PhD Defense: Finding High-Level Bugs Using Low-Overhead Dynamic Analysis Tools

Abstract

High-level bugs are a growing problem with modern software. Low- level bugs -- language-level bugs that would be errors in any program, such as memory leaks and buffer overflows -- have mostly been solved by modern programming languages and tools; however, high- level bugs -- application-specific errors, such as violating data structure invariants -- remain. In addition, modern trends such as construction of large programs, use of large standard libraries and third-party frameworks, and increasingly higher-level languages conspire to make high-level bugs even more common in the future.

Static analysis tools cannot handle the size of these programs or language features such as dynamic classloading. Current dynamic analysis tools are too slow, often incurring a slowdown of 1-2 *orders of magnitude*, and thus can only be used in a debugging environment.

In this thesis, we introduce a set of low-overhead dynamic analysis tools that help programmers find bugs in their software. These tools have overheads low enough to be used in production systems. To achieve this low-overhead operation, we introduce techniques such as piggybacking checks on the garbage collector, spinning checks off to separate threads, and designing a language to limit the computational complexity of checks. We show both that the performance overheads of our tools are low, typically under 5%, and that they are useful for finding bugs in real programs. These tools hit a sweet spot of performance overhead vs. code coverage, and we claim that they will address the growing problem of high-level bugs in production software.