Program Repair without Regret

  • Christian von Essen
  • Barbara Jobstmann
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8044)


We present a new and flexible approach to repair reactive programs with respect to a specification. The specification is given in linear-temporal logic. Like in previous approaches, we aim for a repaired program that satisfies the specification and is syntactically close to the faulty program. The novelty of our approach is that it produces a program that is also semantically close to the original program by enforcing that a subset of the original traces is preserved. Intuitively, the faulty program is considered to be a part of the specification, which enables us to synthesize meaningful repairs, even for incomplete specifications.

Our approach is based on synthesizing a program with a set of behaviors that stay within a lower and an upper bound. We provide an algorithm to decide if a program is repairable with respect to our new notion, and synthesize a repair if one exists. We analyze several ways to choose the set of traces to leave intact and show the boundaries they impose on repairability. We have evaluated the approach on several examples.


Model Check Linear Temporal Logic Synthesis Problem Input Word Symbolic Model Check 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Ball, T., Naik, M., Rajamani, S.K.: From symptom to cause: Localizing errors in counterexample traces. In: POPL 2003, pp. 97–105 (January 2003)Google Scholar
  2. 2.
    Buccafurri, F., Eiter, T., Gottlob, G., Leone, N.: Enhancing model checking in verification by ai techniques. Artif. Intell. 112(1-2), 57–104 (1999)MathSciNetCrossRefzbMATHGoogle Scholar
  3. 3.
    Büchi, J.R., Landweber, L.H.: Solving sequential conditions by finite-state strategies. Transactions of the American Mathematical Society 138, 295–311 (1969)MathSciNetzbMATHGoogle Scholar
  4. 4.
    Chandra, S., Torlak, E., Barman, S., Bodik, R.: Angelic debugging. In: ICSE 2011, pp. 121–130. ACM, New York (2011)Google Scholar
  5. 5.
    Chang, K.H., Markov, I.L., Bertacco, V.: Fixing design errors with counterexamples and resynthesis. IEEE Trans. on CAD 27(1), 184–188 (2008)CrossRefGoogle Scholar
  6. 6.
    Church, A.: Logic, arithmetic and automata. In: Proc. 1962 Int. Congr. Math. (1963)Google Scholar
  7. 7.
    Cimatti, A., Clarke, E., Giunchiglia, E., Giunchiglia, F., Pistore, M., Roveri, M., Sebastiani, R., Tacchella, A.: NuSMV 2: An OpenSource Tool for Symbolic Model Checking. In: Brinksma, E., Larsen, K.G. (eds.) CAV 2002. LNCS, vol. 2404, p. 359. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  8. 8.
    Clarke, E., Grumberg, O., McMillan, K., Zhao, X.: Efficient generation of counterexamples and witnesses in symbolic model checking. In: DAC (1995)Google Scholar
  9. 9.
    Clarke, E.M., Emerson, E.A.: Design and Synthesis of Synchronization Skeletons Using Branching-Time Temporal Logic. In: Grumberg, O., Veith, H. (eds.) 25MC Festschrift. LNCS, vol. 5000, pp. 196–215. Springer, Heidelberg (2008)Google Scholar
  10. 10.
    Drusinsky, D., Harel, D.: On the power of bounded concurrency i: Finite automata. J. ACM 41(3), 517–539 (1994)MathSciNetCrossRefzbMATHGoogle Scholar
  11. 11.
    Ebnenasir, A., Kulkarni, S.S., Bonakdarpour, B.: Revising unity programs: Possibilities and limitations. In: Anderson, J.H., Prencipe, G., Wattenhofer, R. (eds.) OPODIS 2005. LNCS, vol. 3974, pp. 275–290. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  12. 12.
    Edelkamp, S., Lluch-Lafuente, A., Leue, S.: Trail-directed model checking. ENTCS 5(3) (August 2001); Software Model Checking Workshop 2001Google Scholar
  13. 13.
    Greimel, K., Bloem, R., Jobstmann, B., Vardi, M.: Open implication. In: Aceto, L., Damgård, I., Goldberg, L.A., Halldórsson, M.M., Ingólfsdóttir, A., Walukiewicz, I. (eds.) ICALP 2008, Part II. LNCS, vol. 5126, pp. 361–372. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  14. 14.
    Griesmayer, A., Bloem, R., Cook, B.: Repair of boolean programs with an application to c. In: Ball, T., Jones, R.B. (eds.) CAV 2006. LNCS, vol. 4144, pp. 358–371. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  15. 15.
    Groce, A., Visser, W.: What went wrong: Explaining counterexamples. In: Ball, T., Rajamani, S.K. (eds.) SPIN 2003. LNCS, vol. 2648, pp. 121–135. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  16. 16.
    Janjua, M.U., Mycroft, A.: Automatic correction to safety violations in programs. In: Thread Verification (TV 2006) (2006) (unpublished)Google Scholar
  17. 17.
    Jin, H., Ravi, K., Somenzi, F.: Fate and free will in error traces. In: Katoen, J.-P., Stevens, P. (eds.) TACAS 2002. LNCS, vol. 2280, pp. 445–459. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  18. 18.
    Jobstmann, B., Griesmayer, A., Bloem, R.: Program repair as a game. In: Etessami, K., Rajamani, S.K. (eds.) CAV 2005. LNCS, vol. 3576, pp. 226–238. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  19. 19.
    Jobstmann, B., Staber, S., Griesmayer, A., Bloem, R.: Finding and fixing faults. J. Comput. Syst. Sci. 78(2), 441–460 (2012)MathSciNetCrossRefzbMATHGoogle Scholar
  20. 20.
    Kaiss, D., Skaba, M., Hanna, Z., Khasidashvili, Z.: Industrial strength sat-based alignability algorithm for hardware equivalence verification. In: FMCAD, pp. 20–26 (2007)Google Scholar
  21. 21.
    Khasidashvili, Z., Moondanos, J., Kaiss, D., Hanna, Z.: An enhanced cut-points algorithm in formal equivalence verification. In: HLDVT, pp. 171–176 (2001)Google Scholar
  22. 22.
    Lichtenstein, O., Pnueli, A.: Checking that finite state concurrent programs satisfy their linear specification. In: POPL, pp. 97–107 (1985)Google Scholar
  23. 23.
    Piterman, N.: From nondeterministic buchi and streett automata to deterministic parity automata. Logical Methods in Computer Science 3(3), 5 (2007)MathSciNetCrossRefGoogle Scholar
  24. 24.
    Pnueli, A.: The temporal logic of programs. In: FOCS. IEEE Comp. Soc. (1977)Google Scholar
  25. 25.
    Pnueli, A., Rosner, R.: On the synthesis of a reactive module. In: POPL, pp. 179–190 (1989)Google Scholar
  26. 26.
    Queille, J.P., Sifakis, J.: Specification and verification of concurrent systems in CESAR. In: Symposium on Programming, pp. 337–351 (1982)Google Scholar
  27. 27.
    Rabin, M.O.: Decidability of second-order theories and automata on infinite trees. Transactions of the American Mathematical Society 141, 1–35 (1969)MathSciNetzbMATHGoogle Scholar
  28. 28.
    Ravi, K., Somenzi, F.: Minimal assignments for bounded model checking. In: Jensen, K., Podelski, A. (eds.) TACAS 2004. LNCS, vol. 2988, pp. 31–45. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  29. 29.
    Renieris, M., Reiss, S.P.: Fault localization with nearest neighbor queries. In: ICASE, Montreal, Canada, pp. 30–39 (October 2003)Google Scholar
  30. 30.
    Rosner, R.: Modular Synthesis of Reactive Systems. PhD thesis, Stanford University (1997)Google Scholar
  31. 31.
    Samanta, R., Deshmukh, J.V., Emerson, E.A.: Automatic generation of local repairs for boolean programs. In: Cimatti, A., Jones, R.B. (eds.) FMCAD, pp. 1–10 (2008)Google Scholar
  32. 32.
    Schewe, S.: Tighter bounds for the determinisation of büchi automata. In: de Alfaro, L. (ed.) FOSSACS 2009. LNCS, vol. 5504, pp. 167–181. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  33. 33.
    Solar-Lezama, A., Rabbah, R.M., Bodík, R., Ebcioglu, K.: Programming by sketching for bit-streaming programs. In: PLDI, pp. 281–294 (2005)Google Scholar
  34. 34.
    Vechev, M.T., Yahav, E., Yorsh, G.: Abstraction-guided synthesis of synchronization. In: POPL, pp. 327–338 (2010)Google Scholar
  35. 35.
    Vechev, M., Yahav, E., Yorsh, G.: Inferring synchronization under limited observability. In: Kowalewski, S., Philippou, A. (eds.) TACAS 2009. LNCS, vol. 5505, pp. 139–154. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  36. 36.
    Wolper, P., Vardi, M.Y., Sistla, A.P.: Reasoning about infinite computation paths (extended abstract). In: FOCS, pp. 185–194. IEEE (1983)Google Scholar
  37. 37.
    Zeller, A., Hildebrandt, R.: Simplifying and isolating failure-inducing input. IEEE Transactions on Software Engineering 28(2), 183–200 (2002)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Christian von Essen
    • 1
  • Barbara Jobstmann
    • 1
    • 2
    • 3
  1. 1.Verimag, CNRS and Universities of GrenobleFrance
  2. 2.Jasper Design AutomationUSA
  3. 3.École Polytechnique Fédérale de LausanneSwitzerland

Personalised recommendations