Concolic fault localization

Chanseok Oh, Martin Schaf, Daniel Schwartz-Narbonne, Thomas Wies

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

An integral part of all debugging activities is the task of diagnosing the cause of an error. Most existing fault diagnosis techniques rely on the availability of high quality test suites because they work by comparing failing and passing runs to identify the error cause. This limits their applicability. One alternative are techniques that statically analyze an error trace of the program without relying on additional passing runs to compare against. Particularly promising are novel proof-based approaches that leverage the advances in automated theorem proving to obtain an abstraction of the program that aids fault diagnostics. However, existing proof-based approaches still have practical limitations such as reduced scalability and dependence on complex mathematical models of programs. Such models are notoriously difficult to develop for real-world programs. Inspired by concolic testing, we propose a novel algorithm that integrates concrete execution and symbolic reasoning about the error trace to address these challenges. Specifically, we execute the error trace to obtain intermediate program states that allow us to split the trace into smaller fragments, each of which can be analyzed in isolation using an automated theorem prover. Moreover, we show how this approach can avoid complex logical encodings when reasoning about traces in low-level C programs. We have conducted an experiment where we applied our new algorithm to error traces generated from faulty versions of UNIX utils such as gzip and sed. Our experiment indicates that our concolic fault abstraction scales to real-world error traces and generates useful error diagnoses.

Original languageEnglish (US)
Title of host publicationProceedings - 2014 14th IEEE International Working Conference on Source Code Analysis and Manipulation, SCAM 2014
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages135-144
Number of pages10
ISBN (Electronic)9780769553047
DOIs
StatePublished - Dec 4 2014
Event14th IEEE International Working Conference on Source Code Analysis and Manipulation, SCAM 2014 - Victoria, Canada
Duration: Sep 28 2014Sep 29 2014

Publication series

NameProceedings - 2014 14th IEEE International Working Conference on Source Code Analysis and Manipulation, SCAM 2014

Other

Other14th IEEE International Working Conference on Source Code Analysis and Manipulation, SCAM 2014
CountryCanada
CityVictoria
Period9/28/149/29/14

Keywords

  • concolic execution
  • debugging
  • fault localization
  • interpolation

ASJC Scopus subject areas

  • Software
  • Computer Science Applications

Fingerprint Dive into the research topics of 'Concolic fault localization'. Together they form a unique fingerprint.

  • Cite this

    Oh, C., Schaf, M., Schwartz-Narbonne, D., & Wies, T. (2014). Concolic fault localization. In Proceedings - 2014 14th IEEE International Working Conference on Source Code Analysis and Manipulation, SCAM 2014 (pp. 135-144). [6975647] (Proceedings - 2014 14th IEEE International Working Conference on Source Code Analysis and Manipulation, SCAM 2014). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/SCAM.2014.22