JPF - Java Path Fide

1

MC LC

M U8

CHNG 1-C S L LUN10

1.1Tng quan kim nh phn mm10

1.2Cc nhm kim nh phn mm10

CHNG 2-JAVA PATH FINDER V THC THI TNG TRNG12

2.1Gii thiu v JPF12

2.1.1JPF c th kim tra nhng chng trnh g?13

2.1.2Kin trc mc cao ca JPF14

2.1.3Kh nng m rng ca JPF15

2.1.4Mt s m rng ca JPF16

2.2Thc thi tng trng sinh d liu kim th17

2.2.1Thc thi tng trng l g?17

2.2.2Thc thi tng trng vi JPF18

2.2.3Hng dn thc thi tng trng vi JPF19

2.2.4Hn ch29

CHNG 3-MICROSOFT Z331

3.1SMT l g31

3.2Z3 l g31

3.3Ti sao li l Z3?32

3.4Kin trc ca Z332

3.5nh dng u vo33

3.6nh dng SMT-LIB34

3.6.1Cc chc nng chnh ca SMT-LIB.34

3.7Cc quan h, phng thc, v hng s.35

3.7.1Tt c cc phng thc l tuyt i ( total)35

3.7.2Uninterpreted function v hng s36

3.7.3Phng thc quy36

3.8S hc37

3.8.1S hc tuyn tnh thc37

3.8.2S hoc tuyn tnh nguyn37

3.8.3Trn gia s nguyn v s thc.38

3.8.4S hc phi tuyn tnh38

3.9Kiu d liu39

3.9.1Kiu bn ghi39

3.9.2Kiu lit k ( enumeration)39

3.9.3Kiu d liu qui.39

3.10V d v Z340

3.11Mt vi ng dng ca Z340

CHNG 4-TCH HP Z3 VI JPF42

4.1Nghin cu nh gi cc gii php42

4.2Kin trc h thng42

4.3Chuyn i d liu43

4.4Thit k v ci t47

4.5Kt qu v nh gi48

KT LUN V HNG PHT TRIN CA TI53

TI LIU THAM KHO54

DANH MC CC HNH

Hnh 2.1: M hnh hot ng ca JPF12

Hnh 2.2: S trng thi trong qu trnh kim th13

Hnh 2.3: Kin trc mc cao14

Hnh 2.4: Mu Listener15

Hnh 2.5: V d v thc thi tng trng18

Hnh 2.6: u ra trn Eclipse cho MyClass121

Hnh 2.7: u ra ca MyClass2 trn Eclipse22

Hnh 2.8: u ra ca MyClass2sau khi lc kt qu trn Eclipse24

Hnh 2.9: u ra ca MyDriver trn Eclipse25

Hnh 2. 10: u ra ca MyClassFP trn Eclipse27

Hnh 3.1: Kin trc ca Z333

Hnh 4.1: Kin trc h thng43

Hnh 4.2: S mc gi47

Hnh 4.3: S lp tng qut48

Hnh 4.4: Kt qu vi Choco - s hc tuyn tnh49

Hnh 4. 5: Kt qu vi z3 - s hc tuyn tnh.50

Hnh 4. 6: Kt qu vi Choco s hc phi tuyn tnh51

Hnh 4. 7: Kt qu vi Z3 s hc phi tuyn tnh52

M U

Trong nhng nm gn y, vic pht trin phn mm ngy cng c chuyn nghip ha. Cc phn mm c pht trin ngy cng c quy m ln. Yu cu m bo cht lng phn mm l mt trong nhng mc tiu quan trong nht, c bit trong mt s lnh vc nh y khoa, ngn hng, hng khng Vic kim th, kim chng phn mm mt cch th cng ch m bo c phn no cht lng ca phn mm. V vy rt nhiu cc t chc, cng ty nghin cu v pht trin cc l thuyt cng nh cng c kim chng, kim th phn mm mt cch t ng.

Xut pht t nhu cu thc t trn, tc gi nghin cu mt s l thuyt, cng c trong vic kim chng v kim th phn mm. Mt l thuyt nn tng rt quan trng l l thuyt v tnh tha c, vit tt l SMT (Satisfiability Modulo Theories). L thuyt v tnh tha c c ng dng gii quyt nhiu bi ton trong cng ngh phn mm nh:

Kim chng chng trnh

Khm ph chng trnh

M hnh ha phn mm

Sinh cc ca kim th

Hin nay Microsoft Z3 l mt cng c tm li gii cho SMT ang c p dng trong nhiu d n ca Microsoft nh: Pex, Spec#, SLAM/SDV, Yogi. Z3 c nh gi l cng c tm li gii mnh nht hin nay. Tuy nhin Z3 ch c p dng cho cc ngn ng ca Microsoft. V vy tc gi t ra vn : Liu c th s dng Z3 kim chng cho cc chng trnh vit bng ngn ng khc nh Java?

Trong qu trnh nghin cu v kim chng chng trnh tc gi cng c tm hiu v JavaPathFinder (JPF). JPF l mt d n m ngun m c pht trin trn ngn ng Java. Hin nay c mt m rng ca JPF trong vic sinh t ng d liu u vo kim th chng trnh. Tuy nhin cn rt nhiu hn ch, v vy tc gi ngh n vic lm sao tch hp c Z3 vi JPF c th sinh t ng d liu kim th chng trnh. Nu vic tch hp thnh cng th s dn ti vic gii quyt c lp bi ton rng hn. iu ny l rt c ngha i vi thc t.

Mc tiu ti:

Mc tiu ca ti l nghin cu nm bt r v Z3 v JPF. Sau bc u tch hp thnh cng Z3 v JPF c th sinh t ng d liu kim th chng trnh Java cho cc bi ton m hin nay JPF khng th thc hin c. (v d: sinh t ng d liu cho s hc phi tuyn tnh).

CU TRC CA LUN VN

Lun vn bao gm cc phn sau:

M u: Gii thiu v ti, tnh cp thit cng nh mc tiu ca ti

Chng 1: C s l lun

Chng 2: JPF v Thc thi tng trng

Ni dung: Gii thiu JPF l g? Kin trc ca JPF, cch m rng, pht trin trn JPF. Ngoi ra cn mt phn rt quan trng l gii thiu v thc thi tng trng sinh d liu kim th cho chng trnh trong JPF. M rng ny s cho php sinh t ng d liu kim th chng trnh Java.

Chng 3: Microsoft Z3

Ni dung: Gii thiu v l thuyt tnh tha c SMT, Z3, cc l thuyt c h tr trn Z3, cc API ca Z3 tch hp vi JPF, cc ng dng ca Z3.

Chng 4: Tch hp JPF vi Z3

Ni dung: Nghin cu, nh gi cc gii php. Sau khi c gii php tin hnh thit k kin trc h thng, sau chi tit ha sang mc gi, mc lp cui cng l ci t v nh gi kt qu.

Kt lun v hng pht trin ca lun vn

Trnh by kt qu sau khi nghin cu, trin khai v hng pht trin tip theo.

C S L LUN

Tng quan kim nh phn mm

Nh chng ta bit, vic kim th phn mm l mt khu khng th thiu trong cc bc pht trin phn mm, c bit cc phn mm ln, nhiu module do nhiu ngi pht trin, d sinh ra cc li tim n m nh pht trin khng th lng trc. Trong lnh vc kim nh cht lng phn mm hin nay trn th gii, hin c nhiu k thut nhng tu chung c th phn theo ba nhm chnh: Phn tch m ngun tnh (static code analysis), kim th d liu ng (dynamic data testing) v k thut hnh thc da trn m hnh (model-based verification). Hai nhm u tp trung vo vic nng cao cht lng phn mm ti mc m ngun, trong khi nhm cui cng x l phn mm ti mc tru tng cao hn m hnh.

Cc nhm kim nh phn mm

Phn tch m ngun tnh l k thut pht hin li chng trnh m khng yu cu chy chng trnh . Khng ging nh k thut kim th d liu ng i hi phi chy chng trnh vi d liu u vo tht, k thut phn tch m ngun tnh ch xem xt m ngun ca chng trnh.

K thut kim th phn mm da trn m hnh: khc vi hai nhm trn im i tng c kim th l cc m hnh c tru tng ha t h thng c xem xt. Qu trnh tru tng ha l vic lc b nhng chi tit ca h thng trong khi ch gi li nhng thng tin/kha cnh quan trng cn c lu tm. K thut tru tng ha n gin ha h thng c xem xt v do gim khng gian tm kim v thi gian phn tch chng trnh i nhiu ln so vi lc thc hin cng vic phn tch trn m ngun.

Khi xy dng xong phn mm, chng ta phi s dng cc testcase (trng hp kim th) cho vic kim th. Cht lng ca vic kim th ph thuc rt ln vo tp hp cc testcase m chng ta s dng. Hai tiu ch chnh ca vic nh gi cht lng kim th l hiu qu cho cht lng phn mm c kim th l ph dng chy (control flow coverage) v ph d liu (data coverage). Tiu ch th nht tp trung vo vic kim th tt c cc im iu khin trn chng trnh (v d: cc nhnh r kh t trong cu trc chng trnh reachable control points). Trong khi tiu ch th hai tp trung vo tp d liu kim th ng vi mi im iu khin trong cu trc chng trnh.

Bng k thut phn tch chng trnh da trn m hnh sau khi tru tng ha m ngun ca chng trnh c kim th, vic phn tch cu trc logic ca chng trnh v tp d liu ng vi mi im iu khin trong chng trnh s d dng hn. Qua , qu trnh sinh ra tp cc testcase s nhanh chng v chnh xc, m bo cc tiu ch control flow v data coverage tt hn nhiu so vi cch tip cn mc m ngun truyn thng. Hn na, nu qu trnh ny c thc hin mt cch t ng s gim thiu nhiu cng sc cho cc chuyn gia kim th chng trnh. Vi cch tip cn nh vy, phn mm c th c kim th mt cch t ng bng my, em li kt qu chun hn, xt c nhiu trng hp hn, t bit l cc li logic, tit kim chi ph sn xut.

nh gi tp d liu kim th: Ngoi tr nhng chng trnh n gin, s l khng thc t nu kim chng phn mm trn tp tt c d liu u vo c th. Ngay c khi ch tnh t hp ca cc d liu u vo hoc t hp ca cc hm, s lng u vo v s lng cc trng thi cng l qu ln. Khi h thng c b nh ln, cc d liu u vo, u ra s c log li theo di trng thi. Trong khi khng c mt cng c to ra mt thit k phn mm chun, hon chnh v chc chn th vic kim th l mt khu khng th thiu c th nh gi c cht lng phn mm. V th ngi ta phi tm cch chn c mt tp d liu nh m c th kim th mang li c tin cy cao vi mi h thng.

ph hay mc y bng trc quan nh gi c phm vi hay mc kim th. Nu kim th khng y c ht mi kha cnh ca phn mm ng ngha vi vic chng ta b st nhiu li. Cc tn sut ca cc trng hp cng khng ging nhau.

Khi nim ca kim th n gin l kim chng cc trng thi a ra th hin cho hot ng ca h thng. Chng ta c th to ra ca kim th t c trng thi c th bng cch a vo cc bin c bit, trng thi iu khin h thng.

JAVA PATH FINDER V THC THI TNG TRNG

Trong chng ny s bao gm hai phn chnh. Phn 1 gii thiu v JPF, mt d n m ngun m c vit bng ngn ng java kim chng m hnh. Phn 2 gii thiu mt m rng ca JPF l thc thi tng trng trong vic sinh t ng d liu kim th chng trnh Java.

Gii thiu v JPF

JPF l mt b kim tra m hnh phn mm trng thi tng minh cho Java [5]. Hiu mt cch c bn JPF l mt my o thc thi chng trnh Java khng ch mt ln (ging nh cc my o thng thng), m thc thi trong tt c cc nhnh, cc ng i c th. JPF s kim tra cc vi phm thuc tnh nh kha cht hoc cc ngoi l khng th bt c xuyn xut cc ng thc thi tim nng. Hnh 2-1 m t m hnh hot ng ca JPF.

Hnh 2.1: M hnh hot ng ca JPF

V l thuyt iu ny l rt kh thi, tuy nhin vi vic tng kch c ca ng dng, phn mm kim chng m hnh phi i mt vi nhiu thch thc. JPF cng khng l ngoi l. Cu tr li ca chng ta l tng s linh hot ca JPF thch nghi vi mt ng dng c th. Chng ta c th coi JPF nh l mt Framework v t pht trin m rng c th gii quyt c bi ton c th m chng ta mun.

JPF c th kim tra nhng chng trnh g?

JPF c th kim tra tt c cc chng trnh Java. JPF c th tm ra cc kha cht hoc ngoi l. Ngoi ra chng ta c th t pht trin m rng kim tra cc thuc tnh khc. hiu r hn v JPF chng ta c th xt v d sau:

To mt lp l Rand.java nh bn di, sau chng ta s dng JPF kim tra xem c li khng.

import java.util.Random;

public class Rand {

public static void main (String[] args) {

Random random = new Random(42); // (1)

int a = random.nextInt(2); // (2)

System.out.println("a=" + a);

int b = random.nextInt(3); // (3)

System.out.println(" b=" + b);

int c = a/(b+a -2); // (4)

System.out.println(" c=" + c);

}

}

Hnh 2.2: S trng thi trong qu trnh kim th

Hot ng ca lp trn l khi to 2 bin a v b mt cch ngu nhin trong cc khoang tng ng la [0,2] v [0,3]. Sau c mt bin c c gi tr c xc nh bng cng thc c = a/(b+a-2).

Nu ta chy chng trnh java ny thng thng th c th thy kt qu l: a = 1, b =0, v c = -1. Nh vy chng trnh l khng c li. Tuy nhin nu ta s dng JPF kim tra chng trnh trn th s thy nh hnh v bn di:

Nhn hnh v trn ta c th thy nu chy chng trnh java bnh thng th ta ch c th nhn c 1 trong 6 kt qu trn, do vy kh nng ln l khng pht hin c ra li ( ng bi l v d). Tuy nhin JPF s tm ra tt c cc ng i ca chng trnh sau kim tra chng. Ta s thy c 2 trng hp li gy ra bi php chia cho 0.

Kin trc mc cao ca JPF

Hnh 2.3: Kin trc mc cao

Hnh 2-3 biu din s kin trc mc cao ca JPF. JPF c thit k thnh 2 thnh phn chnh l: JVM, v Search.

JVM l mt b sinh trng thi c th Java. Bng vic thc hin cc ch th Java bytecode.

Search chu trch nhim la chn trng thi m JVM nn x l, hoc hng JVM sinh trng thi tip theo, hoc yu cu JVM quay tr li mt trng thi trc . Ni mt cc khc Search c th coi nh cc driver cho cc i tng JVM. Search cng cu hnh v nh gi cc i tng thuc tnh. Cc ci t chnh ca Search bao gm tm kim theo su (DFSearch) v HeuristicSearch. Mt ci t Search s cung cp mt phng thc Search n gin bao gm mt vng lp chnh s duyt qua tt c cc khng gian trng thi lin quan cho n khi n duyt xong tt c hoc tm ra mt vi phm thuc tnh (property violation).

Kh nng m rng ca JPF

Hnh 2.4: Mu Listener

JPF c th c coi nh l mt Framework m ti bt k nh pht trin no u c th m rng phc v cho mt mc ch c th. JPF cung cp mt c ch m rng cho php thm vo cc chc nng mi m khng phi thay i trc tip ci t ca Search hoc VM.

Yu cu v kh nng m rng c th t c bng cch s dng mu Listerner trn hnh 2-4. Cc th hin s t ng k hoc ng k vi i tng Search/VM, nhn thng bo khi mt i tng (Subject) tng ng thc thi mt hot ng nht nh, v sau c th tng tc vi i tng truy vn cc thng tin b sung hoc iu khin hnh vi ca i tng.

Vic thay i cc kha cnh ca i tng c nh x vo cc phng thc Observer ring bit, cc th hin ca i tng s c truyn i nh tham s. i tng Subject s theo di cc listener ng k theo Multicaster.

C 3 mc khc nhau c th ly c thng tin ca i tng Subject bng cch ci t listener.

Generic listener c tr bn ngoi cc gi JPF v ch s dng cc thng tin c cng khai (public) theo gov.nasa.jpf.Search / VM.

Search-specific listener c tr bn ngoi gi JPF nhng s a cc tham s thng bo ca i tng Subject vo cc ci t c th (v d: gov.nasa.jpf.search.heuristic.BFSHeuristic), v s dng cc API ca n ly cc thng tin ci t c th.

Internal - listener c tr trong cc gi ci t Subject ring bit v truy cp cc thng tin ring ca gi ( private) .

Mt s m rng ca JPF

Vi kin trc m rng linh hot, hin nay c mt s m rng c pht trin cho JPF

UI - User Interface Model Checking

y l m rng cho vic kim tra m hnh mt lp c bit ca cc ng dng Java l cc chng trnh Swing v AWT. M rng ny c ci t nh mt nh vin chun c m hnh ha MJI (MJI L vit tt ca: Model Java Interface) nhm thay th cc chc nng ca Swing v AWT m cc ng dng giao din s dng chun ca Java c th c kim th vi cc u vo khc nhau.symbc - Symbolic Test Data Generation

M rng ny s dng BytecodeFactory ghi li (core) JPF bytecodes nhm sinh ra cc ca kim th ring bit. Ni tm li n hot ng bng cch s dng cc thuc tnh/ trng ca JPF thu thp cc iu kin ng i PC, sau c a cc PC vo mt h thng tm li gii theo inh dng ca h thng a ra d liu kim th. M rng ny s c trnh by chi tit hn phn 2.2.

cv - Compositional Verification Framework

M rng ny l mt thut ton hc my c s dng cho cc lp lun tha nhn/ m bo, nhm mc ch phn chia h thng thnh cc thnh phn con v sau kim chng tng thnh phn mt cch ring r. Mc ch chnh ca m rng ny l ci tin kh nng ca JPF, n c th c s dng sinh ra mi trng gi nh cho kim chng m hnh UML, xc nh cc trnh t s kin ng.

numeric - Numeric Property Verification

M rng ny c s dng kim chng cc thuc tnh ca s hc. Ban u m rng c s dng nh nh mt tp cc lp ch th s hc pht hin trn b nh, sau c m rng kim chng vic truyn gi tr khng chnh xc, so snh du phy ng chnh xc (floating point comparison).

statechart - UML State Chart Model Checking

Mc ch ca m rng ny l kim tra lc chuyn trng thi UML. Trong m rng ny mi mt biu chuyn trng thi s c biu din tng ng vi mt lp Java (hoc nhiu lp). Sau qu trnh kim tra s l kim tra cc lp java .

Thc thi tng trng sinh d liu kim thThc thi tng trng l g?

i gi tr gia 2 bin ng i c th

Hnh 2.5: V d v thc thi tng trng

K thut thc thi tng trng l k thut thc thi chng trnh bng cch s dng cc gi tr tng trng, khng phi s dng cc gi tr c th [2]. hiu r thc thi tng trng l g, xt v d chuyn i gia 2 bin x v y:

v d trn, nu trong trng hp thc thi tng trng, gi tr ca x v y l cc gi tr tng trng X, Y ch khng phi l cc gi tr c th. Kt qu ca qu trnh thc thi tng trng s duyt ht cc dng i c th c ca chng trnh, v cho ra iu kin ng i.

u im ca phng php ny l ta c th thc thi ti bt k im no trong chng trnh v c th trn gia u vo tng trng vi u vo c th. Phng php ny s cho ta cc iu kin ng i ca chng trnh, v vi vic s dng cc cng c tm li gii cho cc iu kin ng i (coi mi iu kin ng i l mt biu thc) s sinh ra d liu kim th cho chng trnh.

Tuy nhin phng php ny cng c gii hn l c th bng n cc ng i trong vic thc thi tng trng.

Thc thi tng trng vi JPF

Thc thi tng trng l mt m rng ca JPF. M rng ny ca JPF s thc thi tng trng cc chng trnh java. Mt trong nhng ng dng chnh ca m rng ny, l t ng sinh d liu kim th bao ph ton b chng trnh ca m ngun.

M rng ny phi hp thc thi tng trng vi kim chng m hnh v cc rng buc gii quyt sinh d liu kim th. Trong cng c ny, cc chng trnh c thc thi trn u vo tng trng. Cc gi tr ca cc bin c biu din nh v cc biu thc s v rng buc, chng c sinh t vic phn tch cu trc m ngun. Nhng rng buc sau c gii quyt sinh ra cc d liu kim th m bo t c phn m ngun .

Ti thi im hin ti JPF h tr cc tham s nguyn v thc. Tuy nhin vn cn mt s trng hp cn gii quyt cho s thc.

Hin ti m rng ny ch h tr cc rng buc tuyn tnh (s hc tuyn tnh), s hc phi tuyn l cha c h tr. Thng tin tng trng c truyn theo cc thuc tnh kt hp vi cc bin v cc ton t. Thc thi tng trng c th bt u t bt k im no trong chng trnh v n c th thc thi tng trng ring bit vi nhau.

Hng dn thc thi tng trng vi JPF

thc hin mt phng thc mt cch tng trng, ngi s dng cn c t tham s phng thc no l tng trng/c th. Cc tham bin ton cc cng c th c c t thc thi tng trng, theo cc s ch thch c bit. y l mt v d chy mt thc thi tng trung. V d ny cho php thc thi tng trng ca phng thc test trong lp chnh.

+vm.insn_factory.class=gov.nasa.jpf.symbc.SymbolicInstructionFactory

+jpf.listener=gov.nasa.jpf.symbc.SymbolicListener

+symbolic.method=test(sym#con)

+search.multiple_errors=true

+jpf.report.console.finished=

ExSymExe

Mt v d n gin

Sau y l mt v d rt n gin ca vic thc thi tng trng vi JPF. Chng ta c th s dng Eclipse hoc thng qua giao din dng lnh.

Gi s ta c phng thc sau trong lp bn mun sinh kim th:

public class MyClass1 {

public int myMethod(int x, int y) {

int z = x + y;

if (z > 0) {

z = 1;

} else {

z = z - x;

}

z = 2 * z;

return z;

}

}

Chng ta s cn to mt driver gi myMetho(int,int). Driver c th l mt lp khc hoc phng thc main() ca chnh lp ny. Trong trng hp ny ta s vit driver trong phng thc main() ca lp MyClass1.

Trong v d n gin ny, driver ch cn gi myMethod() vi s v kiu tham s ng sau in ra iu kin ng i (Path condition PC). iu lu l tham s chnh xc khng phi l vn , v chng ta s thc thi myMethod() mt cch tng trng, tt c cc gi tr c th s c thay th bng gi tr tng trng.

Chng ta c th xem cc ca kim th (test case) bng cch in ra iu kin ng i. Vic ny thc hin c bng cch gi phng thc: gov.nasa.jpf.symbc.Debug.printPC(). Sau y l m ngun y :



int z = x + y;

if (z > 0) {

z = 1;

} else {

z = z - x;

}

z = 2 * z;

return z;

}

// driver kim th

public static void main(String[] args) {

MyClass1 mc = new MyClass1();

int x = mc.myMethod(1, 2);

Debug.printPC("MyClass1.myMethod Path Condition: ");

}

}

Khi nu chy bng Eclipse s cho kt qu sau:

Hnh 2.6: u ra trn Eclipse cho MyClass1

Nhn vo kt qu trn cc PC s ch ra cc ca kim th l

Ca kim th 1: y = -9999999, x = 10000000

Ca kim th 2: y = -10000000, x = 10000000

Ca kim th 1 tng ng vi z > 0 ca cu lnh if ca phng thc myMethod. Ca kim th 2 tng ng vi nhnh z0.

Lc cc trng hp kim th

Chng ta thay i MyClass1 thnh MyClass 2 nh sau.


private int myMethod2(int x, int y) {

int z = x + y;

if (z > 0) {

z = 1;

}

if (x < 5) {

z = -z;

}

return z;

}

// The test driver



int x = mc.myMethod2(1, 2);

Debug.printPC("\nMyClass2.myMethod2 Path Condition: ");

}

}

Chng ta c th chy chng trnh vi cc tham s cu hnh nh sau:

+vm.insn_factory.class=gov.nasa.jpf.symbc.SymbolicInstructionFactory

+vm.classpath=.

+vm.storage.class=

+symbolic.method=myMethod2(sym#sym)

+search.multiple_errors=true

+jpf.report.console.finished=

MyClass2

Hnh 2.7: u ra ca MyClass2 trn Eclipse

Khi chng ta s nhn c 4 ca kim th nh sau:

Ca kim th 1: y = 10000000, x = -9999999

Ca kim th 2: y = -4, x = 5

Ca kim th 3: y = -10000000, x = -10000000

Ca kim th 4: y = -10000000, x = 5

Tuy nhin gi s chng ta ch cn quan tm trong cc ca kim th m lnh if c thc hin, khi chng ta ch cn quan tm n ca kim th 2 v 3. Chng ta c th ch chy JPF nh trn v lc chng mt cch th cng. Tuy nhin c mt cch khc tt hn l ta s dng Verify.ignoreIf() bt JPF quay tr li khi mt cu lnh if c tm ra hn mt ln, v d ta c th thng bo myMethod2() nh sau:

import gov.nasa.jpf.jvm.Verify;

import gov.nasa.jpf.symbc.Debug;


private int myMethod2(int x, int y) {

int jpfIfCounter = 0;

int z = x + y;

if (z > 0) {

jpfIfCounter++;

z = 1;

}

if (x < 5) {

jpfIfCounter++;

Verify.ignoreIf(jpfIfCounter > 1);

z = -z;

}

Verify.ignoreIf(jpfIfCounter == 0);

return z;

}

// The test driver



int x = mc.myMethod2(1, 2);

Debug.printPC("\nMyClass2.myMethod2 Path Condition: ");

}

}

Cc ch thch (annotations) c bi m. V by gi ta c th chy chng trnh v kt qu l s ch nhn c 2 ca kim th cn thit:

Test Case 1: y = -4, x = 5

Test Case 2: y = -10000000, x = -10000000

Hnh 2.8:u ra ca MyClass2 sau khi lc kt qu trn Eclipse

B sung tin iu kin

Gi s rng ta mun gii hn cc ca kim th c sinh ra, nhng by gi vn l bn mun rng phng thc ca bn s ch c gi vi cc tham s trong mt khong no. V d trong MyClass1.myMethod() bn tin tng rng x v y c gii hn trong khong -100 0 l tha mn trong l thuyt s nguyn, v tn ti a = -1 v b= 5 cng thc trn l ng.

Mt khi nim na l khng tha mn. Mt cu hp l (valid) khi n l TRUE vi tt c cc cu trc (cc gi tr ca n). V d: Vi mi x P(x)->p(a) l hp l. V vy cu (biu thc) l khng tha mn nu n sai vi tt c cc cu trc (gi tri).

Mt cng c tm li gii cho SMT c chc nng kim tra mt biu thc l tha mn hay khng trn l thuyt ca n. Nu biu thc l tha mn, mt m hnh cho biu thc s c sinh ra.

Z3 l g

Z3 l cng c tm li gii cho l thuyt tnh tha c (SMT- Solver) [3]. Z3 c chc nng nh l mt b kim tra tnh tha mn cho rt nhiu kiu logic bc nht vi l thuyt c xy ng trong . Nhng l thuyt c h tr l:

Uninterpreter function v cc k hiu v t.

S thc v s nguyn( h tr gii hn cho s hc khng tuyn tnh)

Kiu bit- Vector

Kiu mng

Kiu bn nghi, kiu lit v kiu d liu quy

Z3 kim tra mt tp cc cng thc c tha mn trong l thuyt ca n hay khng. Nu tp cng thc l tha mn, khi tp cng thc l tn ti. Trong thc t Z3 l mt th tc ra quyt nh: N lun lun m bo rng tr v 1 cu tr li chnh xc. Khi mt tp ca cng thc F l tha mn, Z3 c th a ra mt m hnh cho F. M hnh ny c th s dng trong kim chng phn mm, bi v chng c th d dng c bin dch vo cc vt thc thi.

Z3 c th c s dng bng dng lnh, hoc mt th vin, trong phin bn hin thi, Z3 cung cp cc giao din lp trnh ng dng (API ) cho C, .NET v OCaml.

Ti sao li l Z3?

Phn ny gii thch ti sao li s dng Z3 m rng ch khng phi l cc cng c tm li gii khc. Hin nay c rt nhiu cc cng c tm li gii nh Z3, Yices, CVC, CVC3, Choco, Iasolver, Spear, OpenSMT... Tuy nhin Z3 ni ln nh l mt cng c mnh nht hin nay, bng chng l hng nm c mt cuc thi SMT-COMP. Trong cuc thi ny c s tham ra ca hu ht cc cng c tm li gii v c phn chia theo tng mng: V d thi vi S hc tuyn tnh nguyn, S hc tuyn tnh thc hay x l mng, uninterpreted functions. V Z3 dnh chin thng trong rt nhiu tiu ch. Nh nm 2007, Z3 dnh c 4 gii nht v 7 gii nh. Nm 2008, Z3 dnh c 9 gii nht v 6 gii nh.

Ngoi ra JPF hin thi cn nhiu hn ch (nh ch ra phn 2.2.4). V vic s dng Z3 s gip m rng kh nng ca JPF trong vic sinh d liu kim th. Hn na mc d Z3 c pht trin bng ngn ng C ++, tuy nhin Z3 h tr rt nhiu nh dng cng nh nhiu API, v vy vic tch hp cng s tr ln d dng hn.

Kin trc ca Z3

Hnh 3-1 m t kin trc tng quan ca Z3 [6].

Simplifier B gin ha : Biu thc u vo trc tin c x l thng qua b gin ha. B gin ha ny s p dng mt s quy tc gim bt i s chun nh: P true -> P.

Compiler B bin dch: Cu trc dng cy n gin khi qua b gin ha c chuyn v mt cu trc khc bao gm cc mnh v cc nt (node).

Congruence Closure core Li kt thc tng ng: S nhn cc lnh thc s t cng c tm li gii SAT n cc nguyn t (atoms). Cc nguyn t s c phn loi trn cc ng thc v cc biu thc nguyn t, nh bt ng thc s hc. Cc ng thc c xc nhn bi SAT s c m rng bng li kt thc tng ng, v s dng mt cu trc d liu gi l lc E ( E-graph)[3]. Mi mt nt trong lc ny s tr vo mt cng c tm li gii l thuyt ( Theory Solver).

Hnh 3.1: Kin trc ca Z3

Theory Combination - Phi hp l thuyt: Cc phng thc truyn thng cho vic phi hp cc l thuyt da trn kh nng ca cc cng c tm li gii a ra c cc ng thc gi hoc cc bc tin x l, sau gii thiu cc cng thc nguyn t b xung vo khng gian tm kim. Z3 s dng mt phng php mi phi hp l thuyt.

SAT Solver: SAT tch hp cc phng php tm kim lc bt chun nh hc lema s dng cc mnh mu thun, caching giai on hng dn vic chia cc trng hp.

nh dng u vo

Z3 h tr mt s nh dng u vo nh sau:

.dimacs nh dng DIMACS c s dng bi cc b gii quyt SAT thong thng

.sx, .smp, .simplify nh dng n gin(simplify format)

.smt nh dng SMT-Lib

.z3 nh dng u vo do Z3 a ra

nh dng SMT-LIB s c gii thiu k hn phn 3.6 v y l nh dng s c s dng tch hp Z3 vi JPF.

nh dng SMT-LIB

Phn ny s gii thiu v th vin o lng chun cho l thuyt tnh tha c (SMT-LIB) [1]. SMT LIB cung cp mt th vin kim tra tnh tha mn ca cc cng thc vi vic h tr rt nhiu l thuyt: l thuyt danh sch, mng, i s tuyn tnh, i s phi tuyn.

Cc h thng cho l thuyt tnh tha c c ng dng trong kim chng chng trnh, ti u ha trnh bin dch, v lp lch Rt nhiu cng vic c thc hin trong vi nm tr li y da trn xy ng cc h thng SMT. Tham vng chnh ca SMT-LIB l c mt th vin cc o lng chun s lm thun tin cho vic nh gi v so snh cc h thng .

Cc chc nng chnh ca SMT-LIB.

SMT-LIB cung cp cc l thuyt c t, logic v cc tiu chun o lng. Vi mt tiu chun o lng c, mt biu thc c th c kim tra tnh tha mn vi kha cnh ca l thuyt no .

Phin bn 2.0 ci tin mt s chc nng lm tng kh nng biu din cng nh linh ng hn. Phin bn ny a ra:

Mt ngn ng c s dng chuyn cc cng thc di dng mt kiu phin bn ca logic bc mt.

Mt ngn ng cho vic c t cc l thuyt nn tng (background theories) v chnh sa mt s t vng chun cho cc kiu, cc phng thc, v cc k hiu v t (predicate symbol).

Mt ngn ng cho c t logic, cc lp c gii hn ca cc biu thc c kim tra tnh tha c trn l thuyt nn tng.

Mt ngn ng dng lnh (command language) cho vic tng tc vi cc cng c tm li gii SMT theo giao din ng cnh. N cho php xc nhn hoc hy b cc biu thc, truy vn v kh nng tha mn ca chng, thc thi m hnh ca chng.

Di y l mt v d v mt biu thc c biu din di dng SMT LIB:

Vi: x1, x2, x3, x4, x5, x6 l s nguyn, biu thc:

((x1 x2)>=1) && ((x1 - x2) = (- x1 x2) 1)

( val!0

; y -> val!1

; f ->{

; val!0 -> val!1

;val!1->val!0

;else -> val!0

;})

Kt qu trong m hnh trn l nhng gi tr tru tng, bi v kiu A l kiu tru tng ( khng c th hin).

Phng thc quy

Z3 khng cung cp bt k h tr c bit no cho cc phng thc quy. Chng ta c th tin ha s ca phng thc quy bng vic s dng cc tin ca logic bc 1, nhng ch rng z3 ch nh cc ng ngha ca logic bc 1 vi cc php bng v khng ch nh mt gii php im c nh ( fixed point) nh l 1 chun vi cc ngn ng lp trnh.

V d v phng thc fibonaxi chng ta c th biu din chng nh sau:

(declare-fun fib ( Int) Int)

(assert (=1 (fib 0)))

(assert (-1 (fib 1)))

(assert ( foall (x int) (=>(x >=2)(=( fib x) *+ (fix (- x 1) (-x 3)))))))

S hc

Z3 cha cc th tc quyt nh cho s hc tuyn tnh trn cc s nguyn v s thc. Hin nay Z3 cng cung cp mt phn cc h tr cho s hc phi tuyn tnh.

S hc tuyn tnh thc

Trong S hc tuyn tnh thc Z3 h tr cc php ton cho kiu s thc nh: + , -, ~ ( unary minus), *, / ( php chia) v s dng cc php so snh: =,

Vi d biu din mt biu thc:

(declare-funs ((x Real) (y Real) (z Real)))

(push)

(assert (> (+ x y) (* 2.0 z)))

(assert (< (/ z 2.3) x))

(check-sat)

; sat

(model)

; ("model" "x -> 0

; y -> -18/5

; z -> -23/10")

(pop)

(assert (> x 2.0))

(assert (>= y x))

(assert (< y 1.3))

(check-sat)

; unsat

S hoc tuyn tnh nguyn

H tr php ton +, -, ~, *, /, mod. Trong php ton / v mod, tham s th 2 phi khc 0. S dng cc php so snh: =, >,>=, x 2) (>= y x) (< y 1))

(check-sat)

; unsat

Trn gia s nguyn v s thc.

Z3 cng cho php c th trn gia s nguyn v s thc.

V d:

(declare-fun to_real (Int) Real)

(declare-fun to_int (Real) Int)

(declare-fun is_int (Real) Bool)

(= 4.0 (to_real 4))

(= 4 (to_int 4.5))

(iff (is_int x) (= x (to_real (to_int x))))

S hc phi tuyn tnh

Z3 h tr s hc phi tuyn tnh:

V d:

(declare-funs ((x Int) (y Int) (z Int)))

(assert (= (* x x) (+ x 2)))

(assert (= (* x y) x))

(assert (= (* (- y 1) z) 1))

(check-sat)

; unsat

V d trn s kim tra (x*x = 2*x AND x*y = x AND (y-1)*z = 1). Kt qu l biu thc trn khng tha mn v khng c bt k mt m hnh no kt qu l TRUE.

Kiu d liu

Z3 h tr rt nhiu kiu d liu, t kiu nguyn t nh s nguyn, s thc cho n cc kiu mng, kiu danh sch, kiu lit k, kiu bn ghi

Kiu bn ghi

Mt bn ghi c c t nh mt kiu d liu vi mt phng thc khi to v rt nhiu cc tham s nh l cc thnh phn bn ghi. S lng cc tham s cho mt bn ghi l lun ging nhau. Kiu h thng khng cho php m rng cc bn ghi v khng c kiu bn ghi con.

V d di trnh by 2 bn ghi l bng nhau nu tt c cc tham s ca n l bng nhau. N khai bo kiu int-pair, vi phng thc khi tao la mk-pair v 2 tham s c th c truy nhp bng s dng cc phng thc la chn first v second

(declare-datatypes ((int-pair (mk-pair (first Int) (second Int)))))

(declare-funs ((p1 int-pair) (p2 int-pair)))

(push)

(assert (= p1 p2))

(assert (not (= (first p1) (first p2))))

(check-sat)

;unsat

(pop)

Kiu lit k ( enumeration)

Kiu lit k l mt loi min hu hn. Cc thnh phn ca min hu hn c lit k nh l cc hng s phn bit. V d, kiu S l kiu lit k vi 3 gi tr A, B v C. Khi n l c th cho 3 bin kiu S l khc nhau nhng khng phi cho 4 bin:

(declare-datatypes ((S (A) (B) (C))))

(declare-funs ((x S) (y S) (z S) (u S)))

(assert (distinct x y z))

(check-sat)

;sat

(assert (distinct x y z u))

(check-sat)

;unsat

Kiu d liu qui.

Mt kiu d liu quy bao gm chnh n. Mt v d cho kiu qui c trnh by bn di

(declare-datatypes ((list (nil) (cons (hd Int) (tl list)))))

Ngoi cc kiu d liu trn Z3 cn h tr nhiu kiu d liu khc nh kiu bit-vector, kiu mng Chi tit v nhng kiu ny c th tham khao ti liu [5].

V d v Z3

Z3 c kh nng a ra m hnh nh mt phn ca u ra. Cc m hnh s gn cc gi tr cho cc hng s trong u vo v sinh cc lc chc nng tng phn cho cc k hiu v t v k hiu phng thc.

Sau y l mt v d v z3, gi s chng ta c file example1.smt la file cha 1 biu thc di dng SMT-LIB format. Khi chng ta c th s dng z3 kim chng biu thc ny bng cch s dng dng lnh z3 /m example1.smt

(benchmark example1

:status sat

:logic QF_LIA

:extrafuns((x1 Int)(x2 Int)(x3 Int)(x4 Int)(x5 Int))

:formula (and (>= (- x1 x2) 1)

( y +z

Khi biu thc bn tri l x + 1, bn phi l y + z v php so snh l php ln hn > .

Mt biu thc cng s c nh ngha bao gm biu thc bn tri, php ton v biu thc bn phi. Bn di l lp nh ngha biu thc cho s thc:

class BinaryRealExpression extends RealExpression

{

RealExpression left;

Operator op;

RealExpression right;

BinaryRealExpression (RealExpression l, Operator o, RealExpression r)

{

left = l;

op = o;

right = r;

}

public double solution()

{

double l = left.solution();

double r = right.solution();

switch(op){

case PLUS: return l + r;

case MINUS: return l - r;

case MUL: return l * r;

case DIV: assert(r!=0); return l/r;

default: throw new RuntimeException("## Error: BinaryRealSolution solution: l " + l + " op " + op + " r " + r);

}

}

public void getVarsVals(Map varsVals) {

left.getVarsVals(varsVals);

right.getVarsVals(varsVals);

}

}

JPF a ra mt lp chun chuyn t nhng nh dng ca JPF sang mt cng c tm li gii no . l lp tru tng ProblemGenenal, lp ny s cha cc phng thc chuyn cc biu thc nguyn t hoc rng buc nguyn t sang nh dng ca cng c tm li gii, cc lp c th s c m rng t nhng lp ny. Trong m rng ny c 3 ci t l ProblemChoco, ProblemIAsolver, ProblemCVC3, tng ng vi vic s dng: Choco, IAsolver, CVC3. V d chuyn i sang nh dng ca rng buc php ln hn ca IAsolver s nh sau:

Object gt(Object exp1, Object exp2){

return (String)exp1 + " > " + (String)exp2 + "; ";

}

Vic m rng vi Z3 cng nn tun th m hnh tch hp vi cc cng c tm li gii khc ca JPF. By gi ta phi t chc sao cho chuyn rng buc t JPF sang SMT-LIB. Mt SMT-LIB s c dng nh sau:

(benchmark:// Ten

:logic // kieu cua logic vi du so hoc tuyn tinh la: QF_LIA

:extrafuns: // Khai bao bien

:formula :// Dinh nghia bieu thuc o day

)

Trong formula chnh l biu thc cn phi chuyn rng buc ca JPF

sang, v d v mt biu thc c nh ngha bng SMT LIB nh sau.

(benchmark example

:status sat

:logic QF_LIA

:extrafuns ((x1 Int) (x2 Int) (x3 Int)

:formula (and (>= (- x1 x2) 1)

(= s nh sau:

Object geq(int value, Object exp){

return "(>= " + value + " " + (String)exp + ")";

}

Object geq(Object exp, int value){

return "(>= " + (String)exp + " " + value + ")";

}

Object geq(Object exp1, Object exp2){

return "(>= " + (String)exp1 + " " + (String)exp2 + ")";

}

Object geq(double value, Object exp){

return "(>= " + String.format(format,value) + " " + (String)exp + ")";

}

Object geq(Object exp, double value){

return "(>= " + (String)exp + " )" + String.format(format,value) + ")";

}

Sau ta s thc hin vic lu nh dng trn ra file theo ng nh cu trc ca ngn ng SMT-LIB v gi z3 thng qua dng lnh. Kt qu tr v s c lu trong i tng Result. i tng ny s gm mt thuc tnh Boolean v mt vector. Bin Boolean s = true nu cu tr li l tha mn, v false nu cu tr li l khng tha mn. Bin vector s lu tr nhng cp ( bin, gi tr) nu nhn c cu tr li l true.

public class Result {

public Boolean result;

public Vector vresult;

public Result() {

super();

vresult= new Vector();

}

public Vector getVresult() {

return vresult;

}

public void setVresult(Vector vresult) {

this.vresult = vresult;

}

public Boolean getResult() {

return result;

}

public void setResult(Boolean result) {

this.result = result;

}

}

Thit k v ci t

Vic thit k v ci t phi tun theo quy tc m rng ca JPF . V vy, ta s to mt lp l ProblemZ3 c s dng chuyn rng buc t JPF sang cu trc d liu ring. Tip theo ta s to mt gi (gi ny s hot ng tng t nh th vin Choco, Iasolver, hoc CVC3). Gi ny s c nhim v chuyn cu trc d liu t Z3 ra file, sau chy Z3 thng qua dng lnh vi u vo l file va to ra, v ly kt qu t z3. Chuyn kt qu t Z3 sang nh dng chung lp ProblemZ3 c th s dng c.

Hnh 4-2 biu din s mc gi:

Hnh 4.2: S mc gi

Trong s lp hnh 4-3, 2 lp quan trng nht l lp ProblemZ3 v lp Z3Solver. Trong ProblemZ3 s c nhim v chuyn rng buc ca JPF (PC) sang biu thc di dng SMT-LIB. Sau gi lp Z3Solver tm li gii cho biu thc . u vo Z3Solver s l biu thc di dng SMTL-LIB, Z3Solver s c nhim v lu cu trc d liu ra file sau thc thi Z3 thng qua dng lnh v tr kt qu v cho i tng ProblemZ3.

Hnh 4.3: S lp tng qut

Kt qu v nh gi

Chng trnh v c bn c hon thnh. nh gi c chng trnh chng ta s th 2 v d sau y:

V d 1: p dng cho s hc tuyn tnh:

To mt lp l MyClass1 v yu cu s dng JPF sinh t ng d liu kim th chng trnh ny:


// The method you need tests for


int z = x + y;

if (z > 0) {

z = 1;

} else {

z = z - x;

}

z = x * z;

return z;

}

// The test driver




Debug.printPC("\nMyClass1.myMethod Path Condition: ");

}

}

Hnh 4-4 l kt qu khi s dng Choco.

Hnh 4.4: Kt qu vi Choco - s hc tuyn tnh

V y l kt qu khi s dng Z3:

Hnh 4. 5: Kt qu vi z3 - s hc tuyn tnh.

So snh kt qu trn ta thy c 2 cng c u cho ra li gii.

V d 2: p dng cho s hc phi tuyn

Vi v d trn ta thay z= x + y bng x*y. Lc ny z l hm phi tuyn.

public class MulClass {

// The method you need tests for


int z = x * y;

if (z > 10) {

z = 1;

} else {

z = z - x;

}

z = x * z;

return z;

}

// The test driver


MulClass mc = new MulClass();


Debug.printPC("\nMyClass1.myMethod Path Condition: ");

}

}

Kt qu khi s dng Choco: chng trnh thng bo ngoi l ( hnh 4-6).

Hnh 4. 6: Kt qu vi Choco s hc phi tuyn tnh

Kt qu khi s dng Z3 c ch ra hnh 4-7:

Hnh 4. 7: Kt qu vi Z3 s hc phi tuyn tnh

Nhn vo hnh trn ta s thy Z3 cho ra 2 m hnh tng ng vi cc trng hp z> 10 v z

Documents

JPF - Java Path Fide