From operating systems and web browsers to spacecraft, many software systems maintain a log of events that provides a partial history of execution, supporting post-mortem (or post-reboot) analysis. Unfortunately, bandwidth, storage limitations, and privacy concerns limit the information content of logs, making it difficult to fully reconstruct execution from these traces. This paper presents a technique for modifying a program such that it can produce exactly those executions consistent with a given (partial) trace of events, enabling efficient analysis of the reduced program. Our method requires no additional history variables to track log events, and it can slice away code that does not execute in a given trace. We describe initial experiences with implementing our ideas by extending the CBMC bounded model checker for C programs. Applying our technique to a small, 400-line file system written in C, we get more than three orders of magnitude improvement in running time over a naïve approach based on adding history variables, along with fifty- to eighty-fold reductions in the sizes of the SAT problems solved.


Model Check Bound Model Checker Program Language Design Program Trace Deterministic Program 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Agrawal, H., Horgan, J.: Dynamic program slicing. In: Programming Language Design and Implementation, pp. 246–256 (1990)Google Scholar
  2. 2.
    Biere, A.: The evolution from Limmat to Nanosat. Technical Report 444, Dept. of Computer Science, ETH Zŭrich (2004)Google Scholar
  3. 3.
    Biere, A., Cimatti, A., Clarke, E., Zhu, Y.: Symbolic model checking without BDDs. In: Cleaveland, W.R. (ed.) TACAS 1999. LNCS, vol. 1579, pp. 193–207. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  4. 4.
    Dijkstra, E.W.: A Discipline of Programming. Prentice-Hall, Englewood Cliffs (1976)MATHGoogle Scholar
  5. 5.
    Field, J., Ramalingam, G., Tip, F.: Parametric program slicing. In: Principles of Programming Languages, pp. 379–392 (1995)Google Scholar
  6. 6.
    Flanagan, C., Leino, K.R.M., Lillibridge, M., Nelson, G., Saxe, J.B., Stata, R.: Extended static checking for Java. In: Proceedings of the 2002 ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI), May 2002, pp. 234–245 (2002)Google Scholar
  7. 7.
    Flanagan, C., Saxe, J.B.: Avoiding exponential explosion: Generating compact verification conditions. In: Principles of Programming Languages, pp. 193–205 (2002)Google Scholar
  8. 8.
    Gannod, G., Murthy, S.: Using log files to reconstruct state-based software architectures. In: WCRE 2002 Workshop on Software Architecture Reconstruction (2002)Google Scholar
  9. 9.
    Henzinger, T.A., Jhala, R., Majumdar, R., Sutre, G.: Lazy abstraction. In: Principles of Programming Languages, pp. 58–70 (2002)Google Scholar
  10. 10.
    Holzmann, G.J.: The SPIN Model Checker: Primer and Reference Manual. Addison-Wesley Professional, Reading (2003)Google Scholar
  11. 11.
    Howard, Y., Gruner, S., Gravell, A., Ferreira, C., Augusto, J.: Model-based tracechecking. In: SoftTest: UK Software Testing Research Workshop II (2003)Google Scholar
  12. 12.
    Jhala, R., Majumdar, R.: Path slicing. Programming Language Design and Implementation, 38–47 (2005)Google Scholar
  13. 13.
    Kroening, D., Clarke, E., Lerda, F.: A tool for checking ANSI-C programs. In: Jensen, K., Podelski, A. (eds.) TACAS 2004. LNCS, vol. 2988, pp. 168–176. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  14. 14.
    Rustan, K., Leino, M.: Efficient weakest preconditions. Information Processing Letters 93(6) (2005)Google Scholar
  15. 15.
    Liblit, B., Aiken, A.: Building a better backtrace: Techniques for postmortem program analysis. Technical Report UCB CSD-02-1203, Computer Science Division, University of California, Berkeley (2002)Google Scholar
  16. 16.
    Manevich, R., Sridharan, M., Adams, S., Das, M., Yang, Z.: PSE: explaining program failures via postmortem static analysis. In: Tools and Algorithms for the Construction and Analysis of Systems, pp. 63–72 (2004)Google Scholar
  17. 17.
    Millett, L., Teitelbaum, T.: Slicing Promela and its applications to model checking, simulation, and protocol understanding. In: SPIN Workshop on Model Checking of Software, pp. 75–83 (1998)Google Scholar
  18. 18.
    Moskewicz, M., Madigan, C., Zhao, Y., Zhang, L., Malik, S.: Chaff: Engineering an Efficient SAT Solver. In: Design Automation Conference, pp. 530–535 (2001)Google Scholar
  19. 19.
    Roger, M., Goubault-Larrecq, J.: Log auditing through model-checking. In: IEEE Workshop on Computer Security Foundations, p. 220 (2001)Google Scholar
  20. 20.
    Tip, F.: A survey of program slicing techniques. Journal of programming languages 3, 121–189 (1995)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Alex Groce
    • 1
  • Rajeev Joshi
    • 1
  1. 1.Laboratory for Reliable Software, Jet Propulsion LaboratoryCalifornia Institute of TechnologyPasadenaUSA

Personalised recommendations