Welcome!

Welcome to comp150BUGS!

This course is a survey of cutting-edge techniques for finding, fixing, and tolerating programming errors. Bugs continue to be a costly and stubbornly difficult problem to solve, therefore our focus will be on automatic techniques, which can greatly ease this difficult task. Work in the course will involve reading, reviewing, presenting, and discussing research papers.

For guidance on how to review a paper, see these useful notes by John Ousterhout.

Class Information

Instructor: Sam Guyer -- Halligan Hall extenion Room 004.

Time and place: Tuesday, Thursday 1:30pm-3pm in Halligan Hall 111b.

Office hours: by appointment.

Mailing list: https://www.eecs.tufts.edu/mailman/listinfo/comp150bugs.

News and Important Dates

Assignment 1: Debug queue.cpp -- use whatever means you like, including valgrind.

Schedule

Memory Safety

Sept 11 Memory safety, GC (No paper)
Sept 13 Valgrind [PDF] How to Shadow Every Byte of Memory Used by a Program
Sept 18 Safe-C [PDF] Efficient detection of all pointer and array access errors
Sept 20 SoftBound [PDF] SoftBound: highly compatible and complete spatial memory safety for C
Sept 25 Delta Debugging [PDF] Yesterday, my program worked. Today, it does not. Why?
[PDF] Isolating cause-effect chains from computer programs
Sept 27 LCLint [PDF] Static detection of dynamic memory errors
Oct 2 Marple [PDF] Marple: a demand-driven path-sensitive buffer overflow detector
Oct 4 Cyclone [PDF] Experience with safe manual memory-management in cyclone
Oct 9 No class Substitute Monday schedule
Oct 11 DieHard [PDF] DieHard: probabilistic memory safety for unsafe languages
Exterminator [PDF] Exterminator: Automatically correcting memory errors with high probability
Bonus paper GC vs malloc [PDF] Quantifying the performance of garbage collection vs. explicit memory management
Oct 16 [PDF] Enhancing server availability and security through failure-oblivious computing

Information Flow

Oct 18 TaintCheck [PDF] Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits on Commodity Software
Oct 29 Bolt [PDF] Bolt: On-Demand Infinite Loop Escape in Unmodified Binaries
Oct 31 Terminator [PDF] Termination proofs for systems code
Nov 6 Terminator [PDF] Principles of Program Termination
Nov 8 Type qualifiers [PDF] Detecting format string vulnerabilities with type qualifiers
Nov 13 More type qualifiers [PDF] Flow-sensitive type qualifiers
[PDF] Using CQUAL for Static Analysis of Authorization Hook Placement
Nov 15 SqlCheck [PDF] The essence of command injection attacks in web applications
Nov 20 [PDF] Secure program execution via dynamic information flow tracking

Typestate

Nov 27 QVM [PDF] QVM: An Efficient Runtime for Detecting Defects in Deployed Systems

Grab bag

Nov 29 GenProg [PDF] Automatic Program Repair with Evolutionary Computation
[PDF] GenProg: A Generic Method for Automatic Software Repair
Dec 4 Bug Isolation [PDF] Scalable Statistical Bug Isolation
Dec 6 Last paper [PDF] Software Needs Seatbelts and Airbags

Extra Papers

Date FastTrack [PDF] FastTrack
Date RacerX [PDF] RacerX

Updated November 13, 2012