specdiff: differencing ltss zhenchang xing *, jun sun +, yang liu * and jin song dong * * national...
TRANSCRIPT
![Page 1: SpecDiff: Differencing LTSs Zhenchang Xing *, Jun Sun +, Yang Liu * and Jin Song Dong * * National University of Singapore + Singapore University of Technology](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649cba5503460f94981e98/html5/thumbnails/1.jpg)
SpecDiff: Differencing LTSs
Zhenchang Xing*, Jun Sun+, Yang Liu* and Jin Song Dong*
*National University of Singapore+Singapore University of Technology and Design
![Page 2: SpecDiff: Differencing LTSs Zhenchang Xing *, Jun Sun +, Yang Liu * and Jin Song Dong * * National University of Singapore + Singapore University of Technology](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649cba5503460f94981e98/html5/thumbnails/2.jpg)
Differencing LTSs? WHY?
![Page 3: SpecDiff: Differencing LTSs Zhenchang Xing *, Jun Sun +, Yang Liu * and Jin Song Dong * * National University of Singapore + Singapore University of Technology](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649cba5503460f94981e98/html5/thumbnails/3.jpg)
Program Behaviors Change!
Program behavior changes
Program evolution
Different behavioral exploration
methods
![Page 4: SpecDiff: Differencing LTSs Zhenchang Xing *, Jun Sun +, Yang Liu * and Jin Song Dong * * National University of Singapore + Singapore University of Technology](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649cba5503460f94981e98/html5/thumbnails/4.jpg)
The Evolution of Specification
![Page 5: SpecDiff: Differencing LTSs Zhenchang Xing *, Jun Sun +, Yang Liu * and Jin Song Dong * * National University of Singapore + Singapore University of Technology](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649cba5503460f94981e98/html5/thumbnails/5.jpg)
An Evolved Concurrent Stack Spec in CSP#
An earlier version A later version
•Violating the linearizibility
!
Evolve
![Page 6: SpecDiff: Differencing LTSs Zhenchang Xing *, Jun Sun +, Yang Liu * and Jin Song Dong * * National University of Singapore + Singapore University of Technology](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649cba5503460f94981e98/html5/thumbnails/6.jpg)
The Differences Lead to Program Fault?
The LTS of the earlier versionThe LTS of the later version
•Diagnosing faulty evolution
?
![Page 7: SpecDiff: Differencing LTSs Zhenchang Xing *, Jun Sun +, Yang Liu * and Jin Song Dong * * National University of Singapore + Singapore University of Technology](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649cba5503460f94981e98/html5/thumbnails/7.jpg)
The Application of Partial Order Reduction
![Page 8: SpecDiff: Differencing LTSs Zhenchang Xing *, Jun Sun +, Yang Liu * and Jin Song Dong * * National University of Singapore + Singapore University of Technology](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649cba5503460f94981e98/html5/thumbnails/8.jpg)
A Dinning-Philosophers Spec in CSP#
Dinning-Philosophers
![Page 9: SpecDiff: Differencing LTSs Zhenchang Xing *, Jun Sun +, Yang Liu * and Jin Song Dong * * National University of Singapore + Singapore University of Technology](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649cba5503460f94981e98/html5/thumbnails/9.jpg)
“Reduced” States and Transitions?
No Partial Order Reduction(118 states/300 transitions)
Partial Order Reduction(116 states/248 transitions)
•Impact of partial order reduction
?
NOTE: There is nothing wrong with Spec, and Spec remains unchanged!
![Page 10: SpecDiff: Differencing LTSs Zhenchang Xing *, Jun Sun +, Yang Liu * and Jin Song Dong * * National University of Singapore + Singapore University of Technology](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649cba5503460f94981e98/html5/thumbnails/10.jpg)
The Application of Process Counter Abstraction
![Page 11: SpecDiff: Differencing LTSs Zhenchang Xing *, Jun Sun +, Yang Liu * and Jin Song Dong * * National University of Singapore + Singapore University of Technology](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649cba5503460f94981e98/html5/thumbnails/11.jpg)
Parameterized Readers-Writer Lock
A Readers-Writer Lock Spec in CSP#
![Page 12: SpecDiff: Differencing LTSs Zhenchang Xing *, Jun Sun +, Yang Liu * and Jin Song Dong * * National University of Singapore + Singapore University of Technology](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649cba5503460f94981e98/html5/thumbnails/12.jpg)
Cutoff number = 2Cutoff number = 1
Recurring Changes as Cutoff Number Increases?
Cutoff number = 3 Cutoff number = 4
•Behavioral patterns of parameterized systems
?
NOTE: There is nothing wrong with Spec, and Spec remains unchanged!
![Page 13: SpecDiff: Differencing LTSs Zhenchang Xing *, Jun Sun +, Yang Liu * and Jin Song Dong * * National University of Singapore + Singapore University of Technology](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649cba5503460f94981e98/html5/thumbnails/13.jpg)
WHY Do We Want to Differencing LTSs?
• Analyzing Changing Program Behaviors
– Diagnosing faulty evolution
– Evaluating impact of different behavior exploration methods
– Revealing behavioral change patterns of parameterized systems
– ……
![Page 14: SpecDiff: Differencing LTSs Zhenchang Xing *, Jun Sun +, Yang Liu * and Jin Song Dong * * National University of Singapore + Singapore University of Technology](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649cba5503460f94981e98/html5/thumbnails/14.jpg)
Differencing LTSs? HOW?
![Page 15: SpecDiff: Differencing LTSs Zhenchang Xing *, Jun Sun +, Yang Liu * and Jin Song Dong * * National University of Singapore + Singapore University of Technology](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649cba5503460f94981e98/html5/thumbnails/15.jpg)
SpecDiff Architecture
An Overview of Our SpecDiff Approach1. Describing program behavior in CSP# specification language2. Generating the LTSs of CSP# program(s) with PAT Simulator3. Applying GenericDiff to compare two LTSs4. Visualization and query-based analysis
![Page 16: SpecDiff: Differencing LTSs Zhenchang Xing *, Jun Sun +, Yang Liu * and Jin Song Dong * * National University of Singapore + Singapore University of Technology](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649cba5503460f94981e98/html5/thumbnails/16.jpg)
Differencing LTSs By GenericDiff• Input: LTSs to be compared– LTS1 and LTS2
• GenericDiff: A generic graph differencing technique1. Parsing and quantifying the inputs LTSs
• Typed Attributed Graphs (TAGs)2. Capturing the graph structure and the matching candidates
• PairUpGraph (i.e. a product of two TAGs)3. Traversing the model graphs and computing the similarities
• Random walk on PairUpGraph4. Select an “optimal” matching
• Bipartite graph matching
• Output: Symmetric difference– One set of matched states and transitions– Two sets of unmatched states and transitions
![Page 17: SpecDiff: Differencing LTSs Zhenchang Xing *, Jun Sun +, Yang Liu * and Jin Song Dong * * National University of Singapore + Singapore University of Technology](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649cba5503460f94981e98/html5/thumbnails/17.jpg)
Analyzing LTS Differences• Merging the two LTSs into a unified LTS– Creating the matched parts of two LTSs– Appending the unmatched states and transitions
• Visually inspecting the unified LTS– Normal view of the whole unified LTS– Fragmented views of maximally-connected
matched (or unmatched) subgraphs
• Searching for change patterns– User-defined queries
![Page 18: SpecDiff: Differencing LTSs Zhenchang Xing *, Jun Sun +, Yang Liu * and Jin Song Dong * * National University of Singapore + Singapore University of Technology](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649cba5503460f94981e98/html5/thumbnails/18.jpg)
A fragment of the unified LTS of the evolved concurrent stack example (returned by the query searching for “matched states with unmatched same-label transitions”,
for example, matched states 6/22 with unmatched push.0.1)
Diagnosing Faulty Program Evolution• The second process pops nothing (pop.1.0) after the first
process has pushed an item (push.0.1) into the stack!
Black: matched states/transitions in both LTSs; Green: unmatched states/transitions in the earlier-version LTS; Red: unmatched states/transitions in the later-version LTS
![Page 19: SpecDiff: Differencing LTSs Zhenchang Xing *, Jun Sun +, Yang Liu * and Jin Song Dong * * National University of Singapore + Singapore University of Technology](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649cba5503460f94981e98/html5/thumbnails/19.jpg)
SpecDiff? DOES IT WORK?
![Page 20: SpecDiff: Differencing LTSs Zhenchang Xing *, Jun Sun +, Yang Liu * and Jin Song Dong * * National University of Singapore + Singapore University of Technology](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649cba5503460f94981e98/html5/thumbnails/20.jpg)
Tool Support & Usage
A short DEMO of SpecDiff in PAT!http://www.patroot.com
Formal Tool Demonstration, ASE’10
![Page 21: SpecDiff: Differencing LTSs Zhenchang Xing *, Jun Sun +, Yang Liu * and Jin Song Dong * * National University of Singapore + Singapore University of Technology](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649cba5503460f94981e98/html5/thumbnails/21.jpg)
Initial Evaluation
• The evolution of a concurrent stack• The application of partial order reduction• The application of process counter abstraction
Three pilot-study scenarios
• Debugging faulty program evolution• Understanding the impacts of state reduction
techniques• Revealing behavioral change patterns in the verification
of parameterized systems
SpecDiff assists in
![Page 22: SpecDiff: Differencing LTSs Zhenchang Xing *, Jun Sun +, Yang Liu * and Jin Song Dong * * National University of Singapore + Singapore University of Technology](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649cba5503460f94981e98/html5/thumbnails/22.jpg)
How to Scale it Up?• Differencing LTSs “smartly”– Syntactic differences to “guide” the differencing
process of large LTSs– Interactive visualization techniques to “select”
which part(s) of the LTSs to differentiate
• Optimizing SpecDiff implementation– Direct comparison of the internal data structures
of LTSs instead of the LTSs renderedin the GUI
• Identifying “important” differences– Important differences (e.g. program fault) would
be reflected in the differences of small LTSs
![Page 23: SpecDiff: Differencing LTSs Zhenchang Xing *, Jun Sun +, Yang Liu * and Jin Song Dong * * National University of Singapore + Singapore University of Technology](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649cba5503460f94981e98/html5/thumbnails/23.jpg)
Why Not Use Counter Examples?
• SpecDiff is complementary to counter-example analysis– Contextual information– Highlighted differences
• SpecDiff is useful in other scenarios, such as– Nothing wrong with specification– Specification remains unchanged
![Page 24: SpecDiff: Differencing LTSs Zhenchang Xing *, Jun Sun +, Yang Liu * and Jin Song Dong * * National University of Singapore + Singapore University of Technology](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649cba5503460f94981e98/html5/thumbnails/24.jpg)
Effectiveness & Applicability
SpecDiff: Differencing LTSs
Conclusions and Future Work
Tool Support & Usage
Scale it Up!