch Fix works:

578 views • 47 slides
Relational Specification and Verification From Non-Interference to Regression-free Program

Relational Specification and Verification From Non-Interference to Regression-free Program

Relational Specification and Verification From Non-Interference to Regression-free Program Evolution Bernhard Beckert with M. Kirsten, V. Klebanov, M. Ulbrich, A. Weigl | RS3 Practitioner Event www.kit.edu KIT Universit at des Landes

818 views • 71 slides
iCoq : Regression Proof Selection for Large-Scale Verification Projects Karl Palmskog University

iCoq : Regression Proof Selection for Large-Scale Verification Projects Karl Palmskog University

iCoq : Regression Proof Selection for Large-Scale Verification Projects iCoq : Regression Proof Selection for Large-Scale Verification Projects Karl Palmskog University of Illinois at Urbana-Champaign Joint work with Ahmet Celik and Milos

837 views • 45 slides
piCoq: Parallel Regression Proving for Large-Scale Verification Projects Karl Palmskog , Ahmet

piCoq: Parallel Regression Proving for Large-Scale Verification Projects Karl Palmskog , Ahmet

piCoq: Parallel Regression Proving for Large-Scale Verification Projects piCoq: Parallel Regression Proving for Large-Scale Verification Projects Karl Palmskog , Ahmet Celik, and Milos Gligoric The University of Texas at Austin, USA 1 / 29

891 views • 65 slides
Regression Verification: Project Proposal Presentation by Dennis Felsing within the

Regression Verification: Project Proposal Presentation by Dennis Felsing within the

Regression Verification: Project Proposal Presentation by Dennis Felsing within the Projektgruppe Formale Methoden der Softwareentwicklung SS 2013 1 / 18 Introduction How to prevent regressions in software development? 2 / 18 Introduction

439 views • 27 slides
Verification-Aided Regression Testing Fabrizio Pastore 1 Leonardo Mariani 1 arinen 2 Grigory

Verification-Aided Regression Testing Fabrizio Pastore 1 Leonardo Mariani 1 arinen 2 Grigory

Verification-Aided Regression Testing Fabrizio Pastore 1 Leonardo Mariani 1 arinen 2 Grigory Fedyukovich 2 Antti E. J. Hyv Natasha Sharygina 2 Ondrej Sery 2 Stephan Sehestedt 3 Ali Muhammed 4 1 University of Milano-Bicocca, Italy 2 University of

670 views • 14 slides
Automating batch fecundity measurements Automating batch fecundity measurements using digital

Automating batch fecundity measurements Automating batch fecundity measurements using digital

W orking Group on Acoustic and Egg Surveys for Sardine and Anchovy in I CES Areas VI I I and I X, Nantes, 2 4 -2 8 / 1 1 / 2 0 0 8 Automating batch fecundity measurements Automating batch fecundity measurements using digital image analysis

391 views • 13 slides
Automating Formal Proofs for Reactive Systems Daniel Ricketts , Valentin Robert, Zachary

Automating Formal Proofs for Reactive Systems Daniel Ricketts , Valentin Robert, Zachary

Automating Formal Proofs for Reactive Systems Daniel Ricketts , Valentin Robert, Zachary Danger Tatlock Dongseok Jang, Sorin Lerner University of California, San Diego University of Washington Proof Assistant Based Verification Proof

1.93k views • 163 slides
Logistic Regression James H. Steiger Department of Psychology and Human Development Vanderbilt

Logistic Regression James H. Steiger Department of Psychology and Human Development Vanderbilt

Introduction The Logistic Regression Model Binary Logistic Regression Binomial Logistic Regression Interpreting Logistic Regression Parameters Examples Logistic Regression and Retrospective Studies Logistic Regression James H. Steiger

777 views • 54 slides
RANDOMIZING AND RANDOMIZING AND AUTOMATING ASSESSMENT AUTOMATING ASSESSMENT WITH R WITH R exams

RANDOMIZING AND RANDOMIZING AND AUTOMATING ASSESSMENT AUTOMATING ASSESSMENT WITH R WITH R exams

RANDOMIZING AND RANDOMIZING AND AUTOMATING ASSESSMENT AUTOMATING ASSESSMENT WITH R WITH R exams exams 1 THE THE exams exams PACKAGE PACKAGE by @AchimZeileis and others, Statistics, Universitt Innsbruck www.r-exams.org latest release

379 views • 14 slides
Automating the Automating the configuration of flow configuration of flow monitoring probes

Automating the Automating the configuration of flow configuration of flow monitoring probes

Zurich Research Laboratory Automating the Automating the configuration of flow configuration of flow monitoring probes monitoring probes Xenofontas (Fontas) Dimitropoulos (xed@zurich.ibm.com) Andreas Kind (ank@zurich.ibm.com) IBM | Dec 07

303 views • 14 slides
Automating Authority Work Automating authority work, or, Be your own authority control vendor

Automating Authority Work Automating authority work, or, Be your own authority control vendor

Mike Monaco Coordinator, Cataloging Services May 14, 2018 Automating Authority Work Automating authority work, or, Be your own authority control vendor Ohio Valley Group of Technical Services Librarians Mike Monaco 2018 Conference, May

1.06k views • 67 slides
Introduction to Regression and Correlation James H. Steiger Department of Psychology and Human

Introduction to Regression and Correlation James H. Steiger Department of Psychology and Human

Regression Analysis Some Examples Revisiting Basic Regression Results Anscombes Quartet Smoothing the Mean Function The Scatterplot Matrix Two Bivariate Regression Models Where from Here? Introduction to Regression and Correlation James

1.06k views • 57 slides
Automating Registrar Onboarding What is AROS? A utomated R egistrar O nboarding S ystem

Automating Registrar Onboarding What is AROS? A utomated R egistrar O nboarding S ystem

Automating Registrar Onboarding What is AROS? A utomated R egistrar O nboarding S ystem Replacing the current paper/fax based accreditation system Automating what can be automated Providing a better user experience Improving

232 views • 8 slides
Efficient Regression for Computational Imaging: from Color Management to Omnidirectional

Efficient Regression for Computational Imaging: from Color Management to Omnidirectional

Efficient Regression for Computational Imaging: from Color Management to Omnidirectional Superresolution Maya R. Gupta Eric Raman Garcia Arora Regression 2 Regression Regression Linear Regression: fast, not good enough Problem : Device

601 views • 56 slides
10-601 Machine Learning Regression Outline Regression vs Classification Linear regression

10-601 Machine Learning Regression Outline Regression vs Classification Linear regression

10-601 Machine Learning Regression Outline Regression vs Classification Linear regression another discriminative learning method As optimization Gradient descent As matrix inversion (Ordinary Least Squares) Overfitting

1.52k views • 97 slides
Regression Methods 1. Linear Regression and Logistic Regression: definitions, and a common

Regression Methods 1. Linear Regression and Logistic Regression: definitions, and a common

0. Regression Methods 1. Linear Regression and Logistic Regression: definitions, and a common property CMU, 2004 fall, Andrew Moore, HW2, pr. 4 2. Linear Regression and Logistic Regression: Definitions Given an input vector X , linear

1.07k views • 22 slides
Planning and Optimization B2. Regression: Introduction &amp; STRIPS Case Malte Helmert and

Planning and Optimization B2. Regression: Introduction &amp; STRIPS Case Malte Helmert and

Planning and Optimization B2. Regression: Introduction &amp; STRIPS Case Malte Helmert and Gabriele R oger Universit at Basel October 13, 2016 Regression Regression Example Regression for STRIPS Tasks Summary Regression Regression

466 views • 19 slides
Multiple Regression and Logistic Regression I Dajiang Liu @PHS 525 Apr-14-2016 Multiple

Multiple Regression and Logistic Regression I Dajiang Liu @PHS 525 Apr-14-2016 Multiple

Multiple Regression and Logistic Regression I Dajiang Liu @PHS 525 Apr-14-2016 Multiple Regression Extends simple linear regression to the scenario where Multiple predictors are available Multiple regression often results in better

673 views • 17 slides
Introduction to Electronic Verification Electronic Verification of Educational Records

Introduction to Electronic Verification Electronic Verification of Educational Records

Introduction to Electronic Verification Electronic Verification of Educational Records OVERVIEW 01 04 Scope of Verification Peggys Picks Types of verification, Verifying exam results or parameters, privacy graduation using databases

1.25k views • 81 slides

More recommend