Repair with On-The-Fly Program Analysis

  • Robert Könighofer
  • Roderick Bloem
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7857)

Abstract

This paper presents a novel automatic repair approach for incorrect programs. It applies formal methods and analyzes program behavior only on demand. We argue that this is beneficial, especially if exhaustive program analysis is infeasible. Our approach computes repair candidates and refines them based on counterexamples. It can be used with various verification techniques and specification formats to check a candidate’s correctness. This includes test suites, model checkers verifying assertions, or even the user checking candidates manually, in which case no explicit specification is needed at all. We use concolic execution to analyze programs and SMT-solving to compute repair candidates. We implemented our approach in the open-source debugging environment FoREnSiC and present first experimental results.

Keywords

Program Repair Formal Methods Abstraction-Refinement Concolic Execution SMT-Solving 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Arcuri, A.: On the automation of fixing software bugs. In: ICSE, pp. 1003–1006. ACM (2008)Google Scholar
  2. 2.
    Bloem, R., Drechsler, R., Fey, G., Finder, A., Hofferek, G., Könighofer, R., Raik, J., Repinski, U., Sülflow, A.: FoREnSiC– An automatic debugging environment for C programs. In: Biere, A., Nahir, A., Vos, T. (eds.) HVC 2012. LNCS, vol. 7857, pp. 260–265. Springer, Heidelberg (2013)Google Scholar
  3. 3.
    Burnim, J., Sen, K.: Heuristics for scalable dynamic test generation. In: ASE, pp. 443–446. IEEE (2008)Google Scholar
  4. 4.
    Chang, K.-H., Markov, I.L., Bertacco, V.: Fixing design errors with counterexamples and resynthesis. In: ASP-DAC, pp. 944–949. IEEE (2007)Google Scholar
  5. 5.
    Clarke, L.A.: A system to generate test data and symbolically execute programs. IEEE Trans. Software Eng. 2(3), 215–222 (1976)CrossRefGoogle Scholar
  6. 6.
    Dallmeier, V., Zeller, A., Meyer, B.: Generating fixes from object behavior anomalies. In: ASE, pp. 550–554. IEEE (2009)Google Scholar
  7. 7.
    Debroy, V., Wong, W.E.: Using mutation to automatically suggest fixes for faulty programs. In: ICST, pp. 65–74. IEEE (2010)Google Scholar
  8. 8.
    Forrest, S., Nguyen, T., Weimer, W., Le Goues, C.: A genetic programming approach to automated software repair. In: GECCO, pp. 947–954. ACM (2009)Google Scholar
  9. 9.
    Godefroid, P., Klarlund, N., Sen, K.: DART: Directed automated random testing. In: PLDI, pp. 213–223. ACM (2005)Google Scholar
  10. 10.
    Le Goues, C., Nguyen, T., Forrest, S., Weimer, W.: GenProg: A generic method for automatic software repair. IEEE Trans. Software Eng. 38(1), 54–72 (2012)CrossRefGoogle Scholar
  11. 11.
    Griesmayer, A., Bloem, R., Cook, B.: Repair of Boolean programs with an application to C. In: Ball, T., Jones, R.B. (eds.) CAV 2006. LNCS, vol. 4144, pp. 358–371. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  12. 12.
    Jobstmann, B., Griesmayer, A., Bloem, R.: Program repair as a game. In: Etessami, K., Rajamani, S.K. (eds.) CAV 2005. LNCS, vol. 3576, pp. 226–238. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  13. 13.
    Jobstmann, B., Staber, S., Griesmayer, A., Bloem, R.: Finding and fixing faults. Journal of Computer and System Sciences 78(2), 441–460 (2012)MathSciNetMATHCrossRefGoogle Scholar
  14. 14.
    King, J.C.: Symbolic execution and program testing. Communications of the ACM 19(7), 385–394 (1976)MATHCrossRefGoogle Scholar
  15. 15.
    Koenighofer, R., Bloem, R.: Automated error localization and correction for imperative programs. In: FMCAD, pp. 91–100. IEEE (2011)Google Scholar
  16. 16.
    Raik, J., Repinski, U., Hantson, H., Jenihhin, M., Di Guglielmo, G., Pravadelli, G., Fummi, F.: Combining dynamic slicing and mutation operators for ESL correction. In: ETS, pp. 1–6. IEEE (2012)Google Scholar
  17. 17.
    Sen, K., Marinov, D., Agha, G.: CUTE: A concolic unit testing engine for C. In: ESEC/FSE, pp. 263–272. ACM (2005)Google Scholar
  18. 18.
    Solar-Lezama, A.: The sketching approach to program synthesis. In: Hu, Z. (ed.) APLAS 2009. LNCS, vol. 5904, pp. 4–13. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  19. 19.
    Solar-Lezama, A., Tancau, L., Bodik, R., Saraswat, V., Seshia, S.A.: Combinatorial sketching for finite programs. In: ASPLOS, pp. 404–415. ACM (2006)Google Scholar
  20. 20.
  21. 21.
    Wei, Y., Pei, Y., Furia, C.A., Silva, L.S., Buchholz, S., Meyer, B., Zeller, A.: Automated fixing of programs with contracts. In: ISSTA, pp. 61–72. ACM (2010)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Robert Könighofer
    • 1
  • Roderick Bloem
    • 1
  1. 1.Institute for Applied Information Processing and Communications (IAIK)Graz University of TechnologyAustria

Personalised recommendations