ten years of
play

Ten Years of Implementation and Experience Kirk Glerum , Kinshuman - PowerPoint PPT Presentation

Oct 31, 2023 •424 likes •696 views

Debugging in the (Very) Large: Ten Years of Implementation and Experience Kirk Glerum , Kinshuman Kinshumann , Steve Greenberg , Gabriel Aul , Vince Orgovan , Greg Nichols , David Grant , Gretchen Loihle , and Galen Hunt Microsoft Corporation

  1. Debugging in the (Very) Large: Ten Years of Implementation and Experience Kirk Glerum , Kinshuman Kinshumann , Steve Greenberg , Gabriel Aul , Vince Orgovan , Greg Nichols , David Grant , Gretchen Loihle , and Galen Hunt Microsoft Corporation http://winqual.microsoft.com 1

  2. A Revelation • Software has bugs. • Even shipping software. • Even Microsoft’s shipping software. • Oh, and so does hardware (but we’ll come back to that point later...) 2

  3. Two Definitions • Bug: a flaw in program logic #define MYVAR *(int*)random() ... MYVAR = 5; • Error: a failure in execution caused by a bug – Run it 5,000 times, you’ll get ~ 5000 errors.  One bug may cause many errors. 3

  4. The Challenge • Microsoft ships software to 1 billion users, – How do we find out when things go wrong? • We want to – fix bugs regardless of source • application or OS • software, hardware, or malware – prioritize bugs that affect the most users – generalize the solution to be used by any programmer 4

  5. Reported Bugs Error Reporting Trigger Kernel Crashes Crash dump found in page file on boot. Application Crashes Unhandled process exception. Application Hangs Failure to process user input for 5 seconds. Service Hangs Service thread times out. Installation Failures OS or application installation fails. App. Compat. Issues Program calls deprecated API. Custom Errors Program calls WER APIs to report error. UI Delays Timer assert takes longer than expected. Invariant Violations Ship assert in code fails. 5

  6. Windows Error Reporting (WER) 6

  7. WER by the Numbers billions Error reports collected per year (App,OS,HW) 1 billion Clients 100 million Reports /day processing capacity* 17 million Programs with error reports in WER many 1000s Bugs fixed over 700 Companies using WER 200 TB of Storage 60 Servers 10 Years of use 2 Servers to record every error received 1 # of programmers needed to access WER data 7

  8. Outline  Introduction  How do we process billions of error reports?  Experiences fixing bugs from  Software  Hardware  Malware  Conclusion 8

  9. Debugging in the Small… 9

  10. In the Large without WER… Support technician tries to diagnose error Technicians User calls reports “top technical ten” issues to support programmers 10

  11. The Human Bottleneck • Can’t hire enough technicians • Data is inaccurate • Hard to get additional data • No “global” baseline • Useless for heisenbugs • Need to remove humans 11

  12. Goal: Fix the Data Collection Problem • Allow one service to record – every error (application, OS, and hardware) – on every Windows system – worldwide . • Corollary:  That which we can measure, we can fix… 12

  13. An Outlook Plug-in Example plugin.dll: #define MYVAR *(int*)random() ... void foo(int i, int j) { if (i & 1) memcpy(&MYVAR, j, 4); else... } 13

  14. Debugging in the Large with WER… Minidump !analyze 5 17 23,450,649 14

  15. !analyze • Engine for WER bucketing heuristics • Extension to the Debugging Tools for Windows – input is a minidump, output is bucket ID – runs on WER servers (and programmers desktops) – http://www.microsoft.com/whdc/devtools • 500 heuristics – grows ~ 1 heuristic/week 15

  16. To Recap and Elaborate… • What I told you: – client automatically collects a minidump – sends minidump to servers – !analyze buckets the error with similar reports – increments the bucket count – programmers prioritize buckets with highest count • Actually… – only upload first few hits on a bucket, others just inc. – programmers request additional data as needed 16

  17. 2-Phase Bucketing Strategy • Labeling (on client): bucketed by failure point outlook.exe,plugin.dll,v1.0.2305,0x23f5 {program name},{binary},{version},{pc offset} • Classifying (on servers): re-bucketed toward root cause by !analyze – consolidate version and replace offset with symbol outlook.exe,plugin.dll, memcpy – find caller of memcpy (because it isn’t buggy) outlook.exe,plugin.dll, foo – etc. • Paper contains much more detail on bucketing… 17

  18. Bucketing Mostly Works • One bug can hit multiple buckets – up to 40% of error reports memcpy(&MYVAR, j, 4); • one bucket when &MYVAR isn’t mapped • many others when &MYVAR is in a data section – extra server load – duplicate buckets must be hand triaged • Multiple bugs can hit one bucket – up to 4% of error reports – harder to isolate each bug  Solution: scale is our friend 18

  19. Outline  Introduction  How do you process billions of error reports?  Experiences fixing  Software  Hardware  Malware  Conclusion 19

  20. Top 20 Buckets for MS Word 2010 100% 3-week internal Relative hit count deployment 75% to 9,000 users. CDF 50% 25% 0% 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 Bucket #:  Just 20 buckets account for 50% of all errors  Fixing a small # of bugs will help many users 20

  21. Fixing bugs in software • First use found >= 5-year old heisenbugs in Windows • Windows Vista team fixed 5,000 bugs in beta • Anti-Virus vendor fixed top 20 buckets and dropped from 7.6% to 3.6% of all kernel crashes • Office 2010 team fixed 22% of reports in 3 weeks • And you can fix yours… 21

  22. Hardware: Processor Bug 100% Reports as % of Peak 80% 60% 40% 20% 0% Day #: -9 -6 -3 0 3 6 9 12 15 18  WER helped fix hardware error  Manufacturer could have caught this earlier w/ WER 22

  23. Other Hardware Bugs - SMBIOS - memory overrun in resume-from-sleep - Motherboard USB controller - only implemented 31 of 32 DMA address bits - Lots of information about failures due to - overclocking - hard disk controller resets - substandard memory 23

  24. Renos Malware 1,200,000 Reports per Day 1,000,000 800,000 600,000 400,000 200,000 0 10-Feb-07 24-Feb-07 10-Mar-07  Early detection w/o user action (renos, blaster, slammer, etc.)  WER scales to handle global events 24

  25. Other Things in the Paper • Bucketing details (Sec. 3) • Statistics-based debugging (Sec. 4) • Progressive data collection (Secs. 2.2 & 5.4) • Service implementation (Sec. 5) • WER experiences (Sec. 6) • OS Changes (Sec. 7) • Related work (Sec. 8) 25

  26. Conclusion • Windows Error Reporting (WER) – the first post-mortem reporting system with automatic diagnosis – the largest client-server system in the world (by installs) – helped 700 companies fix 1000s of bugs and billions of errors – fundamentally changed SW development at MS “WER forced us to stop making *things+ up.” • WER works because bucketing mostly works. http://winqual.microsoft.com 26

Recommend

D r o u g h 33.6 -45.5 33.6 -45.5 11 years 5.4 years 11 years 5.4 years years t

D r o u g h 33.6 -45.5 33.6 -45.5 11 years 5.4 years 11 years 5.4 years years t

D r o u g h 33.6 -45.5 33.6 -45.5 11 years 5.4 years 11 years 5.4 years years t years Figure 2. Precipitation anomalies during 11 years of the dust bowl (1930-1940) Station Set-up Montana Mesonet January 2018 4 36 ranchers

533 views • 36 slides
CLASS OF 2021 Four years of English Three years of social studies Three years of

CLASS OF 2021 Four years of English Three years of social studies Three years of

CLASS OF 2021 Four years of English Three years of social studies Three years of science Three years of mathematics Two years of a world language Four years of physical education Five credits of visual/performing arts

1.04k views • 72 slides
CLASS OF 2023 Four years of English Three years of social studies Three years of

CLASS OF 2023 Four years of English Three years of social studies Three years of

CLASS OF 2023 Four years of English Three years of social studies Three years of science Three years of mathematics Two years of a world language Four years of physical education Five credits of visual/performing arts

915 views • 67 slides
CLASS OF 2020 Four years of English Three years of social studies Three years of

CLASS OF 2020 Four years of English Three years of social studies Three years of

CLASS OF 2020 Four years of English Three years of social studies Three years of science Three years of mathematics Two years of a world language Four years of physical education Five credits of visual/performing arts

1.25k views • 88 slides
Who Cares About the Impact on Performance Memory Hierarchy? Suppose a processor executes at

Who Cares About the Impact on Performance Memory Hierarchy? Suppose a processor executes at

8/20/08 Technology Trends Computer System Architecture Capacity Speed (latency) Logic: 2x in 3 years 2x in 3 years DRAM: 4x in 3 years 2x in 10 years Memory Part I Disk: 4x in 3 years 2x in 10 years DRAM Chalermek

290 views • 5 slides
Nature Education Kickoff 2018 Years of Service Recognition Heidi Brown 10 years Lois Peterson 10

Nature Education Kickoff 2018 Years of Service Recognition Heidi Brown 10 years Lois Peterson 10

Nature Education Kickoff 2018 Years of Service Recognition Heidi Brown 10 years Lois Peterson 10 years Tom Taber 10 years Gary Keeth 15 years Betty Murray 15 years Bob Walker 15 years Jackie James 25 years Carol Matthews 25 years Program

396 views • 22 slides
Who Am I 10 years factory planing 4 years live sience 3 years research assistent 12

Who Am I 10 years factory planing 4 years live sience 3 years research assistent 12

Now You Got a Search Engine MICES 14. June 2017 Peter Rieger Who Am I 10 years factory planing 4 years live sience 3 years research assistent 12 years search Dropped 3 courses of study Freelancer for 12 years CEO for 8 years

487 views • 20 slides
2 Years of Real World FP at REA @KenScambler Scala Developer at Me 14 years 5 years 5 years

2 Years of Real World FP at REA @KenScambler Scala Developer at Me 14 years 5 years 5 years

2 Years of Real World FP at REA @KenScambler Scala Developer at Me 14 years 5 years 5 years when possible when bored when forced - 3 teams @ - 17 codebases - 43K LOC Jul 13 Jan 14 Jul 14 Jan 15 Why Functional Programming?

1.95k views • 160 slides
ALL ABOUT ME JULIE EDWARDS 25 years in Marketing/PR 8 years in NPO Management 4 years

ALL ABOUT ME JULIE EDWARDS 25 years in Marketing/PR 8 years in NPO Management 4 years

ALL ABOUT ME JULIE EDWARDS 25 years in Marketing/PR 8 years in NPO Management 4 years as Executive Director Mom to rescues Roxie & Charlie Vegetarian home chef Lover of naps, folk art and happy hours Show

132 views • 11 slides
Floral Design Committee Kickoff 2018 Years of Service Recognition Irene Kane - 10 years Joan

Floral Design Committee Kickoff 2018 Years of Service Recognition Irene Kane - 10 years Joan

Floral Design Committee Kickoff 2018 Years of Service Recognition Irene Kane - 10 years Joan Upton -10 years Michelle Bosschart -16 years Debbie Kundrat - 20 years Georgine Premo - 20 years Marian Vanden Bosch - 20 years Meeting Agenda 1)

112 views • 10 slides
Migrate Python from 2.X to 3.X WHO AM I? C++ & PYTHON DEVELOPER 6,5 years in 20,5 years in

Migrate Python from 2.X to 3.X WHO AM I? C++ & PYTHON DEVELOPER 6,5 years in 20,5 years in

Migrate Python from 2.X to 3.X WHO AM I? C++ & PYTHON DEVELOPER 6,5 years in 20,5 years in CAD&Numeric C++ simulations PHILIPPE BOULANGER 3 years in 19,5 years in embedded Python programming 11,5 years in finance

879 views • 51 slides
www.agilegurgaon.com Who am I? 1. 20+ years of experience , 18+ in IT and 2 years in

www.agilegurgaon.com Who am I? 1. 20+ years of experience , 18+ in IT and 2 years in

www.agilegurgaon.com Who am I? 1. 20+ years of experience , 18+ in IT and 2 years in manufacturing 2. 6 years of experience in Agile Transformation 3. Clients worked - HP Product Division, Symantec, SKF, Healthways and Philips 4. Currently

643 views • 21 slides
Art Committee Kickoff 2018 Years of Service Recognition Debra Symons - 10 years Pathamar Park -

Art Committee Kickoff 2018 Years of Service Recognition Debra Symons - 10 years Pathamar Park -

Art Committee Kickoff 2018 Years of Service Recognition Debra Symons - 10 years Pathamar Park - 11 years Elizabeth Holman - 15 years Marian Vanden Bosch - 20 years Lillian Balliet - 39 years Meeting Agenda 1) Jane Fernald & Judy Webster,

303 views • 12 slides
Hounslow Highways Hounslow Highways 25 years and beyond First 5 Years 25 years and beyond

Hounslow Highways Hounslow Highways 25 years and beyond First 5 Years 25 years and beyond

Hounslow Highways Hounslow Highways 25 years and beyond First 5 Years 25 years and beyond www.hounslowhighways.org Hounslow PFI Update July 2017 INTRODUCTION What is included in the PFI? Core Investment Period Progress

456 views • 22 slides
BUILDING ON LIBBITCOIN L I S B O N 2 0 1 8 Libbitcoin Developer (5 years) E R I C VO S K U

BUILDING ON LIBBITCOIN L I S B O N 2 0 1 8 Libbitcoin Developer (5 years) E R I C VO S K U

BUILDING ON LIBBITCOIN L I S B O N 2 0 1 8 Libbitcoin Developer (5 years) E R I C VO S K U I L Entrepreneur (20 years) eric@voskuil.org Investor/Advisor (12 years) https://github.com/evoskuil Microsoft Architect (3 years)

479 views • 17 slides
Years Down Years To Go A WALK A W A L K A R O U N D Q U E E N AROUND E L I Z

Years Down Years To Go A WALK A W A L K A R O U N D Q U E E N AROUND E L I Z

Years Down Years To Go A WALK A W A L K A R O U N D Q U E E N AROUND E L I Z A B E T H O L Y M P I C P A R K QUEEN ELIZABETH OLYMPIC PARK LEYTON Clapton Park Forest Gate Homerton Maryland HA HACK HA

424 views • 15 slides
A Community Where You Belong Laying The Foundation For The Next 100 Years Our First 100 Years

A Community Where You Belong Laying The Foundation For The Next 100 Years Our First 100 Years

A Community Where You Belong Laying The Foundation For The Next 100 Years Our First 100 Years The Indiana Masonic Home was established to care for widows and orphaned children of Masons in 1915. Through the years, the community grew and demand

402 views • 25 slides
Page 1 Example: Branch Stall Impact Example: Calculating CPI bottom up Run benchmark and collect

Page 1 Example: Branch Stall Impact Example: Calculating CPI bottom up Run benchmark and collect

Review, #1 CS252 Technology is changing rapidly: Graduate Computer Architecture Capacity Speed Lecture 2 Logic 2x in 3 years 2x in 3 years DRAM 4x in 3 years 2x in 10 years Review of Instruction Sets, Pipelines, and Disk 4x

496 views • 13 slides
WELCOME CLASS OF 2024 8 TH GRADE OPEN HOUSE MINIMUM GRADUATION REQUIREMENTS Four years of

WELCOME CLASS OF 2024 8 TH GRADE OPEN HOUSE MINIMUM GRADUATION REQUIREMENTS Four years of

WELCOME CLASS OF 2024 8 TH GRADE OPEN HOUSE MINIMUM GRADUATION REQUIREMENTS Four years of English Three years of social studies Three years of science Three years of mathematics Two years of a world language Four years of

869 views • 66 slides
Jacobs Life: In Egypt 17 Years In Assyria (Laban) 20 Years In Canaan 110 Years Life

Jacobs Life: In Egypt 17 Years In Assyria (Laban) 20 Years In Canaan 110 Years Life

And Jacob lived in the land of Egypt seventeen years. So the length of Jacobs life was one hundred and forty-seven years. Gen 47:28 Jacobs Life: In Egypt 17 Years In Assyria (Laban) 20 Years In Canaan 110 Years Life of

350 views • 34 slides
Training in the UK All trainees now have 5-6 years undergraduate; 2 years postgraduate prior

Training in the UK All trainees now have 5-6 years undergraduate; 2 years postgraduate prior

3/7/2015 Training in the UK All trainees now have 5-6 years undergraduate; 2 years postgraduate prior to full registration Surgical training then 6-8 years (+/- 1-3 years Training and practice of breast MD/PhD research) surgery:

275 views • 6 slides
F ROM THE C ARTEL TO A F IRST -T IME U SER The Challenges of Drug Prosecution in an Opioid

F ROM THE C ARTEL TO A F IRST -T IME U SER The Challenges of Drug Prosecution in an Opioid

F ROM THE C ARTEL TO A F IRST -T IME U SER The Challenges of Drug Prosecution in an Opioid Epidemic INDIANA CRIMINAL CODE - 2014 LEVEL MINIMUM ADVISORY MAXIMUM Murder 45 years 55 years 65 years Level 1 20 years 30 years 40 years

841 views • 55 slides
Data Clustering: Data Clustering: 50 Years Beyond K means 50 Years Beyond K means 50 Years

Data Clustering: Data Clustering: 50 Years Beyond K means 50 Years Beyond K means 50 Years

Data Clustering: Data Clustering: 50 Years Beyond K means 50 Years Beyond K means 50 Years Beyond K-means 50 Years Beyond K-means Anil K. Jain Department of Computer Science Michigan State University King-Sun Fu King-Sun Fu King-Sun

1.03k views • 39 slides
The Hundred Years War Target Describe the causes of the 100 years war, the advantages and

The Hundred Years War Target Describe the causes of the 100 years war, the advantages and

The Hundred Years War Target Describe the causes of the 100 years war, the advantages and disadvantages, and the 3 phases of the war. Long Term Causes English wanted to regain lost lands from the French Economic rivalry (Flanders

617 views • 16 slides

More recommend