DOCSLIB.ORG

CHESS: a Systematic Testing Tool for Concurrent Software

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
CHESS: a Systematic Testing Tool for Concurrent Software CHESS: A Systematic Testing Tool for Concurrent Software Madanlal Musuvathi Shaz Qadeer Microsoft Research Microsoft Research Thomas Ball Microsoft Research Technical Report MSR-TR-2007-149 Microsoft Research Microsoft Corporation One Microsoft Way Redmond, WA 98052 This page intentionally left blank. 1 CHESS: A Systematic Testing Tool for Concurrent Software Madanlal Musuvathi Shaz Qadeer Thomas Ball Microsoft Research Microsoft Research Microsoft Research Abstract der load. While stress testing does indirectly increase the variety of thread schedules, such testing is far from Concurrency is used pervasively in the development of sufficient. Stress testing does not cover enough different large systems programs. However, concurrent program- thread schedules and, as a result, yields unpredictable re- ming is difficult because of the possibility of unexpected sults. A bug may surface one week, when stress testing interference among concurrently executing tasks. Such happens to cover a low-probability schedule, and then interference often results in “Heisenbugs” that appear disappear for months. Stories are legend of the so-called rarely and are extremely difficult to reproduce and de- “Heisenbugs” that rarely surface and are hard to repro- bug. Stress testing, in which the system is run under duce. Still, the mark of reliability of a system remains its heavy load for a long time, is the method commonly ability to run for a long time under heavy load without employed to flush out such concurrency bugs. This crashing. form of testing provides inadequate coverage and has un- We introduce a new concept called concurrency sce- predictable results. This paper proposes an alternative nario testing that is applicable to large systems.The sys- called concurrency scenario testing which relies on sys- tem designer thinks of interesting concurrency scenar- tematic and exhaustive testing We have implemented a ios. For instance, an interesting scenario for a device tool called CHESS for performing concurrency scenario driver is concurrently receiving both an I/O message and testing of systems programs. CHESS uses model check- a shutdown message. These scenarios are system spe- ing techniques to systematically generate all interleav- cific and intuitively correspond to unit-tests for sequen- ing of a given scenario. CHESS scales to large concur- tial programs, though we expect concurrent scenarios to rent programs and has found numerous previously un- be more complex. known bugs in systems that had been stress tested for Given these scenarios, we use model checking [7, 31] many months prior to being tested by CHESS. For each techniques to systematically cover all thread schedules. bug, CHESS is able to consistently reproduce an erro- A model checker essentially captures the nondetermin- neous execution manifesting the bug, thereby making it ism of a system and then systematically enumerates all significantly easier to debug the problem. CHESS has possible choices. For a multithreaded process, this ap- been integrated into the test frameworks of many code proach is tantamount to running the system under a de- bases inside Microsoft and is being used by testers on a monic scheduler. We identify and address three key daily basis. challenges in making model checking applicable to large shared-memory multithreaded programs. 1 Introduction First, existing model checkers requires the program- mer to do a huge amount of work just to get started. We Given the importance and prevalence of concurrent sys- call this the ”perturbation problem.” Traditional methods tems,1 it is unfortunate that there exists no first-class for model checking are meant to formally verify abstract notion of concurrency testing. What is “concurrency models and do not work on real code. Other direct- testing”? In theory, concurrency testing is the process execution methods for checking multithreaded code re- of testing a concurrent system for correct behavior un- quire significant modifications to the system under test. der all possible schedules. In practice, people almost For instance, CMC [26, 39] requires running the Linux always identify concurrency testing with stress testing, kernel in user-space in order to analyze it, a non-trivial which evaluates the behavior of a concurrent system un- engineering effort. Tools like JPF [37] and ExitBlock [4] 2 force the user to use a specialized JVM. Other recent concurrency tests in its testing methodology (see Fig- approaches to model checking systems code, such as ure 1). Given an idempotent test, CHESS repeatedly ex- MaceMC [19], require writing the program in a new pro- ecutes the test in a loop, exploring a different schedule gramming language. in each iteration. In particular, CHESS does not need The perturbation problem makes model checking a to track any program state, including the initial state, non-starter for testers who want better control over the making it relatively easy to attach CHESS to an existing execution of concurrent programs. Whenever code is test. The test harness either exposes the TestStartup, changed for the benefit of testing, the tester knows that RunTestScenario, TestShutdown functions to the real bits are not being tested. Moreover, testers do not CHESS, or the tester introduces appropriate calls to have the luxury of changing code. Changing code takes CHESS in an existing test framework. time and is risky. Finally, testers already have extensive The only perturbation introduced by CHESS is a thin and varied test infrastructure in place and are unwilling to wrapper layer between the program under test and the “buy into” a different testing tool. Therefore, a concur- concurrency API (see Figure 2). This is required to cap- rency test tool should easily integrate with existing test ture and explore the nondeterminism inherent in the API. infrastructure with no modification to the system under We have developed a methodology for writing wrap- test and little modification to the test harness. pers that provides enough hooks to CHESS to control the Second, concurrency is enabled in most systems via thread scheduling without changing the semantics of the rich and complex concurrency APIs.2 For instance, the API functions and without modifying the underlying OS, Win32 API [25] used by most user-mode Windows pro- the API implementation, or the system under test. We are grams contains more than 200 threading and synchro- also able to map complex synchronization primitives into nization functions, many with different options and pa- simpler operations that greatly simplify the process of rameters. We wish to wrap the concurrency APIs to cap- writing these wrappers. We have validated our methodol- ture and control the nondeterminism inherent in the API, ogy by building wrappers for three different platforms— without changing the underlying OS scheduler or reim- Win32, .NET, and Singularity. plementing the synchronization primitives of the API. Finally, CHESS uses a variety of techniques, discussed Again, the principle of minimal perturbation is key to in Section 4 to address the state-explosion problem. The making model checking an effective test tool. CHESS scheduler is non-preemptive by default, giving it Finally, we have the classic problem of state-space the ability to execute large bodies of code atomically. Of explosion. The number of thread interleavings even course, a non-preemptive scheduler is at odds with the for small systems can be astronomically large. Scal- fact that a real scheduler may preempt a thread at just ing model checking to such large systems essentially re- about any point in its execution. Pragmatically, CHESS quires various techniques to focus the systematic enu- explores thread schedules giving priority to schedules meration to interesting parts of the state space that are with fewer preemptions. The intuition behind this search more likely to contain bugs. Recent work [14, 26, 39, strategy, called preemption bounding [27], is that many 19] has successfully applied model checking to coarse- bugs are exposed in multithreaded programs by a few grained message-passing systems. However, it is not preemptions occurring in particular places in program clear how to adapt such techniques for shared-memory execution. To scale to large systems, we had to im- multithreaded programs with fine-grained concurrency. prove upon preemption bounding in several important In this paper, we address all these challenges with ways. First, we not only restrict preemptions at synchro- a tool called CHESS.CHESS enables systematic test- nization points (calls to synchronization primitives in the ing and debugging of three classes of multithreaded concurrency API) we also only preempt at volatile vari- programs—user-mode Win32 programs, .NET pro- ables that participate in a data race. Second, we give grams, and Singularity [16] applications. The main con- the tester the ability to control the components to which tribution of CHESS is that it eliminates the nondeter- preemptions are added (and conversely the components minism inherent in multithreaded execution, systemati- which are treated atomically). This is critical for trusted cally exploring thread schedules in a deterministic man- libraries that are known to be thread-safe. ner and, when a bug is discovered, reproducing the exact This paper is the culmination of a three-year effort in thread schedule that led to the bug. applying model checking techniques to comprehensively To solve the perturbation problem, we first observe test concurrent programs. Our testing methodology has that most concurrency tests have been designed to run been validated by the successful integration of CHESS repeatedly millions of times for the purpose of stress into the test frameworks of several codebases inside Mi- testing. This means that at the end of a concurrency crosoft (x5). Using CHESS, we have found 25 unknown test, all allocated resources are freed and any global bugs; each bug was found by running an existing stress state is reset. CHESS leverages this idempotency of tests, modified to run with smaller number of threads. 3 TestStartup(); Moreover, CHESS produced a consistently reproducible execution for each bug, greatly simplifying the debug- Chess.Quiesce(); ging process.
Load more

Recommended publications
  • MAGIC Summoning: Towards Automatic Suggesting and Testing of Gestures with Low Probability of False Positives During Use
    JournalofMachineLearningResearch14(2013)209-242 Submitted 10/11; Revised 6/12; Published 1/13 MAGIC Summoning: Towards Automatic Suggesting and Testing of Gestures With Low Probability of False Positives During Use Daniel Kyu Hwa Kohlsdorf [email protected] Thad E. Starner [email protected] GVU & School of Interactive Computing Georgia Institute of Technology Atlanta, GA 30332 Editors: Isabelle Guyon and Vassilis Athitsos Abstract Gestures for interfaces should be short, pleasing, intuitive, and easily recognized by a computer. However, it is a challenge for interface designers to create gestures easily distinguishable from users’ normal movements. Our tool MAGIC Summoning addresses this problem. Given a specific platform and task, we gather a large database of unlabeled sensor data captured in the environments in which the system will be used (an “Everyday Gesture Library” or EGL). The EGL is quantized and indexed via multi-dimensional Symbolic Aggregate approXimation (SAX) to enable quick searching. MAGIC exploits the SAX representation of the EGL to suggest gestures with a low likelihood of false triggering. Suggested gestures are ordered according to brevity and simplicity, freeing the interface designer to focus on the user experience. Once a gesture is selected, MAGIC can output synthetic examples of the gesture to train a chosen classifier (for example, with a hidden Markov model). If the interface designer suggests his own gesture and provides several examples, MAGIC estimates how accurately that gesture can be recognized and estimates its false positive rate by comparing it against the natural movements in the EGL. We demonstrate MAGIC’s effectiveness in gesture selection and helpfulness in creating accurate gesture recognizers.
    [Show full text]
  • Amigaos 3.2 FAQ 47.1 (09.04.2021) English
    $VER: AmigaOS 3.2 FAQ 47.1 (09.04.2021) English Please note: This file contains a list of frequently asked questions along with answers, sorted by topics. Before trying to contact support, please read through this FAQ to determine whether or not it answers your question(s). Whilst this FAQ is focused on AmigaOS 3.2, it contains information regarding previous AmigaOS versions. Index of topics covered in this FAQ: 1. Installation 1.1 * What are the minimum hardware requirements for AmigaOS 3.2? 1.2 * Why won't AmigaOS 3.2 boot with 512 KB of RAM? 1.3 * Ok, I get it; 512 KB is not enough anymore, but can I get my way with less than 2 MB of RAM? 1.4 * How can I verify whether I correctly installed AmigaOS 3.2? 1.5 * Do you have any tips that can help me with 3.2 using my current hardware and software combination? 1.6 * The Help subsystem fails, it seems it is not available anymore. What happened? 1.7 * What are GlowIcons? Should I choose to install them? 1.8 * How can I verify the integrity of my AmigaOS 3.2 CD-ROM? 1.9 * My Greek/Russian/Polish/Turkish fonts are not being properly displayed. How can I fix this? 1.10 * When I boot from my AmigaOS 3.2 CD-ROM, I am being welcomed to the "AmigaOS Preinstallation Environment". What does this mean? 1.11 * What is the optimal ADF images/floppy disk ordering for a full AmigaOS 3.2 installation? 1.12 * LoadModule fails for some unknown reason when trying to update my ROM modules.
    [Show full text]
  • Understanding and Mitigating the Security Risks of Apple Zeroconf
    2016 IEEE Symposium on Security and Privacy Staying Secure and Unprepared: Understanding and Mitigating the Security Risks of Apple ZeroConf Xiaolong Bai*,1, Luyi Xing*,2, Nan Zhang2, XiaoFeng Wang2, Xiaojing Liao3, Tongxin Li4, Shi-Min Hu1 1TNList, Tsinghua University, Beijing, 2Indiana University Bloomington, 3Georgia Institute of Technology, 4Peking University [email protected], {luyixing, nz3, xw7}@indiana.edu, [email protected], [email protected], [email protected] Abstract—With the popularity of today’s usability-oriented tend to build their systems in a “plug-and-play” fashion, designs, dubbed Zero Configuration or ZeroConf, unclear are using techniques dubbed zero-configuration (ZeroConf ). For the security implications of these automatic service discovery, example, the AirDrop service on iPhone, once activated, “plug-and-play” techniques. In this paper, we report the first systematic study on this issue, focusing on the security features automatically detects another Apple device nearby running of the systems related to Apple, the major proponent of the service to transfer documents. Such ZeroConf services ZeroConf techniques. Our research brings to light a disturb- are characterized by automatic IP selection, host name ing lack of security consideration in these systems’ designs: resolving and target service discovery. Prominent examples major ZeroConf frameworks on the Apple platforms, includ- include Apple’s Bonjour [3], and the Link-Local Multicast ing the Core Bluetooth Framework, Multipeer Connectivity and
    [Show full text]
  • Cooper ( Interaction Design
    Cooper ( Interaction Design Inspiration The Myth of Metaphor Cooper books by Alan Cooper, Chairman & Founder Articles June 1995 Newsletter Originally Published in Visual Basic Programmer's Journal Concept projects Book reviews Software designers often speak of "finding the right metaphor" upon which to base their interface design. They imagine that rendering their user interface in images of familiar objects from the real world will provide a pipeline to automatic learning by their users. So they render their user interface as an office filled with desks, file cabinets, telephones and address books, or as a pad of paper or a street of buildings in the hope of creating a program with breakthrough ease-of- learning. And if you search for that magic metaphor, you will be in august company. Some of the best and brightest designers in the interface world put metaphor selection as one of their first and most important tasks. But by searching for that magic metaphor you will be making one of the biggest mistakes in user interface design. Searching for that guiding metaphor is like searching for the correct steam engine to power your airplane, or searching for a good dinosaur on which to ride to work. I think basing a user interface design on a metaphor is not only unhelpful but can often be quite harmful. The idea that good user interface design is based on metaphors is one of the most insidious of the many myths that permeate the software community. Metaphors offer a tiny boost in learnability to first time users at http://www.cooper.com/articles/art_myth_of_metaphor.htm (1 of 8) [1/16/2002 2:21:34 PM] Cooper ( Interaction Design tremendous cost.
    [Show full text]
  • UC Santa Cruz UC Santa Cruz Electronic Theses and Dissertations
    UC Santa Cruz UC Santa Cruz Electronic Theses and Dissertations Title Efficient Bug Prediction and Fix Suggestions Permalink https://escholarship.org/uc/item/47x1t79s Author Shivaji, Shivkumar Publication Date 2013 Peer reviewed|Thesis/dissertation eScholarship.org Powered by the California Digital Library University of California UNIVERSITY OF CALIFORNIA SANTA CRUZ EFFICIENT BUG PREDICTION AND FIX SUGGESTIONS A dissertation submitted in partial satisfaction of the requirements for the degree of DOCTOR OF PHILOSOPHY in COMPUTER SCIENCE by Shivkumar Shivaji March 2013 The Dissertation of Shivkumar Shivaji is approved: Professor Jim Whitehead, Chair Professor Jose Renau Professor Cormac Flanagan Tyrus Miller Vice Provost and Dean of Graduate Studies Copyright c by Shivkumar Shivaji 2013 Table of Contents List of Figures vi List of Tables vii Abstract viii Acknowledgments x Dedication xi 1 Introduction 1 1.1 Motivation . .1 1.2 Bug Prediction Workflow . .9 1.3 Bug Prognosticator . 10 1.4 Fix Suggester . 11 1.5 Human Feedback . 11 1.6 Contributions and Research Questions . 12 2 Related Work 15 2.1 Defect Prediction . 15 2.1.1 Totally Ordered Program Units . 16 2.1.2 Partially Ordered Program Units . 18 2.1.3 Prediction on a Given Software Unit . 19 2.2 Predictions of Bug Introducing Activities . 20 2.3 Predictions of Bug Characteristics . 21 2.4 Feature Selection . 24 2.5 Fix Suggestion . 25 2.5.1 Static Analysis Techniques . 25 2.5.2 Fix Content Prediction without Static Analysis . 26 2.6 Human Feedback . 28 iii 3 Change Classification 30 3.1 Workflow . 30 3.2 Finding Buggy and Clean Changes .
    [Show full text]
  • Automatic Program Repair Using Genetic Programming
    Automatic Program Repair Using Genetic Programming A Dissertation Presented to the Faculty of the School of Engineering and Applied Science University of Virginia In Partial Fulfillment of the requirements for the Degree Doctor of Philosophy (Computer Science) by Claire Le Goues May 2013 c 2013 Claire Le Goues Abstract Software quality is an urgent problem. There are so many bugs in industrial program source code that mature software projects are known to ship with both known and unknown bugs [1], and the number of outstanding defects typically exceeds the resources available to address them [2]. This has become a pressing economic problem whose costs in the United States can be measured in the billions of dollars annually [3]. A dominant reason that software defects are so expensive is that fixing them remains a manual process. The process of identifying, triaging, reproducing, and localizing a particular bug, coupled with the task of understanding the underlying error, identifying a set of code changes that address it correctly, and then verifying those changes, costs both time [4] and money. Moreover, the cost of repairing a defect can increase by orders of magnitude as development progresses [5]. As a result, many defects, including critical security defects [6], remain unaddressed for long periods of time [7]. Moreover, humans are error-prone, and many human fixes are imperfect, in that they are either incorrect or lead to crashes, hangs, corruption, or security problems [8]. As a result, defect repair has become a major component of software maintenance, which in turn consumes up to 90% of the total lifecycle cost of a given piece of software [9].
    [Show full text]
  • Intuition As Evidence in Philosophical Analysis: Taking Connectionism Seriously
    Intuition as Evidence in Philosophical Analysis: Taking Connectionism Seriously by Tom Rand A thesis submitted in conformity with the requirements for the degree of Ph.D. Graduate Department of Philosophy University of Toronto (c) Copyright by Tom Rand 2008 Intuition as Evidence in Philosophical Analysis: Taking Connectionism Seriously Ph.D. Degree, 2008, by Tom Rand, Graduate Department of Philosophy, University of Toronto ABSTRACT 1. Intuitions are often treated in philosophy as a basic evidential source to confirm/discredit a proposed definition or theory; e.g. intuitions about Gettier cases are taken to deny a justified-true-belief analysis of ‘knowledge’. Recently, Weinberg, Nichols & Stitch (WN&S) provided evidence that epistemic intuitions vary across persons and cultures. In- so-far as philosophy of this type (Standard Philosophical Methodology – SPM) is committed to provide conceptual analyses, the use of intuition is suspect – it does not exhibit the requisite normativity. I provide an analysis of intuition, with an emphasis on its neural – or connectionist – cognitive backbone; the analysis provides insight into its epistemic status and proper role within SPM. Intuition is initially characterized as the recognition of a pattern. 2. The metaphysics of ‘pattern’ is analyzed for the purpose of denying that traditional symbolic computation is capable of differentiating the patterns of interest. 3. The epistemology of ‘recognition’ is analyzed, again, to deny that traditional computation is capable of capturing human acts of recognition. 4. Fodor’s informational semantics, his Language of Thought and his Representational Theory of Mind are analyzed and his arguments denied. Again, the purpose is to deny traditional computational theories of mind.
    [Show full text]
  • The Impact of Code Review Coverage and Code Review Participation on Software Quality
    The Impact of Code Review Coverage and Code Review Participation on Software Quality A Case Study of the Qt, VTK, and ITK Projects Shane McIntosh1, Yasutaka Kamei2, Bram Adams3, and Ahmed E. Hassan1 1Queen’s University, Canada 2Kyushu University, Japan 3Polytechnique Montréal, Canada 1{mcintosh, ahmed}@cs.queensu.ca [email protected] [email protected] ABSTRACT 1. INTRODUCTION Software code review, i.e., the practice of having third-party Software code reviews are a well-documented best practice team members critique changes to a software system, is a for software projects. In Fagan's seminal work, formal design well-established best practice in both open source and pro- and code inspections with in-person meetings were found prietary software domains. Prior work has shown that the to reduce the number of errors detected during the testing formal code inspections of the past tend to improve the qual- phase in small development teams [8]. Rigby and Bird find ity of software delivered by students and small teams. How- that the modern code review processes that are adopted in a ever, the formal code inspection process mandates strict re- variety of reviewing environments (e.g., mailing lists or the view criteria (e.g., in-person meetings and reviewer check- Gerrit web application1) tend to converge on a lightweight lists) to ensure a base level of review quality, while the mod- variant of the formal code inspections of the past, where ern, lightweight code reviewing process does not. Although the focus has shifted from defect-hunting to group problem- recent work explores the modern code review process qual- solving [34].
    [Show full text]
  • Johnny Bock Andersen CV for Software Consultancy 1 Summary
    Johnny Bock Andersen CV for Software Consultancy 1 Summary and Introduction The consultant specializes in development and design of advanced and high- performance software. In the areas of compiler, programming language and computer vision and graphics technologies, he has particularly strong skills that he uses in his company, Hardcore Processing, to turn cutting edge technologies into real-life applications. In doing this, he has also gained considerable experience in implementing numerical algorithms where nu- merical stability is often a challenge. He has worked both as an employee and even more so as a consultant for several companies over the years us- ing a very broad spectrum of platforms, tools and languages with many of which he has thorough in-depth experience, which he often gains relatively quickly. He is usually in a good mood, well-liked among colleagues and gladly answers questions. He performs best when focusing on larger tasks alone. From his 32 years of experience, out of which 22 are professional, he has a very strong intuition about what the best, or at least near-optimal, solution is to many complex problems, even when it would be very hard and time-consuming to find the optimal solution by thorough analysis. He has worked more than full time over many of the years, which is hard to reflect with this style of CV where the workload is not fully specified. YearofBirth : 1975 Citizenship: Danish(Denmark) Current residence : Copenhagen, Denmark Education Year Education Place 2004-2010 M.Sc.ComputerScience UniversityofCopenhagen, Denmark The last 102.5 ECTS points were passed in 1.5 years, i.e.
    [Show full text]
  • Multi-Parameter Databases Remote-Access and Automatic Layout and Conjunct Analysis by Means of QT Cross-Platform Application Framework
    Multi-Parameter Databases Remote-access and Automatic Layout and Conjunct Analysis by means of QT Cross-platform Application Framework Wei Wu Weiwu Info, Portugal Abstract Nokia's Qt Development Frameworks division, which came into being after Nokia's acquisition of Norwegian Data acquirement and signal processing at Multi- company, Trolltech, the original producer of Qt. parameter records such as PhysioNet database records There are many powerful functions QT included and require accessing records remotely, laying out uncertain among those, the most interesting ones for our application number of parameters, and doing conjunct analysis. This mentioned above, are their layouts-manage mechanism paper proposes developing software by QT graphical and SIGNAL/SLOT communication mechanism. C++ toolkit can meet the requirements described above in less developing time and higher efficiency. Practical 2.1. Layout-manage mechanism works at a software tool development are introduced to show advantages of QT toolkit at software tool In QT, an object, such as a displayed signal, is defined development, particularly the advantages of as a widget. QT gives every widget that is placed on a SIGNAL/SLOT and Layout-manage mechanisms that are form an appropriate size and position by layout-manage fundamental for implement of conjunct analysisms of the mechanism. Qt provides several classes that lay out abstract before continuing with the next heading. widgets on a form: QHBoxLayout, QVBoxLayout, QGridLayout, and QStackedLayout. These classes can 1. Introduction implement the signals automatic layout by assigning each signal a frame at a multi-frame layout, and ensure that Some databases such as PhysioNet databases (WFDB) frames adapt automatically to different fonts, languages, include the record with uncertain number of parameters, and platforms.
    [Show full text]
  • Developing a Framework for a New Visual-Based
    DEVELOPING A FRAMEWORK FOR A NEW VISUAL-BASED INTERFACE DESIGN IN AUTODESK MAYA A Thesis by TIMOTHY CLAYTON WITHERS Submitted to the Office of Graduate Studies of Texas A&M University in partial fulfillment of the requirements for the degree of MASTER OF SCIENCE August 2012 Major Subject: Visualization DEVELOPING A FRAMEWORK FOR A NEW VISUAL-BASED INTERFACE DESIGN IN AUTODESK MAYA A Thesis by TIMOTHY CLAYTON WITHERS Submitted to the Office of Graduate Studies of Texas A&M University in partial fulfillment of the requirements for the degree of MASTER OF SCIENCE Approved by: Co-Chairs of Committee, Joshua Bienko Philip Galanter Committee Members, Tracy Hammond Justin Israel Head of Department, Tim McLaughlin August 2012 Major Subject: Visualization iii ABSTRACT Developing a Framework for a New Visual-Based Interface Design in Autodesk Maya. (August 2012) Timothy Clayton Withers, B.S., Texas A&M University Co{Chairs of Advisory Committee: Joshua Bienko Philip Galanter In this thesis, I develop an efficient and user-friendly node-based interface to be used in the creation of a particle system in Autodesk Maya. Maya's interface inconsis- tencies were identified and solutions were designed based on research in a number of fields related to human-computer interaction (HCI) as well as taking design queues from other highly successful 3D programs that employ a node-based interface. This research was used to guide the design of the interface in terms of organizing the data into logical chunks of information, using color to help the user develop working mental models of the system, and also using simple, easy to identify, graphical representa- tions of a particle system.
    [Show full text]
  • Microsoft Surface User Experience Guidelines
    Microsoft Surface™ User Experience Guidelines Designing for Successful Touch Experiences Version 1.0 June 30, 2008 1 Copyright This document is provided for informational purposes only, and Microsoft makes no warranties, either express or implied, in this document. Information in this document, including URL and other Internet Web site references, is subject to change without notice. The entire risk of the use or the results from the use of this document remains with the user. Unless otherwise noted, the example companies, organizations, products, domain names, e-mail addresses, logos, people, places, financial and other data, and events depicted herein are fictitious. No association with any real company, organization, product, domain name, e-mail address, logo, person, places, financial or other data, or events is intended or should be inferred. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft. Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. © 2008 Microsoft Corporation. All rights reserved. Microsoft, Excel, Microsoft Surface, the Microsoft Surface logo, Segoe, Silverlight, Windows, Windows Media, Windows Vista, Virtual Earth, Xbox LIVE, XNA, and Zune are either registered trademarks or trademarks of the Microsoft group of companies.
    [Show full text]