From: Michael Snyder <Michael.Snyder@palmsource.com>
To: Rob Quill <rob.quill@gmail.com>
Cc: gdb@sourceware.org
Subject: Re: Light Formal Methods in GDB
Date: Fri, 13 Oct 2006 18:47:00 -0000 [thread overview]
Message-ID: <1160765208.14535.251.camel@localhost.localdomain> (raw)
In-Reply-To: <baf6008d0610130304v3bc69960gef8e7f996946f4ff@mail.gmail.com>
On Fri, 2006-10-13 at 11:04 +0100, Rob Quill wrote:
> Hi,
>
> The principle works as follows:
>
> It it possible to create an automaton from an LTL formula, with
> expressions for values of variables as the transitions from one state
> to the next.
>
> Then the tricky part is building an automaton which represents the
> program. But once you have these it is possible to see if the
> automaton 'match' and if they do then the property holds.
>
> With regards to building the system automaton, at the very simplest
> you could single step the code, get values of variables at each step
> and make an appropriate transition on the automaton. However, this is
> obviously very inefficient, and improvements would most likely be made
> by building a control flow graph of the program (in some way) and use
> the nodes of that graph as the points get get values, or something
> like that.
>
> The advantage of including something like this in GDB is that once the
> property that the programmer expected to hold becomes false, program
> execution can stop and he programmer can use the standard GDB tools.
> Well, that'd be the idea anyway.
>
> The original idea was to do the same thing but for concurrent programs
> because there is research which says that using LTL formulas and the
> automaton technique, you can say whether properties of concurrent
> programs hold for all the possible interleavings. However, it was
> decided that that was too complicated, so it was narrowed to
> non-concurrent programs.
OK. Well, once you have your list of nodes and properties (values),
maybe you could have your software emit a set of breakpoint definitions
for gdb, with appropriate rules for evaluating sets of values at each
breakpoint. Gdb already has a scripting language that includes "if"
and "while", and you can define debugger-local variables to define
your finite automaton and control its state. Then, depending on those
state variables, gdb can stop the program or let it continue. You
can also include "print" statements to log your state.
This sounds like an interesting project, and I don't think
it should require any modifications to gdb (or at least, any
major ones). You would generate a script for gdb to set up
the breakpoints and states, then run gdb in batch mode with
the output piped into a file. You would then post-process
that file for your results.
next prev parent reply other threads:[~2006-10-13 18:47 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-10-12 14:07 Rob Quill
2006-10-12 19:48 ` Michael Snyder
2006-10-13 10:04 ` Rob Quill
2006-10-13 18:47 ` Michael Snyder [this message]
2006-10-16 10:18 ` Rob Quill
2006-10-16 14:38 ` Daniel Jacobowitz
2006-10-16 18:22 ` Michael Snyder
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1160765208.14535.251.camel@localhost.localdomain \
--to=michael.snyder@palmsource.com \
--cc=gdb@sourceware.org \
--cc=rob.quill@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox