Efficient static analysis with path pruning using coverage data
WODA '05 Proceedings of the third international workshop on Dynamic analysis
Large-scale analysis of format string vulnerabilities in Debian Linux
Proceedings of the 2007 workshop on Programming languages and analysis for security
Statistical debugging using compound boolean predicates
Proceedings of the 2007 international symposium on Software testing and analysis
San Fermín: aggregating large data sets using a binomial swap forest
NSDI'08 Proceedings of the 5th USENIX Symposium on Networked Systems Design and Implementation
Dynamic inference of likely data preconditions over predicates by tree learning
ISSTA '08 Proceedings of the 2008 international symposium on Software testing and analysis
A Learning Approach to Early Bug Prediction in Deployed Software
AIMSA '08 Proceedings of the 13th international conference on Artificial Intelligence: Methodology, Systems, and Applications
Darwin: an approach for debugging evolving programs
Proceedings of the the 7th joint meeting of the European software engineering conference and the ACM SIGSOFT symposium on The foundations of software engineering
Finding concurrency bugs with context-aware communication graphs
Proceedings of the 42nd Annual IEEE/ACM International Symposium on Microarchitecture
PACER: proportional detection of data races
PLDI '10 Proceedings of the 2010 ACM SIGPLAN conference on Programming language design and implementation
Monitoring, analysis, and testing of deployed software
Proceedings of the FSE/SDP workshop on Future of software engineering research
ICICA'10 Proceedings of the First international conference on Information computing and applications
Camouflage: automated anonymization of field data
Proceedings of the 33rd International Conference on Software Engineering
A model for spectra-based software diagnosis
ACM Transactions on Software Engineering and Methodology (TOSEM)
Italian for beginners: the next steps for SLO-based management
HotStorage'11 Proceedings of the 3rd USENIX conference on Hot topics in storage and file systems
Software fault localization via mining execution graphs
ICCSA'11 Proceedings of the 2011 international conference on Computational science and its applications - Volume Part II
Statistical debugging using a hierarchical model of correlated predicates
AICI'11 Proceedings of the Third international conference on Artificial intelligence and computational intelligence - Volume Part I
Post-silicon bug diagnosis with inconsistent executions
Proceedings of the International Conference on Computer-Aided Design
The potential of sampling for dynamic analysis
Proceedings of the ACM SIGPLAN 6th Workshop on Programming Languages and Analysis for Security
Modeling the parallel execution of black-box services
HotCloud'11 Proceedings of the 3rd USENIX conference on Hot topics in cloud computing
Path optimization in programs and its application to debugging
ESOP'06 Proceedings of the 15th European conference on Programming Languages and Systems
Effective software fault localization by statistically testing the program behavior model
ICICA'11 Proceedings of the Second international conference on Information Computing and Applications
DARWIN: An approach to debugging evolving programs
ACM Transactions on Software Engineering and Methodology (TOSEM)
BugRedux: reproducing field failures for in-house debugging
Proceedings of the 34th International Conference on Software Engineering
Socio-PLT: principles for programming language adoption
Proceedings of the ACM international symposium on New ideas, new paradigms, and reflections on programming and software
Applying enhanced fault localization technology to Monte Carlo simulations
Proceedings of the Winter Simulation Conference
Exploring program phases for statistical bug localization
Proceedings of the 11th ACM SIGPLAN-SIGSOFT Workshop on Program Analysis for Software Tools and Engineering
Machine learning-based anomaly detection for post-silicon bug diagnosis
Proceedings of the Conference on Design, Automation and Test in Europe
A theoretical analysis of the risk evaluation formulas for spectrum-based fault localization
ACM Transactions on Software Engineering and Methodology (TOSEM) - Testing, debugging, and error handling, formal methods, lifecycle concerns, evolution and maintenance
| Hi-index | 0.00 |
Debugging does not end with deployment. Static analysis, in-house testing, and good software engineering practices can catch or prevent many problems before software is distributed. Yet mainstream commercial software still ships with both known and unknown bugs. Real software still fails in the hands of real users. The need remains to identify and repair bugs that are only discovered, or whose importance is only revealed, after the software is released. Unfortunately we know almost nothing about how software behaves (and misbehaves) in the hands of end users. Traditional post-deployment feedback mechanisms, such as technical support phone calls or hand-composed bug reports, are informal, inconsistent, and highly dependent on manual, human intervention. This approach clouds the view, preventing engineers from seeing a complete and truly representative picture of how and why problems occur. This dissertation proposes a system to support debugging based on feedback from actual users. Cooperative Bug Isolation (CBI) leverages the key strength of user communities: their overwhelming numbers. We propose a low-overhead instrumentation strategy for gathering information from the executions experienced by large numbers of software end users. Our approach limits overhead using sparse random sampling rather than complete data collection, while simultaneously ensuring that the observed data is an unbiased, representative subset of the complete program behavior across all runs. We discuss a number of specific instrumentation schemes that may be coupled with the general sampling transformation to produce feedback data that we have found to be useful for isolating the causes of a wide variety of bugs. Collecting feedback from real code, especially real buggy code, is a nontrivial exercise. This dissertation presents our approach to a number of practical challenges that arise in building a complete, working CBI system. We discuss how the general sampling transformation scheme can be extended to deal with native compilers, libraries, dynamically loaded code, threads, and other features of modern software. We address questions of privacy and security as well as related issues of user interaction and informed user consent. This design and engineering investment has allowed us to begin an actual public deployment of a CBI system, initial results from which we report here. Of course, feedback data is only as useful as the sense we can make of it. When data is fair but very sparse, the noise level is high and traditional manual debugging techniques insufficient. This dissertation presents a suite of new algorithms for statistical debugging: finding and fixing software errors based on statistical analysis of sparse feedback data. The techniques vary in complexity and sophistication, from simple process of elimination strategies to regression techniques that build models of suspect program behaviors as failure predictors. Our most advanced technique combines a number of general and domain-specific statistical filtering and ranking techniques to separate the effects of different bugs and identify predictors that are associated with individual bugs. These predictors reveal both the circumstances under which bugs occur and the frequencies of failure modes, making it easier to prioritize debugging efforts. Our algorithm is validated using several case studies. These case studies include examples in which the algorithm found previously unknown, significant crashing bugs in widely used systems.