skip to main content
10.1145/1595696.1595704acmconferencesArticle/Chapter ViewAbstractPublication PagesfseConference Proceedingsconference-collections
research-article

Darwin: an approach for debugging evolving programs

Published: 24 August 2009 Publication History

Abstract

Debugging refers to the laborious process of finding causes of program failures. Often, such failures are introduced when a program undergoes changes and evolves from a stable version to a new, modified version. In this paper, we propose an automated approach for debugging evolving programs. Given two programs (a reference, stable program and a new, modified program) and an input that fails on the modified program, our approach uses concrete as well as symbolic execution to synthesize new inputs that differ marginally from the failing input in their control flow behavior. A comparison of the execution traces of the failing input and the new inputs provides critical clues to the root-cause of the failure. A notable feature of our approach is that it handles hard-to-explain bugs like code missing errors by pointing to the relevant code in the reference program. We have implemented our approach in a tool called DARWIN. We have conducted experiments with several real-life case studies, including real-world web servers and the libPNG library for manipulating PNG images. Our experience from these experiments points to the efficacy of DARWIN in pinpointing bugs. Moreover, while localizing a given observable error, the new inputs synthesized by DARWIN can reveal other undiscovered errors.

References

[1]
Apache webserver. http://httpd.apache.org/.
[2]
libPNG library. http://www.libpng.org.
[3]
Miniweb webserver. http://miniweb.sourceforge.net/.
[4]
QEMU emulator. http://www.qemu.org.
[5]
Savant webserver. http://savant.sourceforge.net/info.html.
[6]
T. Apiwattanapong, A. Orso, and M. Harrold. A differencing algorithm for object-oriented programs. In ASE, 2004.
[7]
T. Ball, M. Naik, and S. Rajamani. From symptom to cause: Localizing errors in counterexample traces. In POPL, 2003.
[8]
D. Brumley, J. Caballero, Z. Liang, J. Newsome, and D. Song. Towards automatic discovery of deviations in binary implementations with applications to error detection and fingerprint generation. In USENIX Security Conf., 2007.
[9]
K.-M. Chao, R. Hardison, and W. Miller. Recent developments in linear space alignment methods: A survey. Journal of Computational Biology, 1, 1994.
[10]
Y. Chen, D. Rosenblum, and K. Vo. Testtube: a system for selective regression testing. In ICSE, 1994.
[11]
C. Csallner and Y. Smaragdakis. DSD-Crasher: a hybrid analysis tool for bug finding. In ISSTA, 2006.
[12]
L. de Moura and N. Bjorner. Z3: An efficient SMT solver. In TACAS, 2008.
[13]
H. Do, S. G. Elbaum, and G. Rothermel. Supporting controlled experimentation with testing techniques: An infrastructure and its potential impact. Empirical Software Engineering, 2005. http://www.cse.unl.edu/~galileo/sir.
[14]
S. Elbaum, A. Malishevsky, and G. Rothermel. Prioritizing test cases for regression testing. In ISSTA, 2000.
[15]
V. Ganesh and D. Dill. A decision procedure for bit-vectors and arrays. In CAV, 2007.
[16]
O. Giroux and M. Robillard. Detecting increases in feature coupling using regression tests. In FSE, 2006.
[17]
L. Guo, A. Roychoudhury, and T.Wang. Accurately choosing execution runs for software fault localization. In CC, 2006.
[18]
S. Horowitz. Identifying the semantic and textual differences between two versions of a program. In PLDI, 1990.
[19]
D. Hovemeyer and W. Pugh. Finding bugs is easy. In OOPSLA Onward!, 2004.
[20]
B. Liblit. Cooperative Bug Isolation. PhD thesis, UC Berkeley, 2005.
[21]
B. Liblit, M. Naik, A. Zheng, A. Aiken, and M. Jordan. Scalable statistical bug isolation. In PLDI, 2005.
[22]
X. Ren, F. Shah, F. Tip, B. Ryder, and O. Chesley. Chianti: a tool for change impact analysis of java programs. In OOPSLA, 2004.
[23]
M. Renieris and S. P. Reiss. Fault localization with nearest neighbor queries. In ASE, 2003.
[24]
G. Rothermel and M. J. Harrold. A safe efficient regression test selection technique. TOSEM, 6, 1997.
[25]
R. Santelices, P. Chittimalli, T. Apiwattanapong, A. Orso, and M. Harrold. Test-suite augmentation for evolving software. In ASE, 2008.
[26]
R. Seacord, D. Plakosh, and G. Lewis. Modernizing Legacy Systems: Software Technologies, Engineering Processes, and Business Practices. Addison-Wesley, 2003.
[27]
J. Sillito, G. Murphy, and K. De Volder. Questions programmers ask during software evolution tasks. In FSE, 2006.
[28]
D. Song et al. Bitblaze: A new approach to computer security via binary analysis. In ICISS (Keynote Invited Paper), 2008. http://bitblaze.cs.berkeley.edu.
[29]
M. Sridharan, S. Fink, and R. Bodik. Thin slicing. In PLDI, 2007.
[30]
A. Srivastava and J. Thiagarajan. Effectively prioritizing tests in a development environment. In ISSTA, 2002.
[31]
A. Zeller. Yesterday, my program worked. Today, it does not. Why? In ESEC/FSE, 1999.
[32]
A. Zeller. Isolating cause-effect chains from computer programs. In FSE, 2002.
[33]
A. Zeller and R. Hildebrandt. Simplifying and isolating failure-inducing input. IEEE Transactions on Software Engineering, 28:2002, 2002.
[34]
X. Zhang, N. Gupta, and R. Gupta. Pruning dynamic slices with confidence. In PLDI, 2006.
[35]
X. Zhang, S. Tallam, N. Gupta, and R. Gupta. Towards locating execution omission errors. In PLDI, 2007.

Cited By

View all
  • (2020)PatchScope: Memory Object Centric Patch DiffingProceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security10.1145/3372297.3423342(149-165)Online publication date: 30-Oct-2020
  • (2019)Responsibility Analysis by Abstract InterpretationStatic Analysis10.1007/978-3-030-32304-2_18(368-388)Online publication date: 8-Oct-2019
  • (2018)Break the dead end of dynamic slicing: localizing data and control omission bugProceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering10.1145/3238147.3238163(509-519)Online publication date: 3-Sep-2018
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
ESEC/FSE '09: Proceedings of the 7th joint meeting of the European software engineering conference and the ACM SIGSOFT symposium on The foundations of software engineering
August 2009
408 pages
ISBN:9781605580012
DOI:10.1145/1595696
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 24 August 2009

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. debugging
  2. software evolution
  3. symbolic execution

Qualifiers

  • Research-article

Conference

ESEC/FSE09
Sponsor:
ESEC/FSE09: Joint 12th European Software Engineering Conference
August 24 - 28, 2009
Amsterdam, The Netherlands

Acceptance Rates

ESEC/FSE '09 Paper Acceptance Rate 32 of 217 submissions, 15%;
Overall Acceptance Rate 112 of 543 submissions, 21%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)2
  • Downloads (Last 6 weeks)0
Reflects downloads up to 30 Jan 2025

Other Metrics

Citations

Cited By

View all
  • (2020)PatchScope: Memory Object Centric Patch DiffingProceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security10.1145/3372297.3423342(149-165)Online publication date: 30-Oct-2020
  • (2019)Responsibility Analysis by Abstract InterpretationStatic Analysis10.1007/978-3-030-32304-2_18(368-388)Online publication date: 8-Oct-2019
  • (2018)Break the dead end of dynamic slicing: localizing data and control omission bugProceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering10.1145/3238147.3238163(509-519)Online publication date: 3-Sep-2018
  • (2018)Debugging with intelligence via probabilistic inferenceProceedings of the 40th International Conference on Software Engineering10.1145/3180155.3180237(1171-1181)Online publication date: 27-May-2018
  • (2017)Feedback-based debuggingProceedings of the 39th International Conference on Software Engineering10.1109/ICSE.2017.43(393-403)Online publication date: 20-May-2017
  • (2015)A synergistic analysis method for explaining failed regression testsProceedings of the 37th International Conference on Software Engineering - Volume 110.5555/2818754.2818788(257-267)Online publication date: 16-May-2015
  • (2015)MultiSE: multi-path symbolic execution using value summariesProceedings of the 2015 10th Joint Meeting on Foundations of Software Engineering10.1145/2786805.2786830(842-853)Online publication date: 30-Aug-2015
  • (2015)Explaining Software Failures by Cascade Fault LocalizationACM Transactions on Design Automation of Electronic Systems10.1145/273803820:3(1-28)Online publication date: 24-Jun-2015
  • (2015)Software Change ContractsACM Transactions on Software Engineering and Methodology10.1145/272997324:3(1-43)Online publication date: 13-May-2015
  • (2015)A Synergistic Analysis Method for Explaining Failed Regression Tests2015 IEEE/ACM 37th IEEE International Conference on Software Engineering10.1109/ICSE.2015.46(257-267)Online publication date: May-2015
  • Show More Cited By

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media