A Case for Automated Debugging Using Data Structure Repair Muhammad Zubair Malik Khalid Ghori Bassem Elkarablieh Sarfraz Khurshid University of Texas, Austin TX 78712 Abstract—Automated debugging is becoming increasingly important as the size and complexity of software increases. This paper makes a case for using constraint-based data structure repair, a recently developed technique for fault recovery, as a basis for automated debugging. Data structure repair uses given structural integrity constraints for key data structures to monitor their correctness during the execution of a program. If a constraint violation is detected, repair performs mutations on the data structures, i.e., corrupt program state, and transforms it into another state, which satisfies the desired constraints. The primary goal of data structure repair is to transform an erroneous state into an acceptable state. Therefore, the mutations performed by repair actions provide a basis of debugging faults in code (assuming the errors are due to bugs). A key challenge to embodying this insight into a mechanical technique arises due to the difference in the concrete level of the program states and the abstract level of the program code: repair actions apply to concrete data structures that exist at runtime, whereas debugging applies to code. We observe that static structures (program variables) hold handles to dynamic structures (heap-allocated data), which allows bridging the gap between the abstract and concrete levels. We envision a tool-chain where a data structure repair tool generates repair logs that are used by a fault localization tool and a repair abstraction tool that apply in synergy to not only identify the location of fault(s) in code but also to synthesize debugging suggestions. An embodiment of our vision can significantly reduce the cost of developing reliable software. I. I NTRODUCTION Debugging faults in code is tedious and can itself be error- prone. Using a traditional debugging environment, a pro- grammer has to manually trace the execution of the program. On finding a corrupted program state the programmer has to make assumptions about fault location(s) and create possible fix(es). This can be quite time-intensive; moreover the fix may introduce some new bugs. Sometimes it is hard to trace the root fault as the fault may seem to propagate from one place to another. A variety of tools and techniques have been developed that help localizing bugs in programs [1]– [3]. Sometimes localizing bugs and fixing code manually can create more bugs or different types of bugs that might not have been present earlier. We envision a constraint-based technique for automated repair of buggy programs that eases the burden of debugging by suggesting likely fixes to faulty code. Our technique first uses the buggy program to generate corrupt program states, next it repairs these states by invoking an off-the- shelf data structure repair tool, and then it abstracts the repair actions and synthesizes code that represents a likely fix. To gain confidence in the correctness of the suggested program repair, our technique supports scope-bounded testing, for example, using the Korat [4] test generation framework. A variety of tools [5], [6] have recently been developed to repair structurally complex data that do not satisfy the desired structural integrity constraints at run-time. Conven- tional use of these tools has been to enable continued exe- cution of programs in case of otherwise fatal data structure corruption. One such tool is Juzi [7]–[10]. To fix corrupt data structures, Juzi generates and applies repair actions that represent mutations to the structures so that the transformed structures satisfy the desired constraints. We envision a non-conventional use of data structure repair in this paper, namely for automated debugging through a transformation of concrete repair actions into source code which represents a likely bug fix. The primary contribution of this paper is three-fold [11]: (1) to introduce the idea of using data structure repair as a basis of automated debugging, (2) to make a case using an illustrative example for the feasibility of developing a mechanical technique that embodies our idea; and (3) to il- lustrate fault scenarios that an effective automated debugging technique must handle. While there is a large body of research on automated debugging and fault localization, e.g., using delta debug- ging [3] and statistical debugging [12], to the best of our knowledge, our work [11] is the first to propose data structure repair for repairing faulty code and generating debugging suggestions for complex data structures. In the following section we provide background on Juzi framework and its search; following that we demonstrate the likely usefulness and potential usage of our technique on an example. II. BACKGROUND:J UZI Juzi is an automated framework for on-the-fly repair of data structures [7]–[10]. Given a corrupt data structure, as well as a repOk method that describes the structural integrity constraints, Juzi systematically mutates the fields of the corrupt data structure so that it satisfies the given constraints. In addition to repairing the given structure, Juzi reports the repair actions it performed on the corrupt structure in a log-file that holds a sequence of tuples 〈o, f, o ′ 〉, i.e., an assignment to field f of object o the value o ′ —each tuple represents a repair action.