338 research outputs found
Fault Localization in Multi-Threaded C Programs using Bounded Model Checking (extended version)
Software debugging is a very time-consuming process, which is even worse for
multi-threaded programs, due to the non-deterministic behavior of
thread-scheduling algorithms. However, the debugging time may be greatly
reduced, if automatic methods are used for localizing faults. In this study, a
new method for fault localization, in multi-threaded C programs, is proposed.
It transforms a multi-threaded program into a corresponding sequential one and
then uses a fault-diagnosis method suitable for this type of program, in order
to localize faults. The code transformation is implemented with rules and
context switch information from counterexamples, which are typically generated
by bounded model checkers. Experimental results show that the proposed method
is effective, in such a way that sequential fault-localization methods can be
extended to multi-threaded programs.Comment: extended version of paper published at SBESC'1
Cause Clue Clauses: Error Localization using Maximum Satisfiability
Much effort is spent everyday by programmers in trying to reduce long,
failing execution traces to the cause of the error. We present a new algorithm
for error cause localization based on a reduction to the maximal satisfiability
problem (MAX-SAT), which asks what is the maximum number of clauses of a
Boolean formula that can be simultaneously satisfied by an assignment. At an
intuitive level, our algorithm takes as input a program and a failing test, and
comprises the following three steps. First, using symbolic execution, we encode
a trace of a program as a Boolean trace formula which is satisfiable iff the
trace is feasible. Second, for a failing program execution (e.g., one that
violates an assertion or a post-condition), we construct an unsatisfiable
formula by taking the trace formula and additionally asserting that the input
is the failing test and that the assertion condition does hold at the end.
Third, using MAX-SAT, we find a maximal set of clauses in this formula that can
be satisfied together, and output the complement set as a potential cause of
the error. We have implemented our algorithm in a tool called bug-assist for C
programs. We demonstrate the surprising effectiveness of the tool on a set of
benchmark examples with injected faults, and show that in most cases,
bug-assist can quickly and precisely isolate the exact few lines of code whose
change eliminates the error. We also demonstrate how our algorithm can be
modified to automatically suggest fixes for common classes of errors such as
off-by-one.Comment: The pre-alpha version of the tool can be downloaded from
http://bugassist.mpi-sws.or
Enhanced Formal Verification Flow for Circuits Integrating Debugging and Coverage Analysis
In this paper we briefly review techniques used in formal hardware verification. An advanced flow emerges from integrating two major methodological improvements: debugging support and coverage analysis. The verification engineer can locate the source of a failure with an automatic debugging support. Components are identified which explain the discrepancy between the property and the circuit behavior.This method is complemented by an approach to analyze functional coverage of the proven Bounded Model Checking(BMC) properties. The approach automatically determines whether the property set is complete or not. In the latter case coverage gaps are returned. Both techniques are integrated in an enhanced verification flow. A running example demonstrates the resulting advantages
Debugging of Toffoli networks
Abstract—Intensive research is performed to find post-CMOS technologies. A very promising direction based on reversible logic are quantum computers. While in the domain of reversible logic synthesis, testing, and verification have been investigated, debugging of reversible circuits has not yet been considered. The goal of debugging is to determine gates of an erroneous circuit that explain the observed incorrect behavior. In this paper we propose the first approach for automatic debugging of reversible Toffoli networks. Our method uses a formulation for the debugging problem based on Boolean satisfiability. We show the differences to classical (irreversible) debugging and present theoretical results. These are used to speed-up the debugging approach as well as to improve the resulting quality. Our method is able to find and to correct single errors automatically. I
E-QED: Electrical Bug Localization During Post-Silicon Validation Enabled by Quick Error Detection and Formal Methods
During post-silicon validation, manufactured integrated circuits are
extensively tested in actual system environments to detect design bugs. Bug
localization involves identification of a bug trace (a sequence of inputs that
activates and detects the bug) and a hardware design block where the bug is
located. Existing bug localization practices during post-silicon validation are
mostly manual and ad hoc, and, hence, extremely expensive and time consuming.
This is particularly true for subtle electrical bugs caused by unexpected
interactions between a design and its electrical state. We present E-QED, a new
approach that automatically localizes electrical bugs during post-silicon
validation. Our results on the OpenSPARC T2, an open-source
500-million-transistor multicore chip design, demonstrate the effectiveness and
practicality of E-QED: starting with a failed post-silicon test, in a few hours
(9 hours on average) we can automatically narrow the location of the bug to
(the fan-in logic cone of) a handful of candidate flip-flops (18 flip-flops on
average for a design with ~ 1 Million flip-flops) and also obtain the
corresponding bug trace. The area impact of E-QED is ~2.5%. In contrast,
deter-mining this same information might take weeks (or even months) of mostly
manual work using traditional approaches
- …