 Asserting Expectations. Introduction -Observation alone is not enough for debugging as it can be a burden for a programmer. -One must compare observed.

Slides:

Advertisements

Similar presentations

Rigorous Software Development CSCI-GA Instructor: Thomas Wies Spring 2013 Lecture 5 Disclaimer. These notes are derived from notes originally.

Advertisements

Rigorous Software Development CSCI-GA Instructor: Thomas Wies Spring 2012 Lecture 8.

Lectures on File Management

Semantics Static semantics Dynamic semantics attribute grammars

An Introduction to Java Programming and Object- Oriented Application Development Chapter 8 Exceptions and Assertions.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 20 Slide 1 Critical systems development.

ISBN Chapter 3 Describing Syntax and Semantics.

Chapter 8 Runtime Support. How program structures are implemented in a computer memory? The evolution of programming language design has led to the creation.

Object Oriented Design An object combines data and operations on that data (object is an instance of class) data: class variables operations: methods Three.

Software Engineering and Design Principles Chapter 1.

Road Map Introduction to object oriented programming. Classes

1 Chapter 4 The Fundamentals of VBA, Macros, and Command Bars.

Finding and Debugging Errors

OOP #10: Correctness Fritz Henglein. Wrap-up: Types A type is a collection of objects with common behavior (operations and properties). (Abstract) types.

Describing Syntax and Semantics

Guide To UNIX Using Linux Third Edition

Review of C++ Programming Part II Sheng-Fang Huang.

Computer Science 340 Software Design & Testing Design By Contract.

Dr. Pedro Mejia Alvarez Software Testing Slide 1 Software Testing: Building Test Cases.

Computer Programming and Basic Software Engineering 4. Basic Software Engineering 1 Writing a Good Program 4. Basic Software Engineering.

Ranga Rodrigo. Class is central to object oriented programming.

Unit Testing & Defensive Programming. F-22 Raptor Fighter.

Programming Languages and Paradigms Object-Oriented Programming.

Software Engineering Prof. Dr. Bertrand Meyer March 2007 – June 2007 Chair of Software Engineering Static program checking and verification Slides: Based.

1 Debugging and Testing Overview Defensive Programming The goal is to prevent failures Debugging The goal is to find cause of failures and fix it Testing.

CSC3315 (Spring 2009)1 CSC 3315 Programming Languages Hamid Harroud School of Science and Engineering, Akhawayn University

1 Abstraction  Identify important aspects and ignore the details  Permeates software development programming languages are abstractions built on hardware.

Stephen P. Carl - CS 2421 Recursion Reading : Chapter 4.

CSC 230: C and Software Tools Rudra Dutta Computer Science Department Course Introduction.

CS 261 – Data Structures Preconditions, Postconditions & Assert.

Fall 2004EE 3563 Digital Systems Design EE 3563 VHSIC Hardware Description Language  Required Reading: –These Slides –VHDL Tutorial  Very High Speed.

What is Testing? Testing is the process of finding errors in the system implementation. –The intent of testing is to find problems with the system.

CSCI Rational Purify 1 Rational Purify Overview Michel Izygon - Jim Helm.

Pre- and postconditions, Using assertions and exceptions 1 Pre- and postconditions Using assertions and exceptions.

Design - programming Cmpe 450 Fall Dynamic Analysis Software quality Design carefully from the start Simple and clean Fewer errors Finding errors.

Asserting expectations

90-723: Data Structures and Algorithms for Information Processing Copyright © 1999, Carnegie Mellon. All Rights Reserved. 1 Lecture 1: Introduction Data.

David Streader Computer Science Victoria University of Wellington Copyright: David Streader, Victoria University of Wellington Debugging COMP T1.

Verificare şi Validarea Sistemelor Soft Tem ă Laborator 1 ESC/Java2 Extended Static Checker for Java Dat ă primire laborator: Lab 1 Dat ă predare laborator:

Exceptions and Assertions Chapter 15 – CSCI 1302.

 In the java programming language, a keyword is one of 50 reserved words which have a predefined meaning in the language; because of this,

CMSC 202 Advanced Section Classes and Objects: Object Creation and Constructors.

1 Becoming More Effective with C++ … Day Two Stanley B. Lippman

SWE 4743 Abstract Data Types Richard Gesick. SWE Abstract Data Types Object-oriented design is based on the theory of abstract data types Domain.

1 Assertions. 2 A boolean expression or predicate that evaluates to true or false in every state In a program they express constraints on the state that.

PROGRAMMING TESTING B MODULE 2: SOFTWARE SYSTEMS 22 NOVEMBER 2013.

PROGRAMMING PRE- AND POSTCONDITIONS, INVARIANTS AND METHOD CONTRACTS B MODULE 2: SOFTWARE SYSTEMS 13 NOVEMBER 2013.

Programming & Debugging. Key Programming Issues Modularity Modifiability Ease of Use Fail-safe programming Style Debugging.

CSc 352 Debugging Tools Saumya Debray Dept. of Computer Science The University of Arizona, Tucson

Chapter 1 The Phases of Software Development. Software Development Phases ● Specification of the task ● Design of a solution ● Implementation of solution.

Design by Contract. The Goal Ensure the correctness of our software (correctness) Recover when it is not correct anyway (robustness) Correctness: Assertions.

1 ENERGY 211 / CME 211 Lecture 14 October 22, 2008.

CSE 374 Programming Concepts & Tools Hal Perkins Fall 2015 Lecture 17 – Specifications, error checking & assert.

Testing Tutorial 7.

Chapter 6 CS 3370 – C++ Functions.

YAHMD - Yet Another Heap Memory Debugger

Debugging Memory Issues

Testing and Debugging PPT By :Dr. R. Mall.

Logger, Assert and Invariants

Topics: jGRASP editor ideosyncrasies assert debugger.

CSE 374 Programming Concepts & Tools

CSE 143 Error Handling [Section 2.8] 3/30/98 CSE 143.

PPT9: Asserting expectations

CSc 352 Debugging Tools Saumya Debray Dept. of Computer Science

Java Modeling Language (JML)

Assertions References: internet notes; Bertrand Meyer, Object-Oriented Software Construction; 4/25/2019.

Computer Science 340 Software Design & Testing

Classes and Objects Object Creation

CMSC 202 Constructors Version 9/10.

Presentation transcript:

 Asserting Expectations

Introduction -Observation alone is not enough for debugging as it can be a burden for a programmer. -One must compare observed facts with expected program behavior. -This can take multitudes of time which can also be expensive.

Observation vs. Assertion -With computing power increasing exponentially, it has become reasonable to shift the burden of observing code over to the computer. -That is, to have the computer check whether the program state is still sane, or whether and infection has occurred.

Observation vs. Assertion The above image shows the difference between observation and assertion in relation to time. Observation(a) is limited to small probes while assertion(b) can cover a much larger area over time.

Basic Assertions -To have a program ensure it’s sane state automatically is actually quite simple. -Inserting code that checks for infections is a simple yet meaningful task that can save large amounts of time and help further develop efficient code.

Basic Assertions -For instance, to ensure that a divisor is nonzero one could write: -This type of code has been used since the dawn of computing but it is still somewhat clumsy.

Basic Assertions -The assert(x) function is a better alternative that aborts is the execution of x should be false. A simple assert function is shown below.

Assertion and Macros -In practice, simply having assertions marked as such does not suffice. -We want to be able to turn assertions off, and we want them to report diagnostic information about the specific even that failed.

Asserting Invariants -The most important use of assertions in debugging is to ensure data invariants – properties that must hold throughout the entire execution. -With each invariant we must set pre/post conditions and then test them later for correctness.

Ensuring Sanity -The boolean sane() method can be used to ensure a sane state during execution. Using this function helps eliminate the redundancy of many individual assert() statements.

Sane() Example -The following statement ensures that Time will be a valid time between 00:00:00 and 23:59:60.

Locating Infections -Pre-conditions: if violated, infection must have taken place before invariant executed. -Post-conditions: if violated infection must have taken place during invariant execution. All assertion pass :if the post condition holds, the infection cannon have taken place during invariant execution.

Complex Invariants -If data structures get more complex, the invariants become more complex too but also ensure more properties. -The next slide is an example of a class invariant of a JAVA red/black tree – the base of JAVA TreeMap class.

Complex Invariant Example

Invariant in Debuggers -Once one has a function that checks data invariants, one can also invoke it in an interactive debugger to check data sanity on-the-fly. A conditional breakpoint in GDB such as: Acts like an assertion.

Design by Contract Concept The EIFFEL language incorporates the concept of design by contract, where a contract is a set of preconditions that must be met by the caller and a set of post conditions that are guaranteed by the callee.

Design by Contract Concept - In EIFFEL, a contract regarding set_hour() would be specified as: - In addition require and ensure, EIFFEL provides an invariant keyword the condition of which is checked before and after every invocation of the public method.

Defining Invariants with Z - Z is a specification language built upon the concepts of discrete math. - In Z specification, it is easy to recognize the invariants as well as the pre and post conditions. - Such a specification is obviously far more precise than the natural-language version.

Invariants with Z Example

Java Modeling Language (JML) -JML is a modeling language that excels in expressive power, quantity, and quality. -JML assertions are written as special comments in the JAVA code, recognized by JML tools alone and ignored by ordinary JAVA compilers. -Using requires and ensures keywords, one can specify the pre and post conditions of an individual JAVA method in EIFFEL style.

JML Example

JML - invariant is used to assert data sanity (as in EIFFEL, the invariant is checked before and after invocation of a public method). - \forall is used to express conditions that span multiple variables - signals is the specification of exceptional behavior

More Complex JML

Relative Assertions -Sometimes it is beneficial to compare two programs that are expected to have similar behavior in some aspect or possibly every aspect. -One common scenario is if P1 is a new version of P0. -One can simply compare the results of the reference program to the program being tested.

Compare Variable Across Two Runs

MALLOC_CHECK -Using the GNU C runtime library, one can avoid common errors related to heap use simply by setting an environment variable called MALLOC_CHECK. -For example, one can detect multiple deallocation of heap memory.

MALLOC_CHECK Example

ELECTRICFENCE -The ELECTRICFENCE library effectively prohibits buffer overflows. -Arrays in memory are allocated such that each array is preceded and followed by a nonexisting memory area.

VALGRIND -VALGRIND provides the functionality of ELECTRICFENCE, plus a little more. VALGRIND detects: -Read access to noninitialized memory -write or read access to nonallocated memory -write or read access across array boundaries -write or read access in specific stack areas -Detection of memory leaks

VALGRIND Example

Language Extensions: CYCLONE -There exists safer dialect’s of existing programming languages that carry extensions that allow programmers to specify further properties of language entities. -One example is CYCLONE which is a safer dialect of the C programming language.

CYCLONE -CYCLONE’s central extension of C is the concept of special pointers. -For instance, in CYCLONE one can declare a pointer that can never be NULL by instead of *. -Another feature is fat pointers – pointers that not only record a location but bound information (such as the size of the area being pointed to). -Fat pointers are declared using ? Instead of *.

Assertion and Production Code -When it comes to releasing the program, should we still have checks enabled? Depends.

Assertion and Production Code -Critical Results: If your program computes a result that people’s lives, health or money depends on, it is a good idea to validate the result using some additional computation. -External Conditions: Any conditions that are not within our control must be checked for integrity. -The more active assertions there are, the greater the chances of catching infections. -The sooner a program fails, the easier it is to track the defect. -Defects that escape into the field are the most difficult to track. -By default, failing assertions are not user friendly. -Assertions impact performance

Tools -JML: -ESC/JAVA: combines static checking with JML -GUARD: the GUARD relative debugger was presented by Sosic and Abramson, who also pioneered the concept of relative debugging. -VALGRIND: The VALGRIND tool for Linux is part of Linux distributions for x86 processors -PURIFY: PURIFY, marketed by IBM, is also available for Linux/Unix and Windows. -INSURE++: INSURE++ is a commercial tool that detects memory problems by instrumenting C and C++ source code. -CYCLONE: dialect was developed by jim et al. An open-source compiler for Linux can be downloaded. -CCURED: The CCURED language by Necuala et al. Takes an approach similar to that of CYCLONE, but moves control from the programmer to the system