ddSMT: A Delta Debugger for the SMT-LIB v2 Format Aina Niemetz and - PowerPoint PPT Presentation

ddSMT: A Delta Debugger for the SMT-LIB v2 Format Aina Niemetz and Armin Biere Institute for Formal Models and Verification (FMV) Johannes Kepler University, Linz, Austria http://fmv.jku.at/ SMT Workshop 2013 July 8 - 9, 2013 Helsinki, Finland

Motivation Why delta debugging? 1 ( s❡t✲❧♦❣✐❝ UFNIA) 2 ( ❞❡❝❧❛r❡✲s♦rt sort1 0) 3 ( ❞❡❝❧❛r❡✲❢✉♥ x () sort1) 4 ( ❞❡❝❧❛r❡✲❢✉♥ y () sort1) 5 ( ❛ss❡rt ( ❂ x y )) 6 ( ♣✉s❤ 1) 7 ( ❞❡❢✐♥❡✲s♦rt sort2 () Bool) 8 ( ❞❡❝❧❛r❡✲❢✉♥ x () sort2) 9 ( ❞❡❝❧❛r❡✲❢✉♥ y () sort2) 10 ( ❛ss❡rt ( ❛♥❞ ( ❛s x Bool) ( ❛s y Bool ))) 11 ( ❛ss❡rt (! (not ( ❛s x Bool )) :named z)) 12 ( ❛ss❡rt z) 13 ( ♣♦♣ 1) 14 ( ❛ss❡rt ( ❢♦r❛❧❧ ((z Int)) ( ❡①✐sts ((zz Int)) ( ❂ z zz )))) 15 ( ❝❤❡❝❦✲s❛t ) 16 ( ❣❡t✲✈❛❧✉❡ ((let ((x 1) (y 1)) ( ❂ x y)))) 17 ( ❡①✐t ) 1 ( s e t − l o g i c UFNIA) 2 ( get − value ( f a l s e )) 3 ( e x i t )

Motivation What delta debugging? 1 ( s❡t✲❧♦❣✐❝ UFNIA) 2 ( ❞❡❝❧❛r❡✲s♦rt sort1 0) 3 ( ❞❡❝❧❛r❡✲❢✉♥ x () sort1) 4 ( ❞❡❝❧❛r❡✲❢✉♥ y () sort1) 5 ( ❛ss❡rt ( ❂ x y )) 6 ( ♣✉s❤ 1) 7 ( ❞❡❢✐♥❡✲s♦rt sort2 () Bool) 8 ( ❞❡❝❧❛r❡✲❢✉♥ x () sort2) 9 ( ❞❡❝❧❛r❡✲❢✉♥ y () sort2) 10 ( ❛ss❡rt ( ❛♥❞ ( ❛s x Bool) ( ❛s y Bool ))) 11 ( ❛ss❡rt (! (not ( ❛s x Bool )) :named z)) 12 ( ❛ss❡rt z) 13 ( ♣♦♣ 1) 14 ( ❛ss❡rt ( ❢♦r❛❧❧ ((z Int)) ( ❡①✐sts ((zz Int)) ( ❂ z zz )))) 15 ( ❝❤❡❝❦✲s❛t ) 16 ( ❣❡t✲✈❛❧✉❡ ((let ((x 1) (y 1)) ( ❂ x y)))) 17 ( ❡①✐t ) 1 ( s❡t✲❧♦❣✐❝ UFNIA) 2 ( ❣❡t✲✈❛❧✉❡ (false )) 3 ( ❡①✐t )

Motivation What delta debugging? 1 ( s❡t✲❧♦❣✐❝ UFNIA) 2 ( ❞❡❝❧❛r❡✲s♦rt sort1 0) 3 ( ❞❡❝❧❛r❡✲❢✉♥ x () sort1) 4 ( ❞❡❝❧❛r❡✲❢✉♥ y () sort1) 5 ( ❛ss❡rt ( ❂ x y )) 6 ( ♣✉s❤ 1) 7 ( ❞❡❢✐♥❡✲s♦rt sort2 () Bool) 8 ( ❞❡❝❧❛r❡✲❢✉♥ x () sort2) 9 ( ❞❡❝❧❛r❡✲❢✉♥ y () sort2) 10 ( ❛ss❡rt ( ❛♥❞ ( ❛s x Bool) ( ❛s y Bool ))) 11 ( ❛ss❡rt (! (not ( ❛s x Bool )) :named z)) 12 ( ❛ss❡rt z) 13 ( ♣♦♣ 1) 14 ( ❛ss❡rt ( ❢♦r❛❧❧ ((z Int)) ( ❡①✐sts ((zz Int)) ( ❂ z zz )))) 15 ( ❝❤❡❝❦✲s❛t ) 16 ( ❣❡t✲✈❛❧✉❡ ((let ((x 1) (y 1)) ( ❂ x y)))) 17 ( ❡①✐t ) → easier to debug − 1 ( s❡t✲❧♦❣✐❝ UFNIA) 2 ( ❣❡t✲✈❛❧✉❡ (false )) → in a time efficient manner − 3 ( ❡①✐t )

Preliminaries What is Delta Debugging? Delta Debugging = input minimization → originally introduced by R. Hildebrandt and A. Zeller in [HZ00] − → related work: shrinking in QuickCheck [CH00] − Basic Idea : Given executable Ex , failure-inducing input I : • Minimize (simplify) I − → I simp • I simp still triggers the original faulty behavior Original minimization strategy: • divide-and-conquer (binary) • remove parts irrelevant to the original faulty behavior → highly customizable, wide range of applications −

Preliminaries Related Work deltaSMT • introduced by our group in [BB09] • tailored to the SMT-LIB v1 format • does not support quantifiers • implements hierarchical delta debugging strategy • nodes are substituted one-by-one in a breadth-first-search (BFS) manner by simpler nodes or their children − → bottleneck in the worst case − → cases, where deltaSMT struggled or unable to minimize input deltaSMT2 • recent and independent update of deltaSMT for SMT-LIB v2 • by P. F. Dobal and P. Fontaine at INRIA • syntactically extends deltaSMT for SMT-LIB v2 compliance • no full support for SMT-LIB v2 • still work-in-progress

ddSMT Overview ddSMT • input minimizer for the SMT-LIB v2 format • based on the exit code of a given executable • supports all SMT-LIB v2 logics • not based on deltaSMT • implements divide-and-conquer delta debugging strategy • employs simplification strategies for ◦ macros (command define-fun ) ◦ command-level scopes (commands push and pop ) ◦ named annotations (attribute :named ) • especially effective in combination with fuzz testing Technical Side Notes • implemented in Python 3 • provides a dedicated, modular, standalone SMT-LIB v2 parser

ddSMT General Workflow Command-Level Command Scope Substitution Substitution Term Substitution Bit Vector Boolean Constant 0 Fresh Variables Constant false (or false term ) (bvor ( bv0 1) term ) (bvand ( bv1 1) term ) Constant true (and true term ) Fresh Variables Integer Constant 0 Fresh Variables store Real ite (left child) ite (right child) Constant 0 Fresh Variables let

ddSMT General Workflow Command-Level Command Scope Substitution Substitution Term Substitution Bit Vector Boolean Constant 0 Fresh Variables Constant false (or false term ) (bvor ( bv0 1) term ) (bvand ( bv1 1) term ) Constant true (and true term ) Fresh Variables Integer Constant 0 Fresh Variables store Real ite (left child) ite (right child) Constant 0 Constant 0 Fresh Variables let

ddSMT General Workflow Command-Level Command Scope Substitution Substitution Term Substitution Bit Vector Boolean Constant 0 Fresh Variables Constant false (or false term ) (bvor ( bv0 1) term ) (bvand ( bv1 1) term ) Constant true (and true term ) for each set of define-fun, Fresh Variables Integer assert and get-value commands Constant 0 Fresh Variables store Real ite (left child) ite (right child) Constant 0 Fresh Variables let

ddSMT General Workflow Command-Level Command Scope Substitution Substitution Term Substitution Bit Vector Boolean Constant 0 Fresh Variables Constant false (or false term ) (bvor ( bv0 1) term ) (bvand ( bv1 1) term ) Constant true (and true term ) Fresh Variables Integer Constant 0 Fresh Variables store Real ite (left child) ite (right child) Constant 0 Fresh Variables let

ddSMT: A Delta Debugger for the SMT-LIB v2 Format Aina Niemetz and - PowerPoint PPT Presentation

ddSMT: A Delta Debugger for the SMT-LIB v2 Format Aina Niemetz and Armin Biere Institute for Formal Models and Verification (FMV) Johannes Kepler University, Linz, Austria http://fmv.jku.at/ SMT Workshop 2013 July 8 - 9, 2013 Helsinki,

Gdb debugger Somewhat limited as a debugger, but works in a command line environment (so

www.frida.re @fridadotre Debugger Debuggee Debugger Debuggee bootstrapper Debugger Debuggee

How to design a Baseband debugger SSTIC 2020 June the 3rd Synacktiv David Berard, Vincent

Sacramento Countys Policies and Response To The Delta Vision and Bay-Delta Conservation Plan

WEL ELCOME E to De Delta Desc scaling SOLUTIONS Before Delta T Descaling After Delta T

Visual Debugger for Jupyter Notebooks: Myth or Reality? Elizaveta Shashkova EuroPython 2019

DELTA Microelectronics Microchip for every industry Make more with less DELTA / ASIC

The Time Has Come: Linux Graphics Debugger Matt Campbell, Senior Engineer, Graphics Developer

CS 240 Programming in C GNU Debugger (gdb) October 16, 2019 Haoyu Wang UMass Boston CS 240

Phi Gamma Delta University of Tampa Phi Gamma Delta Delta Colony at UT 164 universities

COMPANY BRIEF INTRODUCTION DELTA GROUP CURRENT REFERENCES SAUDI ARABIA / Delta Turkish

Analyzing with P Analyzing with P Delta y y g g Delta Presenter: Presenter: Deborah

Lectur Lecture 18: e 18: Electr Electrical Distr ical Distribution ibution Exam Example:

1 Host/Target A Big Problem with Debuggers gdb can be used to debug a program on a

Status of Delta-DOR interoperability Bordeaux Apr 15 th , 2012 Mattia Mercolino E SA/ E SOC

Debugger Usage at HRSK 2009-03-19 Zellescher Weg 12 Willers-Bau A106 Tel. +49 351 - 463 - 31945

Debugging Memory Problems on Cray XT3 Supercomputers with TotalView Debugger Chris Gottbrath,

Bi BigDebug : : Interactive Debugger for Bi Big Data

Open Enrollment for July 1, 2020 benefits Delta Dental Delta Vision Mutual of Omaha Voluntary

Wind Turbine Noise Measurements in Practice Carsten Thomsen, DELTA, cth@delta.dk Simon Mller

Delta Independent Science Board: Recommendation of the Delta Lead Scientist Dr. Elizabeth Canuel

HOW YOUR PLAN W O R K S Delta Dental PPO / Delta Dental Premier Our website is a valuable

Overview 1. Introduction 2. Delta Alliance 2016 2019 3. Results, so far, 2016/2017 4.

Omega Psi Phi Fraternity, Inc. Eta Delta Delta Chapter The History of Omega Psi Phi Omega