Article

Repair of boolean programs with an application to c

Authors:

Andreas Griesmayer,

Roderick Bloem,

Byron CookAuthors Info & Claims

CAV'06: Proceedings of the 18th international conference on Computer Aided Verification

Pages 358 - 371

https://doi.org/10.1007/11817963_33

Published: 17 August 2006 Publication History

Abstract

We show how to find and fix faults in Boolean programs by extending the program to a game. In the game, the protagonist can select an alternative implementation for an incorrect statement. If the protagonist can do so successfully using a memoryless strategy that does not depend on the stack contents, we have found a correction for the Boolean program. We present a symbolic algorithm that localizes possibly faulty statements and provides corrections.

If the Boolean program is an abstraction of a C program, the repair for the Boolean program suggests a repair for the original C program. This yields a correct but incomplete approach to repairing C programs. We have applied this approach to Boolean programs that are produced as abstractions by SLAM and have thus successfully patched several faulty Windows device drivers.

References

[1]

R. Alur and T. A. Henzinger. Reactive modules. Formal Methods in System Design, 15:7-48, 1999.

Digital Library

[2]

R. Alur, S. La Torre, and P. Madhusudan. Modular strategies for recursive game graphs. In Tools and Algorithms for the Construction and the Analysis of Systems (TACAS'03), pages 363-378, 2003.

Digital Library

[3]

T. Ball, E. Bounimova, B. Cook, V. Levin, J. Lichtenberg, C. McGarvey, B. Ondrusek, S. K. Rajamani, and A. Ustuner. Thorough static analysis of device drivers. In European Systems Conference (EuroSys'06), 2006.

Digital Library

[4]

T. Ball, M. Naik, and S. K. Rajamani. From symptom to cause: Localizing errors in counterexample traces. In 30th Symposium on Principles of Programming Languages (POPL 2003), pages 97-105, 2003.

Digital Library

[5]

T. Ball and S. K. Rajamani. Bebop: A symbolic model checker for Boolean programs. In SPIN 00: SPIN Workshop, pages 113-130. 2000.

Digital Library

[6]

A. Bouajjani, J. Esparza, and O. Maler. Reachability analysis of pushdown automata: Application to model checking. In Proc. 8th Int. Conf. on Concurrency Theory (CONCUR'97), pages 135-150. 1997.

Digital Library

[7]

R. E. Bryant. Symbolic boolean manipulation with ordered binary decision diagrams. ACM Computing Surveys, 24:293-318, 1992.

Digital Library

[8]

S. Chaki, A. Groce, and O. Strichman. Explaining abstract counterexamples. In Proc. of the International Symposium on Foundations of Software Engineering, pages 73-82, 2004.

Digital Library

[9]

B. Demsky and M. Rinard. Automatic detection and repair of errors in data structures. In Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA'03), pages 78-95, 2003.

Digital Library

[10]

J. Esparza, D. Hansel, P. Rossmanith, and S. Schwoon. Efficient algorithms for model checking pushdown systems. In Twelfth Conference on Computer Aided Verification (CAV'00), pages 324-336. Springer-Verlag, 2000.

Digital Library

[11]

S. Graf and H. Saïdi. Construction of abstract state graphs with PVS. In Ninth Conference on Computer Aided Verification (CAV'97), pages 72-83. 1997.

Digital Library

[12]

A. Groce. Error explanation with distance metrics. In Tools and Algorithms for Construction and Analysis of Systems (TACAS'04), pages 108-122, 2004.

[13]

B. Jobstmann, A. Griesmayer, and R. Bloem. Program repair as a game. In 17th Conference on Computer Aided Verification (CAV'05), pages 226-238 2005.

Digital Library

[14]

S. Khurshid, I. García, and Y. Suen. Repairing structurally complex data. In SPIN Workshop on Model Checking of Software (SPIN'05), pages 123-138, 2005.

Digital Library

[15]

T. Reps, S. Horwitz, and S. Sagiv. Precise interprocedural dataflow analysis via graph reachability. In Symposium on Principles of Programming Languages, pages 49-61, 1995.

Digital Library

[16]

F. Somenzi. CUDD: CU Decision Diagram Package. University of Colorado at Boulder, ftp://vlsi.colorado.edu/pub/.

[17]

S. Staber, B. Jobstmann, and R. Bloem. Finding and fixing faults. In 13th Conference on Correct Hardware Design and Verification Methods (CHARME '05), pages 35-49. 2005.

Digital Library

[18]

I. Walukiewicz. Pushdown processes: Games and model-checking. Information and Computation, 157:234-263, 2000.

Digital Library

[19]

A. Zeller. Isolating cause-effect chains from computer programs. In 10th Int. Symp. on the Foundations of Software Engineering (FSE-10), pages 1-10, November 2002.

Digital Library

Cited By

Heim PDimitrova R(2024)Solving Infinite-State Games via AccelerationProceedings of the ACM on Programming Languages10.1145/36328998:POPL(1696-1726)Online publication date: 5-Jan-2024
https://dl.acm.org/doi/10.1145/3632899
Cruz-Carlon JVarshosaz MLe Goues CWasowski A(2023)Patching Locking Bugs Statically with CrayonsACM Transactions on Software Engineering and Methodology10.1145/354868432:3(1-28)Online publication date: 26-Apr-2023
https://dl.acm.org/doi/10.1145/3548684
Joshi SMuduganti G(2021)GPURepair: Automated Repair of GPU KernelsVerification, Model Checking, and Abstract Interpretation10.1007/978-3-030-67067-2_18(401-414)Online publication date: 17-Jan-2021
https://dl.acm.org/doi/10.1007/978-3-030-67067-2_18
Show More Cited By

Recommendations

A satisfiability procedure for quantified boolean formulae
The renesse issue on satisfiability

We present a satisfiability tester QSAT for quantified Boolean formulae and a restriction QSAT_CNF of QSAT to unquantified conjunctive normal form formulae. QSAT makes use of procedures which replace subformulae of a formula by equivalent formulae. By a ...
SAT-based summarization for Boolean programs
Proceedings of the 14th international SPIN conference on Model checking software

Boolean programs are frequently used to model abstractions of software programs. They have the advantage that reachability properties are decidable, despite the fact that their stack is not bounded. The enabling technique is summarization of procedure ...
Backjumping for quantified Boolean logic satisfiability

The implementation of effective reasoning tools for deciding the satisfiability of Quantified Boolean Formulas (QBFs) is an important research issue in Artificial Intelligence. Many decision procedures have been proposed in the last few years, most of ...

Comments

Information & Contributors

Information

Published In

cover image Guide Proceedings

CAV'06: Proceedings of the 18th international conference on Computer Aided Verification

August 2006

563 pages

ISBN:354037406X

Editors:
Thomas Ball
Microsoft Research, Redmond, WA,
,
Robert B. Jones
Intel Corporation, RA2-459, 2501 W. 229th Avenue, Hillsboro, OR,

Sponsors

INTEL: Intel Corporation
NEC
Cadence Design Systems
Microsoft Research: Microsoft Research
IBM: IBM

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 17 August 2006

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

36
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 18 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

Heim PDimitrova R(2024)Solving Infinite-State Games via AccelerationProceedings of the ACM on Programming Languages10.1145/36328998:POPL(1696-1726)Online publication date: 5-Jan-2024
https://dl.acm.org/doi/10.1145/3632899
Cruz-Carlon JVarshosaz MLe Goues CWasowski A(2023)Patching Locking Bugs Statically with CrayonsACM Transactions on Software Engineering and Methodology10.1145/354868432:3(1-28)Online publication date: 26-Apr-2023
https://dl.acm.org/doi/10.1145/3548684
Joshi SMuduganti G(2021)GPURepair: Automated Repair of GPU KernelsVerification, Model Checking, and Abstract Interpretation10.1007/978-3-030-67067-2_18(401-414)Online publication date: 17-Jan-2021
https://dl.acm.org/doi/10.1007/978-3-030-67067-2_18
Sadowski CAftandilian EEagle AMiller-Cushon LJaspan C(2018)Lessons from building static analysis tools at GoogleCommunications of the ACM10.1145/318872061:4(58-66)Online publication date: 26-Mar-2018
https://dl.acm.org/doi/10.1145/3188720
van Tonder RLe Goues CChaudron MCrnkovic IChechik MHarman M(2018)Static automated program repair for heap propertiesProceedings of the 40th International Conference on Software Engineering10.1145/3180155.3180250(151-162)Online publication date: 27-May-2018
https://dl.acm.org/doi/10.1145/3180155.3180250
Monperrus M(2018)Automatic Software RepairACM Computing Surveys10.1145/310590651:1(1-24)Online publication date: 23-Jan-2018
https://dl.acm.org/doi/10.1145/3105906
Gember-Jacobson AAkella AMahajan RLiu H(2017)Automatically Repairing Network Control Planes Using an Abstract RepresentationProceedings of the 26th Symposium on Operating Systems Principles10.1145/3132747.3132753(359-373)Online publication date: 14-Oct-2017
https://dl.acm.org/doi/10.1145/3132747.3132753
Hojjat HRümmer PMcClurg JČerný PFoster NPiskac RTalupur M(2016)Optimizing horn solvers for network repairProceedings of the 16th Conference on Formal Methods in Computer-Aided Design10.5555/3077629.3077646(73-80)Online publication date: 3-Oct-2016
https://dl.acm.org/doi/10.5555/3077629.3077646
Yi QYang ZLiu JZhao CWang C(2015)Explaining Software Failures by Cascade Fault LocalizationACM Transactions on Design Automation of Electronic Systems10.1145/273803820:3(1-28)Online publication date: 24-Jun-2015
https://dl.acm.org/doi/10.1145/2738038
Bekkouche MCollavizza HRueher MWainwright RCorchado JBechini AHong J(2015)LocFaultsProceedings of the 30th Annual ACM Symposium on Applied Computing10.1145/2695664.2695822(1773-1780)Online publication date: 13-Apr-2015
https://dl.acm.org/doi/10.1145/2695664.2695822
Show More Cited By

View Options

View options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents