skip to main content
research-article

Generating sound and effective memory debuggers

Authors Info & Claims
Published:20 June 2013Publication History
Skip Abstract Section

Abstract

We present a new approach for constructing debuggers based on declarative specification of bug conditions and root causes, and automatic generation of debugger code. We illustrate our approach on several classes of bugs, memory or otherwise. For each bug class, bug conditions and their root cause are specified declaratively, in First-order logic, using 1 to 4 predicates. We employ a low-level operational semantics and abstract traces to permit concise bug specification and prove soundness. To facilitate locating bugs, we introduce a new concept of value propagation chains that reduce programmer burden by narrowing the fault to a handful of executed instructions (1 to 16 in our experiments). We employ automatic translation to generate the debugger implementation, which runs on top of the Pin infrastructure. Experiments with using our system on 7 versions of 4 real-world programs show that our approach is expressive, effective at finding bugs and their causes, and efficient. We believe that, using our approach, other kinds of declaratively-specified, provably-correct, auto-generated debuggers can be constructed with little effort.

References

  1. C. Allan, P. Avgustinov, A. S. Christensen, L. Hendren, S. Kuzins, O. Lhoták, O. de Moor, D. Sereni, G. Sittampalam, and J. Tibble. Adding trace matching with free variables to aspectj. OOPSLA '05, pages 345--364. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. E. D. Berger and B. G. Zorn. DieHard: Probabilistic memory safety for unsafe languages. PLDI'06, pages 158--168. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. M. D. Bond, N. Nethercote, S. W. Kent, S. Z. Guyer, and K. S. McKinley. Tracking bad apples: reporting the origin of null and undefined value errors. OOPSLA '07, pages 405--422. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. F. Chen and G. Roşu. MOP: An Efficient and Generic Runtime Verification Framework. In OOPSLA'07, pages 569--588. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. D. Dhurjati and V. Adve. Efficiently detecting all dangling pointer uses in production servers. In DSN '06, pages 269--280. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. D. Dhurjati and V. Adve. Backwards-compatible array bounds checking for c with very low overhead. In ICSE '06, pages 162--171, 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. D. Drusinsky. The temporal rover and the atg rover. In SPIN 2000. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. C. Ellison and G. Roşu. An executable formal semantics of C with applications. In POPL '12, pages 533--544. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. S. F. Goldsmith, R. O'Callahan, and A. Aiken. Relational queries over program traces. OOPSLA '05, pages 385--402. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. R. Hähnle, M. Baum, R. Bubel, and M. Rothe. A visual interactive debugger based on symbolic execution. In ASE '10, pages 143--146. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. R. Hastings and B. Joyce. Purify: Fast detection of memory leaks and access errors. USENIX Winter Tech. Conf., pages 125--136, 1992.Google ScholarGoogle Scholar
  12. D. Hovemeyer and W. Pugh. Finding bugs is easy. OOSPLA'04, pages 92--106. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. http://flex.sourceforge.net/. Flex homepage.Google ScholarGoogle Scholar
  14. http://www.gnu.org/software/bison/. Bison homepage.Google ScholarGoogle Scholar
  15. http://www.gnu.org/software/gdb/. Gdb homepage.Google ScholarGoogle Scholar
  16. http://www.time-rover.com. Time Rover homepage.Google ScholarGoogle Scholar
  17. G. Kiczales, J. Lamping, A. Mendhekar, C. Maeda, C. V. Lopes, J.-M. Loingtier, and J. Irwin. Aspect-oriented programming. In ECOOP'97, pages 220--242.Google ScholarGoogle Scholar
  18. A. Ko and B. Myers. Debugging reinvented: Asking and answering why and why not questions about program behavior. ICSE'08, pages 301--310. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. B. Lee, B. Wiedermann, M. Hirzel, R. Grimm, and K. S. McKinley. Jinn: synthesizing dynamic bug detectors for foreign language interfaces. PLDI '10, pages 36--49. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. C.-K. Luk, R. Cohn, R. Muth, H. Patil, A. Klauser, G. Lowney, S. Wallace, V. J. Reddi, and K. Hazelwood. Pin: building customized program analysis tools with dynamic instrumentation. In PLDI '05, pages 190--200. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. D. Mandelin, L. Xu, R. Bodık, and D. Kimelman. Jungloid mining: helping to navigate the api jungle. In PLDI '05, pages 48--61. Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. Z. Manna and R. Waldinger. A deductive approach to program synthesis. ACM Trans. Program. Lang. Syst., pages 90--121, 1980. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. M. Martin, B. Livshits, and M. S. Lam. Finding application errors and security flaws using pql: a program query language. OOPSLA '05, pages 365--383. Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. P. O. Meredith, D. Jin, D. Griffith, F. Chen, and G. Roşu. An overview of the MOP runtime verification framework. International Journal on Software Techniques for Technology Transfer, pages 249--289, 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. S. Nagarakatte, J. Zhao, M. M. Martin, and S. Zdancewic. Softbound: highly compatible and complete spatial memory safety for c. PLDI'09, pages 245--258. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. S. Narayanasamy, C. Pereira, H. Patil, R. Cohn, and B. Calder. Automatic logging of operating system effects to guide application-level architecture simulation. In SIGMETRICS'06, pages 216--227. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. S. Narayanasamy, G. Pokam, and B. Calder. BugNet: Continuously recording program execution for deterministic replay debugging. ISCA'05, pages 284--295, 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. N. Nethercote and J. Seward. Valgrind: A framework for heavyweight dynamic binary instrumentation. PLDI'07, pages 89--100. Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. G. Novark, E. D. Berger, and B. G. Zorn. Efficiently and precisely locating memory leaks and bloat. In PLDI '09, pages 397--407. Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. R. Pellizzoni, P. Meredith, M. Caccamo, and G. Rosu. Hardware runtime monitoring for dependable cots-based real-time embedded systems. In RTSS'08, pages 481--491. Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. C. Reichenbach, N. Immerman, Y. Smaragdakis, E. E. Aftandilian, and S. Z. Guyer. What can the gc compute efficiently?: a language for heap assertions at gc time. OOPSLA '10, pages 256--269. Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. E. Y. Shapiro. Algorithmic Program DeBugging. MIT Press, 1983. Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. J. Silva. A survey on algorithmic debugging strategies. phAdv. Eng. Softw., pages 976--991, 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. G. Venkataramani, I. Doudalis, Y. Solihin, and M. Prvulovic. Memtracker: An accelerator for memory debugging and monitoring. ACM Trans. Archit. Code Optim., pages 5:1--5:33, 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. Y. Wang, I. Neamtiu, and R. Gupta. Generating sound and effective memory debuggers. Technical report, University of California, Riverside, Department of Computer Science and Engineering, http://www.cs.ucr.edu/ neamtiu/pubs/memdebug-tr.pdf, 2013.Google ScholarGoogle Scholar
  36. G. Xu, M. D. Bond, F. Qin, and A. Rountev. Leakchaser: helping programmers narrow down causes of memory leaks. In PLDI '11, pages 270--282. Google ScholarGoogle ScholarDigital LibraryDigital Library
  37. C. Zhang, D. Yan, J. Zhao, Y. Chen, and S. Yang. Bpgen: an automated breakpoint generator for debugging. In ICSE '10, pages 271--274. Google ScholarGoogle ScholarDigital LibraryDigital Library
  38. X. Zhang, R. Gupta, and Y. Zhang. Precise dynamic slicing algorithms. ICSE '03, pages 319--329, May 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Generating sound and effective memory debuggers

          Recommendations

          Comments

          Login options

          Check if you have access through your login credentials or your institution to get full access on this article.

          Sign in

          Full Access

          PDF Format

          View or Download as a PDF file.

          PDF

          eReader

          View online with eReader.

          eReader
          About Cookies On This Site

          We use cookies to ensure that we give you the best experience on our website.

          Learn more

          Got it!