research-article

Cause clue clauses: error localization using maximum satisfiability

Authors:
Manu Jose

University of California, Los Angeles, Los Angeles, CA, USA

University of California, Los Angeles, Los Angeles, CA, USA
View Profile

,
Rupak Majumdar

Max Planck Institute for Software Systems & University of California, Los Angeles, Kaiserslautern, Germany

Max Planck Institute for Software Systems & University of California, Los Angeles, Kaiserslautern, Germany
View Profile

PLDI '11: Proceedings of the 32nd ACM SIGPLAN Conference on Programming Language Design and ImplementationJune 2011Pages 437–446https://doi.org/10.1145/1993498.1993550

Published:04 June 2011Publication History

PLDI '11: Proceedings of the 32nd ACM SIGPLAN Conference on Programming Language Design and Implementation

Pages 437–446

ABSTRACT

Much effort is spent by programmers everyday in trying to reduce long, failing execution traces to the cause of the error. We present an algorithm for error cause localization based on a reduction to the maximal satisfiability problem (MAX-SAT), which asks what is the maximum number of clauses of a Boolean formula that can be simultaneously satisfied by an assignment. At an intuitive level, our algorithm takes as input a program and a failing test, and comprises the following three steps. First, using bounded model checking, and a bound obtained from the execution of the test, we encode the semantics of a bounded unrolling of the program as a Boolean trace formula. Second, for a failing program execution (e.g., one that violates an assertion or a post-condition), we construct an unsatisfiable formula by taking the formula and additionally asserting that the input is the failing test and that the assertion condition does hold at the end. Third, using MAX-SAT, we find a maximal set of clauses in this formula that can be satisfied together, and output the complement set as a potential cause of the error.

We have implemented our algorithm in a tool called BugAssist that performs error localization for C programs. We demonstrate the effectiveness of BugAssist on a set of benchmark examples with injected faults, and show that in most cases, BugAssist can quickly and precisely isolate a few lines of code whose change eliminates the error. We also demonstrate how our algorithm can be modified to automatically suggest fixes for common classes of errors such as off-by-one.We have implemented our algorithm in a tool called BugAssist that performs error localization for C programs. We demonstrate the effectiveness of BugAssist on a set of benchmark examples with injected faults, and show that in most cases, BugAssist can quickly and precisely isolate a few lines of code whose change eliminates the error. We also demonstrate how our algorithm can be modified to automatically suggest fixes for common classes of errors such as off-by-one.

References

Thomas Ball, Mayur Naik, and Sriram K. Rajamani. From symptom to cause: localizing errors in counterexample traces. In POPL '03: Principles of Programming Languages, pages 97--105, 2003. ACM. Google ScholarDigital Library
A. Biere, A. Cimatti, E. M. Clarke, M. Fujita, and Y. Zhu. Symbolic model checking using sat procedures instead of bdds. In DAC '09: Design Automation Conference, pages 317--320, 1999. ACM. Google ScholarDigital Library
Cristian Cadar, Daniel Dunbar, and Dawson Engler. Klee: unassisted and automatic generation of high-coverage tests for complex systems programs. In OSDI '08: Operating Systems Design and Implementation, pages 209--224, 2008. USENIX Association. Google ScholarDigital Library
Cristian Cadar, Vijay Ganesh, Peter M. Pawlowski, David L. Dill, and Dawson R. Engler. Exe: automatically generating inputs of death. In CCS '06: Computer and Communications security, pages 322--335, 2006. ACM. Google ScholarDigital Library
Yibin Chen, Sean Safarpour, Andreas Veneris, and Joao Marques-Silva. Spatial and temporal design debug using partial maxsat. In GLSVLSI '09: Great Lakes Symposium on VLSI, pages 345--350, 2009. ACM. Google ScholarDigital Library
Edmund Clarke, Daniel Kroening, and Flavio Lerda. A tool for checking ANSI-C programs. In TACAS '04: Tools and Algorithms for the Construction and Analysis of Systems, volume 2988 of Lecture Notes in Computer Science, pages 168--176, 2004. Springer.Google Scholar
Martin Davis and Hilary Putnam. A computing procedure for quantification theory. J. ACM, 7:201--215, July 1960. Google ScholarDigital Library
Hyunsook Do, Sebastian Elbaum, and Gregg Rothermel. Supporting controlled experimentation with testing techniques: An infrastructure and its potential impact. Empirical Softw. Engg., 10(4):405--435, 2005. Google ScholarDigital Library
Niklas Eén and Niklas Sörensson. Minisat v2.0 (beta). In SAT-Race, 2006. http://fmv.jku.at/sat-race-2006/.Google Scholar
Zhaohui Fu and Sharad Malik. On solving the partial MAX-SAT problem. In SAT '06: Theory and Applications of Satisfiability Testing, volume 4121 of Lecture Notes in Computer Science, pages 252--265, 2006. Springer. Google ScholarDigital Library
Patrice Godefroid, Nils Klarlund, and Koushik Sen. Dart: directed automated random testing. In PLDI '05: Programming Language Design and Implementation, pages 213--223, 2005. ACM. Google ScholarDigital Library
Andreas Griesmayer, Stefan Staber, and Roderick Bloem. Automated fault localization for C programs. ENTCS, 174:95--111, 2007. Google ScholarDigital Library
Alex Groce, Sagar Chaki, Daniel Kroening, and Ofer Strichman. Error explanation with distance metrics. Int. J. Softw. Tools Technol. Transf., 8:229--247, 2006. Google ScholarDigital Library
Monica Hutchins, Herb Foster, Tarak Goradia, and Thomas Ostrand. Experiments of the effectiveness of dataflow- and controlflow-based test adequacy criteria. In ICSE '94: International Conference on Software Engineering, pages 191--200, 1994. IEEE Computer Society. Google ScholarDigital Library
James C. King. Symbolic execution and program testing. Commun. ACM, 19:385--394, July 1976. Google ScholarDigital Library
Chu Min Li and Felip Manyà. MaxSAT, hard and soft constraints. In Handbook of Satisfiability, volume 185 of Frontiers in Artificial Intelligence and Applications, chapter 19, pages 613--631. IOS Press, 2009.Google Scholar
Chu Min Li, Felip Manyà, and Jordi Planes. New inference rules for MAX-SAT. J. Artif. Int. Res., 30:321--359, October 2007. Google ScholarDigital Library
Mark H. Liffiton and Karem A. Sakallah. On finding all minimally unsatisfiable subformulas. In SAT '05: Theory and Applications of Satisfiability Testing, volume 3569 of Lecture Notes in Computer Science, pages 173--186, 2005. Springer. Google ScholarDigital Library
Joao Marques-Silva. Minimal unsatisfiability: Models, algorithms and applications (invited paper). In ISMVL '10: International Symposium on Multiple-Valued Logic, pages 9--14, 2010. IEEE Computer Society. Google ScholarDigital Library
Joao Marques-Silva and Jordi Planes. Algorithms for maximum satisfiability using unsatisfiable cores. In DATE '08: Design, Automation and Test in Europe, pages 408--413, 2008. ACM. Google ScholarDigital Library
Todd C. Miller and Theo de Raadt. strlcpy and strlcat: consistent, safe, string copy and concatenation. In USENIX Annual Technical Conference, pages 175--178, 1999. USENIX Association. Google ScholarDigital Library
Dawei Qi, Abhik Roychoudhury, Zhenkai Liang, and Kapil Vaswani. Darwin: an approach for debugging evolving programs. In ESEC/FSE '09: European Software Engineering Conference and Foundations of Software Engineering, pages 33--42, 2009. ACM. Google ScholarDigital Library
Manos Renieres and Steven P. Reiss. Fault localization with nearest neighbor queries. In ASE '03: Automated Software Engineering, pages 30--39, 2003. IEEE Computer Society.Google ScholarCross Ref
Sean Safarpour, Hratch Mangassarian, Andreas Veneris, Mark H. Liffiton, and Karem A. Sakallah. Improved design debugging using maximum satisfiability. In FMCAD '07: Formal Methods in Computer-Aided Design, pages 13--19, 2007. IEEE Computer Society. Google ScholarDigital Library
Koushik Sen, Darko Marinov, and Gul Agha. CUTE: a concolic unit testing engine for C. In ESEC/FSE '05: European Software Engineering Conference and Foundations of Software Engineering, pages 263--272, 2005. ACM. Google ScholarDigital Library
Ilya Shlyakhter, Robert Seater, Daniel Jackson, Manu Sridharan, and Mana Taghdiri. Debugging overconstrained declarative models using unsatisfiable cores. ASE '03: Automated Software Engineering, pages 94--105, 2003. IEEE Computer Society.Google ScholarDigital Library
Armando Solar-Lezama, Rodric Rabbah, Rastislav Bodík, and Kemal Ebcioğlu. Programming by sketching for bit-streaming programs. PLDI '05: Programming Languages Design and Implementation, pages 281--294, 2005.ACM. Google ScholarDigital Library
Armando Solar-Lezama, Liviu Tancau, Rastislav Bodík, Sanjit A. Seshia, and Vijay A. Saraswat. Combinatorial sketching for finite programs. In ASPLOS '06: Architectural Support for Programming Languages and Operating Systems, pages 404--415, 2006. ACM. Google ScholarDigital Library
Saurabh Srivastava, Sumit Gulwani, and Jeffrey S. Foster. VS3: SMT solvers for program verification. In CAV '09: Computer-Aided Verification, volume 5643 of Lecture Notes in Computer Science,pages 702--708, 2009.Springer. Google ScholarDigital Library
F. Tip. A survey of program slicing techniques. Journal of Programming Languages, 3:121--189, 1995.Google Scholar
Wikipedia. Off-by-one error, the free encyclopedia, 2004. {Online; accessed 28-March-2010}.Google Scholar
Yichen Xie and Alex Aiken. Scalable error detection using boolean satisfiability. In POPL '05: Principles of Programming Languages, pages 351--363, 2005. ACM. Google ScholarDigital Library
Andreas Zeller. Isolating cause-effect chains from computer programs. In FSE '10: Foundations of Software Engineering, pages 1--10, 2002. ACM. Google ScholarDigital Library
Andreas Zeller and Ralf Hildebrandt. Simplifying and isolating failure-inducing input. IEEE Trans. Softw. Eng., 28:183--200, 2002. Google ScholarDigital Library

Index Terms

Cause clue clauses: error localization using maximum satisfiability
1. Software and its engineering
  1. Software creation and management
    1. Software verification and validation
      1. Software defect analysis
        Software testing and debugging
2. Theory of computation
  1. Logic
    1. Logic and verification
  2. Semantics and reasoning
    1. Program reasoning
      1. Program analysis
    2. Program semantics

Recommendations

Cause clue clauses: error localization using maximum satisfiability
PLDI '11

Much effort is spent by programmers everyday in trying to reduce long, failing execution traces to the cause of the error. We present an algorithm for error cause localization based on a reduction to the maximal satisfiability problem (MAX-SAT), which ...
Read More
Propositional proof systems based on maximum satisfiability
Abstract
The paper describes the use of dual-rail MaxSAT systems to solve Boolean satisfiability (SAT), namely to determine if a set of clauses is satisfiable. The MaxSAT problem is the problem of satisfying the maximum number of clauses in an ...
Read More
Iterative SAT Solving for Minimum Satisfiability
ICTAI '12: Proceedings of the 2012 IEEE 24th International Conference on Tools with Artificial Intelligence - Volume 01

Minimum Satisfiability (MinSAT) denotes one of the optimization versions of the Boolean Satisfiability (SAT) problem. In some settings MinSAT is preferred to using Maximum Satis-fiability (MaxSAT). Several encodings and dedicated branch and bound ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
PLDI '11: Proceedings of the 32nd ACM SIGPLAN Conference on Programming Language Design and Implementation
June 2011
668 pages
ISBN:9781450306638
DOI:10.1145/1993498
General Chair:
Mary Hall
University of Utah
,
Program Chair:
David Padua
University of Illinois at Urbana-Champaign
ACM SIGPLAN Notices Volume 46, Issue 6
PLDI '11
June 2011
652 pages
ISSN:0362-1340
EISSN:1558-1160
DOI:10.1145/1993316
Issue’s Table of Contents
Copyright © 2011 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 4 June 2011
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
bug assist
debugging
fault localization
maximum satisfiability
Qualifiers
- research-article
Conference

Acceptance Rates
Overall Acceptance Rate406of2,067submissions,20%
Upcoming Conference
PLDI '24

Sponsor:

sigplan

ACM SIGPLAN Conference on Programming Language Design and Implementation

June 24 - 28, 2024

Copenhagen , Denmark
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 187
  Total Citations
  View Citations
- 972
  Total Downloads
- Downloads (Last 12 months)27
- Downloads (Last 6 weeks)4
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Cause clue clauses: error localization using maximum satisfiability

PLDI '11: Proceedings of the 32nd ACM SIGPLAN Conference on Programming Language Design and Implementation

ABSTRACT

References

Cited By

Index Terms

Recommendations

Cause clue clauses: error localization using maximum satisfiability

Propositional proof systems based on maximum satisfiability

Iterative SAT Solving for Minimum Satisfiability