Path-Based Program Repair

We propose a path-based approach to program repair for imperative programs. Our repair framework takes as input a faulty program, a logic specification that is refuted, and a hint where the fault may be located. An iterative abstraction refinement loop is then used to repair the program: in each iteration, the faulty program part is re-synthesized considering a symbolic counterexample, where the control-flow is kept concrete but the data-flow is symbolic. The appeal of the idea is two-fold: 1) the approach lazily considers candidate repairs and 2) the repairs are directly derived from the logic specification. In contrast to prior work, our approach is complete for programs with finitely many control-flow paths, i.e., the program is repaired if and only if it can be repaired at the specified fault location. Initial results for small programs indicate that the approach is useful for debugging programs in practice.Comment: In Proceedings FESCA 2015, arXiv:1503.0437

A Historical Perspective on Runtime Assertion Checking in Software Development

This report presents initial results in the area of software testing and analysis produced as part of the Software Engineering Impact Project. The report describes the historical development of runtime assertion checking, including a description of the origins of and significant features associated with assertion checking mechanisms, and initial findings about current industrial use. A future report will provide a more comprehensive assessment of development practice, for which we invite readers of this report to contribute information

A Static Analyzer for Large Safety-Critical Software

We show that abstract interpretation-based static program analysis can be made efficient and precise enough to formally verify a class of properties for a family of large programs with few or no false alarms. This is achieved by refinement of a general purpose static analyzer and later adaptation to particular programs of the family by the end-user through parametrization. This is applied to the proof of soundness of data manipulation operations at the machine level for periodic synchronous safety critical embedded software. The main novelties are the design principle of static analyzers by refinement and adaptation through parametrization, the symbolic manipulation of expressions to improve the precision of abstract transfer functions, the octagon, ellipsoid, and decision tree abstract domains, all with sound handling of rounding errors in floating point computations, widening strategies (with thresholds, delayed) and the automatic determination of the parameters (parametrized packing)

Model Variations and Automated Refinement of Domain-Specific Modeling Languages for Robot-Motion Control

This paper presents an approach to handling frequent variations of modeling languages and models. The approach is based on Domain-Specific Modeling and linking of modeling tools with adaptive Run-Time Systems. The applicability of our solution is illustrated on an example of domain-specific languages for robot control. Special attention was given to the following problems: 1) model-level debugging; 2) performing fast transformation of models to native code for various hardware platforms and operating systems; and 3) specification of views and view-based generation of applications for validation of meta-models, models, and generated code. The feedback for automated refinement of models and meta-models is provided by a custom adaptive Run-Time System. For the purpose of synchronizing models, meta-models, and the target Run-Time System, we introduce action reports, which allow model-level debugging. In order to simplify handling of frequent model variations, we have introduced the linguistic concept of a modifier