Abstract
SELECT is an experimental system for assisting in the formal systematic debugging of programs. It is intended to be a compromise between an automated program proving system and the current ad hoc debugging practice, and is similar to a system being developed by King et al. of IBM. SELECT systematically handles the paths of programs written in a LISP subset that includes arrays. For each execution path SELECT returns simplified conditions on input variables that cause the path to be executed, and simplified symbolic values for program variables at the path output. For conditions which form a system of linear equalities and inequalities SELECT will return input variable values that can serve as sample test data. The user can insert constraint conditions, at any point in the program including the output, in the form of symbolically executable assertions. These conditions can induce the system to select test data in user-specified regions. SELECT can also determine if the path is correct with respect to an output assertion. We present four examples demonstrating the various modes of system operation and their effectiveness in finding bugs. In some examples, SELECT was successful in automatically finding useful test data. In others, user interaction was required in the form of output assertions. SELECT appears to be a useful tool for rapidly revealing program errors, but for the future there is a need to expand its expressive and deductive power.
- 1 J. F. Benders, "Partitioning Procedures for Solving Mixed-Variables Programming Problems," Numerische Mathematik 4, pp. 238-252 (1962).Google ScholarDigital Library
- 2 J. R. Brown, A. J. deSalvio, D. E. Heine, and J. G. Purdy, "Automated Software Quality Assurance," in Program Test Methods (W. C. Hetzel, ed.), Prentice-Hall, Inc., Englewood Cliffs, N. J.; pp. 181-203 (1973).Google Scholar
- 3 L. P. Deutsch, "An Interactive Program Verifier," Ph.D. dissertation, University of California, Berkeley, California (June 1973).Google Scholar
- 4 B. Elspas, M. W. Green, K. N. Levitt, and R. J. Waldinger, "Research in Interactive Program Proving Techniques," SRI Report 8398-II, Stanford Research Institute, Menlo Park, California (1972).Google Scholar
- 5 B. Elspas, K. N. Levitt, and R. J. Waldinger, "An Interactive System for the Verification of Computer Programs," Final Report, SRI Project 1891, Stanford Research Institute, Menlo Park, California (1973).Google Scholar
- 6 B. Elspas, "The Semiautomatic Generation of Inductive Assertions for Proving Program Correctness," Interim Report, SRI Project 2686, Stanford Research Institute, Menlo Park, California (July 1974).Google Scholar
- 7 R. E. Gomory, "An Algorithm for Integer Solutions to Linear Programs," in Recent Advances in mathematical Programming, R. L. Graves and P. Wolfe (eds .), McGraw-Hill, New York (1963).Google Scholar
- 8 W. C. Hetzel, "A Definitional Framework," in Program Test Methods (Hetzel 1973b); pp. 7-10.Google Scholar
- 9 W. C. Hetzel, "Principles of Computer Program Testing," in Program Test Methods (Hetzel 1973b); pp. 17-28.Google Scholar
- 10 W. C. Hetzel, Program Test Methods, A collection of papers based on the Proceedings of the Computer Program Test Methods Symposium held at the University of North Carolina, Chapel Hill, 1972, and edited by W. C. Hetzel, Prentice-Hall, Inc., Englewood Cliffs, N. J. (1973).Google Scholar
- 11 C. A. R. Hoare, "Algorithm 65, FIND," Comm. ACM, Vol. 4, No. 7, p. 321 (1961). Google ScholarDigital Library
- 12 C. A. R. Hoare, "Proof of a Program: FIND," Comm. ACM, Vol. 14, No. 1, p. 39 (1971). Google ScholarDigital Library
- 13 W. Howden, "Methodology for the Automatic Generation of Program Test Data," Technical Report No. 41, Dept. of Information and Computer Science, University of California , Irvine (15 February 1974).Google Scholar
- 14 S. Igarashi, R. London, and D. Luckham, "Automatic Verification of Programs I: A Logical Basis and Implementation," Memo AIM-200, Stanford Artificial Intelligence. Lab., Stanford, California (May 1973). Google ScholarDigital Library
- 15 S. M. Katz and Z. Manna, "A Heuristic Approach to Program Verification," Proc. IFCAI-73 (August 1973).Google Scholar
- 16 J. C. King, "A Program Verifier," Ph.D. dissertation, Carnegie-Mellon University, Pittsburgh, Pennsylvania (September 1969). Google ScholarDigital Library
- 17 J. C. King, "A New Approach to Program Testing," 1975 International Conference on Reliable Software. Google ScholarDigital Library
- 18 E. F. Miller, Jr., et al., "Structurally Based Automatic Program Testing," paper presented at EASCON ' 74, Washington, D.C., October 7-9 , 1974, available from General Research Corporation, Santa Barbara, California, August 12, 1974.Google Scholar
- 19 F. F, Miller, Jr., #"Overview and Status-Program Validation Project,"3 Report dated 1 October 1974, General Research Corporation, Santa Barbara, California.Google Scholar
- 20 R. Sites, "Clean Termination of Computer Programs," Ph.D. dissertation, Stanford University, Stanford, California (June 1974).Google Scholar
- 21 W. Teitelman, D. G. Bobrow, A. K. Hartley, and D. L. Murphy, BBN-LISP, Tenex Reference Manual (Bolt, Beranek, and Newman, Inc., Cambridge, Massachusetts (1972).Google Scholar
- 22 B. Wegbreit, "The Synthesis of Loop Predicates," Comm. ACM, Vol. 16, No. 2, pp. 102-112 (February 1974). Google ScholarDigital Library
- 23 J. H. Wensley, "A Class of Non-Analytic Iterative Processes," Computer Journal, Vol. 1, No. 4, pp. 163-167 (1958).Google ScholarCross Ref
Index Terms
- SELECT—a formal system for testing and debugging programs by symbolic execution
Recommendations
SELECT—a formal system for testing and debugging programs by symbolic execution
Proceedings of the international conference on Reliable softwareSELECT is an experimental system for assisting in the formal systematic debugging of programs. It is intended to be a compromise between an automated program proving system and the current ad hoc debugging practice, and is similar to a system being ...
Symbolic execution and program testing
This paper describes the symbolic execution of programs. Instead of supplying the normal inputs to a program (e.g. numbers) one supplies symbols representing arbitrary values. The execution proceeds as in a normal execution except that values may be ...
An Approach to Automated Program Testing and Debugging
APSEC '99: Proceedings of the Sixth Asia Pacific Software Engineering ConferenceThis paper presents the ITAD (Integrated Testing and Debugging) system that integrates program testing and debugging processes into a series of consecutive processes and supports automating each of these processes. It also illustrates an example of ...
Comments