Presentation is loading. Please wait.

Presentation is loading. Please wait.

Software Dynamic White-box Testing Part 2: Data-flow Testing Lecture 7 Prof. Mostafa Abdel Aziem Mostafa.

Published byBrenda Chapman Modified over 8 years ago

Similar presentations

Presentation on theme: "Software Dynamic White-box Testing Part 2: Data-flow Testing Lecture 7 Prof. Mostafa Abdel Aziem Mostafa."— Presentation transcript:

1 Software Dynamic White-box Testing Part 2: Data-flow Testing Lecture 7 Prof. Mostafa Abdel Aziem Mostafa

2 Data-Flow Testing Data-flow testing uses the control flowgraph to explore the unreasonable things that can happen to data (i.e., anomalies). Consideration of data-flow anomalies leads to test path selection strategies that fill the gaps between complete path testing and branch or statement testing.

3 Data-Flow Testing (Cont’d) Data-flow testing is the name given to a family of test strategies based on selecting paths through the program’s control flow in order to explore sequences of events related to the status of data objects. E.g., Pick enough paths to assure that: –Every data object has been initialized prior to its use. –All defined objects have been used at least once.

4 Data Object Categories (d) Defined, Created, Initialized (k) Killed, Undefined, Released (u) Used: – (c) Used in a calculation – (p) Used in a predicate

5 (d) Defined Objects An object (e.g., variable) is defined when it: –appears in a data declaration –is assigned a new value –is a file that has been opened –is dynamically allocated –...

6 (u) Used Objects An object is used when it is part of a computation or a predicate. A variable is used for a computation (c) when it appears on the RHS (sometimes even the LHS in case of array indices) of an assignment statement. A variable is used in a predicate (p) when it appears directly in that predicate.

7 Example: Definition and Uses 1. read (x, y); 2. z = x + 2; 3. if (z < y) 4 w = x + 1; else 5. y = y + 1; 6. print (x, y, w, z); What are the definitions and uses for the program below?

8 Example: Definition and Uses 1. read (x, y); 2. z = x + 2; 3. if (z < y) 4 w = x + 1; else 5. y = y + 1; 6. print (x, y, w, z); DefC-useP-use x, y zx z, y wx yy x, y, w, z

9 Static vs Dynamic Anomaly Detection Static Analysis is analysis done on source code without actually executing it. –E.g., Syntax errors are caught by static analysis.

10 Static vs Dynamic Anomaly Detection (Cont’d) Dynamic Analysis is analysis done as a program is executing and is based on intermediate values that result from the program’s execution. –E.g., A division by 0 error is caught by dynamic analysis. If a data-flow anomaly can be detected by static analysis then the anomaly does not concern testing. (Should be handled by the compiler.)

11 Anomaly Detection Using Compilers Compilers are able to detect several data- flow anomalies using static analysis. E.g., By forcing declaration before use, a compiler can detect anomalies such as: –-u –ku Optimizing compilers are able to detect some dead variables.

12 Is Static Analysis Sufficient? Questions: Why isn’t static analysis enough? Why is testing required? Could a good compiler detect all data- flow anomalies? Answer: No. Detecting all data-flow anomalies is provably unsolvable.

13 Static Analysis Deficiencies Current static analysis methods are inadequate for: –Dead Variables: Detecting unreachable variables is unsolvable in the general case. –Arrays: Dynamically allocated arrays contain garbage unless they are initialized explicitly. (-u anomalies are possible)

14 Static Analysis Deficiencies (Cont’d) –Pointers: Impossible to verify pointer values at compile time. –False Anomalies: Even an obvious bug (e.g., ku) may not be a bug if the path along which the anomaly exists is unachievable. (Determining whether a path is or is not achievable is unsolvable.)

15 Data-Flow Modeling Data-flow modeling is based on the control flowgraph. Each link is annotated with: –symbols (e.g., d, k, u, c, p) –sequences of symbols (e.g., dd, du, ddd) that denote the sequence of data operations on that link with respect to the variable of interest.

16 Simple Path Segments A Simple Path Segment is a path segment in which at most one node is visited twice. –E.g., (7,4,5,6,7) is simple. Therefore, a simple path may or may not be loop-free.

17 Loop-free Path Segments A Loop-free Path Segment is a path segment for which every node is visited at most once. –E.g., (4,5,6,7,8,10) is loop-free. –path (10,11,4,5,6,7,8,10,11,12) is not loop- free because nodes 10 and 11 are visited twice.

18 du Path Segments A du Path is a path segment such that if the last link has a use of X, then the path is simple and definition clear.

19 def-use Associations A def-use association is a triple ( x, d, u,), where: x is a variable, d is a node containing a definition of x, u is either a statement or predicate node containing a use of x, and there is a sub-path in the flow graph from d to u with no other definition of x between d and u.

20 Example: Def-Use Associations 1 3 4 5 read (x, y) w = x + 1 T F y = y + 1 6 print (x,y,w,z) 2 z = x + 2 z < y Some Def-Use Associations: (x, 1, 2), (x, 1, 4), … (x, 1, (3,t)), (y, 1, (3,f)), (y, 1, 5), … (z, 2, (3,t)),...

21 Example: Def-Use Associations What are all the def-use associations for the program below? read (z) x = 0 y = 0 if (z  0) { x = sqrt (z) if (0  x && x  5) y = f (x) else y = h (z) } y = g (x, y) print (y)

22 Example: Def-Use Associations read (z) x = 0 y = 0 if (z  0) { x = sqrt (z) if (0  x && x  5) y = f (x) else y = h (z) } y = g (x, y) print (y) def-use associations for variable z.

23 Example: Def-Use Associations read (z) x = 0 y = 0 if (z  0) { x = sqrt (z) if (0  x && x  5) y = f (x) else y = h (z) } y = g (x, y) print (y) def-use associations for variable x.

24 Example: Def-Use Associations read (z) x = 0 y = 0 if (z  0) { x = sqrt (z) if (0  x && x  5) y = f (x) else y = h (z) } y=g (x, y) print (y) def-use associations for variable y.

25 Definition-Clear Paths A path ( i, n 1,..., n m, j ) is called a definition-clear path with respect to x from node i to node j if it contains no definitions of variable x in nodes ( n 1,..., n m, j ). The family of data flow criteria requires that the test data execute definition-clear paths from each node containing a definition of a variable to specified nodes containing c-use and edges containing p-use of that variable.

26 Data-Flow Testing Strategies All du Paths (ADUP) All Uses (AU) Others not covered in this course …

27 All du Paths Strategy (ADUP) ADUP is one of the strongest data-flow testing strategies. ADUP requires that every du path from every definition of every variable to every use of that definition be exercised under some test All du Paths Strategy (ADUP).

28 An example: All-du-paths What are all the du-paths in the following program ? read (x,y); for (i = 1; i <= 2; i++) print ( “ hello ” ); S a ; if (y < 0) S b ; else print (x);

29 An example: All-du-paths 1 3 4 5 read (x, y) i = 1 print(“hello”) i = i + 1 T F SaSa y < o 2 i <= 2 6 y < o 6 7 print x 8 9 T F SbSb

30 Example: pow(x,y) 1589161417 a b c d e f g h i

31 Example: pow(x,y) du-Path for Variable x /* pow(x,y) This program computes x to the power of y, where x and y are integers. INPUT: The x and y values. OUTPUT: x raised to the power of y is printed to stdout. */ 1 void pow (int x, y) 2 { 3 float z; 4 int p; 5 if (y < 0) 6 p = 0 – y; 7 else p = y; 8 z = 1.0; 9 while (p != 0) 10 { 11 z = z * x; 12 p = p – 1; 13 } 14 if (y < 0) 15 z = 1.0 / z; 16 printf(z); 17 } 1589161417 a b c d e f g h i

32 Example: pow(x,y) du-Path for Variable x /* pow(x,y) This program computes x to the power of y, where x and y are integers. INPUT: The x and y values. OUTPUT: x raised to the power of y is printed to stdout. */ 1 void pow (int x, y) 2 { 3 float z; 4 int p; 5 if (y < 0) 6 p = 0 – y; 7 else p = y; 8 z = 1.0; 9 while (p != 0) 10 { 11 z = z * x; 12 p = p – 1; 13 } 14 if (y < 0) 15 z = 1.0 / z; 16 printf(z); 17 } 1589161417 a b c d e f g h i

33 Example: pow(x,y) du-Path for Variable y /* pow(x,y) This program computes x to the power of y, where x and y are integers. INPUT: The x and y values. OUTPUT: x raised to the power of y is printed to stdout. */ 1 void pow (int x, y) 2 { 3 float z; 4 int p; 5 if (y < 0) 6 p = 0 – y; 7 else p = y; 8 z = 1.0; 9 while (p != 0) 10 { 11 z = z * x; 12 p = p – 1; 13 } 14 if (y < 0) 15 z = 1.0 / z; 16 printf(z); 17 } 1589161417 a b c d e f g h i

34 Example: pow(x,y) du-Path for Variable y /* pow(x,y) This program computes x to the power of y, where x and y are integers. INPUT: The x and y values. OUTPUT: x raised to the power of y is printed to stdout. */ 1 void pow (int x, y) 2 { 3 float z; 4 int p; 5 if (y < 0) 6 p = 0 – y; 7 else p = y; 8 z = 1.0; 9 while (p != 0) 10 { 11 z = z * x; 12 p = p – 1; 13 } 14 if (y < 0) 15 z = 1.0 / z; 16 printf(z); 17 } 1589161417 a b c d e f g h i

35 Example: pow(x,y) du-Path for Variable y /* pow(x,y) This program computes x to the power of y, where x and y are integers. INPUT: The x and y values. OUTPUT: x raised to the power of y is printed to stdout. */ 1 void pow (int x, y) 2 { 3 float z; 4 int p; 5 if (y < 0) 6 p = 0 – y; 7 else p = y; 8 z = 1.0; 9 while (p != 0) 10 { 11 z = z * x; 12 p = p – 1; 13 } 14 if (y < 0) 15 z = 1.0 / z; 16 printf(z); 17 } 1589161417 a b c d e f g h i

36 All Uses Strategy (AU) AU requires that at least one path from every definition of every variable to every use of that definition be exercised under some test. Hence, at least one definition-clear path from every definition of every variable to every use of that definition be exercised under some test. Clearly, AU < ADUP.

37 Data-Flow Testing Tips Resolve all data-flow anomalies. Try to do all data-flow operations on a variable within the same routine (i.e., avoid integration problems). Use strong typing and user defined types when possible.

38 Data-Flow Testing Tips (Cont’d) Use explicit (rather than implicit) declarations of data when possible. Put data declarations at the top of the routine and return data objects at the bottom of the routine.

39 McCabe’s Cyclomatic Complexity Software metric Developed by Tom McCabe (circa 1976) Directly measures the number of linearly independent paths through a program’s source code, taking into account the various decision points Independent of implementation language Source: Wikipedia

40 Calculating Complexity # Regions +1, # Decisions +1 CC= E- N+2P E = the number of edges of the graph N = the number of nodes of the graph P = the number of connected components (exit nodes)connected components Solutions: 1 st Measure= 5+1=6 2 nd Measure= 5+1=6 CC= 17- 13+2= 6

41 How Complex Should Code Be? <10: Simple module, not much risk 10-20: More Complex; moderate risk 20-50: Complex; high risk >50: Untestable; extremely high risk Source: Carnegie Mellon Software Engineering Institute

42 Complexity Caveats As code is broken into smaller modules to decrease cyclomatic complexity, structural complexity increases Some modules may have high complexity but are very easy to comprehend and easy to test High complexity numbers are only an indicator of something to investigate

43 Summary Data are as important as code. Define what you consider to be a data- flow anomaly. Data-flow testing strategies span the gap between all paths and branch testing.

44 Summary AU has the best payoff for the money. It seems to be no worse than twice the number of required test cases for branch testing, but the results are much better. Path testing with Branch Coverage and Data-flow testing with AU is a very good combination.

Download ppt "Software Dynamic White-box Testing Part 2: Data-flow Testing Lecture 7 Prof. Mostafa Abdel Aziem Mostafa."

Similar presentations

DATAFLOW TESTING DONE BY A.PRIYA, 08CSEE17, II- M.s.c [C.S].

DATAFLOW TESTING DONE BY A.PRIYA, 08CSEE17, II- M.s.c [C.S].
Data-Flow Analysis Framework Domain – What kind of solution is the analysis looking for? Ex. Variables have not yet been defined – Algorithm assigns a.

Data-Flow Analysis Framework Domain – What kind of solution is the analysis looking for? Ex. Variables have not yet been defined – Algorithm assigns a.
SOFTWARE TESTING. INTRODUCTION  Software Testing is the process of executing a program or system with the intent of finding errors.  It involves any.

SOFTWARE TESTING. INTRODUCTION  Software Testing is the process of executing a program or system with the intent of finding errors.  It involves any.
Unit Testing CSSE 376, Software Quality Assurance Rose-Hulman Institute of Technology March 27, 2007.

Unit Testing CSSE 376, Software Quality Assurance Rose-Hulman Institute of Technology March 27, 2007.
1 Static Testing: defect prevention SIM3302. 2 objectives Able to list various type of structured group examinations (manual checking) Able to statically.

1 Static Testing: defect prevention SIM objectives Able to list various type of structured group examinations (manual checking) Able to statically.
Software Testing Sudipto Ghosh CS 406 Fall 99 November 16, 1999.

Software Testing Sudipto Ghosh CS 406 Fall 99 November 16, 1999.
IMSE Week 18 White Box or Structural Testing Reading:Sommerville (4th edition) ch 22 orPressman (4th edition) ch 16.

IMSE Week 18 White Box or Structural Testing Reading:Sommerville (4th edition) ch 22 orPressman (4th edition) ch 16.
Software Testing and Quality Assurance

Software Testing and Quality Assurance
Dependable Software Systems

Dependable Software Systems
Chapter 18 Testing Conventional Applications

Chapter 18 Testing Conventional Applications
Unit Testing CS 414 – Software Engineering I Don Bagert Rose-Hulman Institute of Technology January 16, 2003.

Unit Testing CS 414 – Software Engineering I Don Bagert Rose-Hulman Institute of Technology January 16, 2003.
Handouts Software Testing and Quality Assurance Theory and Practice Chapter 5 Data Flow Testing ------------------------------------------------------------------

Handouts Software Testing and Quality Assurance Theory and Practice Chapter 5 Data Flow Testing
SOFTWARE TESTING WHITE BOX TESTING 1. GLASS BOX/WHITE BOX TESTING 2.

SOFTWARE TESTING WHITE BOX TESTING 1. GLASS BOX/WHITE BOX TESTING 2.
Software Testing and QA Theory and Practice (Chapter 4: Control Flow Testing) © Naik & Tripathy 1 Software Testing and Quality Assurance Theory and Practice.

Software Testing and QA Theory and Practice (Chapter 4: Control Flow Testing) © Naik & Tripathy 1 Software Testing and Quality Assurance Theory and Practice.
Topics in Software Dynamic White-box Testing: Data-flow Testing

Topics in Software Dynamic White-box Testing: Data-flow Testing
Software Testing Sudipto Ghosh CS 406 Fall 99 November 9, 1999.

Software Testing Sudipto Ghosh CS 406 Fall 99 November 9, 1999.
Topics in Software Dynamic White-box Testing Part 2: Data-flow Testing

Topics in Software Dynamic White-box Testing Part 2: Data-flow Testing
Data Flow Testing Data flow testing(DFT) is NOT directly related to the design diagrams of data-flow-diagrams(DFD). It is a form of structural testing.

Data Flow Testing Data flow testing(DFT) is NOT directly related to the design diagrams of data-flow-diagrams(DFD). It is a form of structural testing.
Software testing techniques Testing criteria based on data flow

Software testing techniques Testing criteria based on data flow
Presented By Dr. Shazzad Hosain Asst. Prof., EECS, NSU

Presented By Dr. Shazzad Hosain Asst. Prof., EECS, NSU

Similar presentations

Ads by Google