Efficient specification-assisted error localization

We present a new error localization tool, Archie, that accepts a specification of key data structure consistency constraints, then generates an algorithm that checks if the data structures satisfy the constraints. We also present a set of specification analyses and optimizations that (for our benchmark software system) significantly improve the performance of the generated checking algorithm, enabling Archie to efficiently support interactive debugging. We evaluate Archie’s effectiveness by observing the actions of two developer populations (one using Archie, the other using standard error localization techniques) as they attempted to localize and correct three data structure corruption errors in a benchmark software system. With Archie, the developers were able to localize each error in less than 10 minutes and correct each error in (usually much) less than 20 minutes. Without Archie, the developers were, with one exception, unable to locate each error after more than an hour of effort.

[1]  Shriram Krishnamurthi,et al.  Automated Fault Localization Using Potential Invariants 1 , 2003 .

[2]  Ambuj K. Singh,et al.  Query-based debugging of object-oriented programs , 1997, OOPSLA '97.

[3]  Sorin Lerner Path-Sensitive Program Veri cation in Polynomial Time , 2002 .

[4]  Sorin Lerner,et al.  ESP: path-sensitive program verification in polynomial time , 2002, PLDI '02.

[5]  Jong-Deok Choi,et al.  Efficient and precise datarace detection for multithreaded object-oriented programs , 2002, PLDI '02.

[6]  A. Zeller Isolating cause-effect chains from computer programs , 2002, SIGSOFT '02/FSE-10.

[7]  Sarfraz Khurshid,et al.  Korat: automated testing based on Java predicates , 2002, ISSTA '02.

[8]  Albert L. Baker,et al.  Preliminary design of JML: a behavioral interface specification language for java , 2006, SOEN.

[9]  Shriram Krishnamurthi,et al.  Automated Fault Localization Using Potential Invariants , 2003, ArXiv.

[10]  Bil Lewis,et al.  Debugging Backwards in Time , 2003, ArXiv.

[11]  Beverly D. Sanford,et al.  CENTER/TRACON AUTOMATION SYSTEM: DEVELOPMENT AND EVALUATION IN THE FIELD , 1993 .

[12]  Sarfraz Khurshid,et al.  TestEra: a novel framework for automated testing of Java programs , 2001, Proceedings 16th Annual International Conference on Automated Software Engineering (ASE 2001).

[13]  Martin C. Rinard,et al.  Automatic detection and repair of errors in data structures , 2003, OOPSLA '03.

[14]  Martin C. Rinard,et al.  Role-based exploration of object-oriented programs , 2002, ICSE '02.

[15]  Bertrand Meyer,et al.  Eiffel: The Language , 1991 .

[16]  Michael Burrows,et al.  Eraser: a dynamic data race detector for multithreaded programs , 1997, TOCS.

[17]  Sriram Sankar,et al.  Specifying and Testing Software Components using ADL , 1994 .

[18]  Dawson R. Engler,et al.  A system and language for building system-specific, static analyses , 2002, PLDI '02.

[19]  Mireille Ducassé,et al.  Coca: an automated debugger for C , 1999, Proceedings of the 1999 International Conference on Software Engineering (IEEE Cat. No.99CB37002).

[20]  William G. Griswold,et al.  Dynamically discovering likely program invariants to support program evolution , 1999, Proceedings of the 1999 International Conference on Software Engineering (IEEE Cat. No.99CB37002).

[21]  Dawson R. Engler,et al.  RacerX: effective, static detection of race conditions and deadlocks , 2003, SOSP '03.

[22]  Sriram K. Rajamani,et al.  Automatically validating temporal safety properties of interfaces , 2001, SPIN '01.

[23]  Sudheendra Hangal,et al.  Tracking down software bugs using automatic anomaly detection , 2002, ICSE '02.

[24]  Barbara Liskov,et al.  Program Development in Java - Abstraction, Specification, and Object-Oriented Design , 1986 .

[25]  Daniel Jackson,et al.  Alloy: a lightweight object modelling notation , 2002, TSEM.