Sampling User Executions for Bug Isolation

Slides:



Advertisements
Similar presentations
Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.
Advertisements

Building a Better Backtrace: Techniques for Postmortem Program Analysis Ben Liblit & Alex Aiken.
Building a Better Backtrace: Techniques for Postmortem Program Analysis Ben Liblit & Alex Aiken.
1 Bug Isolation via Remote Program Sampling Ben LiblitAlex Aiken Alice X. ZhengMichael Jordan Presented By : Arpita Gandhi.
Statistical Debugging Ben Liblit, University of Wisconsin–Madison.
Statistical Debugging Ben Liblit, University of Wisconsin–Madison.
Bug Isolation via Remote Program Sampling Ben Liblit, Alex Aiken, Alice X.Zheng, Michael I.Jordan Presented by: Xia Cheng.
(Quickly) Testing the Tester via Path Coverage Alex Groce Oregon State University (formerly NASA/JPL Laboratory for Reliable Software)
Bug Isolation in the Presence of Multiple Errors Ben Liblit, Mayur Naik, Alice X. Zheng, Alex Aiken, and Michael I. Jordan UC Berkeley and Stanford University.
PathExpander: Architectural Support for Increasing the Path Coverage of Dynamic Bug Detection S. Lu, P. Zhou, W. Liu, Y. Zhou, J. Torrellas University.
Reduce Instrumentation Predictors Using Random Forests Presented By Bin Zhao Department of Computer Science University of Maryland May
Bug Isolation via Remote Program Sampling Ben LiblitAlex Aiken Alice ZhengMike Jordan.
WuKong: Automatically Detecting and Localizing Bugs that Manifest at Large System Scales Bowen ZhouJonathan Too Milind KulkarniSaurabh Bagchi Purdue University.
Scalable Statistical Bug Isolation Ben Liblit, Mayur Naik, Alice Zheng, Alex Aiken, and Michael Jordan, 2005 University of Wisconsin, Stanford University,
Scalable Statistical Bug Isolation Ben Liblit, Mayur Naik, Alice Zheng, Alex Aiken, and Michael Jordan University of Wisconsin, Stanford University, and.
Testing Michael Ernst CSE 140 University of Washington.
Testing CSE 140 University of Washington 1. Testing Programming to analyze data is powerful It’s useless if the results are not correct Correctness is.
ELN5622 Embedded Systems Class 10 Spring, 2003 Aaron Itskovich
COMP 170 L2 L18: Random Variables: Independence and Variance Page 1.
Bug Localization with Machine Learning Techniques Wujie Zheng
School of Electrical Engineering and Computer Science University of Central Florida Anomaly-Based Bug Prediction, Isolation, and Validation: An Automated.
Scalable Statistical Bug Isolation Authors: B. Liblit, M. Naik, A.X. Zheng, A. Aiken, M. I. Jordan Presented by S. Li.
Testing and Debugging Version 1.0. All kinds of things can go wrong when you are developing a program. The compiler discovers syntax errors in your code.
1 Test Selection for Result Inspection via Mining Predicate Rules Wujie Zheng
Cooperative Concurrency Bug Isolation Guoliang Jin, Aditya Thakur, Ben Liblit, Shan Lu University of Wisconsin–Madison Instrumentation and Sampling Strategies.
“Isolating Failure Causes through Test Case Generation “ Jeremias Rößler Gordon Fraser Andreas Zeller Alessandro Orso Presented by John-Paul Ore.
Design - programming Cmpe 450 Fall Dynamic Analysis Software quality Design carefully from the start Simple and clean Fewer errors Finding errors.
Bug Isolation via Remote Sampling. Lemonade from Lemons Bugs manifest themselves every where in deployed systems. Each manifestation gives us the chance.
Testing CSE 160 University of Washington 1. Testing Programming to analyze data is powerful It’s useless (or worse!) if the results are not correct Correctness.
Aditya Thakur Rathijit Sen Ben Liblit Shan Lu University of Wisconsin–Madison Workshop on Dynamic Analysis 2009 Cooperative Crug Isolation.
Sampling Dynamic Dataflow Analyses Joseph L. Greathouse Advanced Computer Architecture Laboratory University of Michigan University of British Columbia.
Logistic Regression & Elastic Net
Statistical Debugging CS Motivation Bugs will escape in-house testing and analysis tools –Dynamic analysis (i.e. testing) is unsound –Static analysis.
Communications Range Analysis Simulation Set Up –Single Biological Threat placed in Soldier Field –Communication range varied from meters –Sensor.
Cooperative Bug Isolation CS Outline Something different today... Look at monitoring deployed code –Collecting information from actual user runs.
Automated Adaptive Bug Isolation using Dyninst Piramanayagam Arumuga Nainar, Prof. Ben Liblit University of Wisconsin-Madison.
Bugs CS100 how to prevent them, how to find them and how to terminate them.
Bug Isolation via Remote Program Sampling Ben LiblitAlex Aiken Alice X. ZhengMichael I. Jordan UC Berkeley.
Lecture 3 – MapReduce: Implementation CSE 490h – Introduction to Distributed Computing, Spring 2009 Except as otherwise noted, the content of this presentation.
An Array-Based Implementation of the ADT List
Spring 2017 Program Analysis and Verification
Software Testing.
YAHMD - Yet Another Heap Memory Debugger
Testing and Debugging.
Testing UW CSE 160 Winter 2017.
Software Testing.
Reasoning About Code.
Reasoning about code CSE 331 University of Washington.
CNIT 133 Interactive Web Pags – JavaScript and AJAX
Statistical Debugging
Testing UW CSE 160 Spring 2018.
Public Deployment of Cooperative Bug Isolation
4-2 Functions in C In C, the idea of top–down design is done using functions. A C program is made of one or more functions, one and only one of which.
Testing UW CSE 160 Winter 2016.
PSY 626: Bayesian Statistics for Psychological Science
CSC 143 Error Handling Kinds of errors: invalid input vs programming bugs How to handle: Bugs: use assert to trap during testing Bad data: should never.
Finding and Managing Bugs CSE 403 Lecture 23
Statistical Debugging
Chap. 7 Regularization for Deep Learning (7.8~7.12 )
3.13 Probability Concepts.
4-2 Functions in C In C, the idea of top–down design is done using functions. A C program is made of one or more functions, one and only one of which.
Ben Smith and Laurie Williams
EECE.2160 ECE Application Programming
Passing Arguments and The Big 5
CSE 1020:Software Development
Chapter 13 Conditional Repetition
Probability: What are the chances?
CS 261 – Data Structures AVL Trees.
Scaling By Ken Hodor 10/14/10.
Presentation transcript:

Sampling User Executions for Bug Isolation Ben Liblit Alex Aiken Alice Zheng Mike Jordan UC Berkeley

Motivation: Users Matter Imperfect world with imperfect software Ship with known bugs Users find new bugs Bug fixing is a matter of triage Important bugs happen often, to many users Can users help us find and fix bugs? Learn a little bit from each of many runs

Users as Debuggers Must not disturb individual users Sparse sampling: spread costs wide and thin Aggregated data may be huge Client-side reduction/summarization Will never have complete information Make wild guesses about bad behavior Look for broad trends across many runs

Fair Random Sampling Global countdown to next sample Geometric distribution Simulates many tosses of a biased coin “Fast path” when no sample is imminent Common case (Nearly) instrumentation free “Slow path” only when taking a sample

Sharing the Cost of Assertions What to sample: assert() statements Look for assertions which sometimes fail on bad runs, but always succeed on good runs Overhead in assertion-dense CCured code Unconditional: 55% average, 181% max 1/100 sampling: 17% average, 46% max 1/1000 sampling: 10% average, 26% max

Isolating a Deterministic Bug What to sample: Function return values Client-side reduction Triple of counters per call site: < 0, = 0, > 0 Look for values seen on some bad runs, but never on any good run Hunt for crashing bug in ccrypt-1.2 This is not the only thing one might want to sample for all deterministic bugs; it’s just the thing we used for this one experiment.

Winnowing Down the Culprits 1710 counters 3 × 570 call sites 1569 are zero on all runs 141 remain 139 are nonzero on some successful run Not much left! file_exists() > 0 xreadline() == 0 This is all using a sampling rate of 1/1000.

Isolating a Non-Deterministic Bug What to sample: Guessed ordering predicates among scalar vars Client-side reduction to counters Model crashes via regularized logistic regression Large coefficient  highly predictive of crash Hunt for intermittent crash in bc-1.06 30,150 candidate predicates on 8910 lines of code 2729 training runs on random input This is not the only thing one might want to sample for all non-deterministic bugs; it’s just the thing we used for this one experiment.

Top-Ranked Predictors void more_arrays () { … /* Copy the old arrays. */ for (indx = 1; indx < old_count; indx++) arrays[indx] = old_ary[indx]; /* Initialize the new elements. */ for (; indx < v_count; indx++) arrays[indx] = NULL; } #1: indx > scale #2: indx > use_math #3: indx > opterr #4: indx > next_func #5: indx > i_base #1: indx > scale #1: indx > scale #2: indx > use_math This is all using a sampling rate of 1/1000.

Bug Found: Buffer Overrun void more_arrays () { … /* Copy the old arrays. */ for (indx = 1; indx < old_count; indx++) arrays[indx] = old_ary[indx]; /* Initialize the new elements. */ for (; indx < v_count; indx++) arrays[indx] = NULL; }

Conclusions Implicit bug triage Learn the most, most quickly, about the bugs that happen most often Variability is a benefit rather than a problem There is strength in numbers many users + statistical modeling = find bugs while you sleep!

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.