white-box testing techniques iii · path conditions •with a little luck, at least some white-box...
TRANSCRIPT
White-Box Testing Techniques III
Prepared by
Stephen M. Thebaut, Ph.D.
University of Florida
Software Testing and Verification
Lecture 9
White-Box Testing Topics
• Logic coverage (lecture I)
• Dataflow coverage (lecture II)
• Path conditions and symbolic evaluation (lecture III)
• Other white-box testing strategies (e.g., “fault-based testing”) (lecture IV)
Path Conditions
• With a little luck, at least some white-box coverage goals will have been met by executing test cases designed using black-box strategies. (How would you know if this were the case or not?)
• Designing additional test cases for this purpose involves identifying inputs that will cause given program paths to be executed. This can be difficult...
Path Conditions
• With a little luck, at least some white-box coverage goals will have been met by executing test cases designed using black-box strategies. (How would you know if this were the case or not?)
• Designing additional test cases for this purpose involves identifying inputs that will cause given program paths to be executed. This can be difficult...
Path Conditions (cont’d)
• To cause a path to be executed requires that the test case satisfy the path condition.
• For a given path, the PATH CONDITION is the conjunction of branch predicates that are required to hold for all the branches along the path to be taken.
Path Conditions (cont’d)
• To cause a path to be executed requires that the test case satisfy the path condition.
• For a given path, the PATH CONDITION is the conjunction of branch predicates that are required to hold for all the branches along the path to be taken.
Consider an example…
(1) input(A,B)
if (A>0) then(2) Z := A
else(3) Z := 0
end_if_elseif (B>0) then
(4) Z := Z+B
end_if(5) output(Z)
What is the path condition for path <1,2,5>?
(A>0) Л (B0)
A>0
F
23
1
4
5
B>0
T
F
T
Consider ANOTHER example…
(1) input(A,B)
if (A>B) then(2) B := B*B
end_ifif (B<0) then
(3) Z := A
else(4) Z := B
end_if_else(5) output(Z)
What is the path condition for path <1,2,3,5>?
(A>B) Л (B<0)
A>B
F2
4
1
3
5
T
F TB<0
Consider ANOTHER example…
(1) input(A,B)
if (A>B) then(2) B := B*B
end_ifif (B<0) then
(3) Z := A
else(4) Z := B
end_if_else(5) output(Z)
What is the path condition for path <1,2,3,5>?
(A>B) Л (B<0) (B2<0)
A>B
F2
4
1
3
5
T
F TB<0
Consider ANOTHER example…
(1) input(A,B)
if (A>B) then(2) B := B*B
end_ifif (B<0) then
(3) Z := A
else(4) Z := B
end_if_else(5) output(Z)
What is the path condition for path <1,2,3,5>?
(A>B) Л (B<0) (B2<0) = FALSE
A>B
F2
4
1
3
5
T
F TB<0
Conclusions
• To be useful, path conditions should be expressed in terms that reflect relevant state changes along the path.
• A path is INFEASIBLE if its path condition reduces to FALSE.
• Question: if a path is infeasible, does this imply the presence of “dead code”?
Answer:
Conclusions
• To be useful, path conditions should be expressed in terms that reflect relevant state changes along the path.
• A path is INFEASIBLE if its path condition reduces to FALSE.
• Question: if a path is infeasible, does this imply the presence of “dead code”?
Answer:
Conclusions
• To be useful, path conditions should be expressed in terms that reflect relevant state changes along the path.
• A path is INFEASIBLE if its path condition reduces to FALSE.
• Question: if a path is infeasible, does this imply the presence of “dead code”?
Answer:
Conclusions
• To be useful, path conditions should be expressed in terms that reflect relevant state changes along the path.
• A path is INFEASIBLE if its path condition reduces to FALSE.
• Question: if a path is infeasible, does this imply the presence of “dead code”?
Answer: No; code along an infeasible path may be reachable via some other path.
Symbolic Evaluation
• Symbolic evaluation provides a technique for systematically tracking state changesfor the purpose of expressing path conditions in useful terms.
Notation
• Variable A will have a succession of symbolic values, A0, A1, A2, ..., as a path is traversed.
– Subscripts refer to the number of the previous program statement (or block of statements) executed, so some numbers may be skipped.
– With loops, statements may be executed more than once, so double subscripts will be used when necessary.
Notation
• Variable A will have a succession of symbolic values, A0, A1, A2, ..., as a path is traversed.
– Subscripts refer to the number of the previous program statement (or block of statements) executed, so some numbers may be skipped.
– With loops, statements may be executed more than once, so double subscripts will be used when necessary.
Notation
• Variable A will have a succession of symbolic values, A0, A1, A2, ..., as a path is traversed.
– Subscripts refer to the number of the previous program statement (or block of statements) executed, so some numbers may be skipped.
– With loops, statements may be executed more than once, so double subscripts will be used when necessary.
Notation (cont’d)
• At each statement, the same notation is used to represent program variables regardless of path, but the symbolic values will usually be different. For example:
– The notation used for the symbolic value of variable X immediately after executing statement 5 is always denoted “X5”; how-
ever, the symbolic value itself depends on which execution path is taken to statement 5.
Notation (cont’d)
• At each statement, the same notation is used to represent program variables regardless of path, but the symbolic values will usually be different. For example:
– The notation used for the symbolic value of variable X immediately after executing statement 5 is always denoted “X5”; how-
ever, the symbolic value itself depends on which execution path is taken to statement 5.
Example 1
if (X<=0) or (Y<=0) then(1) X := X**2
Y := Y**2else
(2) X := X+1Y := Y+1
end_if_elseif (X<1) or (Y<1) then
(3) X := X+1Y := Y+1
else(4) X := X-1
Y := Y-1end_if_else
There are 4 paths.
Example 1 (cont’d)
if (X<=0) or (Y<=0) then(1) X := X**2
Y := Y**2else
(2) X := X+1Y := Y+1
end_if_elseif (X<1) or (Y<1) then
(3) X := X+1Y := Y+1
else(4) X := X-1
Y := Y-1end_if_else
There are 4 paths.
PATH T,T
T
T
Example 1
if (X<=0) or (Y<=0) then(1) X := X**2
Y := Y**2else
(2) X := X+1Y := Y+1
end_if_elseif (X<1) or (Y<1) then
(3) X := X+1Y := Y+1
else(4) X := X-1
Y := Y-1end_if_else
There are 4 paths.
PATH T,T
(1) X1 = X02
Y1 = Y02
T
T
Example 1
if (X<=0) or (Y<=0) then(1) X := X**2
Y := Y**2else
(2) X := X+1Y := Y+1
end_if_elseif (X<1) or (Y<1) then
(3) X := X+1Y := Y+1
else(4) X := X-1
Y := Y-1end_if_else
There are 4 paths.
PATH T,T
(1) X1 = X02
Y1 = Y02
(3) X3 = X1 + 1 = X02
+ 1
Y3 = Y1 + 1 = Y02
+ 1
T
T
Example 1
if (X<=0) or (Y<=0) then(1) X := X**2
Y := Y**2else
(2) X := X+1Y := Y+1
end_if_elseif (X<1) or (Y<1) then
(3) X := X+1Y := Y+1
else(4) X := X-1
Y := Y-1end_if_else
There are 4 paths.
PATH T,T
(1) X1 = X02
Y1 = Y02
(3) X3 = X1 + 1 = X02
+ 1
Y3 = Y1 + 1 = Y02
+ 1
T
T
Example 1 (cont’d)
if (X<=0) or (Y<=0) then(1) X := X**2
Y := Y**2else
(2) X := X+1Y := Y+1
end_if_elseif (X<1) or (Y<1) then
(3) X := X+1Y := Y+1
else(4) X := X-1
Y := Y-1end_if_else
There are 4 paths.
PATH T,F
F
T
Example 1 (cont’d)
if (X<=0) or (Y<=0) then(1) X := X**2
Y := Y**2else
(2) X := X+1Y := Y+1
end_if_elseif (X<1) or (Y<1) then
(3) X := X+1Y := Y+1
else(4) X := X-1
Y := Y-1end_if_else
There are 4 paths.
PATH T,F
(1) X1 = X02
Y1 = Y02
T
F
Example 1 (cont’d)
if (X<=0) or (Y<=0) then(1) X := X**2
Y := Y**2else
(2) X := X+1Y := Y+1
end_if_elseif (X<1) or (Y<1) then
(3) X := X+1Y := Y+1
else(4) X := X-1
Y := Y-1end_if_else
There are 4 paths.
PATH T,F
(1) X1 = X02
Y1 = Y02
(4) X4 = X1 - 1 = X02
- 1
Y4 = Y1 - 1 = Y02
- 1
T
F
Example 1 (cont’d)
if (X<=0) or (Y<=0) then(1) X := X**2
Y := Y**2else
(2) X := X+1Y := Y+1
end_if_elseif (X<1) or (Y<1) then
(3) X := X+1Y := Y+1
else(4) X := X-1
Y := Y-1end_if_else
There are 4 paths.
PATH T,F
(1) X1 = X02
Y1 = Y02
(4) X4 = X1 - 1 = X02
- 1
Y4 = Y1 - 1 = Y02
- 1
T
F
Example 1 (cont’d)
if (X<=0) or (Y<=0) then(1) X := X**2
Y := Y**2else
(2) X := X+1Y := Y+1
end_if_elseif (X<1) or (Y<1) then
(3) X := X+1Y := Y+1
else(4) X := X-1
Y := Y-1end_if_else
There are 4 paths.
PATH F,T
F
T
Example 1 (cont’d)
if (X<=0) or (Y<=0) then(1) X := X**2
Y := Y**2else
(2) X := X+1Y := Y+1
end_if_elseif (X<1) or (Y<1) then
(3) X := X+1Y := Y+1
else(4) X := X-1
Y := Y-1end_if_else
There are 4 paths.
PATH F,T
(2) X2 = X0 + 1
Y2 = Y0 + 1
F
T
Example 1 (cont’d)
if (X<=0) or (Y<=0) then(1) X := X**2
Y := Y**2else
(2) X := X+1Y := Y+1
end_if_elseif (X<1) or (Y<1) then
(3) X := X+1Y := Y+1
else(4) X := X-1
Y := Y-1end_if_else
There are 4 paths.
PATH F,T
(2) X2 = X0 + 1
Y2 = Y0 + 1
(3) X3 = X2 + 1 = X0 + 2
Y3 = Y2 + 1 = Y0 + 2
F
T
Example 1 (cont’d)
if (X<=0) or (Y<=0) then(1) X := X**2
Y := Y**2else
(2) X := X+1Y := Y+1
end_if_elseif (X<1) or (Y<1) then
(3) X := X+1Y := Y+1
else(4) X := X-1
Y := Y-1end_if_else
There are 4 paths.
PATH F,T
(2) X2 = X0 + 1
Y2 = Y0 + 1
(3) X3 = X2 + 1 = X0 + 2
Y3 = Y2 + 1 = Y0 + 2
F
T
Example 1 (cont’d)
if (X<=0) or (Y<=0) then(1) X := X**2
Y := Y**2else
(2) X := X+1Y := Y+1
end_if_elseif (X<1) or (Y<1) then
(3) X := X+1Y := Y+1
else(4) X := X-1
Y := Y-1end_if_else
There are 4 paths.
PATH F,F
F
F
Example 1 (cont’d)
if (X<=0) or (Y<=0) then(1) X := X**2
Y := Y**2else
(2) X := X+1Y := Y+1
end_if_elseif (X<1) or (Y<1) then
(3) X := X+1Y := Y+1
else(4) X := X-1
Y := Y-1end_if_else
There are 4 paths.
PATH F,F
(2) X2 = X0 + 1
Y2 = Y0 + 1
F
F
Example 1 (cont’d)
if (X<=0) or (Y<=0) then(1) X := X**2
Y := Y**2else
(2) X := X+1Y := Y+1
end_if_elseif (X<1) or (Y<1) then
(3) X := X+1Y := Y+1
else(4) X := X-1
Y := Y-1end_if_else
There are 4 paths.
PATH F,F
(2) X2 = X0 + 1
Y2 = Y0 + 1
(4) X4 = X2 - 1 = X0
Y4 = Y2 - 1 = Y0
F
F
Example 1 (cont’d)
if (X<=0) or (Y<=0) then(1) X := X**2
Y := Y**2else
(2) X := X+1Y := Y+1
end_if_elseif (X<1) or (Y<1) then
(3) X := X+1Y := Y+1
else(4) X := X-1
Y := Y-1end_if_else
There are 4 paths.
PATH F,F
(2) X2 = X0 + 1
Y2 = Y0 + 1
(4) X4 = X2 - 1 = X0
Y4 = Y2 - 1 = Y0
F
F
Path Conditions Revisited
• Having symbolically evaluated the program variables along a path, we can now symbolically represent the branch predicates that are required to hold in order for the path to be traversed.
• The symbolic variable values used in each branch predicate are the values which the variables have when the branch predicate is encountered.
Path Conditions Revisited
• Having symbolically evaluated the program variables along a path, we can now symbolically represent the branch predicates that are required to hold in order for the path to be traversed.
• The symbolic variable values used in each branch predicate are the values which the variables have when the branch predicate is encountered.
Path Conditions Revisited
• To simplify the task of identifying inputs that will cause the path to be executed, path conditions should be expressed in terms of the initial symbolic values of variables.
Example 1 (revisited)
if (X<=0) or (Y<=0) then(1) X := X**2
Y := Y**2else
(2) X := X+1Y := Y+1
end_if_elseif (X<1) or (Y<1) then
(3) X := X+1Y := Y+1
else(4) X := X-1
Y := Y-1end_if_else
PATH T,T
T
T
Example 1 (revisited)
if (X<=0) or (Y<=0) then(1) X := X**2
Y := Y**2else
(2) X := X+1Y := Y+1
end_if_elseif (X<1) or (Y<1) then
(3) X := X+1Y := Y+1
else(4) X := X-1
Y := Y-1end_if_else
PATH T,T
Variable values:
X1 = X02
Y1 = Y02
X3 = X02
+ 1 Y3 = Y02
+ 1T
T
Example 1 (revisited)
if (X<=0) or (Y<=0) then(1) X := X**2
Y := Y**2else
(2) X := X+1Y := Y+1
end_if_elseif (X<1) or (Y<1) then
(3) X := X+1Y := Y+1
else(4) X := X-1
Y := Y-1end_if_else
PATH T,T
Variable values:
X1 = X02
Y1 = Y02
X3 = X02
+ 1 Y3 = Y02
+ 1
Path Condition:
= ((X0 0) or (Y0 0)) and
((X1 < 1) or (Y1 < 1))
= ((X0 0) or (Y0 0)) and
((X02
< 1) or (Y02
< 1))
= ((X0 0) or (Y0 0) ) and
((-1 < X0 < 1) or (-1 < Y0 < 1))
T
T
Example 1 (revisited)
if (X<=0) or (Y<=0) then(1) X := X**2
Y := Y**2else
(2) X := X+1Y := Y+1
end_if_elseif (X<1) or (Y<1) then
(3) X := X+1Y := Y+1
else(4) X := X-1
Y := Y-1end_if_else
PATH T,T
Variable values:
X1 = X02
Y1 = Y02
X3 = X02
+ 1 Y3 = Y02
+ 1
Path Condition:
= ((X0 0) or (Y0 0)) and
((X1 < 1) or (Y1 < 1))
= ((X0 0) or (Y0 0)) and
((X02
< 1) or (Y02
< 1))
= ((X0 0) or (Y0 0) ) and
((-1 < X0 < 1) or (-1 < Y0 < 1))
T
T
Example 1 (revisited)
if (X<=0) or (Y<=0) then(1) X := X**2
Y := Y**2else
(2) X := X+1Y := Y+1
end_if_elseif (X<1) or (Y<1) then
(3) X := X+1Y := Y+1
else(4) X := X-1
Y := Y-1end_if_else
PATH T,T
Variable values:
X1 = X02
Y1 = Y02
X3 = X02
+ 1 Y3 = Y02
+ 1
Path Condition:
= ((X0 0) or (Y0 0)) and
((X1 < 1) or (Y1 < 1))
= ((X0 0) or (Y0 0)) and
((X02
< 1) or (Y02
< 1))
= ((X0 0) or (Y0 0) ) and
((-1 < X0 < 1) or (-1 < Y0 < 1))
T
T
Example 1 (revisited)
if (X<=0) or (Y<=0) then(1) X := X**2
Y := Y**2else
(2) X := X+1Y := Y+1
end_if_elseif (X<1) or (Y<1) then
(3) X := X+1Y := Y+1
else(4) X := X-1
Y := Y-1end_if_else
PATH T,F
T
F
Example 1 (revisited)
if (X<=0) or (Y<=0) then(1) X := X**2
Y := Y**2else
(2) X := X+1Y := Y+1
end_if_elseif (X<1) or (Y<1) then
(3) X := X+1Y := Y+1
else(4) X := X-1
Y := Y-1end_if_else
PATH T,F
Variable values:
X1 = X02
Y1 = Y02
X4 = X02
- 1 Y4 = Y02
- 1
T
F
Example 1 (revisited)
if (X<=0) or (Y<=0) then(1) X := X**2
Y := Y**2else
(2) X := X+1Y := Y+1
end_if_elseif (X<1) or (Y<1) then
(3) X := X+1Y := Y+1
else(4) X := X-1
Y := Y-1end_if_else
PATH T,F
Variable values:
X1 = X02
Y1 = Y02
X4 = X02
- 1 Y4 = Y02
- 1
Path Condition:
= ((X0 0) or (Y0 0)) and
((X1 ≥ 1) and (Y1 ≥ 1))
= ((X0 0) or (Y0 0)) and
((X02
≥ 1) and (Y02
≥ 1))
= ((X0 0) or (Y0 0)) and
((X0 -1) or (X0 ≥ 1)) and
((Y0 -1) or (Y0 ≥ 1))
T
F
Example 1 (revisited)
if (X<=0) or (Y<=0) then(1) X := X**2
Y := Y**2else
(2) X := X+1Y := Y+1
end_if_elseif (X<1) or (Y<1) then
(3) X := X+1Y := Y+1
else(4) X := X-1
Y := Y-1end_if_else
PATH T,F
Variable values:
X1 = X02
Y1 = Y02
X4 = X02
- 1 Y4 = Y02
- 1
Path Condition:
= ((X0 0) or (Y0 0)) and
((X1 ≥ 1) and (Y1 ≥ 1))
= ((X0 0) or (Y0 0)) and
((X02
≥ 1) and (Y02
≥ 1))
= ((X0 0) or (Y0 0)) and
((X0 -1) or (X0 ≥ 1)) and
((Y0 -1) or (Y0 ≥ 1))
T
F
Example 1 (revisited)
if (X<=0) or (Y<=0) then(1) X := X**2
Y := Y**2else
(2) X := X+1Y := Y+1
end_if_elseif (X<1) or (Y<1) then
(3) X := X+1Y := Y+1
else(4) X := X-1
Y := Y-1end_if_else
PATH T,F
Variable values:
X1 = X02
Y1 = Y02
X4 = X02
- 1 Y4 = Y02
- 1
Path Condition:
= ((X0 0) or (Y0 0)) and
((X1 ≥ 1) and (Y1 ≥ 1))
= ((X0 0) or (Y0 0)) and
((X02
≥ 1) and (Y02
≥ 1))
= ((X0 0) or (Y0 0)) and
((X0 -1) or (X0 ≥ 1)) and
((Y0 -1) or (Y0 ≥ 1))
T
F
Example 1 (revisited)
if (X<=0) or (Y<=0) then(1) X := X**2
Y := Y**2else
(2) X := X+1Y := Y+1
end_if_elseif (X<1) or (Y<1) then
(3) X := X+1Y := Y+1
else(4) X := X-1
Y := Y-1end_if_else
PATH F,T
F
T
Example 1 (revisited)
if (X<=0) or (Y<=0) then(1) X := X**2
Y := Y**2else
(2) X := X+1Y := Y+1
end_if_elseif (X<1) or (Y<1) then
(3) X := X+1Y := Y+1
else(4) X := X-1
Y := Y-1end_if_else
PATH F,T
Variable values:
X2 = X0 + 1 Y2 = Y0 + 1
X3 = X0 + 2 Y3 = Y0 + 2
F
T
Example 1 (revisited)
if (X<=0) or (Y<=0) then(1) X := X**2
Y := Y**2else
(2) X := X+1Y := Y+1
end_if_elseif (X<1) or (Y<1) then
(3) X := X+1Y := Y+1
else(4) X := X-1
Y := Y-1end_if_else
PATH F,T
Variable values:
X2 = X0 + 1 Y2 = Y0 + 1
X3 = X0 + 2 Y3 = Y0 + 2
Path Condition:
= ((X0 >0) and (Y0 >0)) and
((X2 < 1) or (Y2 < 1))
= ((X0 >0) and (Y0 >0)) and
((X0 + 1 < 1) or (Y0 + 1 < 1))
= ((X0 >0) and (Y0 >0)) and
((X0 < 0) or (Y0 < 0))
= FALSE
F
T
Example 1 (revisited)
if (X<=0) or (Y<=0) then(1) X := X**2
Y := Y**2else
(2) X := X+1Y := Y+1
end_if_elseif (X<1) or (Y<1) then
(3) X := X+1Y := Y+1
else(4) X := X-1
Y := Y-1end_if_else
PATH F,T
Variable values:
X2 = X0 + 1 Y2 = Y0 + 1
X3 = X0 + 2 Y3 = Y0 + 2
Path Condition:
= ((X0 >0) and (Y0 >0)) and
((X2 < 1) or (Y2 < 1))
= ((X0 >0) and (Y0 >0)) and
((X0 + 1 < 1) or (Y0 + 1 < 1))
= ((X0 >0) and (Y0 >0)) and
((X0 < 0) or (Y0 < 0))
= FALSE
F
T
Example 1 (revisited)
if (X<=0) or (Y<=0) then(1) X := X**2
Y := Y**2else
(2) X := X+1Y := Y+1
end_if_elseif (X<1) or (Y<1) then
(3) X := X+1Y := Y+1
else(4) X := X-1
Y := Y-1end_if_else
PATH F,T
Variable values:
X2 = X0 + 1 Y2 = Y0 + 1
X3 = X0 + 2 Y3 = Y0 + 2
Path Condition:
= ((X0 >0) and (Y0 >0)) and
((X2 < 1) or (Y2 < 1))
= ((X0 >0) and (Y0 >0)) and
((X0 + 1 < 1) or (Y0 + 1 < 1))
= ((X0 >0) and (Y0 >0)) and
((X0 < 0) or (Y0 < 0))
= FALSE
F
T
Example 1 (revisited)
if (X<=0) or (Y<=0) then(1) X := X**2
Y := Y**2else
(2) X := X+1Y := Y+1
end_if_elseif (X<1) or (Y<1) then
(3) X := X+1Y := Y+1
else(4) X := X-1
Y := Y-1end_if_else
PATH F,T
Variable values:
X2 = X0 + 1 Y2 = Y0 + 1
X3 = X0 + 2 Y3 = Y0 + 2
Path Condition:
= ((X0 >0) and (Y0 >0)) and
((X2 < 1) or (Y2 < 1))
= ((X0 >0) and (Y0 >0)) and
((X0 + 1 < 1) or (Y0 + 1 < 1))
= ((X0 >0) and (Y0 >0)) and
((X0 < 0) or (Y0 < 0))
= FALSE
F
T
Example 1 (revisited)
if (X<=0) or (Y<=0) then(1) X := X**2
Y := Y**2else
(2) X := X+1Y := Y+1
end_if_elseif (X<1) or (Y<1) then
(3) X := X+1Y := Y+1
else(4) X := X-1
Y := Y-1end_if_else
PATH F,F
F
F
Example 1 (revisited)
if (X<=0) or (Y<=0) then(1) X := X**2
Y := Y**2else
(2) X := X+1Y := Y+1
end_if_elseif (X<1) or (Y<1) then
(3) X := X+1Y := Y+1
else(4) X := X-1
Y := Y-1end_if_else
PATH F,F
Variable values:
X2 = X0 + 1 Y2 = Y0 + 1
X4 = X0 Y4 = Y0
F
F
Example 1 (revisited)
if (X<=0) or (Y<=0) then(1) X := X**2
Y := Y**2else
(2) X := X+1Y := Y+1
end_if_elseif (X<1) or (Y<1) then
(3) X := X+1Y := Y+1
else(4) X := X-1
Y := Y-1end_if_else
PATH F,F
Variable values:
X2 = X0 + 1 Y2 = Y0 + 1
X4 = X0 Y4 = Y0
Path Condition:
= ((X0 >0) and (Y0 >0)) and
((X2 ≥ 1) and (Y2 ≥ 1))
= ((X0 >0) and (Y0 >0)) and
((X0+1 ≥ 1) and (Y0+1 ≥1))
= ((X0 >0) and (Y0 >0)) and
((X0 ≥ 0) and (Y0 ≥ 0))
= (X0 >0) and (Y0 >0)
F
F
Example 1 (revisited)
if (X<=0) or (Y<=0) then(1) X := X**2
Y := Y**2else
(2) X := X+1Y := Y+1
end_if_elseif (X<1) or (Y<1) then
(3) X := X+1Y := Y+1
else(4) X := X-1
Y := Y-1end_if_else
PATH F,F
Variable values:
X2 = X0 + 1 Y2 = Y0 + 1
X4 = X0 Y4 = Y0
Path Condition:
= ((X0 >0) and (Y0 >0)) and
((X2 ≥ 1) and (Y2 ≥ 1))
= ((X0 >0) and (Y0 >0)) and
((X0+1 ≥ 1) and (Y0+1 ≥1))
= ((X0 >0) and (Y0 >0)) and
((X0 ≥ 0) and (Y0 ≥ 0))
= (X0 >0) and (Y0 >0)
F
F
Example 1 (revisited)
if (X<=0) or (Y<=0) then(1) X := X**2
Y := Y**2else
(2) X := X+1Y := Y+1
end_if_elseif (X<1) or (Y<1) then
(3) X := X+1Y := Y+1
else(4) X := X-1
Y := Y-1end_if_else
PATH F,F
Variable values:
X2 = X0 + 1 Y2 = Y0 + 1
X4 = X0 Y4 = Y0
Path Condition:
= ((X0 >0) and (Y0 >0)) and
((X2 ≥ 1) and (Y2 ≥ 1))
= ((X0 >0) and (Y0 >0)) and
((X0+1 ≥ 1) and (Y0+1 ≥1))
= ((X0 >0) and (Y0 >0)) and
((X0 ≥ 0) and (Y0 ≥ 0))
= (X0 >0) and (Y0 >0)
F
F
Example 1 (revisited)
if (X<=0) or (Y<=0) then(1) X := X**2
Y := Y**2else
(2) X := X+1Y := Y+1
end_if_elseif (X<1) or (Y<1) then
(3) X := X+1Y := Y+1
else(4) X := X-1
Y := Y-1end_if_else
PATH F,F
Variable values:
X2 = X0 + 1 Y2 = Y0 + 1
X4 = X0 Y4 = Y0
Path Condition:
= ((X0 >0) and (Y0 >0)) and
((X2 ≥ 1) and (Y2 ≥ 1))
= ((X0 >0) and (Y0 >0)) and
((X0+1 ≥ 1) and (Y0+1 ≥1))
= ((X0 >0) and (Y0 >0)) and
((X0 ≥ 0) and (Y0 ≥ 0))
= (X0 >0) and (Y0 >0)
F
F
Summary of Path Conditions
TT: ((X0 0) or (Y0 0) ) and ((-1 < X0 < 1) or (-1 < Y0 < 1))
TF: ((X0 0) or (Y0 0)) and ((X0 -1) or (X0 ≥ 1)) and((Y0 -1) or (Y0 ≥ 1))
FT: FALSE
FF: (X0 >0) and (Y0 >0)
The path domains in the (X0 ,Y0 ) plane may
also be depicted graphically...
Graph of Path Domains
TFFF
Y0 = 1
Y0 = -1
X0 = 1X0 = -1
TT X0
Y0
Incremental Generation of Path
Conditions
• Path conditions can also be generated incrementally, by considering the branches taken in a piecemeal fashion.
Example 2
if (B > A+1) then(1) A := A+1
else(2) B := B-1
end_if_elseif (B > -A+2) then
(3) A := A+2else
(4) B := B+1end_if_elseif (B <= 0) then
..
.
PARTIAL PATH T
T
Example 2
if (B > A+1) then(1) A := A+1
else(2) B := B-1
end_if_elseif (B > -A+2) then
(3) A := A+2else
(4) B := B+1end_if_elseif (B <= 0) then
..
.
PARTIAL PATH T
Variable values:
A0, B0
T
Example 2
if (B > A+1) then(1) A := A+1
else(2) B := B-1
end_if_elseif (B > -A+2) then
(3) A := A+2else
(4) B := B+1end_if_elseif (B <= 0) then
..
.
PARTIAL PATH T
Variable values:
A0, B0
Partial path condition:
(B0 > A0+1)
T
Example 2
if (B > A+1) then(1) A := A+1
else(2) B := B-1
end_if_elseif (B > -A+2) then
(3) A := A+2else
(4) B := B+1end_if_elseif (B <= 0) then
..
.
PARTIAL PATH F
F
Example 2
if (B > A+1) then(1) A := A+1
else(2) B := B-1
end_if_elseif (B > -A+2) then
(3) A := A+2else
(4) B := B+1end_if_elseif (B <= 0) then
..
.
PARTIAL PATH F
Variable values:
A0, B0
F
Example 2
if (B > A+1) then(1) A := A+1
else(2) B := B-1
end_if_elseif (B > -A+2) then
(3) A := A+2else
(4) B := B+1end_if_elseif (B <= 0) then
..
.
PARTIAL PATH F
Variable values:
A0, B0
Partial path condition:
(B0 A0+1)
F
Partial Path Domains
B0 = A0 + 1
T
F
A0
B0
Example 2 (cont’d)
if (B > A+1) then(1) A := A+1
else(2) B := B-1
end_if_elseif (B > -A+2) then
(3) A := A+2else
(4) B := B+1end_if_elseif (B <= 0) then
.
.
.
PARTIAL PATH TT
T
T
Example 2 (cont’d)
if (B > A+1) then(1) A := A+1
else(2) B := B-1
end_if_elseif (B > -A+2) then
(3) A := A+2else
(4) B := B+1end_if_elseif (B <= 0) then
.
.
.
PARTIAL PATH TT
Variable values:
A1 = A0 +1
B1 = B0
T
T
Example 2 (cont’d)
if (B > A+1) then(1) A := A+1
else(2) B := B-1
end_if_elseif (B > -A+2) then
(3) A := A+2else
(4) B := B+1end_if_elseif (B <= 0) then
.
.
.
PARTIAL PATH TT
Variable values:
A1 = A0 +1
B1 = B0
Partial path condition:
(B0 > A0+1) and
(B1 > -A1+2)
= (B0 > A0+1) and
(B0 > -A0+1)
T
T
Example 2 (cont’d)
if (B > A+1) then(1) A := A+1
else(2) B := B-1
end_if_elseif (B > -A+2) then
(3) A := A+2else
(4) B := B+1end_if_elseif (B <= 0) then
.
.
.
PARTIAL PATH TT
Variable values:
A1 = A0 +1
B1 = B0
Partial path condition:
(B0 > A0+1) and
(B1 > -A1+2)
= (B0 > A0+1) and
(B0 > -A0+1)
T
T
Example 2 (cont’d)
if (B > A+1) then(1) A := A+1
else(2) B := B-1
end_if_elseif (B > -A+2) then
(3) A := A+2else
(4) B := B+1end_if_elseif (B <= 0) then
.
.
.
PARTIAL PATH TT
Variable values:
A1 = A0 +1
B1 = B0
Partial path condition:
(B0 > A0+1) and
(B1 > -A1+2)
= (B0 > A0+1) and
(B0 > -A0+1)
T
T
Example 2 (cont’d)
if (B > A+1) then(1) A := A+1
else(2) B := B-1
end_if_elseif (B > -A+2) then
(3) A := A+2else
(4) B := B+1end_if_elseif (B <= 0) then
.
.
.
PARTIAL PATH TF
T
F
Example 2 (cont’d)
if (B > A+1) then(1) A := A+1
else(2) B := B-1
end_if_elseif (B > -A+2) then
(3) A := A+2else
(4) B := B+1end_if_elseif (B <= 0) then
.
.
.
PARTIAL PATH TF
Variable values:
A1 = A0 +1
B1 = B0
T
F
Example 2 (cont’d)
if (B > A+1) then(1) A := A+1
else(2) B := B-1
end_if_elseif (B > -A+2) then
(3) A := A+2else
(4) B := B+1end_if_elseif (B <= 0) then
.
.
.
PARTIAL PATH TF
Variable values:
A1 = A0 +1
B1 = B0
Partial path condition:
(B0 > A0+1) and
(B1 -A1+2)
= (B0 > A0+1) and
(B0 -A0+1)
T
F
Example 2 (cont’d)
if (B > A+1) then(1) A := A+1
else(2) B := B-1
end_if_elseif (B > -A+2) then
(3) A := A+2else
(4) B := B+1end_if_elseif (B <= 0) then
.
.
.
PARTIAL PATH TF
Variable values:
A1 = A0 +1
B1 = B0
Partial path condition:
(B0 > A0+1) and
(B1 -A1+2)
= (B0 > A0+1) and
(B0 -A0+1)
T
F
Example 2 (cont’d)
if (B > A+1) then(1) A := A+1
else(2) B := B-1
end_if_elseif (B > -A+2) then
(3) A := A+2else
(4) B := B+1end_if_elseif (B <= 0) then
.
.
.
PARTIAL PATH TF
Variable values:
A1 = A0 +1
B1 = B0
Partial path condition:
(B0 > A0+1) and
(B1 -A1+2)
= (B0 > A0+1) and
(B0 -A0+1)
T
F
Example 2 (cont’d)
if (B > A+1) then(1) A := A+1
else(2) B := B-1
end_if_elseif (B > -A+2) then
(3) A := A+2else
(4) B := B+1end_if_elseif (B <= 0) then
.
.
.
PARTIAL PATH FT
F
T
Example 2 (cont’d)
if (B > A+1) then(1) A := A+1
else(2) B := B-1
end_if_elseif (B > -A+2) then
(3) A := A+2else
(4) B := B+1end_if_elseif (B <= 0) then
.
.
.
PARTIAL PATH FT
Variable values:
A2 = A0
B2 = B0-1
F
T
Example 2 (cont’d)
if (B > A+1) then(1) A := A+1
else(2) B := B-1
end_if_elseif (B > -A+2) then
(3) A := A+2else
(4) B := B+1end_if_elseif (B <= 0) then
.
.
.
PARTIAL PATH FT
Variable values:
A2 = A0
B2 = B0-1
Partial path condition:
(B0 A0+1) and
(B2 > -A2+2)
= (B0 A0+1) and
(B0 > -A0+3)
F
T
Example 2 (cont’d)
if (B > A+1) then(1) A := A+1
else(2) B := B-1
end_if_elseif (B > -A+2) then
(3) A := A+2else
(4) B := B+1end_if_elseif (B <= 0) then
.
.
.
PARTIAL PATH FT
Variable values:
A2 = A0
B2 = B0-1
Partial path condition:
(B0 A0+1) and
(B2 > -A2+2)
= (B0 A0+1) and
(B0 > -A0+3)
F
T
Example 2 (cont’d)
if (B > A+1) then(1) A := A+1
else(2) B := B-1
end_if_elseif (B > -A+2) then
(3) A := A+2else
(4) B := B+1end_if_elseif (B <= 0) then
.
.
.
PARTIAL PATH FT
Variable values:
A2 = A0
B2 = B0-1
Partial path condition:
(B0 A0+1) and
(B2 > -A2+2)
= (B0 A0+1) and
(B0 > -A0+3)
F
T
Example 2 (cont’d)
if (B > A+1) then(1) A := A+1
else(2) B := B-1
end_if_elseif (B > -A+2) then
(3) A := A+2else
(4) B := B+1end_if_elseif (B <= 0) then
.
.
.
PARTIAL PATH FF
F
F
Example 2 (cont’d)
if (B > A+1) then(1) A := A+1
else(2) B := B-1
end_if_elseif (B > -A+2) then
(3) A := A+2else
(4) B := B+1end_if_elseif (B <= 0) then
.
.
.
PARTIAL PATH FF
Variable values:
A2 = A0
B2 = B0-1
F
F
Example 2 (cont’d)
if (B > A+1) then(1) A := A+1
else(2) B := B-1
end_if_elseif (B > -A+2) then
(3) A := A+2else
(4) B := B+1end_if_elseif (B <= 0) then
.
.
.
PARTIAL PATH FF
Variable values:
A2 = A0
B2 = B0-1
Partial path condition:
(B0 A0+1) and
(B2 -A2+2)
= (B0 A0+1) and
(B0 -A0+3)
F
F
Example 2 (cont’d)
if (B > A+1) then(1) A := A+1
else(2) B := B-1
end_if_elseif (B > -A+2) then
(3) A := A+2else
(4) B := B+1end_if_elseif (B <= 0) then
.
.
.
PARTIAL PATH FF
Variable values:
A2 = A0
B2 = B0-1
Partial path condition:
(B0 A0+1) and
(B2 -A2+2)
= (B0 A0+1) and
(B0 -A0+3)
F
F
Example 2 (cont’d)
if (B > A+1) then(1) A := A+1
else(2) B := B-1
end_if_elseif (B > -A+2) then
(3) A := A+2else
(4) B := B+1end_if_elseif (B <= 0) then
.
.
.
PARTIAL PATH FF
Variable values:
A2 = A0
B2 = B0-1
Partial path condition:
(B0 A0+1) and
(B2 -A2+2)
= (B0 A0+1) and
(B0 -A0+3)
F
F
Partial Path Domains (cont’d)
B0 = A0 + 1
A0
B0
B0 = -A0 + 3
B0 = -A0 + 1
FF
TF
FTTT
Example 2 (cont’d)
if (B > A+1) then(1) A := A+1
else(2) B := B-1
end_if_elseif (B > -A+2) then
(3) A := A+2else
(4) B := B+1end_if_elseif (B <= 0) then
.
.
.
PARTIAL PATH TTT
T
T
T
Example 2 (cont’d)
if (B > A+1) then(1) A := A+1
else(2) B := B-1
end_if_elseif (B > -A+2) then
(3) A := A+2else
(4) B := B+1end_if_elseif (B <= 0) then
.
.
.
PARTIAL PATH TTT
Variable values:
A1 = A0 +1
A3 = A1 + 2 = A0 + 3
T
T
T
Example 2 (cont’d)
if (B > A+1) then(1) A := A+1
else(2) B := B-1
end_if_elseif (B > -A+2) then
(3) A := A+2else
(4) B := B+1end_if_elseif (B <= 0) then
.
.
.
PARTIAL PATH TTT
Variable values:
A1 = A0 +1
A3 = A1 + 2 = A0 + 3
B3 = B1 = B0
T
T
T
Example 2 (cont’d)
if (B > A+1) then(1) A := A+1
else(2) B := B-1
end_if_elseif (B > -A+2) then
(3) A := A+2else
(4) B := B+1end_if_elseif (B <= 0) then
.
.
.
PARTIAL PATH TTT
Variable values:
A1 = A0 +1
A3 = A1 + 2 = A0 + 3
B3 = B1 = B0
Partial path condition:
(B0 > A0+1) and
(B0 > -A0+1) and
(B3 0) = (B0 0)
= FALSE
T
T
T
Example 2 (cont’d)
if (B > A+1) then(1) A := A+1
else(2) B := B-1
end_if_elseif (B > -A+2) then
(3) A := A+2else
(4) B := B+1end_if_elseif (B <= 0) then
.
.
.
PARTIAL PATH TTT
Variable values:
A1 = A0 +1
A3 = A1 + 2 = A0 + 3
B3 = B1 = B0
Partial path condition:
(B0 > A0+1) and
(B0 > -A0+1) and
(B3 0) = (B0 0)
= FALSE
T
T
T
Example 2 (cont’d)
if (B > A+1) then(1) A := A+1
else(2) B := B-1
end_if_elseif (B > -A+2) then
(3) A := A+2else
(4) B := B+1end_if_elseif (B <= 0) then
.
.
.
PARTIAL PATH TTT
Variable values:
A1 = A0 +1
A3 = A1 + 2 = A0 + 3
B3 = B1 = B0
Partial path condition:
(B0 > A0+1) and
(B0 > -A0+1) and
(B3 0) = (B0 0)
= FALSE
T
T
T
Partial Path Domains Revisited
B0 = A0 + 1
A0
B0
B0 = -A0 + 3
B0 = -A0 + 1
FF
TF
FTTT
Partial Path Domains Revisited
B0 = A0 + 1
A0
B0
B0 = -A0 + 3
B0 = -A0 + 1
FF
TF
FTTT
B0 0
Example 2 (cont’d)
if (B > A+1) then(1) A := A+1
else(2) B := B-1
end_if_elseif (B > -A+2) then
(3) A := A+2else
(4) B := B+1end_if_elseif (B <= 0) then
.
.
.
PARTIAL PATH TTT
Variable values:
A1 = A0 +1
A3 = A1 + 2 = A0 + 3
B3 = B1 = B0
Partial path condition:
(B0 > A0+1) and
(B0 > -A0+1) and
(B3 0) = (B0 0)
= FALSE
T
T
T
Loops
• In general, the simplification of path conditions involving loops is very difficult.
• The simplest form that is obtainable for N
iterations of a loop may involve N terms.
• “N iterations” =
– While loop body executes N-1 times
– Repeat_Until loop body executes N
times
Loops
• In general, the simplification of path conditions involving loops is very difficult.
• The simplest form that is obtainable for N
iterations of a loop may involve N terms.
• “N iterations” =
– While loop body executes N-1 times
– Repeat_Until loop body executes N
times
Loops
• In general, the simplification of path conditions involving loops is very difficult.
• The simplest form that is obtainable for N
iterations of a loop may involve N terms.
• “N iterations” =
– While loop body executes N-1 times
– Repeat_Until loop body executes N
times
Loops
• In general, the simplification of path conditions involving loops is very difficult.
• The simplest form that is obtainable for N
iterations of a loop may involve N terms.
• “N iterations” =
– While loop body executes N-1 times
– Repeat_Until loop body executes N
times
Loops
• In general, the simplification of path conditions involving loops is very difficult.
• The simplest form that is obtainable for N
iterations of a loop may involve N terms.
• “N iterations” =
– While loop body executes N-1 times
– Repeat_Until loop body executes N
times
Example 3
(1) C := 0while (X>=Y) do
(2) X := X-YC := C+1
end_while
Variable values: (Y does not change)
(1) X1 = X0
C1 = 0
(2,1) X2,1 = X1 – Y1 = X0 – Y0
C2,1 = C1 + 1 = 1
(2,2) X2,2 = X2,1 – Y2,1 = (X0 – Y0) - Y0 = X0 – 2Y0
C2,2 = C2,1 + 1 = 2
Example 3
(1) C := 0while (X>=Y) do
(2) X := X-YC := C+1
end_while
Variable values: (Y does not change)
(1) X1 = X0
C1 = 0
(2,1) X2,1 = X1 – Y1 = X0 – Y0
C2,1 = C1 + 1 = 1
(2,2) X2,2 = X2,1 – Y2,1 = (X0 – Y0) - Y0 = X0 – 2Y0
C2,2 = C2,1 + 1 = 2
Example 3
(1) C := 0while (X>=Y) do
(2) X := X-YC := C+1
end_while
Variable values: (Y does not change)
(1) X1 = X0
C1 = 0
(2,1) X2,1 = X1 – Y1 = X0 – Y0
C2,1 = C1 + 1 = 1
(2,2) X2,2 = X2,1 – Y2,1 = (X0 – Y0) - Y0 = X0 – 2Y0
C2,2 = C2,1 + 1 = 2
Example 3
(1) C := 0while (X>=Y) do
(2) X := X-YC := C+1
end_while
Variable values: (Y does not change)
(1) X1 = X0
C1 = 0
(2,1) X2,1 = X1 – Y1 = X0 – Y0
C2,1 = C1 + 1 = 1
(2,2) X2,2 = X2,1 – Y2,1 = (X0 – Y0) - Y0 = X0 – 2Y0
C2,2 = C2,1 + 1 = 2
Example 3 (cont’d)
(1) C := 0while (X>=Y) do
(2) X := X-YC := C+1
end_while
Variable values: (cont’d)
(2,2) X2,2 = X0 – 2Y0
C2,2 = 2
(2,3) X2,3 = X2,2 – Y2,2 = (X0 – 2Y0) - Y0 = X0 – 3Y0
C2,3 = C2,2 + 1 = 3
(2,N) X2,N = X0 – NY0
C2,N = N
Example 3 (cont’d)
(1) C := 0while (X>=Y) do
(2) X := X-YC := C+1
end_while
Variable values: (cont’d)
(2,2) X2,2 = X0 – 2Y0
C2,2 = 2
(2,3) X2,3 = X2,2 – Y2,2 = (X0 – 2Y0) - Y0 = X0 – 3Y0
C2,3 = C2,2 + 1 = 3
(2,N) X2,N = X0 – NY0
C2,N = N
Example 3 (cont’d)
(1) C := 0while (X>=Y) do
(2) X := X-YC := C+1
end_while
Variable values: (cont’d)
(2,2) X2,2 = X0 – 2Y0
C2,2 = 2
(2,3) X2,3 = X2,2 – Y2,2 = (X0 – 2Y0) - Y0 = X0 – 3Y0
C2,3 = C2,2 + 1 = 3
(2,N) X2,N = X0 – NY0
C2,N = N
Example 3 (cont’d)
(1) C := 0while (X>=Y) do
(2) X := X-YC := C+1
end_while
Variable values: (cont’d)
(2,2) X2,2 = X0 – 2Y0
C2,2 = 2
(2,3) X2,3 = X2,2 – Y2,2 = (X0 – 2Y0) - Y0 = X0 – 3Y0
C2,3 = C2,2 + 1 = 3
(2,N) X2,N = X0 – NY0
C2,N = N
Example 3 (cont’d)
Path Condition for Path F: (loop body executed 0 times)
(X1 < Y1) = X0 <Y0
Variable values:
X1= X0 C1= 0
X2,N = X0 – NY0
C2,N = N
(1) C := 0while (X>=Y) do
(2) X := X-YC := C+1
end_while
Example 3 (cont’d)
Path Condition for Path F: (loop body executed 0 times)
(X1 < Y1) = X0 <Y0
Variable values:
X1= X0 C1= 0
X2,N = X0 – NY0
C2,N = N
(1) C := 0while (X>=Y) do
(2) X := X-YC := C+1
end_while
Example 3 (cont’d)
Path Condition for Path F: (loop body executed 0 times)
(X1 < Y1) = X0 <Y0
Path Condition for Path T,F:
(loop body executed 1 time)
(X1 ≥ Y1) and (X2,1 <Y2,1)
= (X0 ≥ Y0) and (X0 - Y0 <Y0)
= (X0 ≥ Y0) and (X0 <2Y0)
= Y0 ≤ X0 <2Y0
Variable values:
X1= X0 C1= 0
X2,N = X0 – NY0
C2,N = N
(1) C := 0while (X>=Y) do
(2) X := X-YC := C+1
end_while
Example 3 (cont’d)
Path Condition for Path F: (loop body executed 0 times)
(X1 < Y1) = X0 <Y0
Path Condition for Path T,F:
(loop body executed 1 time)
(X1 ≥ Y1) and (X2,1 <Y2,1)
= (X0 ≥ Y0) and (X0 - Y0 <Y0)
= (X0 ≥ Y0) and (X0 <2Y0)
= Y0 ≤ X0 <2Y0
Variable values:
X1= X0 C1= 0
X2,N = X0 – NY0
C2,N = N
(1) C := 0while (X>=Y) do
(2) X := X-YC := C+1
end_while
Example 3 (cont’d)
Path Condition for Path F: (loop body executed 0 times)
(X1 < Y1) = X0 <Y0
Path Condition for Path T,F:
(loop body executed 1 time)
(X1 ≥ Y1) and (X2,1 <Y2,1)
= (X0 ≥ Y0) and (X0 - Y0 <Y0)
= (X0 ≥ Y0) and (X0 <2Y0)
= Y0 ≤ X0 <2Y0
Variable values:
X1= X0 C1= 0
X2,N = X0 – NY0
C2,N = N
(1) C := 0while (X>=Y) do
(2) X := X-YC := C+1
end_while
Example 3 (cont’d)
Path Condition for Path F: (loop body executed 0 times)
(X1 < Y1) = X0 <Y0
Path Condition for Path T,F:
(loop body executed 1 time)
(X1 ≥ Y1) and (X2,1 <Y2,1)
= (X0 ≥ Y0) and (X0 - Y0 <Y0)
= (X0 ≥ Y0) and (X0 <2Y0)
= Y0 ≤ X0 <2Y0
Variable values:
X1= X0 C1= 0
X2,N = X0 – NY0
C2,N = N
(1) C := 0while (X>=Y) do
(2) X := X-YC := C+1
end_while
Example 3 (cont’d)
Variable values:
X1= X0 C1= 0
X2,N = X0 – NY0 C2,N = N
Path Condition for Path T,T,F: (loop body executed 2
times)
(X1 ≥ Y1) and (X2,1 ≥ Y2,1) and (X2,2 <Y2,2)
= (X0 ≥ Y0) and (X0 - Y0 ≥ Y0) and (X0 - 2Y0 <Y0)
= (X0 ≥ Y0) and (X0 ≥ 2Y0) and (X0 <3Y0)
= (X0 ≥ Y0) and (2Y0 ≤ X0 <3Y0)
= 2Y0 ≤ X0 <3Y0 since (2Y0 < 3Y0 ) => Y0 > 0 => (X0 ≥ 2Y0 => X0 ≥ Y0)
(1) C := 0while (X>=Y) do
(2) X := X-YC := C+1
end_while
Example 3 (cont’d)
Variable values:
X1= X0 C1= 0
X2,N = X0 – NY0 C2,N = N
Path Condition for Path T,T,F: (loop body executed 2
times)
(X1 ≥ Y1) and (X2,1 ≥ Y2,1) and (X2,2 <Y2,2)
= (X0 ≥ Y0) and (X0 - Y0 ≥ Y0) and (X0 - 2Y0 <Y0)
= (X0 ≥ Y0) and (X0 ≥ 2Y0) and (X0 <3Y0)
= (X0 ≥ Y0) and (2Y0 ≤ X0 <3Y0)
= 2Y0 ≤ X0 <3Y0 since (2Y0 < 3Y0 ) => Y0 > 0 => (X0 ≥ 2Y0 => X0 ≥ Y0)
(1) C := 0while (X>=Y) do
(2) X := X-YC := C+1
end_while
Example 3 (cont’d)
Variable values:
X1= X0 C1= 0
X2,N = X0 – NY0 C2,N = N
Path Condition for Path T,T,F: (loop body executed 2
times)
(X1 ≥ Y1) and (X2,1 ≥ Y2,1) and (X2,2 <Y2,2)
= (X0 ≥ Y0) and (X0 - Y0 ≥ Y0) and (X0 - 2Y0 <Y0)
= (X0 ≥ Y0) and (X0 ≥ 2Y0) and (X0 <3Y0)
= (X0 ≥ Y0) and (2Y0 ≤ X0 <3Y0)
= 2Y0 ≤ X0 <3Y0 since (2Y0 < 3Y0 ) => Y0 > 0 => (X0 ≥ 2Y0 => X0 ≥ Y0)
(1) C := 0while (X>=Y) do
(2) X := X-YC := C+1
end_while
Example 3 (cont’d)
Variable values:
X1= X0 C1= 0
X2,N = X0 – NY0 C2,N = N
Path Condition for Path T,T,F: (loop body executed 2
times)
(X1 ≥ Y1) and (X2,1 ≥ Y2,1) and (X2,2 <Y2,2)
= (X0 ≥ Y0) and (X0 - Y0 ≥ Y0) and (X0 - 2Y0 <Y0)
= (X0 ≥ Y0) and (X0 ≥ 2Y0) and (X0 <3Y0)
= (X0 ≥ Y0) and (2Y0 ≤ X0 <3Y0)
= 2Y0 ≤ X0 <3Y0 since (2Y0 < 3Y0 ) => Y0 > 0 => (X0 ≥ 2Y0 => X0 ≥ Y0)
(1) C := 0while (X>=Y) do
(2) X := X-YC := C+1
end_while
Example 3 (cont’d)
Variable values:
X1= X0 C1= 0
X2,N = X0 – NY0 C2,N = N
Path Condition for Path T,T,F: (loop body executed 2
times)
(X1 ≥ Y1) and (X2,1 ≥ Y2,1) and (X2,2 <Y2,2)
= (X0 ≥ Y0) and (X0 - Y0 ≥ Y0) and (X0 - 2Y0 <Y0)
= (X0 ≥ Y0) and (X0 ≥ 2Y0) and (X0 <3Y0)
= (X0 ≥ Y0) and (2Y0 ≤ X0 <3Y0)
= 2Y0 ≤ X0 <3Y0 since (2Y0 < 3Y0 ) => Y0 > 0 => (X0 ≥ 2Y0 => X0 ≥ Y0)
(1) C := 0while (X>=Y) do
(2) X := X-YC := C+1
end_while
Example 3 (cont’d)
Path Condition for N>1 iterations of the loop:
(X1 ≥ Y1) and (X2,1 ≥ Y2,1) and … and (X2,N-1 ≥ Y2,N-1)
and (X2,N <Y2,N)
Example 3 (cont’d)
Path Condition for N>1 iterations of the loop:
(X1 ≥ Y1) and (X2,1 ≥ Y2,1) and … and (X2,N-1 ≥ Y2,N-1)
and (X2,N <Y2,N)
It can be proven by induction that this condition may be expressed in CLOSED FORM as:
(N-1)Y0 ≤ X0 < NY0
with the implied (eventual termination) condition that Y0 > 0.
Path Conditions & Symbolic
Evaluation Summary
• To cause a path to be executed requires that the test case satisfy its path condition.
• The path condition is the conjunction of branch predicates that are required to hold for all the branches along the path.
• In general, the simplification of path conditions for loops is very difficult. (The simplest form that is obtainable for N
iterations of a loop may involve N terms.)
Path Conditions & Symbolic
Evaluation Summary
• To cause a path to be executed requires that the test case satisfy its path condition.
• The path condition is the conjunction of branch predicates that are required to hold for all the branches along the path.
• In general, the simplification of path conditions for loops is very difficult. (The simplest form that is obtainable for N
iterations of a loop may involve N terms.)
Path Conditions & Symbolic
Evaluation Summary
• To cause a path to be executed requires that the test case satisfy its path condition.
• The path condition is the conjunction of branch predicates that are required to hold for all the branches along the path.
• In general, the simplification of path conditions for loops is very difficult. (The simplest form that is obtainable for N
iterations of a loop may involve N terms.)
Path Conditions & Symbolic
Evaluation Summary (cont’d)
• A path is infeasible if its path condition reduces to FALSE.
• Symbolic evaluation provides a systematic method for expressing path conditions in terms of the initial symbolic values of program variables.
Path Conditions & Symbolic
Evaluation Summary (cont’d)
• A path is infeasible if its path condition reduces to FALSE.
• Symbolic evaluation provides a systematic method for expressing path conditions in terms of the initial symbolic values of program variables.
Path Conditions & Symbolic
Evaluation Summary (cont’d)
• This simplifies the task of identifying inputs that will cause the path to be executed.
• But this “satisfiability problem” can be very difficult to solve…
Path Conditions & Symbolic
Evaluation Summary (cont’d)
• This simplifies the task of identifying inputs that will cause the path to be executed.
• But this “satisfiability problem” can be very difficult to solve…
Exactly HOW Difficult…?
• Given a Boolean expression E, decide if there is some assignment to the variables in E such that E will be true.
• This was the first problem shown to be NP-complete!
Exactly HOW Difficult…?
• Given a Boolean expression E, decide if there is some assignment to the variables in E such that E will be true.
• This was the first problem shown to be NP-complete!
White-Box Testing Techniques III
Prepared by
Stephen M. Thebaut, Ph.D.
University of Florida
Software Testing and Verification
Lecture 9