1 / 15

CS590 Z Software Defect Analysis

CS590 Z Software Defect Analysis. Xiangyu Zhang. What is Software Defect Analysis. Given a software program, with or without inputs, identify and fix defects in the program.

wayde
Download Presentation

CS590 Z Software Defect Analysis

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CS590 Z Software Defect Analysis Xiangyu Zhang

  2. What is Software Defect Analysis • Given a software program, with or without inputs, identify and fix defects in the program. • All sorts of defects: crashes, incorrect output, unreasonable use of resource, deadlock, data race, buffer overflow vulnerabilities, information leak,… • Consists of techniques from : compilers, PL, program verification, hardware, OS, … • >> debugging.

  3. Requirements Design Programming Testing/Debugging Deployment

  4. Why Is Defect Analysis Important? • One of the most prominent challenges for IT. • Software bugs cost the U.S. economy about $59.5 billion each year (0.6% of the GDP)[NIST 02]. • Companies. • Security is becoming a necessity. • The worldwide economic loss caused by all forms of overt attacks is $226 billion. [CRS 03]. • Software defects make programming so painful. • Stories • The Role of Software in Spacecraft Accidents (http://sunnyday.mit.edu/papers/jsr.pdf)

  5. Make it happen Make it fast Make it reliable now 25 years ago 15 years ago Why? (continued) • Almost all areas are open to defect analysis • Software Engineering • covers all topics • conferences (FSE, ICSE, ASE, ISSTA, FASE, ICSM…) • Programming Languages • language design, language support, program analysis • conferences (PLDI, POPL, OOPSLA,…) • Computer Architecture • Architecture support for reliability • Conferences (ISCA, MICRO, ASPLOS,…) • OS, Security. • The unit price of a CPU cycle is becoming cheaper and cheaper.

  6. CS 590 Z • Get to know this area. • What are the topics? • How people solve problems? Some are inspiring. • Use program analysis to solve interesting problems. • Hands-on experience on designing and implementing program analysis. • Paper (PLDI submission(s))

  7. Course Organization • Take turns to discuss papers. • Every 2-3 meetings cover one topic; • Each person handles one topic; • One topic includes presenting related papers and leading discussion. • The discussion subject is distributed before the meeting. • Decide the projects within one month • Submission deadline is mid Nov. • Not a requirement to submit paper. • The term project is due at the end of the semester;

  8. Course Requirements • Presentations and discussions (40%) • Term Project (50%) • Attendance (10%) • Change of meeting times

  9. Topics users developers Failure oblivious

  10. Debugging users developers Model Checking dynamic static Failure oblivious Static Analysis Mining Code Base

  11. Topics users developers Model Checking dynamic static Failure oblivious single-threaded Static Analysis Mining Code Base multi-threaded Deterministic replay Data Race Atomicity Violation

  12. Debugging users developers Model Checking dynamic static Failure oblivious single-threaded Static Analysis Mining Code Base multiple executions multi-threaded single execution Statistical debug Deterministic replay Data Race Testing atomicity violation

  13. Topics users developers Model Checking dynamic static Failure oblivious single-threaded Static Analysis Mining Code Base multiple executions multi-threaded single execution Statistical debug Deterministic replay Data Race Testing atomicity violation Dynamic slicing Execution Reduction Advanced debugger

  14. Topics users developers Model Checking dynamic static Failure oblivious single-threaded Static Analysis Mining Code Base multiple executions multi-threaded single execution Statistical debug Deterministic replay Data Race atomicity violation Advanced debugger Exe. Reduction Dynamic slicing Not Covered: transient errors, performance bugs, …

  15. My Research Projects • Auto debugging • Input analysis • Execution reduction • Dynamically matching program versions • Failure classification • Expanding: • Auto program parallelization • Debugging for concurrent programs

More Related