Tweet
Tweet

Slide 1

Slide 1 text

Learning and Refining Input Grammars for Effective Fuzzing Rahul Gopinath 1

Slide 2

Slide 2 text

Prerequisites https://github.com/vrthra/SBST22-tutorial#readme • Install Python 3.10 • Install Graphviz • Install Jupyter • Start Jupyter 2

Slide 3

Slide 3 text

Prerequisites http://localhost:8888/tree • Install Python 3.10 • Install Graphviz • Install Jupyter • Start Jupyter 3

Slide 4

Slide 4 text

http://localhost:8888/notebooks/RoadMap.ipynb 4

Slide 5

Slide 5 text

http://localhost:8888/notebooks/x0_0_Prerequisites.ipynb 5

Slide 6

Slide 6 text

Search 6

Slide 7

Slide 7 text

Fuzzing Program Trash deck technique: 1950s - Gerald Weinberg 7

Slide 8

Slide 8 text

Fuzzing Program Trash deck technique: 1950s - Gerald Weinberg 7

Slide 9

Slide 9 text

Fuzzing Crash? Program Trash deck technique: 1950s - Gerald Weinberg 7

Slide 10

Slide 10 text

8 Random Fuzzing Program

Slide 11

Slide 11 text

8 Random Fuzzing $ ./fuzz [;x1-GPZ+wcckc];,N9J+?#6^6\e?]9lu
 2_%'4GX"0VUB[E/r ~fApu6b8<{%siq8Z
 h.6{V,hr?;{Ti.r3PIxMMMv6{xS^+'Hq!
 AxB"YXRS@!Kd6;wtAMefFWM(`|J_<1~o}
 z3K(CCzRH JIIvHz>_*.\>JrlU32~eGP?
 lR=bF3+;y$3lodQ&]BS6R&j?#tP7iaV}-}`\?[_[Z^LBM
 PG-FKj'\xwuZ1=Q`^`5,$N$Q@[!CuRzJ2
 D|vBy!^zkhdf3C5PAkR?V((-%>

Slide 12

Slide 12 text

$ ./fuzz -int | program 634111569742810193727424069509 
 741355925061499451162464719526 
 615957331924826555590537407605 
 181400079803446874252046374716 
 740973770255348279425601333144 
 152724057932073828569041216191 
 099859446496509919024810271242 
 622974988671421938012464630138 
 735355134599327240920259675263 
 574528613057084231370741920902 
 794677842164654990353575580453 
 777282305855352378119038096476 
 699871306655084953377039862387 
 924957554389878352934547664240 
 082431556093837288597262675598 
 630851919061829885048834738832 
 677022429414980917053939970795 
 722006987916088650168665471731 yes 9 Feedback Driven Fuzzing def is_prime(n: int) -> bool: """Primality test using 6k+-1 optimization.""" if n <= 3: return n > 1 if n % 2 == 0 or n % 3 == 0: return False i = 5 while i ** 2 <= n: if n % i == 0 or n % (i + 2) == 0: return False i += 6 return True def main(): num = stdin.read() print(num, is_prime(num))

Slide 13

Slide 13 text

http://localhost:8888/notebooks/x1_0_GeneratingSamples.ipynb 10

Slide 14

Slide 14 text

11 Fuzzing Parsers $ ./fuzz [;x1-GPZ+wcckc];,N9J+?#6^6\e?]9lu
 2_%'4GX"0VUB[E/r ~fApu6b8<{%siq8Z
 h.6{V,hr?;{Ti.r3PIxMMMv6{xS^+'Hq!
 AxB"YXRS@!Kd6;wtAMefFWM(`|J_<1~o}
 z3K(CCzRH JIIvHz>_*.\>JrlU32~eGP?
 lR=bF3+;y$3lodQ&]BS6R&j?#tP7iaV}-}`\?[_[Z^LBM
 PG-FKj'\xwuZ1=Q`^`5,$N$Q@[!CuRzJ2
 D|vBy!^zkhdf3C5PAkR?V((-%>

Slide 15

Slide 15 text

11 Fuzzing Parsers $ ./fuzz [;x1-GPZ+wcckc];,N9J+?#6^6\e?]9lu
 2_%'4GX"0VUB[E/r ~fApu6b8<{%siq8Z
 h.6{V,hr?;{Ti.r3PIxMMMv6{xS^+'Hq!
 AxB"YXRS@!Kd6;wtAMefFWM(`|J_<1~o}
 z3K(CCzRH JIIvHz>_*.\>JrlU32~eGP?
 lR=bF3+;y$3lodQ&]BS6R&j?#tP7iaV}-}`\?[_[Z^LBM
 PG-FKj'\xwuZ1=Q`^`5,$N$Q@[!CuRzJ2
 D|vBy!^zkhdf3C5PAkR?V((-%>

Slide 16

Slide 16 text

12 Sepcification Free Generators

Slide 17

Slide 17 text

12 Sepcification Free Generators

Slide 18

Slide 18 text

12 Sepcification Free Generators

Slide 19

Slide 19 text

12 Sepcification Free Generators A

Slide 20

Slide 20 text

12 Sepcification Free Generators A A ∉ (,+,-,1,2,3,4,5,6,7,8,9,0

Slide 21

Slide 21 text

12 Sepcification Free Generators A ( A ∉ (,+,-,1,2,3,4,5,6,7,8,9,0

Slide 22

Slide 22 text

12 Sepcification Free Generators A ( 2 A ∉ (,+,-,1,2,3,4,5,6,7,8,9,0

Slide 23

Slide 23 text

12 Sepcification Free Generators A ( 2 - B 9 ) 4 ) A ∉ (,+,-,1,2,3,4,5,6,7,8,9,0 B ∉ +,-,1,2,3,4,5,6,7,8,9,0,) ) ∉ +,-,1,2,3,4,5,6,7,8,9,0

Slide 24

Slide 24 text

12 Sepcification Free Generators A ( 2 - B 9 ) 4 ) A ∉ (,+,-,1,2,3,4,5,6,7,8,9,0 B ∉ +,-,1,2,3,4,5,6,7,8,9,0,) ) ∉ +,-,1,2,3,4,5,6,7,8,9,0

Slide 25

Slide 25 text

12 Sepcification Free Generators A ( 2 - B 9 ) 4 ) A ∉ (,+,-,1,2,3,4,5,6,7,8,9,0 B ∉ +,-,1,2,3,4,5,6,7,8,9,0,) ) ∉ +,-,1,2,3,4,5,6,7,8,9,0 (2-94)

Slide 26

Slide 26 text

http://localhost:8888/notebooks/x1_1_TrackingAccess.ipynb 13

Slide 27

Slide 27 text

14 Limitation: Lack of control

Slide 28

Slide 28 text

15 Constraining the Search Space with Input Grammars

Slide 29

Slide 29 text

16 Grammar

Slide 30

Slide 30 text

17 Formal Languages Formal Language Descriptions

Slide 31

Slide 31 text

17 Formal Languages Formal Language Descriptions 3. Regular (Chomsky,1956)

Slide 32

Slide 32 text

17 Formal Languages Formal Language Descriptions 3. Regular Context Free (Chomsky,1956) Argument Stack

Slide 33

Slide 33 text

17 Formal Languages Formal Language Descriptions 3. Regular Context Free Recursively Enumerable (Chomsky,1956) Argument Stack Return Stack

Slide 34

Slide 34 text

17 Formal Languages Formal Language Descriptions 3. Regular Context Free Recursively Enumerable (Chomsky,1956) Easy to produce and parse Argument Stack Return Stack

Slide 35

Slide 35 text

18 Grammar := := '+' | '-' | '/' | '*' | '(' ')' | := | '.' := | := [0-9] Arithmetic expression grammar

Slide 36

Slide 36 text

18 Grammar := := '+' | '-' | '/' | '*' | '(' ')' | := | '.' := | := [0-9] Arithmetic expression grammar

Slide 37

Slide 37 text

18 Grammar := := '+' | '-' | '/' | '*' | '(' ')' | := | '.' := | := [0-9] Arithmetic expression grammar key

Slide 38

Slide 38 text

18 Grammar := := '+' | '-' | '/' | '*' | '(' ')' | := | '.' := | := [0-9] Arithmetic expression grammar De f inition for key

Slide 39

Slide 39 text

19 := := '+' | '-' | '/' | '*' | '(' ')' | := | '.' := | := [0-9] Grammar Arithmetic expression grammar

Slide 40

Slide 40 text

19 := := '+' | '-' | '/' | '*' | '(' ')' | := | '.' := | := [0-9] Grammar Arithmetic expression grammar Expansion Rule

Slide 41

Slide 41 text

19 := := '+' | '-' | '/' | '*' | '(' ')' | := | '.' := | := [0-9] Grammar Arithmetic expression grammar Expansion Rule Terminal Symbol

Slide 42

Slide 42 text

19 := := '+' | '-' | '/' | '*' | '(' ')' | := | '.' := | := [0-9] Grammar Arithmetic expression grammar Expansion Rule Terminal Symbol Nonterminal Symbol

Slide 43

Slide 43 text

19 := := '+' | '-' | '/' | '*' | '(' ')' | := | '.' := | := [0-9] Grammar Arithmetic expression grammar Expansion Rule Terminal Symbol Nonterminal Symbol

Slide 44

Slide 44 text

http://localhost:8888/notebooks/x0_1_Grammars.ipynb 20

Slide 45

Slide 45 text

21 Grammars For Parsing := := '+' | '-' | '/' | '*' | '(' ')' | := | '.' := | := [0-9]

Slide 46

Slide 46 text

21 Grammars For Parsing (8 / 3) * 49 := := '+' | '-' | '/' | '*' | '(' ')' | := | '.' := | := [0-9]

Slide 47

Slide 47 text

21 Grammars For Parsing (8 / 3) * 49 := := '+' | '-' | '/' | '*' | '(' ')' | := | '.' := | := [0-9]

Slide 48

Slide 48 text

http://localhost:8888/notebooks/x0_3_Parser.ipynb 22

Slide 49

Slide 49 text

23 Grammars := := '+' | '-' | '/' | '*' | '(' ')' | := | '.' := | := [0-9] For Fuzzing (Hanford 1970) (Purdom 1972)

Slide 50

Slide 50 text

23 Grammars8.2 - 27 - -9 / +((+9 * --2 + --+-+- 
 ((-1 * +(8 - 5 - 6)) * (-(a-+(((+(4) 
 )))) - ++4) / +(-+---((5.6 - --(3 * 
 -1.8 * +(6 * +-(((-(-6) * ---+6)) / 
 +--(+-+-7 * (-0 * (+(((((2)) + 8 - 3 
 - ++9.0 + ---(--+7 / (1 / +++6.37) 
 + (1) / 482) / +++-+0)))) + 8.2 - 27 
 - -9 / +((+9 * --2 + --+-+-((-1 * + 
 (8 - 5 - 6)) * (-(a-+(((+(4))))) - + +4) / +(-+---((5.6 - --(3 * -1.8 * + 
 (6 * +-(((-(-6) * ---+6)) / +--(+-+- 
 7 * (-0 * (+(((((2)) + 8 - 3 - ++9.0 
 + ---(--+7 / (1 / +++6.37) + (1) / 
 482) / +++-+0)))) * -+5 + 7.513)))) 
 - (+1 / ++((-84)))))))) * ++5 / +-(- 
 -2 - -++-9.0)))) / 5 * --++090 + * - 
 +5 + 7.513)))) - (+1 / ++((-84)))))) 
 )) * 8.2 - 27 - -9 / +((+9 * --2 + - 
 -+-+-((-1 * +(8 - 5 - 6)) * (-(a-+(( 
 (+(4))))) - ++4) / +(-+---((5.6 - -- 
 (3 * -1.8 * +(6 * +-(((-(-6) * ---+6 
 )) / +--(+-+-7 * (-0 * (+(((((2)) + 
 8 - 3 - ++9.0 + ---(--+7 / (1 / +++6 
 .37) + (1) / 482) / +++-+0)))) * -+5 
 + 7.513)))) - (+1 / ++((-84)))))))) 
 * ++5 / +-(--2 - -++-9.0)))) / 5 * 
 --++090 ++5 / +-(--2 - -++-9.0)))) / 
 5 * --++090 := := '+' | '-' | '/' | '*' | '(' ')' | := | '.' := | := [0-9] For Fuzzing (Hanford 1970) (Purdom 1972)

Slide 51

Slide 51 text

24 Grammars As effective producers 8.2 - 27 - -9 / +((+9 * --2 + --+-+- 
 ((-1 * +(8 - 5 - 6)) * (-(a-+(((+(4) 
 )))) - ++4) / +(-+---((5.6 - --(3 * 
 -1.8 * +(6 * +-(((-(-6) * ---+6)) / 
 +--(+-+-7 * (-0 * (+(((((2)) + 8 - 3 
 - ++9.0 + ---(--+7 / (1 / +++6.37) 
 + (1) / 482) / +++-+0)))) + 8.2 - 27 
 - -9 / +((+9 * --2 + --+-+-((-1 * + 
 (8 - 5 - 6)) * (-(a-+(((+(4))))) - + +4) / +(-+---((5.6 - --(3 * -1.8 * + 
 (6 * +-(((-(-6) * ---+6)) / +--(+-+- 
 7 * (-0 * (+(((((2)) + 8 - 3 - ++9.0 
 + ---(--+7 / (1 / +++6.37) + (1) / 
 482) / +++-+0)))) * -+5 + 7.513)))) 
 - (+1 / ++((-84)))))))) * ++5 / +-(- 
 -2 - -++-9.0)))) / 5 * --++090 + * - 
 +5 + 7.513)))) - (+1 / ++((-84)))))) 
 )) * 8.2 - 27 - -9 / +((+9 * --2 + - 
 -+-+-((-1 * +(8 - 5 - 6)) * (-(a-+(( 
 (+(4))))) - ++4) / +(-+---((5.6 - -- 
 (3 * -1.8 * +(6 * +-(((-(-6) * ---+6 
 )) / +--(+-+-7 * (-0 * (+(((((2)) + 
 8 - 3 - ++9.0 + ---(--+7 / (1 / +++6 
 .37) + (1) / 482) / +++-+0)))) * -+5 
 + 7.513)))) - (+1 / ++((-84)))))))) 
 * ++5 / +-(--2 - -++-9.0)))) / 5 * 
 --++090 ++5 / +-(--2 - -++-9.0)))) / 
 5 * --++090

Slide 52

Slide 52 text

24 Grammars As effective producers Interpreter Parser ✘ ✔ 8.2 - 27 - -9 / +((+9 * --2 + --+-+- 
 ((-1 * +(8 - 5 - 6)) * (-(a-+(((+(4) 
 )))) - ++4) / +(-+---((5.6 - --(3 * 
 -1.8 * +(6 * +-(((-(-6) * ---+6)) / 
 +--(+-+-7 * (-0 * (+(((((2)) + 8 - 3 
 - ++9.0 + ---(--+7 / (1 / +++6.37) 
 + (1) / 482) / +++-+0)))) + 8.2 - 27 
 - -9 / +((+9 * --2 + --+-+-((-1 * + 
 (8 - 5 - 6)) * (-(a-+(((+(4))))) - + +4) / +(-+---((5.6 - --(3 * -1.8 * + 
 (6 * +-(((-(-6) * ---+6)) / +--(+-+- 
 7 * (-0 * (+(((((2)) + 8 - 3 - ++9.0 
 + ---(--+7 / (1 / +++6.37) + (1) / 
 482) / +++-+0)))) * -+5 + 7.513)))) 
 - (+1 / ++((-84)))))))) * ++5 / +-(- 
 -2 - -++-9.0)))) / 5 * --++090 + * - 
 +5 + 7.513)))) - (+1 / ++((-84)))))) 
 )) * 8.2 - 27 - -9 / +((+9 * --2 + - 
 -+-+-((-1 * +(8 - 5 - 6)) * (-(a-+(( 
 (+(4))))) - ++4) / +(-+---((5.6 - -- 
 (3 * -1.8 * +(6 * +-(((-(-6) * ---+6 
 )) / +--(+-+-7 * (-0 * (+(((((2)) + 
 8 - 3 - ++9.0 + ---(--+7 / (1 / +++6 
 .37) + (1) / 482) / +++-+0)))) * -+5 
 + 7.513)))) - (+1 / ++((-84)))))))) 
 * ++5 / +-(--2 - -++-9.0)))) / 5 * 
 --++090 ++5 / +-(--2 - -++-9.0)))) / 
 5 * --++090

Slide 53

Slide 53 text

25 Grammars := := '+' | '-' | '/' | '*' | '(' ')' | := | '.' := | := [0-9] As efficient producers

Slide 54

Slide 54 text

25 Grammars := := '+' | '-' | '/' | '*' | '(' ')' | := | '.' := | := [0-9] As efficient producers def start(): expr() def expr(): match (random() % 6): case 0: expr(); print('+'); expr() case 1: expr(); print('-'); expr() case 2: expr(); print('/'); expr() case 3: expr(); print('*'); expr() case 4: print('('); expr(); print(')') case 5: number() def number(): match (random() % 2): case 0: integer() case 1: integer(); print('.'); integer() def integer(): match (random() % 2): case 0: digit(); integer() case 1: digit() def digit(): match (random() % 10): case 0: print('0') case 1: print('1') case 2: print('2') case 3: print('3') case 4: print('4') case 5: print('5') case 6: print('6') case 7: print('7') Compiled Grammar (F1)

Slide 55

Slide 55 text

http://localhost:8888/notebooks/x0_2_GrammarFuzzer.ipynb 26

Slide 56

Slide 56 text

27 Where to Get the Input Grammar From?

Slide 57

Slide 57 text

http://localhost:8888/notebooks/x2_0_MiningGrammar.ipynb 28

Slide 58

Slide 58 text

29 Where to Get the Grammar From? Hand-written parsers already encode the grammar

Slide 59

Slide 59 text

29 Where to Get the Grammar From? 1. Extract the input string accesses 2. Attach control fl ow information (context-managers) Hand-written parsers already encode the grammar

Slide 60

Slide 60 text

30 How to Extract This Grammar?

Slide 61

Slide 61 text

30 How to Extract This Grammar? • Inputs + control fl ow -> Dynamic Control Dependence Trees

Slide 62

Slide 62 text

30 How to Extract This Grammar? • Inputs + control fl ow -> Dynamic Control Dependence Trees • DCD Trees -> Parse Tree

Slide 63

Slide 63 text

31 Control Dependence Graph Statement B is control dependent on A if A determines whether B executes. def parse_csv(s,i): while s[i:]: if is_digit(s[i]): n,j = num(s[i:]) i = i+j else: comma(s[i]) i += 1

Slide 64

Slide 64 text

31 Control Dependence Graph Statement B is control dependent on A if A determines whether B executes. def parse_csv(s,i): while s[i:]: if is_digit(s[i]): n,j = num(s[i:]) i = i+j else: comma(s[i]) i += 1 CDG for parse_csv

Slide 65

Slide 65 text

31 Control Dependence Graph Statement B is control dependent on A if A determines whether B executes. def parse_csv(s,i): while s[i:]: if is_digit(s[i]): n,j = num(s[i:]) i = i+j else: comma(s[i]) i += 1 CDG for parse_csv while: determines whether if: executes

Slide 66

Slide 66 text

32 def parse_csv(s,i): while s[i:]: if is_digit(s[i]): n,j = num(s[i:]) i = i+j else: comma(s[i]) i += 1 CDG for parse_csv Dynamic Control Dependence Tree Each statement execution is represented as a separate node

Slide 67

Slide 67 text

32 def parse_csv(s,i): while s[i:]: if is_digit(s[i]): n,j = num(s[i:]) i = i+j else: comma(s[i]) i += 1 CDG for parse_csv Dynamic Control Dependence Tree Each statement execution is represented as a separate node DCD Tree for call parse_csv()

Slide 68

Slide 68 text

33 def parse_csv(s,i): while s[i:]: if is_digit(s[i]): n,j = num(s[i:]) i = i+j else: comma(s[i]) i += 1 DCD Tree ~ Parse Tree •No tracking beyond input bu ff er •Characters are attached to nodes where they are accessed last "12," "12,"

Slide 69

Slide 69 text

33 def parse_csv(s,i): while s[i:]: if is_digit(s[i]): n,j = num(s[i:]) i = i+j else: comma(s[i]) i += 1 '1' '2' ',' DCD Tree ~ Parse Tree •No tracking beyond input bu ff er •Characters are attached to nodes where they are accessed last "12," "12,"

Slide 70

Slide 70 text

34 def is_digit(i): return i in '0123456789' def parse_num(s,i): n = '' while s[i:] and is_digit(s[i]): n += s[i] i = i +1 return i,n def parse_paren(s, i): assert s[i] == '(' i, v = parse_expr(s, i+1) if s[i:] == '': raise Ex(s, i) assert s[i] == ')' return i+1, v def parse_expr(s, i = 0): expr, is_op = [], True while s[i:]: c = s[i] if isdigit(c): if not is_op: raise Ex(s,i) i,num = parse_num(s,i) expr.append(num) is_op = False elif c in ['+', '-', '*', '/']: if is_op: raise Ex(s,i) expr.append(c) is_op, i = True, i + 1 elif c == '(': if not is_op: raise Ex(s,i) i, cexpr = parse_paren(s, i) expr.append(cexpr) is_op = False elif c == ')': break else: raise Ex(s,i) if is_op: raise Ex(s,i) return i, expr 9+3/4 Parse tree for parse_expr('9+3/4')

Slide 71

Slide 71 text

34 def is_digit(i): return i in '0123456789' def parse_num(s,i): n = '' while s[i:] and is_digit(s[i]): n += s[i] i = i +1 return i,n def parse_paren(s, i): assert s[i] == '(' i, v = parse_expr(s, i+1) if s[i:] == '': raise Ex(s, i) assert s[i] == ')' return i+1, v def parse_expr(s, i = 0): expr, is_op = [], True while s[i:]: c = s[i] if isdigit(c): if not is_op: raise Ex(s,i) i,num = parse_num(s,i) expr.append(num) is_op = False elif c in ['+', '-', '*', '/']: if is_op: raise Ex(s,i) expr.append(c) is_op, i = True, i + 1 elif c == '(': if not is_op: raise Ex(s,i) i, cexpr = parse_paren(s, i) expr.append(cexpr) is_op = False elif c == ')': break else: raise Ex(s,i) if is_op: raise Ex(s,i) return i, expr 9+3/4 Parse tree for parse_expr('9+3/4')

Slide 72

Slide 72 text

35

Slide 73

Slide 73 text

36 def is_digit(i): return i in '0123456789'

Slide 74

Slide 74 text

36 def is_digit(i): return i in '0123456789'

Slide 75

Slide 75 text

37 3 * (9 + 1)

Slide 76

Slide 76 text

37 3 * (9 + 1)

Slide 77

Slide 77 text

37 (9 + 1) * 3 3 * (9 + 1)

Slide 78

Slide 78 text

37 (9 + 1) * 3 3 * (9 + 1)

Slide 79

Slide 79 text

37 (9 + 1) * 3 3 * (9 + 1)

Slide 80

Slide 80 text

38 3 * (9 + 1)

Slide 81

Slide 81 text

38 3 * (9 + 1)

Slide 82

Slide 82 text

38 9 + 1 3 * (9 + 1)

Slide 83

Slide 83 text

38 9 + 1 3 * (9 + 1)

Slide 84

Slide 84 text

38 9 + 1 3 * (9 + 1)

Slide 85

Slide 85 text

39 3 * (9 + 1)

Slide 86

Slide 86 text

39 3 (9 + 1) * 3 * (9 + 1)

Slide 87

Slide 87 text

39 3 (9 + 1) * 3 * (9 + 1)

Slide 88

Slide 88 text

39 3 (9 + 1) * 3 * (9 + 1)

Slide 89

Slide 89 text

40

Slide 90

Slide 90 text

41 3*(1) 1

Slide 91

Slide 91 text

42 3*(1) 1

Slide 92

Slide 92 text

42 3*(1) 1 :=

Slide 93

Slide 93 text

42 3*(1) 1 := :=

Slide 94

Slide 94 text

:= | | | := := | := := '3' | '1' := '(' ')' := := '*' 43

Slide 95

Slide 95 text

:= := | := | | | := := | := := '3' | '1' := '(' ')' := := '*' 43

Slide 96

Slide 96 text

44 def is_digit(i): return i in '0123456789' := | := | := '(' ')' | := '*' | '+' | '-' | '/' := | : [0-9] calc.py Recovered Arithmetic Grammar

Slide 97

Slide 97 text

45 := := | := | := '(' ')' | := '*' | '+' | '-' | '/' := | : [0-9]

Slide 98

Slide 98 text

45 8.2 - 27 - -9 / +((+9 * --2 + --+-+- 
 ((-1 * +(8 - 5 - 6)) * (-(a-+(((+(4) 
 )))) - ++4) / +(-+---((5.6 - --(3 * 
 -1.8 * +(6 * +-(((-(-6) * ---+6)) / 
 +--(+-+-7 * (-0 * (+(((((2)) + 8 - 3 
 - ++9.0 + ---(--+7 / (1 / +++6.37) 
 + (1) / 482) / +++-+0)))) + 8.2 - 27 
 - -9 / +((+9 * --2 + --+-+-((-1 * + 
 (8 - 5 - 6)) * (-(a-+(((+(4))))) - + +4) / +(-+---((5.6 - --(3 * -1.8 * + 
 (6 * +-(((-(-6) * ---+6)) / +--(+-+- 
 7 * (-0 * (+(((((2)) + 8 - 3 - ++9.0 
 + ---(--+7 / (1 / +++6.37) + (1) / 
 482) / +++-+0)))) * -+5 + 7.513)))) 
 - (+1 / ++((-84)))))))) * ++5 / +-(- 
 -2 - -++-9.0)))) / 5 * --++090 + * - 
 +5 + 7.513)))) - (+1 / ++((-84)))))) 
 )) * 8.2 - 27 - -9 / +((+9 * --2 + - 
 -+-+-((-1 * +(8 - 5 - 6)) * (-(a-+(( 
 (+(4))))) - ++4) / +(-+---((5.6 - -- 
 (3 * -1.8 * +(6 * +-(((-(-6) * ---+6 
 )) / +--(+-+-7 * (-0 * (+(((((2)) + 
 8 - 3 - ++9.0 + ---(--+7 / (1 / +++6 
 .37) + (1) / 482) / +++-+0)))) * -+5 
 + 7.513)))) - (+1 / ++((-84)))))))) 
 * ++5 / +-(--2 - -++-9.0)))) / 5 * 
 --++090 ++5 / +-(--2 - -++-9.0)))) / 
 5 * --++090 := := | := | := '(' ')' | := '*' | '+' | '-' | '/' := | : [0-9]

Slide 99

Slide 99 text

46 ::= ::= '"' | '[' | '{' | | 'true' | 'false' | 'null' ::= + | + 'e' + ::= '+' | '-' | '.' | [0-9] | 'E' | 'e' ::= * '"' ::= ']' | (',')* ']' | ( ',' )+ (',' )* ']' ::= '}' | ( '"' ':' ',' )* '"' ':' '}' ::= ' ' | '!' | '#' | '$' | '%' | '&' | ''' | '*' | '+' | '-' | ',' | '.' | '/' | ':' | ';' | '<' | '=' | '>' | '?' | '@' | '[' | ']' | '^' | '_', ''',| '{' | '|' | '}' | '~' | '[A-Za-z0-9]' | '\' ::= '"' | '/' | 'b' | 'f' | 'n' | 'r' | 't' stm.next()

Slide 100

Slide 100 text

47

Slide 101

Slide 101 text

48

Slide 102

Slide 102 text

49 We Found A Crash

Slide 103

Slide 103 text

49 We Found A Crash

Slide 104

Slide 104 text

Why Did My Program Crash? 50

Slide 105

Slide 105 text

Why Did My Program Crash? 8.2 - 27 - -9 / +((+9 * --2 + --+-+-((-1 * +(8 - 
 5 - 6)) * (-(a-+(((+(4))))) - ++4) / +(-+---((5. 
 6 - --(3 * -1.8 * +(6 * +-(((-(-6) * ---+6)) / +- 
 -(+-+-7 * (-0 * (+(((((2)) + 8 - 3 - ++9.0 + ---( 
 --+7 / (1 / +++6.37) + (1) / 482) / +++-+0)))) + 
 8.2 - 27 - -9 / +((+9 * --2 + --+-+-((-1 * +(8 - 
 5 - 6)) * (-(a-+(((+(4))))) - ++4) / +(-+---((5.6 
 - --(3 * -1.8 * +(6 * +-(((-(-6) * ---+6)) / +-- 
 (+-+-7 * (-0 * (+(((((2)) + 8 - 3 - ++9.0 + ---(- 
 -+7 / (1 / +++6.37) + (1) / 482) / +++-+0)))) * - 
 +5 + 7.513)))) - (+1 / ++((-84)))))))) * ++5 / +- 
 (--2 - -++-9.0)))) / 5 * --++090 + * -+5 + 7.513) 
 ))) - (+1 / ++((-84)))))))) * 8.2 - 27 - -9 / +(( 
 +9 * --2 + --+-+-((-1 * +(8 - 5 - 6)) * (-(a-+ (((+(4))))) - ++4) / +(-+---((5.6 - --(3 * -1.8 * 
 +(6 * +-(((-(-6) * ---+6)) / +--(+-+-7 * (-0 * ( 
 +(((((2)) + 8 - 3 - ++9.0 + ---(--+7 / (1 / +++6. 
 37) + (1) / 482) / +++-+0)))) * -+5 + 7.513)))) - 
 (+1 / ++((-84)))))))) * ++5 / +-(--2 - -++-9.0))) 
 ) / 5 * --++090 ++5 / +-(--2 - -++-9.0)))) / 5 * 
 --++090 50

Slide 106

Slide 106 text

Why Did My Program Crash? 8.2 - 27 - -9 / +((+9 * --2 + --+-+-((-1 * +(8 - 
 5 - 6)) * (-(a-+(((+(4))))) - ++4) / +(-+---((5. 
 6 - --(3 * -1.8 * +(6 * +-(((-(-6) * ---+6)) / +- 
 -(+-+-7 * (-0 * (+(((((2)) + 8 - 3 - ++9.0 + ---( 
 --+7 / (1 / +++6.37) + (1) / 482) / +++-+0)))) + 
 8.2 - 27 - -9 / +((+9 * --2 + --+-+-((-1 * +(8 - 
 5 - 6)) * (-(a-+(((+(4))))) - ++4) / +(-+---((5.6 
 - --(3 * -1.8 * +(6 * +-(((-(-6) * ---+6)) / +-- 
 (+-+-7 * (-0 * (+(((((2)) + 8 - 3 - ++9.0 + ---(- 
 -+7 / (1 / +++6.37) + (1) / 482) / +++-+0)))) * - 
 +5 + 7.513)))) - (+1 / ++((-84)))))))) * ++5 / +- 
 (--2 - -++-9.0)))) / 5 * --++090 + * -+5 + 7.513) 
 ))) - (+1 / ++((-84)))))))) * 8.2 - 27 - -9 / +(( 
 +9 * --2 + --+-+-((-1 * +(8 - 5 - 6)) * (-(a-+ (((+(4))))) - ++4) / +(-+---((5.6 - --(3 * -1.8 * 
 +(6 * +-(((-(-6) * ---+6)) / +--(+-+-7 * (-0 * ( 
 +(((((2)) + 8 - 3 - ++9.0 + ---(--+7 / (1 / +++6. 
 37) + (1) / 482) / +++-+0)))) * -+5 + 7.513)))) - 
 (+1 / ++((-84)))))))) * ++5 / +-(--2 - -++-9.0))) 
 ) / 5 * --++090 ++5 / +-(--2 - -++-9.0)))) / 5 * 
 --++090 DD Minimized Input ((4)) 50

Slide 107

Slide 107 text

Why Did My Program Crash? 8.2 - 27 - -9 / +((+9 * --2 + --+-+-((-1 * +(8 - 
 5 - 6)) * (-(a-+(((+(4))))) - ++4) / +(-+---((5. 
 6 - --(3 * -1.8 * +(6 * +-(((-(-6) * ---+6)) / +- 
 -(+-+-7 * (-0 * (+(((((2)) + 8 - 3 - ++9.0 + ---( 
 --+7 / (1 / +++6.37) + (1) / 482) / +++-+0)))) + 
 8.2 - 27 - -9 / +((+9 * --2 + --+-+-((-1 * +(8 - 
 5 - 6)) * (-(a-+(((+(4))))) - ++4) / +(-+---((5.6 
 - --(3 * -1.8 * +(6 * +-(((-(-6) * ---+6)) / +-- 
 (+-+-7 * (-0 * (+(((((2)) + 8 - 3 - ++9.0 + ---(- 
 -+7 / (1 / +++6.37) + (1) / 482) / +++-+0)))) * - 
 +5 + 7.513)))) - (+1 / ++((-84)))))))) * ++5 / +- 
 (--2 - -++-9.0)))) / 5 * --++090 + * -+5 + 7.513) 
 ))) - (+1 / ++((-84)))))))) * 8.2 - 27 - -9 / +(( 
 +9 * --2 + --+-+-((-1 * +(8 - 5 - 6)) * (-(a-+ (((+(4))))) - ++4) / +(-+---((5.6 - --(3 * -1.8 * 
 +(6 * +-(((-(-6) * ---+6)) / +--(+-+-7 * (-0 * ( 
 +(((((2)) + 8 - 3 - ++9.0 + ---(--+7 / (1 / +++6. 
 37) + (1) / 482) / +++-+0)))) * -+5 + 7.513)))) - 
 (+1 / ++((-84)))))))) * ++5 / +-(--2 - -++-9.0))) 
 ) / 5 * --++090 ++5 / +-(--2 - -++-9.0)))) / 5 * 
 --++090 DD Minimized Input ((4)) 00000 ? 50

Slide 108

Slide 108 text

Why Did My Program Crash? 8.2 - 27 - -9 / +((+9 * --2 + --+-+-((-1 * +(8 - 
 5 - 6)) * (-(a-+(((+(4))))) - ++4) / +(-+---((5. 
 6 - --(3 * -1.8 * +(6 * +-(((-(-6) * ---+6)) / +- 
 -(+-+-7 * (-0 * (+(((((2)) + 8 - 3 - ++9.0 + ---( 
 --+7 / (1 / +++6.37) + (1) / 482) / +++-+0)))) + 
 8.2 - 27 - -9 / +((+9 * --2 + --+-+-((-1 * +(8 - 
 5 - 6)) * (-(a-+(((+(4))))) - ++4) / +(-+---((5.6 
 - --(3 * -1.8 * +(6 * +-(((-(-6) * ---+6)) / +-- 
 (+-+-7 * (-0 * (+(((((2)) + 8 - 3 - ++9.0 + ---(- 
 -+7 / (1 / +++6.37) + (1) / 482) / +++-+0)))) * - 
 +5 + 7.513)))) - (+1 / ++((-84)))))))) * ++5 / +- 
 (--2 - -++-9.0)))) / 5 * --++090 + * -+5 + 7.513) 
 ))) - (+1 / ++((-84)))))))) * 8.2 - 27 - -9 / +(( 
 +9 * --2 + --+-+-((-1 * +(8 - 5 - 6)) * (-(a-+ (((+(4))))) - ++4) / +(-+---((5.6 - --(3 * -1.8 * 
 +(6 * +-(((-(-6) * ---+6)) / +--(+-+-7 * (-0 * ( 
 +(((((2)) + 8 - 3 - ++9.0 + ---(--+7 / (1 / +++6. 
 37) + (1) / 482) / +++-+0)))) * -+5 + 7.513)))) - 
 (+1 / ++((-84)))))))) * ++5 / +-(--2 - -++-9.0))) 
 ) / 5 * --++090 ++5 / +-(--2 - -++-9.0)))) / 5 * 
 --++090 DD Minimized Input ((4)) 00000 ? ((5)) ? 50

Slide 109

Slide 109 text

Why Did My Program Crash? 8.2 - 27 - -9 / +((+9 * --2 + --+-+-((-1 * +(8 - 
 5 - 6)) * (-(a-+(((+(4))))) - ++4) / +(-+---((5. 
 6 - --(3 * -1.8 * +(6 * +-(((-(-6) * ---+6)) / +- 
 -(+-+-7 * (-0 * (+(((((2)) + 8 - 3 - ++9.0 + ---( 
 --+7 / (1 / +++6.37) + (1) / 482) / +++-+0)))) + 
 8.2 - 27 - -9 / +((+9 * --2 + --+-+-((-1 * +(8 - 
 5 - 6)) * (-(a-+(((+(4))))) - ++4) / +(-+---((5.6 
 - --(3 * -1.8 * +(6 * +-(((-(-6) * ---+6)) / +-- 
 (+-+-7 * (-0 * (+(((((2)) + 8 - 3 - ++9.0 + ---(- 
 -+7 / (1 / +++6.37) + (1) / 482) / +++-+0)))) * - 
 +5 + 7.513)))) - (+1 / ++((-84)))))))) * ++5 / +- 
 (--2 - -++-9.0)))) / 5 * --++090 + * -+5 + 7.513) 
 ))) - (+1 / ++((-84)))))))) * 8.2 - 27 - -9 / +(( 
 +9 * --2 + --+-+-((-1 * +(8 - 5 - 6)) * (-(a-+ (((+(4))))) - ++4) / +(-+---((5.6 - --(3 * -1.8 * 
 +(6 * +-(((-(-6) * ---+6)) / +--(+-+-7 * (-0 * ( 
 +(((((2)) + 8 - 3 - ++9.0 + ---(--+7 / (1 / +++6. 
 37) + (1) / 482) / +++-+0)))) * -+5 + 7.513)))) - 
 (+1 / ++((-84)))))))) * ++5 / +-(--2 - -++-9.0))) 
 ) / 5 * --++090 ++5 / +-(--2 - -++-9.0)))) / 5 * 
 --++090 DD Minimized Input ((4)) 00000 ? ((5)) ? (++5) ? 50

Slide 110

Slide 110 text

51

Slide 111

Slide 111 text

52 Issue 386 from Rhino var A = class extends (class {}){}; Issue 2937 from Closure const [y,y] = []; var {baz:{} = baz => {}} = baz => {}; Issue 385 from Rhino {while ((l_0)){ if ((l_0)) {break;;var l_0; continue }0}} Issue 2842 from Closure

Slide 112

Slide 112 text

52 Issue 386 from Rhino var A = class extends (class {}){}; Issue 2937 from Closure const [y,y] = []; var {baz:{} = baz => {}} = baz => {}; Issue 385 from Rhino {while ((l_0)){ if ((l_0)) {break;;var l_0; continue }0}} Issue 2842 from Closure

Slide 113

Slide 113 text

52 Issue 386 from Rhino var A = class extends (class {}){}; Issue 2937 from Closure const [y,y] = []; var {baz:{} = baz => {}} = baz => {}; Issue 385 from Rhino {while ((l_0)){ if ((l_0)) {break;;var l_0; continue }0}} Issue 2842 from Closure

Slide 114

Slide 114 text

52 Issue 386 from Rhino var A = class extends (class {}){}; Issue 2937 from Closure const [y,y] = []; var {baz:{} = baz => {}} = baz => {}; Issue 385 from Rhino {while ((l_0)){ if ((l_0)) {break;;var l_0; continue }0}} Issue 2842 from Closure

Slide 115

Slide 115 text

52 Issue 386 from Rhino var A = class extends (class {}){}; Issue 2937 from Closure const [y,y] = []; var {baz:{} = baz => {}} = baz => {}; Issue 385 from Rhino {while ((l_0)){ if ((l_0)) {break;;var l_0; continue }0}} Issue 2842 from Closure Delta Minimization is useful but not su ff i cient

Slide 116

Slide 116 text

( ( 4 ) ) 53

Slide 117

Slide 117 text

( ( 4 ) ) := := ' + ' | ' - ' | := ' * ' | ' / ' | := '+' | '-' | '(' ')' | '.' | := | := [0-9] 53

Slide 118

Slide 118 text

( ( 4 ) ) 54

Slide 119

Slide 119 text

( ( 4 ) ) := := ' + ' | ' - ' | := ' * ' | ' / ' | := '+' | '-' | '(' ')' | '.' | := | := [0-9] 54

Slide 120

Slide 120 text

( ( 4 ) ) := := ' + ' | ' - ' | := ' * ' | ' / ' | := '+' | '-' | '(' ')' | '.' | := | := [0-9] 55

Slide 121

Slide 121 text

( ( 4 ) ) := := ' + ' | ' - ' | := ' * ' | ' / ' | := '+' | '-' | '(' ')' | '.' | := | := [0-9] ✓ Did not reproduce the failure 1 * (2 - 3) 55

Slide 122

Slide 122 text

( ( 4 ) ) := := ' + ' | ' - ' | := ' * ' | ' / ' | := '+' | '-' | '(' ')' | '.' | := | := [0-9] 56

Slide 123

Slide 123 text

( ( 4 ) ) := := ' + ' | ' - ' | := ' * ' | ' / ' | := '+' | '-' | '(' ')' | '.' | := | := [0-9] c 57

Slide 124

Slide 124 text

( ( 4 ) ) := := ' + ' | ' - ' | := ' * ' | ' / ' | := '+' | '-' | '(' ')' | '.' | := | := [0-9] c 58

Slide 125

Slide 125 text

( ( 4 ) ) := := ' + ' | ' - ' | := ' * ' | ' / ' | := '+' | '-' | '(' ')' | '.' | := | := [0-9] c ✓ Did not reproduce the failure 1 + 3 + 4 58

Slide 126

Slide 126 text

( ( 4 ) ) := := ' + ' | ' - ' | := ' * ' | ' / ' | := '+' | '-' | '(' ')' | '.' | := | := [0-9] c c 59

Slide 127

Slide 127 text

3 * 4 := := ' + ' | ' - ' | := ' * ' | ' / ' | := '+' | '-' | '(' ')' | '.' | := | := [0-9] c c 60

Slide 128

Slide 128 text

3 * 4 := := ' + ' | ' - ' | := ' * ' | ' / ' | := '+' | '-' | '(' ')' | '.' | := | := [0-9] c c ✓ Did not reproduce the failure 60

Slide 129

Slide 129 text

( ( 4 ) ) := := ' + ' | ' - ' | := ' * ' | ' / ' | := '+' | '-' | '(' ')' | '.' | := | := [0-9] c c c c c c c 61

Slide 130

Slide 130 text

( ( 1 - 2 ) ) := := ' + ' | ' - ' | := ' * ' | ' / ' | := '+' | '-' | '(' ')' | '.' | := | := [0-9] c c c c c c c ( ( 1 - 2 ) ) 62

Slide 131

Slide 131 text

( ( 1 - 2 ) ) := := ' + ' | ' - ' | := ' * ' | ' / ' | := '+' | '-' | '(' ')' | '.' | := | := [0-9] c c c c c c c ✘ reproduced the failure ( ( 1 - 2 ) ) 62

Slide 132

Slide 132 text

( ( 1 - 2 ) ) c c c c c c c ( ( 1 - 2 ) ) 63

Slide 133

Slide 133 text

( ( 1 - 2 ) ) c c c c c c c ✘ ( ( 1 - 2 ) ) 63

Slide 134

Slide 134 text

( ( 1 - 2 ) ) c c c c c c c ✘ ( ( 1 - 2 ) ) ( ( 2 * 3 + 4 ) ) 64

Slide 135

Slide 135 text

( ( 1 - 2 ) ) c c c c c c c ✘ ( ( 1 - 2 ) ) ✘ ( ( 2 * 3 + 4 ) ) 64

Slide 136

Slide 136 text

( ( 1 - 2 ) ) c c c c c c c ✘ ( ( 1 - 2 ) ) ✘ ( ( 2 * 3 + 4 ) ) ( ( - 2 / 1 ) ) 65

Slide 137

Slide 137 text

( ( 1 - 2 ) ) c c c c c c c ✘ ( ( 1 - 2 ) ) ✘ ( ( 2 * 3 + 4 ) ) ✘ ( ( - 2 / 1 ) ) 65

Slide 138

Slide 138 text

( ( 1 - 2 ) ) c c c c c c c ✘ ( ( 1 - 2 ) ) ✘ ( ( 2 * 3 + 4 ) ) ✘ ( ( - 2 / 1 ) ) ( ( 98 - 0 ) ) 66

Slide 139

Slide 139 text

( ( 1 - 2 ) ) c c c c c c c ✘ ( ( 1 - 2 ) ) ✘ ( ( 2 * 3 + 4 ) ) ✘ ( ( - 2 / 1 ) ) ✘ ( ( 98 - 0 ) ) 66

Slide 140

Slide 140 text

) ( ( ) ( ( ) 4 ) ( ( 4 ) ) c c c c c c c A 67

Slide 141

Slide 141 text

) ( ( ) ( ( ) 4 ) ( ( 4 ) ) c c c c c c c A 68

Slide 142

Slide 142 text

( ( 4 ) ) c c c c c c c A ( ( ) ) ( ( ) ) 4 Minimized Input Abstract Failure Inducing Input def check(parsed): if parsed.is_nested() and parsed.child.is_nested(): raise Exception() return input 69

Slide 143

Slide 143 text

70 := := ' + ' | ' + ' | ' - ' | ' - ' | := ' * ' | ' * ' | ' / ' | ' / ' | := '+' | '-' | '(' ')' | '(' ')' := := := '(' ')' Specialized Grammar is (())

Slide 144

Slide 144 text

70 := := ' + ' | ' + ' | ' - ' | ' - ' | := ' * ' | ' * ' | ' / ' | ' / ' | := '+' | '-' | '(' ')' | '(' ')' := := := '(' ')' ((1)) + 2 (23 * ((3)) - 34) (344- 4 + ((223))) (1) - 3 * 773 + (-22 + 1) 1798 - 889 / ((333-1)) * 2 / 3 + 1 34 + ((4)) -334 + (334 - (22) + 919 * 0 + 1 98435747+ 88 + (((0))) + (1) - 1 * 7 / 4 * 889 - 2 8 + ((8)) + --1 + 11223 / 344 - 39 + (1) - 456 + 134 / 45 437 + 8 - 1 * ((9 + ((1))) - 1 + 99111948 + 3 --1 + (112) - 2 + 445) + 0 74 + 334 + ((178 - 88 / (3393-1) * 1002 / 3 + 1+ 3439)) * 223 - 1233 + 334672 2 * ((9)) - (1798 - 889 / (333-1) * 2 / 3 + 100012 + 3434392 + 234 ----6 * 1798 - 889 / (33 778 - (((1) - 3 * 773 + (-22 + 1) * (4545) - 23 - ((2)) * 773 + (-22 + 1) / 3434 + ---1 + 1 / 34343 + 112 349 + (((1) - 3 * 3 + (-22 + 1) ((+ (-22 + 1) * (4545) - 23 - (2) * 773 + ((-22 + 1)) / 3434 + ---1 + 1 / 34343 + 1123 8 + ((8)) + --1 + / 1 - 39 + (1) - 456 + 134 / 45 ))(((1) - 2334 + ((((1)) - 3 * 773 + (-22 + 1) * (2) - 23 - (2) * 773 + (-22 + 1) / 3 74 + 3 + ((178 - 88 / (3393-1) * 1002 / 3 + 1+ 3439)) * - 1233 + 334672)) ((8 + ((8)) + --1 + / 344 - 39 + (1) - 456 + 134 / 45 ))(((1) - 3 * 773 1+ 33+ 24343433 +23343 - ((74 + 334 + ((178 - 88 / (3393-1) * 1002 / 3 + 1+ 3439)) * - 1233 + 334672)) ((8 + ((8)) + --1 + / 344 - 39 + (1) - 456 + 134 / 4 ✘ Specialized Grammar is (()) ✘

Slide 145

Slide 145 text

Input Algebras 71

Slide 146

Slide 146 text

72

Slide 147

Slide 147 text

def jsoncheck(json): ... {...} 73

Slide 148

Slide 148 text

def jsoncheck(json): if any_key_has_null_value(json): fail(’key value must not be null’) process(json) {"abc": null} ✘ 74

Slide 149

Slide 149 text

def jsoncheck(json): if any_key_has_null_value(json): fail(’key value must not be null’) process(json) {"abc": null} ✘ is : null 74

Slide 150

Slide 150 text

{"abc": []} ✔ def jsoncheck(json): if any_key_has_null_value(json): fail(’key value must not be null’) process(json) 75

Slide 151

Slide 151 text

{"abc": []} ✔ no is : null def jsoncheck(json): if any_key_has_null_value(json): fail(’key value must not be null’) process(json) 75

Slide 152

Slide 152 text

{"abc": 124} ✘ no is "" : def jsoncheck(json): if no_key_is_empty_string(json): fail(’one key must be empty’) process(json) 76

Slide 153

Slide 153 text

def jsoncheck(json): if no_key_is_empty_string(json): fail(’one key must be empty’) process(json) {"": 124} ✔ is "" : 77

Slide 154

Slide 154 text

def jsoncheck(json): if no_key_is_empty_string(json): fail(’one key must be empty’) if any_key_has_null_value(json): fail(’key value must not be null’) process(json) 78

Slide 155

Slide 155 text

def jsoncheck(json): if no_key_is_empty_string(json): fail(’one key must be empty’) if any_key_has_null_value(json): fail(’key value must not be null’) process(json) {"": 124} ✔ is "" : no is : null & 79

Slide 156

Slide 156 text

def jsoncheck(json): if any_key_has_null_value(json): fail(’key value must not be null’) process(json) {"abc": null} ✘ is : null Start Symbol 80

Slide 157

Slide 157 text

def jsoncheck(json): if any_key_has_null_value(json): fail(’key value must not be null’) process(json) {"abc": []} no is : null ✔ Start Symbol 81

Slide 158

Slide 158 text

def jsoncheck(json): if no_key_is_empty_string(json): fail(’one key must be empty’) process(json) {"abc": 124} ✘ is "" : Start Symbol 82

Slide 159

Slide 159 text

is "" : no is : null & def jsoncheck(json): if no_key_is_empty_string(json): fail(’one key must be empty’) if any_key_has_null_value(json): fail(’key value must not be null’) process(json) {"": 124} ✔ Start Symbol 83

Slide 160

Slide 160 text

def jsoncheck(json): if no_key_is_empty_string(json): fail(’one key must be empty’) if any_key_has_null_value(json): fail(’key value must not be null’) process(json) Evogram 84

Slide 161

Slide 161 text

def jsoncheck(json): if no_key_is_empty_string(json): fail(’one key must be empty’) if any_key_has_null_value(json): fail(’key value must not be null’) process(json) Evogram 84

Slide 162

Slide 162 text

def jsoncheck(json): if no_key_is_empty_string(json): fail(’one key must be empty’) if any_key_has_null_value(json): fail(’key value must not be null’) process(json) Evogram Automatically Derived 84

Slide 163

Slide 163 text

def jsoncheck(json): if no_key_is_empty_string(json): fail(’one key must be empty’) if any_key_has_null_value(json): fail(’key value must not be null’) process(json) 85

Slide 164

Slide 164 text

def jsoncheck(json): if no_key_is_empty_string(json): fail(’one key must be empty’) if any_key_has_null_value(json): fail(’key value must not be null’) process(json) 85

Slide 165

Slide 165 text

def jsoncheck(json): if no_key_is_empty_string(json): fail(’one key must be empty’) if any_key_has_null_value(json): fail(’key value must not be null’) process(json) Automatically Derived 85

Slide 166

Slide 166 text

Supercharged Pattern Matchers where is "": is :null where is (()) is / 0 where is "0" is "0x" where is ";;" is "()" is "()" Alternative to Regular Expressions 86

Slide 167

Slide 167 text

87