{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T04:19:26Z","timestamp":1750306766424,"version":"3.41.0"},"reference-count":38,"publisher":"Association for Computing Machinery (ACM)","issue":"3","license":[{"start":{"date-parts":[[2013,7,1]],"date-time":"2013-07-01T00:00:00Z","timestamp":1372636800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100006112","name":"Microsoft Research","doi-asserted-by":"publisher","id":[{"id":"10.13039\/100006112","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Softw. Eng. Methodol."],"published-print":{"date-parts":[[2013,7]]},"abstract":"<jats:p>\n            Generally, a fault is a property violation at a program point along some execution path. To obtain the path where a fault occurs, we can either run the program or manually identify the execution paths through code inspection. In both of the cases, only a very limited number of execution paths can be examined for a program. This article presents a static framework, Marple, that automatically detects path segments where a fault occurs at a whole program scale. An important contribution of the work is the design of a demand-driven analysis that effectively addresses scalability challenges faced by traditional path-sensitive fault detection. The techniques are made general via a specification language and an algorithm that automatically generates path-based analyses from specifications. The generality is achieved in handling both\n            <jats:italic>data-<\/jats:italic>\n            and\n            <jats:italic>control-centric<\/jats:italic>\n            faults as well as both liveness and safety properties, enabling the exploitation of fault interactions for diagnosis and efficiency. Our experimental results demonstrate the effectiveness of our techniques in detecting path segments of buffer overflows, integer violations, null-pointer dereferences, and memory leaks. Because we applied an interprocedural, path-sensitive analysis, our static fault detectors generally report better precision than the tools available for comparison. Our demand-driven analyses are shown scalable to deployed applications such as\n            <jats:italic>apache<\/jats:italic>\n            ,\n            <jats:italic>putty<\/jats:italic>\n            , and\n            <jats:italic>ffmpeg<\/jats:italic>\n            .\n          <\/jats:p>","DOI":"10.1145\/2491509.2491512","type":"journal-article","created":{"date-parts":[[2013,7,30]],"date-time":"2013-07-30T13:35:22Z","timestamp":1375191322000},"page":"1-38","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":4,"title":["Marple"],"prefix":"10.1145","volume":"22","author":[{"given":"Wei","family":"Le","sequence":"first","affiliation":[{"name":"Rochester Institute of Technology"}]},{"given":"Mary Lou","family":"Soffa","sequence":"additional","affiliation":[{"name":"University of Virginia"}]}],"member":"320","published-online":{"date-parts":[[2013,7,30]]},"reference":[{"key":"e_1_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/1368088.1368118"},{"key":"e_1_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/258915.258929"},{"key":"e_1_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/267895.267921"},{"volume-title":"Proceedings of the 14th Symposium on Network and Distributed Systems Security (NDSS'07)","author":"Brumley D.","key":"e_1_2_1_4_1","unstructured":"Brumley , D. , Cker Chiueh , T. , Johnson , R. , Lin , H. , and Song , D . 2007. RICH: Automatically protecting against integer-based vulnerabilities . In Proceedings of the 14th Symposium on Network and Distributed Systems Security (NDSS'07) . Brumley, D., Cker Chiueh, T., Johnson, R., Lin, H., and Song, D. 2007. RICH: Automatically protecting against integer-based vulnerabilities. In Proceedings of the 14th Symposium on Network and Distributed Systems Security (NDSS'07)."},{"key":"e_1_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1002\/(SICI)1097-024X(200006)30:7%3C775::AID-SPE309%3E3.0.CO;2-H"},{"key":"e_1_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/1030083.1030122"},{"key":"e_1_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/586110.586142"},{"key":"e_1_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/1250734.1250789"},{"key":"e_1_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/1806799.1806874"},{"key":"e_1_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/512529.512538"},{"volume-title":"Proceedings of the 13th Conference on USENIX Security Symposium.","author":"David R. J.","key":"e_1_2_1_11_1","unstructured":"David , R. J. and Wagner , D . 2004. Finding user\/kernel pointer bugs with type inference . In Proceedings of the 13th Conference on USENIX Security Symposium. David, R. J. and Wagner, D. 2004. Finding user\/kernel pointer bugs with type inference. In Proceedings of the 13th Conference on USENIX Security Symposium."},{"key":"e_1_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/1993498.1993565"},{"key":"e_1_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/267959.269970"},{"key":"e_1_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2007.62"},{"key":"e_1_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/231379.231389"},{"key":"e_1_2_1_16_1","unstructured":"Findbugs. 2005. http:\/\/findbugs.sourceforge.net\/.  Findbugs. 2005. http:\/\/findbugs.sourceforge.net\/."},{"key":"e_1_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/1134285.1134319"},{"key":"e_1_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/512529.512539"},{"key":"e_1_2_1_19_1","unstructured":"Hamadi Y. 2002. Disolver : A distributed constraint solver. Tech. rep. MSR-TR-2003-91 Microsoft Research.  Hamadi Y. 2002. Disolver : A distributed constraint solver. Tech. rep. MSR-TR-2003-91 Microsoft Research."},{"key":"e_1_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/378795.378802"},{"key":"e_1_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/503272.503279"},{"key":"e_1_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/1453101.1453137"},{"key":"e_1_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/1882291.1882336"},{"key":"e_1_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/940071.940114"},{"volume-title":"Proceedings of Workshop on the Evaluation of Software Defect Detection Tools.","author":"Lu S.","key":"e_1_2_1_25_1","unstructured":"Lu , S. , Li , Z. , Qin , F. , Tan , L. , Zhou , P. , and Zhou , Y . 2005. Bugbench: Benchmarks for evaluating bug detection tools . In Proceedings of Workshop on the Evaluation of Software Defect Detection Tools. Lu, S., Li, Z., Qin, F., Tan, L., Zhou, P., and Zhou, Y. 2005. Bugbench: Benchmarks for evaluating bug detection tools. In Proceedings of Workshop on the Evaluation of Software Defect Detection Tools."},{"key":"e_1_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/1029894.1029907"},{"key":"e_1_2_1_27_1","unstructured":"Microsoft Prefast. 2013. Keynote talk. http:\/\/www.microsoft.com\/whdc\/devtools\/tools\/prefast.mspx.  Microsoft Prefast. 2013. Keynote talk. http:\/\/www.microsoft.com\/whdc\/devtools\/tools\/prefast.mspx."},{"key":"e_1_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/1065887.1065892"},{"key":"e_1_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1007\/11823230_26"},{"key":"e_1_2_1_30_1","unstructured":"Phoenix. 2004. http:\/\/research.microsoft.com\/phoenix\/.  Phoenix. 2004. http:\/\/research.microsoft.com\/phoenix\/."},{"key":"e_1_2_1_31_1","unstructured":"Polyspace. 2001. http:\/\/www.mathworks.com\/products\/polyspace\/.  Polyspace. 2001. http:\/\/www.mathworks.com\/products\/polyspace\/."},{"key":"e_1_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/1178625.1178628"},{"key":"e_1_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.1986.6312929"},{"volume-title":"Proceedings of the 15th IEEE International Conference on Automated Software Engineering (ASE'00)","author":"Visser W.","key":"e_1_2_1_34_1","unstructured":"Visser , W. , Havelund , K. , Brat , G. , and Park , S . 2000. Model checking programs . In Proceedings of the 15th IEEE International Conference on Automated Software Engineering (ASE'00) . 3. Visser, W., Havelund, K., Brat, G., and Park, S. 2000. Model checking programs. In Proceedings of the 15th IEEE International Conference on Automated Software Engineering (ASE'00). 3."},{"key":"e_1_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.5555\/800078.802557"},{"key":"e_1_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/1232420.1232423"},{"key":"e_1_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1145\/940071.940115"},{"key":"e_1_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1145\/1029894.1029911"}],"container-title":["ACM Transactions on Software Engineering and Methodology"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2491509.2491512","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2491509.2491512","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T07:28:50Z","timestamp":1750231730000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2491509.2491512"}},"subtitle":["Detecting faults in path segments using automatically generated analyses"],"short-title":[],"issued":{"date-parts":[[2013,7]]},"references-count":38,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2013,7]]}},"alternative-id":["10.1145\/2491509.2491512"],"URL":"https:\/\/doi.org\/10.1145\/2491509.2491512","relation":{},"ISSN":["1049-331X","1557-7392"],"issn-type":[{"type":"print","value":"1049-331X"},{"type":"electronic","value":"1557-7392"}],"subject":[],"published":{"date-parts":[[2013,7]]},"assertion":[{"value":"2011-07-01","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2012-05-01","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2013-07-30","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}