Skip to main content
SpringerLink
Log in

Program repair without regret

  • Published:
Formal Methods in System Design Aims and scope Submit manuscript

Abstract

We present a new and flexible approach to repair reactive programs with respect to a specification. The specification is given in linear-temporal logic. Like in previous approaches, we aim for a repaired program that satisfies the specification and is syntactically close to the faulty program. The novelty of our approach is that it produces a program that is also semantically close to the original program by enforcing that a subset of the original traces is preserved. Intuitively, the faulty program is considered to be a part of the specification, which enables us to synthesize meaningful repairs, even for incomplete specifications. Our approach is based on synthesizing a program with a set of behaviors that stay within a lower and an upper bound. We provide an algorithm to decide if a program is repairable with respect to our new notion, and synthesize a repair if one exists. We analyze several ways to choose the set of traces to leave intact and show the boundaries they impose on repairability. We also discuss alternative notions based on reward models to obtain repair systems that behave similar to the original system. We have evaluated the approach on several examples.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8

Similar content being viewed by others

Notes

  1. Note that any synthesis problem with memoryless winning strategies satisfies this condition.

  2. LTL is not closed under projection. We use LTL only to describe the corresponding automata computations.

  3. Two formulas \(\varphi \) and \(\varphi '\) are open-equivalent if any machine \(M\) implementing \(\varphi \) also implements \(\varphi '\) and vice-versa [22].

  4. Note that this extension can also be applied in addition to \(\psi \), since our new repair notion is reducible to the classical synthesis problem (cf. Sect. 4).

References

  1. Alur R, Bodík R, Juniwal G, Martin MMK, Raghothaman M, Seshia SA, Singh R, Solar-Lezama A, Torlak E, Udupa A (2013) Syntax-guided synthesis. Paper presented at the conference on FMCAD, IEEE, New York, pp 1–17, Oct 2013

  2. Bohy A, Bruyère V, Filiot E, Raskin J-F (2013) Synthesis from LTL specifications with mean-payoff objectives. In: Piterman N, Smolka SA (eds) TACAS, vol 7795. Springer, Heidelberg, pp 169–184

    Google Scholar 

  3. Buccafurri F, Eiter T, Gottlob G, Leone N (1999) Enhancing model checking in verification by ai techniques. Artif Intell 112(1–2):57–104

    Article  MATH  MathSciNet  Google Scholar 

  4. Bonakdarpour B, Ebnenasir A, Kulkarni SS (2009) Complexity results in revising unity programs. TAAS 4(1):5

    Article  Google Scholar 

  5. Bonakdarpour B, Hajisheykhi R, Kulkarni SS (2014) Knowledge-based automated repair of authentication protocols. In: Jones CB, Pihlajasaari P, Sun J (eds) 19th International symposium on FM: lecture notes in computer science. vol 8442. Springer, pp 132–147, 2014

  6. Bodík R, Jobstmann B (2013) Algorithmic program synthesis: introduction. STTT 15(5–6):397–411

    Article  Google Scholar 

  7. Bonakdarpour B, Kulkarni SS, Abujarad F (2012) Symbolic synthesis of masking fault-tolerant distributed programs. Distrib Comput 25(1):83–108

    Article  MATH  Google Scholar 

  8. Büchi JR, Landweber LH (1969) Solving sequential conditions by finite-state strategies. Trans Am Math Soc 138:295–311

    Article  MATH  Google Scholar 

  9. Ball T, Naik M, Rajamani SK (2003) From symptom to cause: localizing errors in counterexample traces. In: Aiken A, Morrisett G (eds) In: Conference on POPL, ACM, New Orleans, pp 97–105, Jully 2003

  10. Čerńy P, Henzinger TA, Radhakrishna A (2010) Simulation distances. In: Proceedings of the 21st international conference on concurrency theory, CONCUR’10. Springer, Berlin, pp 253–268

  11. Cimatti A, Clarke E, Giunchiglia E, Giunchiglia F, Pistore M, Roveri M, Sebastiani R, Tacchella A (2002) NuSMV Version 2: an opensource tool for symbolic model checking. In: 14th International conference on CAV, Springer, New York, July 2002

  12. Clarke EM, Emerson EA (1981) Design and synthesis of synchronization skeletons using branching-time temporal logic. In: Kozen D (ed) Logic of programs, vol 131. Springer, New York, pp 52–71

    Chapter  Google Scholar 

  13. Clarke EM, Grumberg O, McMillan KL, Zhao X (1995) Efficient generation of counterexamples and witnesses in symbolic model checking. In proceedings of the 32nd annual ACM/IEEE Design Automation Conference, ACM, New York, pp 427–432, Jan 1995

  14. Chatterjee K, Henzinger TA, Jurdzinski M (2005) Mean-payoff parity games. In proceedings of the 20th annual IEEE symposium on LICS, IEEE Computer Society, New York, pp 178–187, June 2005

  15. Church A (1963) In: Clarke E, Emerson EA, Sistla AP (eds) Proceedings of the 5th international congress of mathematicians, pp 23–25, Aug 1962

  16. Chang K-H, Markov IL, Bertacco V (2008) Fixing design errors with counterexamples and resynthesis. IEEE Trans CAD Integr Circuits Syst 27(1):184–188

    Article  Google Scholar 

  17. Chandra S, Torlak E, Barman S, ZBodik R (2011) Angelic debugging. In: 33rd International conference on software engineering (ICSE), ACM, New York, pp 121–130, May 2011

  18. Drusinsky D, Harel D (1994) On the power of bounded concurrency i: finite automata. J ACM 41(3):517–539

    Article  MATH  MathSciNet  Google Scholar 

  19. Ebnenasir A, Kulkarni SS, Bonakdarpour B (2005) Revising unity programs: possibilities and limitations. In: OPODIS. Springer, Heidelberg, pp 275–290, 2005

  20. Edelkamp S, Lluch-Lafuente A, Leue S (2001) Trail-directed model checking. Electron Notes Theor Comput Sci 55(3):343–356

    Article  Google Scholar 

  21. Griesmayer A, Bloem R, Cook B (2006) Repair of boolean programs with an application to c. In: Ball T, Jones R (eds) CAV, volume 4144 of LNCS, Springer, Heidelberg, pp 358–371, 2006

  22. Greimel K, Bloem R, Jobstmann B, Vardi M (2008) Open implication. In: ICALP, LNCS 5126, Springer, Heidelberg, pp 361–372, 2008

  23. Groce A, Visser W (2003) What went wrong: explaining counterexamples. In: Ball T, Rajamani SK (eds) SPIN. Springer, New York, pp 121–135

    Google Scholar 

  24. Jobstmann B, Griesmayer A, Bloem R (2005) Program repair as a game. In: Ball T, Jones RB (eds) CAV. Springer, Heidelberg, pp 226–238

    Google Scholar 

  25. Janjua MU, Mycroft A (2006) Automatic correction to safety violations in programs. Thread Verification (TV’06). Unpublished

  26. Jin HS, Ravi K, Somenzi F (2004) Fate and free will in error traces. STTT 6(2):102–116

    Article  Google Scholar 

  27. Jobstmann B, Staber S, Griesmayer A, Bloem R (2012) Finding and fixing faults. J Comput Syst Sci 78(2):441–460

    Article  MATH  MathSciNet  Google Scholar 

  28. Khasidashvili Z, Moondanos J, Kaiss D, Hanna Z (2001) An enhanced cut-points algorithm in formal equivalence verification. In: Sixth IEEE international proceedings of the HLDVT, pp 171–176, 2001

  29. Kaiss D, Skaba M, Hanna Z, Khasidashvili Z (2007) Industrial strength sat-based alignability algorithm for hardware equivalence verification. In: Proceedings of the FMCAD, IEEE, pp 20–26, 2007

  30. Lichtenstein O, Pnueli A (1985) Checking that finite state concurrent programs satisfy their linear specification. In: Proceedings of the POPL, ACM, New York, pp 97–107, Jan 1985

  31. Piterman N (2006) From nondeterministic buchi and streett automata to deterministic parity automata. In: 21st annual IEEE symposium on LICS, IEEE, pp 255–264, 2006

  32. Piterman N (2007) From nondeterministic büchi and streett automata to deterministic parity automata. Log Methods Comput Sci 3(3):1–21

    Article  MathSciNet  Google Scholar 

  33. Pnueli A (1977) The temporal logic of programs. In: IEEE Symposium on FOCS, pp 46–57, 1977

  34. Pnueli A, Rosner R (1989) On the synthesis of a reactive module. In: proceedings of the 16th ACM Symposium on POPL, ACM, pp 179–190, Jan 1989

  35. Puterman ML (1994) Markov decision processes: discrete stochastic dynamic programming. Wiley, New York

  36. Queille J-P, Sifakis J (1982) Specification and verification of concurrent systems in CESAR. In: 5th international symposium on programming, pp 337–351, 1982

  37. Rabin MO (1969) Decidability of second-order theories and automata on infinite trees. Trans Am Math Soc 141:1–35

    MATH  MathSciNet  Google Scholar 

  38. Rosner R (1997) Modular synthesis of reactive systems. PhD thesis, Stanford University

  39. Renieris M, Reiss SP (2003) Fault localization with nearest neighbor queries. In: Proceedings of the 18th IEEE international conference on ASE, IEEE, pp 30–39, 2003

  40. Ravi K, Somenzi F (2004) Minimal assignments for bounded model checking. In: Proceedings of TACAS, Springer, Heidelberg, pp 31–45, Apr 2004

  41. Safra S (1988) On the complexity of omega-automata. In: Proceedings of the FOCS, IEEE, pp 319–327, Oct 1988

  42. Schewe S (2009) Tighter bounds for the determinisation of büchi automata. In: 12th international conference on FOSSACS, Springer, New York, pp 167–181, 2009

  43. Samanta R, Deshmukh JV, Emerson EA (2008) Automatic generation of local repairs for boolean programs. In: FMCAD, Springer, Heidelberg, pp 1–10, 2008

  44. von Essen C, Jobstmann B (2013) Program repair without regret. In: Proceedings of CAV, Springer, Berlin, Heidelberg, pp 896–911, 2013

  45. Vechev M, Yahav E, Yorsh G (2009) Inferring synchronization under limited observability. In: TACAS’09, vol. 5505 of LNCS, Springer, New York, pp 139–154, 2009

  46. Vechev MT, Yahav E, Yorsh G (2010) Abstraction-guided synthesis of synchronization. In: Proceedings of POPL, pp 327–338, 2010

  47. Wolper P, Vardi MY, Sistla AP (1983) Reasoning about infinite computation paths (extended abstract). In: Proceedings of the FOCS, Tucson, pp 185–194, 1983

  48. Zeller A, Hildebrandt R (2002) Simplifying and isolating failure-inducing input. IEEE Trans Softw Eng 28(2):183–200

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Google Zurich, Zurich, Switzerland

    Christian von Essen

  2. EPFL, Lausanne, Switzerland

    Barbara Jobstmann

Authors
  1. Christian von Essen
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Barbara Jobstmann
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Barbara Jobstmann.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

von Essen, C., Jobstmann, B. Program repair without regret. Form Methods Syst Des 47, 26–50 (2015). https://doi.org/10.1007/s10703-015-0223-6

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10703-015-0223-6

Keywords

Search

Navigation