WAFFLE: Exposing Memory Ordering Bugs Efficiently with Active Delay Injection

Concurrency bugs are difficult to detect, reproduce, and diagnose, as they manifest under rare timing conditions. Recently, active delay injection has proven efficient for exposing one such type of bug - thread-safety violations - with low overhead, high coverage, and minimal code analysis. However, how to efficiently apply active delay injection to broader classes of concurrency bugs is still an open question. We aim to answer this question by focusing on MEMORDER bugs - a type of concurrency bug caused by incorrect timing between a memory access to a particular object and the object's initialization or deallocation. We first show experimentally that the current state-of-the-art delay injection technique leads to high overhead and low detection coverage since MEMORDER bugs exhibit particular characteristics that cause high delay density and interference. Based on these insights, we propose WAFFLE - a delay injection tool that tailors key design points to better match the nature of MEMORDER bugs. Evaluating our tool on 11 popular opensource multi-threaded C# applications shows that WAFFLE can expose more bugs with less overhead than state-of-the-art techniques.