Abstract
In model-based fault diagnosis, it is assumed that a correct model of each program being diagnosed is available. In general, these techniques require test cases and user-specified assertions to localize the fault. This paper aims to localize faults in a faulty program without user-specified assertions and without executing the programs, and therefore, without using test cases. Given the faulty and the correct versions of a program, a product code is automatically constructed and assertions are automatically generated. The proposed method is a full y automatic, model-based static approach to fault localization. The proposed method reduces the fault search space by removing equivalent regions from the product code using verification techniques. To identify these components, the bounded model checker CBMC is used. The invoked functions from the correct and the faulty programs are considered uninterpreted functions and MiniSat is used as a backend solver. The proposed method can also be applied on static slices of the correct and faulty programs. Also, the identified fault search space can be analyzed along with the generated counterexample trace to pinpoint the fault. The experimental data is presented that supports the applicability of our approach. We demonstrate the effectiveness of the proposed method using the Siemens TCAS and NTS benchmark suite. It is observed that the method can also successfully localize the wrong safety check bug produced by the LLVM compiler.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
