Memory and Thread Safety in Modern System Programming Languages: Challenges and Solutions
Restricted (Penn State Only)
- Author:
- Zhu, Shuofei
- Graduate Program:
- Information Sciences and Technology
- Degree:
- Doctor of Philosophy
- Document Type:
- Dissertation
- Date of Defense:
- February 06, 2025
- Committee Members:
- Carleen Maitland, Program Head/Chair
Peng Liu, Chair & Dissertation Advisor
Taegyu Kim, Major Field Member
Sencun Zhu, Outside Unit & Field Member
Tanusree Sharma, Major Field Member - Keywords:
- Go
Rust
Concurrency Programming
Static Analysis
Empirical Study
User Study
Software Engineering
Programming Languages
Software Security
System Programming - Abstract:
- Modern system programming demands safe, efficient, and reliable concurrency, traditionally dominated by C/C++. However, memory and thread safety challenges have led to alternatives like Go and Rust, which introduce unique benefits and challenges. This dissertation explores these challenges and solutions in both languages. Go, designed for efficient concurrency, uses goroutines and channels for communication. Despite its advantages, concurrency bugs, particularly misuse of channels, are widespread and impact system reliability. To address this, we propose GCatch, a static concurrency bug detection tool, and GFix, an automated bug-fixing system. GCatch models complex channel operations using constraints to detect blocking bugs, while GFix patches these issues using Go's built-in features. Applied to 21 major Go applications, including Docker and Kubernetes, GCatch found 149 unknown blocking bugs, and GFix successfully fixed 124. Developers have incorporated fixes for 125 bugs, with 87 using GFix’s patches directly. Rust aims to provide both safety and performance through strict compile-time safety rules, eliminating many memory and thread safety issues. However, its learning curve poses challenges. To analyze these difficulties, we examined 100 Rust-related Stack Overflow questions and conducted a survey with 101 Rust programmers. Our study identified key pain points in applying Rust's safety rules and assessed whether compiler error messages effectively aid debugging. Findings from both studies offer insights for language designers, emphasizing integrated safety mechanisms, intuitive design, and improved error messaging. These recommendations aim to inspire future programming languages that balance safety, performance, and developer productivity.