Experiments of the effectiveness of dataflow- and controlflow-based test adequacy criteria
ICSE '94 Proceedings of the 16th international conference on Software engineering
Symbolic model checking using SAT procedures instead of BDDs
Proceedings of the 36th annual ACM/IEEE Design Automation Conference
A Computing Procedure for Quantification Theory
Journal of the ACM (JACM)
Symbolic execution and program testing
Communications of the ACM
Simplifying and Isolating Failure-Inducing Input
IEEE Transactions on Software Engineering
Isolating cause-effect chains from computer programs
Proceedings of the 10th ACM SIGSOFT symposium on Foundations of software engineering
From symptom to cause: localizing errors in counterexample traces
POPL '03 Proceedings of the 30th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Scalable error detection using boolean satisfiability
Proceedings of the 32nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
DART: directed automated random testing
Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation
Programming by sketching for bit-streaming programs
Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation
CUTE: a concolic unit testing engine for C
Proceedings of the 10th European software engineering conference held jointly with 13th ACM SIGSOFT international symposium on Foundations of software engineering
Empirical Software Engineering
Error explanation with distance metrics
International Journal on Software Tools for Technology Transfer (STTT)
Combinatorial sketching for finite programs
Proceedings of the 12th international conference on Architectural support for programming languages and operating systems
EXE: automatically generating inputs of death
Proceedings of the 13th ACM conference on Computer and communications security
Automated Fault Localization for C Programs
Electronic Notes in Theoretical Computer Science (ENTCS)
strlcpy and strlcat: consistent, safe, string copy and concatenation
ATEC '99 Proceedings of the annual conference on USENIX Annual Technical Conference
Improved Design Debugging Using Maximum Satisfiability
FMCAD '07 Proceedings of the Formal Methods in Computer Aided Design
Algorithms for maximum satisfiability using unsatisfiable cores
Proceedings of the conference on Design, automation and test in Europe
Spatial and temporal design debug using partial MaxSAT
Proceedings of the 19th ACM Great Lakes symposium on VLSI
VS3: SMT Solvers for Program Verification
CAV '09 Proceedings of the 21st International Conference on Computer Aided Verification
Darwin: an approach for debugging evolving programs
Proceedings of the the 7th joint meeting of the European software engineering conference and the ACM SIGSOFT symposium on The foundations of software engineering
New inference rules for Max-SAT
Journal of Artificial Intelligence Research
Minimal Unsatisfiability: Models, Algorithms and Applications (Invited Paper)
ISMVL '10 Proceedings of the 2010 40th IEEE International Symposium on Multiple-Valued Logic
KLEE: unassisted and automatic generation of high-coverage tests for complex systems programs
OSDI'08 Proceedings of the 8th USENIX conference on Operating systems design and implementation
On finding all minimally unsatisfiable subformulas
SAT'05 Proceedings of the 8th international conference on Theory and Applications of Satisfiability Testing
On solving the partial MAX-SAT problem
SAT'06 Proceedings of the 9th international conference on Theory and Applications of Satisfiability Testing
Bug-Assist: assisting fault localization in ANSI-C programs
CAV'11 Proceedings of the 23rd international conference on Computer aided verification
Automated error localization and correction for imperative programs
Proceedings of the International Conference on Formal Methods in Computer-Aided Design
Automated error diagnosis using abductive inference
Proceedings of the 33rd ACM SIGPLAN conference on Programming Language Design and Implementation
Generating range fixes for software configuration
Proceedings of the 34th International Conference on Software Engineering
Improvements to core-guided binary search for MaxSAT
SAT'12 Proceedings of the 15th international conference on Theory and Applications of Satisfiability Testing
Badger: a regression planner to resolve design model inconsistencies
ECMFA'12 Proceedings of the 8th European conference on Modelling Foundations and Applications
A solver for reachability modulo theories
CAV'12 Proceedings of the 24th international conference on Computer Aided Verification
An empirical study of encodings for group MaxSAT
Canadian AI'12 Proceedings of the 25th Canadian conference on Advances in Artificial Intelligence
Modular and verified automatic program repair
Proceedings of the ACM international conference on Object oriented programming systems languages and applications
Using likely invariants for automated software fault localization
Proceedings of the eighteenth international conference on Architectural support for programming languages and operating systems
Automated feedback generation for introductory programming assignments
Proceedings of the 34th ACM SIGPLAN conference on Programming language design and implementation
F3: fault localization for field failures
Proceedings of the 2013 International Symposium on Software Testing and Analysis
Comparative causality: explaining the differences between executions
Proceedings of the 2013 International Conference on Software Engineering
Reproducing and debugging field failures in house
Proceedings of the 2013 International Conference on Software Engineering
Will you still compile me tomorrow? static cross-version compiler validation
Proceedings of the 2013 9th Joint Meeting on Foundations of Software Engineering
Proceedings of the 2013 9th Joint Meeting on Foundations of Software Engineering
Is this a bug or an obsolete test?
ECOOP'13 Proceedings of the 27th European conference on Object-Oriented Programming
An empirical study on the use of mutant traces for diagnosis of faults in deployed systems
Journal of Systems and Software
Hi-index | 0.00 |
Much effort is spent by programmers everyday in trying to reduce long, failing execution traces to the cause of the error. We present an algorithm for error cause localization based on a reduction to the maximal satisfiability problem (MAX-SAT), which asks what is the maximum number of clauses of a Boolean formula that can be simultaneously satisfied by an assignment. At an intuitive level, our algorithm takes as input a program and a failing test, and comprises the following three steps. First, using bounded model checking, and a bound obtained from the execution of the test, we encode the semantics of a bounded unrolling of the program as a Boolean trace formula. Second, for a failing program execution (e.g., one that violates an assertion or a post-condition), we construct an unsatisfiable formula by taking the formula and additionally asserting that the input is the failing test and that the assertion condition does hold at the end. Third, using MAX-SAT, we find a maximal set of clauses in this formula that can be satisfied together, and output the complement set as a potential cause of the error. We have implemented our algorithm in a tool called BugAssist that performs error localization for C programs. We demonstrate the effectiveness of BugAssist on a set of benchmark examples with injected faults, and show that in most cases, BugAssist can quickly and precisely isolate a few lines of code whose change eliminates the error. We also demonstrate how our algorithm can be modified to automatically suggest fixes for common classes of errors such as off-by-one.We have implemented our algorithm in a tool called BugAssist that performs error localization for C programs. We demonstrate the effectiveness of BugAssist on a set of benchmark examples with injected faults, and show that in most cases, BugAssist can quickly and precisely isolate a few lines of code whose change eliminates the error. We also demonstrate how our algorithm can be modified to automatically suggest fixes for common classes of errors such as off-by-one.