skip to main content
research-article

Breadcrumbs: efficient context sensitivity for dynamic bug detection analyses

Published:05 June 2010Publication History
Skip Abstract Section

Abstract

Calling context--the set of active methods on the stack--is critical for understanding the dynamic behavior of large programs. Dynamic program analysis tools, however, are almost exclusively context insensitive because of the prohibitive cost of representing calling contexts at run time. Deployable dynamic analyses, in particular, have been limited to reporting only static program locations.

This paper presents Breadcrumbs, an efficient technique for recording and reporting dynamic calling contexts. It builds on an existing technique for computing a compact (one word) encoding of each calling context that client analyses can use in place of a program location. The key feature of our system is a search algorithm that can reconstruct a calling context from its encoding using only a static call graph and a small amount of dynamic information collected at cold (infrequently executed) callsites. Breadcrumbs requires no offline training or program modifications, and handles all language features, including dynamic class loading.

We use Breadcrumbs to add context sensitivity to two dynamic analyses: a data-race detector and an analysis for diagnosing null pointer exceptions. On average, it adds 10% to 20% runtime overhead, depending on a tunable parameter that controls how much dynamic information is collected. Collecting less information lowers the overhead, but can result in a search space explosion. In some cases this causes reconstruction to fail, but in most cases Breadcrumbs >produces non-trivial calling contexts that have the potential to significantly improve both the precision of the analyses and the quality of the bug reports.

References

  1. B. Alpern, C. R. Attanasio, A. Cocchi, D. Lieber, S. Smith, T. Ngo, J. J. Barton, S. F. Hummel, J. C. Sheperd, and M. Mergen. Implementing Jalapeño in Java. In ACM Conference on Object-Oriented Programming, Systems, Languages, and Applications, pages 314--324, 1999. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. G. Ammons, T. Ball, and J. R. Larus. Exploiting Hardware Performance Counters with Flow and Context Sensitive Profiling. In ACM Conference on Programming Language Design and Implementation, pages 85--96, Las Vegas, NV, 1997. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. T. Ball and J. R. Larus. Efficient Path Profiling. In IEEE/ACM International Symposium on Microarchitecture, pages 46--57, 1996. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. S. M. Blackburn, R. Garner, C. Hoffman, A. M. Khan, K. S. McKinley, R. Bentzur, A. Diwan, D. Feinberg, D. Frampton, S. Z. Guyer, M. Hirzel, A. Hosking, M. Jump, H. Lee, J. E. B. Moss, A. Phansalkar, D. Stefanović,T. VanDrunen, D. von Dincklage, and B. Wiedermann. The DaCapo Benchmarks: Java Benchmarking Development and Analysis. In ACM Conference on Object-Oriented Programming, Systems, Languages, and Applications, pages 169--190, 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. M. D. Bond and K. S. McKinley. Probabilistic Calling Context. In ACM Conference on Object-Oriented Programming, Systems, Languages, and Applications, pages 97--112, 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. M. D. Bond, N. Nethercote, S. W. Kent, S. Z. Guyer, and K. S. McKinley. Tracking Bad Apples: Reporting the Origin of Null and Undefined Value Errors. In ACM Conference on Object-Oriented Programming, Systems, Languages, and Applications, pages 405--422, 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. M. D. Bond, V. Srivastava, K. S. McKinley, and V. Shmatikov. Efficient, Context-Sensitive Detection of Semantic Attacks. Technical Report TR-09-14, The University of Texas at Austin, 2009.Google ScholarGoogle Scholar
  8. M. D. Bond, K. E. Coons, and K. S. McKinley. Pacer: Proportional Detection of Data Races. In ACM Conference on Programming Language Design and Implementation, 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. T. M. Chilimbi and M. Hauswirth. Low-Overhead Memory Leak Detection Using Adaptive Statistical Profiling. In ACM International Conference on Architectural Support for Programming Languages and Operating Systems, pages 156--164, 2004. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. C. Flanagan and S. N. Freund. FastTrack: Efficient and Precise Dynamic Race Detection. In ACM Conference on Programming Language Design and Implementation, pages 121--133, 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. N. Froyd, J. Mellor-Crummey, and R. Fowler. Low-Overhead Call Path Profiling of Unmodified, Optimized Code. In ACM International Conference on Supercomputing, pages 81--90, 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. K. Hazelwood and D. Grove. Adaptive Online Context-Sensitive Inlining. In IEEE/ACM International Symposium on Code Generation and Optimization, pages 253--264, 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. H. Inoue and T. Nakatani. How a Java VM Can Get More from a Hardware Performance Monitor. In ACM Conference on Object-Oriented Programming, Systems, Languages, and Applications, pages 137--154, 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. Lattner, A. Lenharth, and V. Adve. Making Context-Sensitive Points- To Analysis with Heap Cloning Practical for the Real World. In ACM Conference on Programming Language Design and Implementation, pages 278--289, 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. Lhoták and L. Hendren. Evaluating the Benefits of Context-Sensitive Points-to Analysis Using a BDD-Based Implementation. ACM Transactions on Software Engineering and Methodology, 18(1):1--53, 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. D. Marino, M. Musuvathi, and S. Narayanasamy.LiteRace: Effective Sampling for Lightweight Data-Race Detection. In ACM Conference on Programming Language Design and Implementation, pages 134--143, 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. D. Melski and T. Reps. Interprocedural Path Profiling. In International Conference on Compiler Construction, pages 47--62, 1999. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. T. Mytkowicz, D. Coughlin, and A. Diwan. Inferred Call Path Profiling. In ACM Conference on Object-Oriented Programming, Systems, Languages, and Applications, pages 175--190, 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. N. Nethercote and J. Seward. Valgrind: A Framework for Heavyweight Dynamic Binary Instrumentation. In ACM Conference on Programming Language Design and Implementation, pages 89--100, 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. J. Seward and N. Nethercote. Using Valgrind to Detect Undefined Value Errors with Bit-Precision. In USENIX Annual Technical Conference, pages 17--30, 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. J. M. Spivey. Fast, Accurate Call Graph Profiling. Softw. Pract. Exper., 34 (3):249--264, 2004. Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. M. Sridharan and R. Bodík. Refinement-Based Context-Sensitive Points- To Analysis for Java. In ACM Conference on Programming Language Design and Implementation, pages 387--400, 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. SPECjbb2000 Documentation. Standard Performance Evaluation Corporation, release 1.01 edition, 2001.Google ScholarGoogle Scholar
  24. W. N. Sumner, Y. Zheng, D. Weeratunge, and X. Zhang. Precise Calling Context Encoding. In ACM International Conference on Software Engineering, 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. J. Whaley. A Portable Sampling-Based Profiler for Java Virtual Machines. In ACM Conference on Java Grande, pages 78--87, 2000. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. J. Whaley and M. S. Lam. Cloning-Based Context-Sensitive Pointer Alias Analysis Using Binary Decision Diagrams. In ACM Conference on Programming Language Design and Implementation, pages 131--144, 2004. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. X. Zhuang, M. J. Serrano, H. W. Cain, and J.-D. Choi. Accurate, Efficient, and Adaptive Calling Context Profiling. In ACM Conference on Programming Language Design and Implementation, pages 263--271, 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Breadcrumbs: efficient context sensitivity for dynamic bug detection analyses

        Recommendations

        Comments

        Login options

        Check if you have access through your login credentials or your institution to get full access on this article.

        Sign in

        Full Access

        • Published in

          cover image ACM SIGPLAN Notices
          ACM SIGPLAN Notices  Volume 45, Issue 6
          PLDI '10
          June 2010
          496 pages
          ISSN:0362-1340
          EISSN:1558-1160
          DOI:10.1145/1809028
          Issue’s Table of Contents
          • cover image ACM Conferences
            PLDI '10: Proceedings of the 31st ACM SIGPLAN Conference on Programming Language Design and Implementation
            June 2010
            514 pages
            ISBN:9781450300193
            DOI:10.1145/1806596

          Copyright © 2010 ACM

          Publisher

          Association for Computing Machinery

          New York, NY, United States

          Publication History

          • Published: 5 June 2010

          Check for updates

          Qualifiers

          • research-article

        PDF Format

        View or Download as a PDF file.

        PDF

        eReader

        View online with eReader.

        eReader
        About Cookies On This Site

        We use cookies to ensure that we give you the best experience on our website.

        Learn more

        Got it!