pubs.bib
@inproceedings{chakraborty24bounding,
author = {Madhurima Chakraborty and Aakash Gnanakumar and Manu Sridharan and Anders M{\o}ller},
title = {{Indirection-Bounded Call Graph Analysis}},
booktitle = {38th European Conference on Object-Oriented Programming (ECOOP 2024)},
year = {2024},
doi = {10.4230/LIPIcs.ECOOP.2024.10},
url = {files/ECOOP24Bounded.pdf}
}
@inproceedings{zhai24tprunify,
author = {Yizhuo Zhai and Zhiyun Qian and Chengyu Song and Manu Sridharan and Trent Jaeger and Paul Yu and Srikanth V. Krishnamurthy},
title = {{Don't Waste My Efforts: Pruning Redundant Sanitizer Checks of Developer-Implemented Type Checks}},
booktitle = {Proceedings of USENIX Security},
year = {2024},
url = {files/sec24_tprunify.pdf}
}
@article{stein24interactive,
author = {Benno Stein and Bor-Yuh Evan Chang and Manu Sridharan},
title = {{Interactive Abstract Interpretation with Demanded Summarization}},
journal = {ACM Transactions on Programming Languages and Systems (TOPLAS)},
year = {2024},
volume = {46},
number = {1},
doi = {10.1145/3648441},
url = {files/TOPLAS24DemandedSummarization.pdf}
}
@article{shadab23inference,
author = {Narges Shadab and Pritam Gharat and Shrey Tiwari and Michael D. Ernst and Martin Kellogg and Shuvendu Lahiri and Akash Lal and Manu Sridharan},
title = {Inference of Resource Management Specifications},
journal = {Proceedings of the ACM on Programming Languages (PACMPL), Volume 7, Issue OOPSLA},
year = {2023},
doi = {10.1145/3622858},
url = {files/OOPSLA23Inference.pdf}
}
@inproceedings{karimipour23practical,
author = {Nima Karimipour and Justin Pham and Lazaro Clapp and Manu Sridharan},
title = {{Practical Inference of Nullability Types}},
booktitle = {31st ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE 2023)},
year = {2023},
doi = {10.1145/3611643.3616326},
url = {files/FSE23Practical.pdf}
}
@article{chen22capture,
author = {Lisa Chen and William H. Grover and Manu Sridharan and Philip Brisk},
title = {Multi-Objective Design Automation for Microfluidic Capture Chips},
journal = {IEEE Transactions on NanoBioscience},
year = {2023},
volume = {22},
number = {3},
doi = {10.1109/TNB.2022.3212625},
url = {files/2022MultiObjective.pdf}
}
@inproceedings{kellogg22accumulation,
author = {Martin Kellogg and Narges Shadab and Manu Sridharan and Michael D. Ernst},
title = {{Accumulation Analysis}},
booktitle = {36th European Conference on Object-Oriented Programming (ECOOP 2022)},
year = {2022},
doi = {10.4230/LIPIcs.ECOOP.2022.10},
url = {files/ECOOP22-Accumulation.pdf}
}
@inproceedings{chakraborty22root,
author = {Madhurima Chakraborty and Renzo Olivares and Manu Sridharan and Behnaz Hassanshahi},
title = {{Automatic Root Cause Quantification for Missing Edges in JavaScript Call Graphs}},
booktitle = {36th European Conference on Object-Oriented Programming (ECOOP 2022)},
year = {2022},
doi = {10.4230/LIPIcs.ECOOP.2022.3},
url = {files/ECOOP22-RootCause.pdf},
note = {\url{https://arxiv.org/pdf/2205.06780.pdf}{Extended version}}
}
@inproceedings{zhai22increlux,
author = {Yizhuo Zhai and Yu Hao and Zheng Zhang and Weiteng Chen and Guoren Li and Zhiyun Qian and Chengyu Song and Manu Sridharan and Srikanth V. Krishnamurthy and Trent Jaeger and Paul Yu},
title = {{Progressive Scrutiny: Incremental Detection of UBI bugs in the Linux Kernel}},
booktitle = {The Network and Distributed System Security Symposium (NDSS)},
year = {2022},
url = {files/NDSS2022.pdf}
}
@inproceedings{shaila21disco,
author = {Sri Shaila G and Ahmad Darki and Michalis Faloutsos and Nael Abu-Ghazaleh and Manu Sridharan},
title = {{DisCo: Combining Disassemblers for Improved Performance}},
booktitle = {24th International Symposium on Research in Attacks, Intrusions and Defenses (RAID)},
year = {2021},
doi = {10.1145/3471621.3471851},
url = {files/RAID21Disco.pdf}
}
@inproceedings{kellogg21leaks,
author = {Martin Kellogg and Narges Shadab and Manu Sridharan and Michael D. Ernst},
title = {Lightweight and Modular Resource Leak Verification},
booktitle = {Proceedings of the 2021 29th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE)},
year = {2021},
doi = {10.1145/3468264.3468576},
url = {files/FSE21Leaks.pdf},
note = {\textbf{Note:} The pre-print hosted \url{files/FSE21Leaks.pdf}{here} differs slightly from the originally-published version, due to corrections in Table 3. \url{https://zenodo.org/record/5275304#.YTkXmi1h30o}{Artifact}}
}
@inproceedings{stein21demanded,
author = {Benno Stein and Bor-Yuh Evan Chang and Manu Sridharan},
title = {Demanded Abstract Interpretation},
booktitle = {ACM Conference on Programming Language Design and Implementation (PLDI)},
year = {2021},
doi = {10.1145/3453483.3454044},
url = {files/PLDI21Demanded.pdf}
}
@article{farooq20livedroid,
author = {Umar Farooq and Zhijia Zhao and Manu Sridharan and Iulian Neamtiu},
title = {{LiveDroid}: Identifying and Preserving Mobile App State in Volatile Runtime Environments},
journal = {Proceedings of the ACM on Programming Languages (PACMPL), Volume 4, Issue OOPSLA},
year = {2020},
doi = {10.1145/3428228},
url = {files/OOPSLA20LiveDroid.pdf}
}
@inproceedings{ramanathan20piranha,
author = {Murali Krishna Ramanathan and Lazaro Clapp and Rajkishore Barik and Manu Sridharan},
title = {Piranha: Reducing Feature Flag Debt at {Uber}},
booktitle = {2020 International Conference on Software Engineering: Software Engineering in Practice (ICSE-SEIP 2020)},
year = {2020},
url = {files/ICSE20-SEIP-Piranha.pdf},
doi = {10.1145/3377813.3381350}
}
@inproceedings{KelloggRSSE2020,
author = {Martin Kellogg and Manli Ran and Manu Sridharan and Martin
Sch{\"a}f and Michael D. Ernst},
title = {Verifying Object Construction},
booktitle = {ICSE 2020, Proceedings of the 42nd International
Conference on Software Engineering},
address = {Seoul, Korea},
month = may,
year = {2020},
url = {files/ICSE20ObjConstruction.pdf},
doi = {10.1145/3377811.3380341}
}
@article{barik19swift,
author = {Rajkishore Barik and Manu Sridharan and Murali Krishna Ramanathan and Milind Chabbi},
title = {Optimization of {Swift} Protocols},
journal = {Proceedings of the ACM on Programming Languages (PACMPL), Volume 3, Issue OOPSLA},
year = {2019},
url = {files/OOPSLA19Swift.pdf},
doi = {10.1145/3360590}
}
@inproceedings{banerjee19nullaway,
author = {Subarno Banerjee and Lazaro Clapp and Manu Sridharan},
title = {NullAway: Practical Type-based Null Safety for {Java}},
booktitle = {Proceedings of the 2019 27th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering},
series = {ESEC/FSE},
year = {2019},
url = {files/FSE19NullAway.pdf},
doi = {10.1145/3338906.3338919}
}
@inproceedings{stein18rx,
author = {Benno Stein and
Lazaro Clapp and
Manu Sridharan and
Bor-Yuh Evan Chang},
title = {Safe Stream-Based Programming with Refinement Types},
booktitle = {Proceedings of the 33rd {ACM/IEEE} International Conference on Automated
Software Engineering},
year = {2018},
url = {files/ASE18Safe.pdf},
doi = {10.1145/3238147.3238174}
}
@inproceedings{newcomb17iota,
author = {Julie L. Newcomb and
Satish Chandra and
Jean{-}Baptiste Jeannin and
Cole Schlesinger and
Manu Sridharan},
title = {\textsc{IoTa}: a calculus
for internet of things automation},
booktitle = {Proceedings of the 2017 {ACM} {SIGPLAN} International Symposium on
New Ideas, New Paradigms, and Reflections on Programming and Software,
Onward!},
year = {2017},
url = {files/Onward17Iota.pdf},
doi = {10.1145/3133850.3133860}
}
@inproceedings{dan17finding,
author = {Andrei Marian Dan and
Manu Sridharan and
Satish Chandra and
Jean{-}Baptiste Jeannin and
Martin T. Vechev},
title = {Finding Fix Locations for {CFL}-Reachability Analyses via Minimum Cuts},
booktitle = {Computer Aided Verification - 29th International Conference, {CAV}},
year = {2017},
url = {files/CAV17CFL.pdf},
doi = {10.1007/978-3-319-63390-9_27}
}
@inproceedings{adamsen17repairing,
author = {Christoffer Quist Adamsen and
Anders M{\o}ller and
Rezwana Karim and
Manu Sridharan and
Frank Tip and
Koushik Sen},
title = {Repairing event race errors by controlling nondeterminism},
booktitle = {Proceedings of the 39th International Conference on Software Engineering,
{ICSE}},
year = {2017},
url = {files/ICSE17Repairing.pdf},
doi = {10.1109/ICSE.2017.34}
}
@inproceedings{loncaric16practical,
author = {Calvin Loncaric and
Satish Chandra and
Cole Schlesinger and
Manu Sridharan},
title = {A practical framework for type inference error explanation},
booktitle = {Object-Oriented Programming, Systems, Languages and Applications (OOPSLA)},
year = {2016},
url = {files/mycroft-preprint.pdf},
doi = {10.1145/2983990.2983994}
}
@inproceedings{chandra16typeinf,
author = {Satish Chandra and
Colin S. Gordon and
Jean{-}Baptiste Jeannin and
Cole Schlesinger and
Manu Sridharan and
Frank Tip and
Young{-}Il Choi},
title = {Type Inference for Static Compilation of {JavaScript}},
booktitle = {Object-Oriented Programming, Systems, Languages and Applications (OOPSLA)},
year = {2016},
url = {files/OOPSLA16Inference.pdf},
doi = {10.1145/2983990.2984017},
note = {\url{https://arxiv.org/pdf/1608.07261.pdf}{Extended version}}
}
@inproceedings{andreasen16trace,
author = {Esben Andreasen and
Colin S. Gordon and
Satish Chandra and
Manu Sridharan and
Frank Tip and
Koushik Sen},
title = {Trace Typing: An Approach for Evaluating Retrofitted Type Systems},
booktitle = {30th European Conference on Object-Oriented Programming (ECOOP)},
year = {2016},
doi = {10.4230/LIPIcs.ECOOP.2016.1},
url = {files/LIPIcs-ECOOP-2016-1.pdf},
note = {\url{https://arxiv.org/pdf/1605.01362.pdf}{Extended version}}
}
@inproceedings{blackshear15selective,
author = {Sam Blackshear and Bor-Yuh Evan Chang and Manu Sridharan},
title = {Selective Control-Flow Abstraction via Jumping},
booktitle = {Object-Oriented Programming, Systems, Languages and Applications (OOPSLA)},
year = 2015,
doi = {10.1145/2814270.2814293},
url = {files/OOPSLA15Hopper.pdf}
}
@inproceedings{jensen15meminsight,
author = {Simon Holm Jensen and Manu Sridharan and Koushik Sen and Satish Chandra},
title = {{MemInsight}: Platform-Independent Memory Debugging for {JavaScript}},
booktitle = {Joint Meeting of the European Software Engineering Conference and ACM SIGSOFT Symposium on the Foundations of Software Engineering (ESEC/FSE)},
year = 2015,
doi = {10.1145/2786805.2786860},
url = {files/FSE15MemInsight.pdf},
note = {\url{files/MemInsightTR.pdf}{Extended version}, \url{https://zenodo.org/record/1447013}{Artifact}}
}
@inproceedings{heule15mimic,
author = {Stefan Heule and Manu Sridharan and Satish Chandra},
title = {Mimic: Computing Models for Opaque Code},
booktitle = {Joint Meeting of the European Software Engineering Conference and ACM SIGSOFT Symposium on the Foundations of Software Engineering (ESEC/FSE)},
year = 2015,
doi = {10.1145/2786805.2786875},
url = {files/fse15-mimic.pdf}
}
@inproceedings{gong15dlint,
author = {Liang Gong and Michael Pradel and Manu Sridharan and Koushik Sen},
title = {{DLint}: Dynamically Checking Bad Coding Practices in {JavaScript}},
booktitle = {International Symposium on Software Testing and Analysis (ISSTA)},
year = 2015,
doi = {10.1145/2771783.2771809},
url = {files/ISSTA15DLint.pdf}
}
@article{livshits15soundiness,
author = {Benjamin Livshits and
Manu Sridharan and
Yannis Smaragdakis and
Ondrej Lhot{\'{a}}k and
Jos{\'{e}} Nelson Amaral and
Bor{-}Yuh Evan Chang and
Samuel Z. Guyer and
Uday P. Khedker and
Anders M{\o}ller and
Dimitrios Vardoulakis},
title = {In defense of soundiness: a manifesto},
journal = {Communications of the ACM},
volume = {58},
number = {2},
pages = {44--46},
year = {2015},
doi = {10.1145/2644805},
url = {files/cacm15.pdf}
}
@inproceedings{radoi14translating,
author = {Cosmin Radoi and Stephen J. Fink and Rodric Rabbah and Manu Sridharan},
title = {Translating Imperative Code to {MapReduce}},
booktitle = {Object-Oriented Programming, Systems, Languages and Applications (OOPSLA)},
year = {2014},
doi = {10.1145/2660193.2660228},
url = {files/OOPSLA14Mold.pdf}
}
@inproceedings{raychev13effective,
author = {Veselin Raychev and Martin Vechev and Manu Sridharan},
title = {Effective Race Detection for Event-Driven Programs},
booktitle = {Object-Oriented Programming, Systems, Languages and Applications (OOPSLA)},
year = {2013},
note = {\textbf{Outstanding Artifact Award}},
url = {files/OOPSLA13EventRacer.pdf},
doi = {10.1145/2544173.2509538}
}
@inproceedings{raychev13refactor,
author = {Veselin Raychev and Max Sch\"afer and Manu Sridharan and Martin Vechev},
title = {Refactoring with Synthesis},
booktitle = {Object-Oriented Programming, Systems, Languages and Applications (OOPSLA)},
year = {2013},
url = {files/OOPSLA13Refactoring.pdf},
doi = {10.1145/2544173.2509544}
}
@inproceedings{xu2009scaling,
title = {Scaling {CFL}-reachability-based points-to analysis using context-sensitive must-not-alias analysis},
author = {Guoxing Xu and Atanas Rountev and Manu Sridharan},
year = {2009},
url = {files/xu-ecoop09.pdf},
booktitle = {European Conference on Object-Oriented Programming},
doi = {http://dx.doi.org/10.1007/978-3-642-03013-0_6}
}
@inproceedings{chandraPLDI2009,
title = {Snugglebug: A Powerful Approach to Weakest Preconditions},
author = {Satish Chandra and Stephen J. Fink and Manu Sridharan},
year = {2009},
url = {files/snugglebug.pdf},
booktitle = {ACM Conference on Programming Language Design and Implementation (PLDI)},
doi = {http://doi.acm.org/10.1145/1542476.1542517}
}
@inproceedings{1542486,
title = {{TAJ}: Effective taint analysis of web applications},
author = {Omer Tripp and Marco Pistoia and Stephen J. Fink and Manu Sridharan and Omri Weisman},
year = {2009},
url = {files/pldi153-tripp.pdf},
booktitle = {PLDI \'09: Proceedings of the 2009 ACM SIGPLAN conference on Programming language design and implementation},
doi = {http://doi.acm.org/10.1145/1542476.1542486}
}
@inproceedings{sridharan09complexity,
title = {The Complexity of {Andersen's} Analysis in Practice},
author = {Manu Sridharan and Stephen J. Fink},
year = {2009},
url = {files/sas2009.pdf},
booktitle = {The 16th International Static Analysis Symposium (SAS)},
note = {\textbf{Note:} there is a bug in the algorithm given in Figure 1. A corrected version appears \url{http://dx.doi.org/10.1145/2955811.2955814}{in Dietrich et al}.},
doi = {http://dx.doi.org/10.1007/978-3-642-03237-0_15}
}
@inproceedings{schaefer2010correct,
title = {Correct Refactoring of Concurrent {Java} Code},
author = {Max Sch\"afer and Julian Dolby and Manu Sridharan and Frank Tip and Emina Torlak},
year = {2010},
url = {files/ECOOP10Refactoring.pdf},
booktitle = {European Conference on Object-Oriented Programming (ECOOP)},
doi = {http://dx.doi.org/10.1007/978-3-642-14107-2_11}
}
@inproceedings{Bacon10Software,
title = {Software Economies},
author = {David F. Bacon and Eric Bokelberg and Yiling Chen and Ian A. Kash and David C. Parkes and Malvika Rao and Manu Sridharan},
year = {2010},
url = {files/Bacon10Software.pdf},
booktitle = {Proceedings of the FSE/SDP Workshop on Future of Software Engineering Research},
doi = {http://doi.acm.org/10.1145/1882362.1882365},
abstract = {Software construction has typically drawn on engineering metaphors like building bridges or cathedrals, which emphasize architecture, specification, central planning, and determinism. Approaches to correctness have drawn on metaphors from mathematics, like formal proofs. However, these approaches have failed to scale to modern software systems, and the problem keeps getting worse.
We believe that the time has come to completely re-imagine the creation of complex software, drawing on systems in which behavior is decentralized, self-regulating, non-deterministic, and emergent---like economies.
In this paper we describe our vision for, and prelimary work on, the creation of software economies for both open systems and internal corporate development, and our plans to deploy these ideas within one of the largest developer communities at IBM.}
}
@inproceedings{schäfer2011refactoring,
title = {Refactoring {Java} Programs for Flexible Locking},
author = {Max Sch\"afer and Manu Sridharan and Julian Dolby and Frank Tip},
year = {2011},
url = {files/icse11.pdf},
booktitle = {International Conference on Software Engineering (ICSE)},
doi = {http://dl.acm.org/citation.cfm?id=1985804}
}
@inproceedings{blackshear2011flow,
title = {The Flow-Insensitive Precision of {Andersen's} Analysis in Practice},
author = {Sam Blackshear and Bor-Yuh Evan Chang and Sriram Sankaranarayanan and Manu Sridharan},
year = {2011},
url = {files/sas11-ptaprecision.pdf},
booktitle = {The 18th International Static Analysis Symposium (SAS 2011)},
doi = {http://www.springerlink.com/index/B85T752016532Q88.pdf}
}
@inproceedings{sridharan2011f4f,
title = {{F4F}: taint analysis of framework-based web applications},
author = {Manu Sridharan and Shay Artzi and Marco Pistoia and Salvatore Guarnieri and Omer Tripp and Ryan Berg},
year = {2011},
url = {files/oopsla11-f4f-preprint.pdf},
booktitle = {Proceedings of the 2011 ACM international conference on Object oriented programming systems languages and applications},
doi = {http://dl.acm.org/citation.cfm?id=2048145},
abstract = {This paper presents F4F (Framework For Frameworks), a
system for effective taint analysis of framework-based web
applications. Most modern web applications utilize one or
more web frameworks, which provide useful abstractions
for common functionality. Due to extensive use of reflective language constructs in framework implementations, existing static taint analyses are often ineffective when applied
to framework-based applications. While previous work has
included
ad hoc
support for certain framework constructs,
adding support for a large number of frameworks in this
manner does not scale from an engineering standpoint.
F4F employs an initial analysis pass in which both application code and configuration files are processed to generate
a specification of framework-related behaviors. A taint analysis engine can leverage these specifications to perform a
much deeper, more precise analysis of framework-based applications. Our specification language has only a small number of simple but powerful constructs, easing analysis engine
integration. With this architecture, new frameworks can be
handled with no changes to the core analysis engine, yielding significant engineering benefits.
We implemented specification generators for several web
frameworks and added F4F support to a state-of-the-art
taint-analysis engine. In an experimental evaluation, the
taint analysis enhanced with F4F discovered 525 new issues
across nine benchmarks, a harmonic mean of 2.10X more
issues per benchmark. Furthermore, manual inspection of a
subset of the new issues showed that many were exploitable
or reflected bad security practice.}
}
@inproceedings{Bacon12Predicting,
title = {Predicting Your Own Effort},
author = {David F. Bacon and Yiling Chen and Ian Kash and David Parkes and Malvika Rao and Manu Sridharan},
year = {2012},
url = {files/Bacon12Predicting.pdf},
booktitle = {Proceedings of the Eleventh International Conference on Autonomous Agents and Multi-agent Systems},
note = {\textbf{Best Paper Award}},
abstract = {We consider a setting in which a worker and a manager may each have information about the likely completion time of a task, and the worker also affects the completion time by choosing a level of effort. The task itself may further be composed of a set of subtasks, and the worker can also decide how many of these subtasks to split out into an explicit prediction task. In addition, the worker can learn about the likely completion time of a task as work on subtasks completes. We characterize a family of scoring rules for the worker and manager that provide three properties: information is truthfully reported; best effort is exerted by the worker in completing tasks as quickly as possible; and collusion is not possible. We also study the factors influencing when a worker will split a task into subtasks, each forming a separate prediction target.}
}
@inproceedings{JSECOOP2012,
title = {Correlation Tracking for Points-to Analysis of {JavaScript}},
author = {Manu Sridharan and Julian Dolby and Satish Chandra and Max Sch\"afer and Frank Tip},
year = {2012},
url = {files/ECOOP12Correlation.pdf},
booktitle = {European Conference on Object Oriented Programming (ECOOP)},
doi = {http://www.springerlink.com/index/M560325412605761.pdf},
abstract = {JavaScript poses significant challenges for points-to analysis,
particularly due to its flexible object model in which object
properties can be created and deleted at
run-time and accessed via first-class names. These features cause
an increase in the worst-case running time of field-sensitive
Andersen-style analysis, which becomes O(N^4), where N is the program size, in contrast
to the O(N^3) bound for languages like Java. In practice, we found that a standard
implementation of the analysis was unable to analyze popular
JavaScript frameworks.
We identify correlated dynamic property accesses as a common code
pattern that is analyzed very imprecisely by the standard analysis,
and show how a novel correlation tracking technique enables us to
handle this pattern more precisely, thereby making the analysis more
scalable. In an experimental evaluation, we found that correlation
tracking often dramatically improved analysis scalability and
precision on popular JavaScript frameworks, though in some cases
scalability challenges remain.
}
}
@inproceedings{SinhaCAV2012,
title = {Alternate and Learn: Finding Witnesses without looking all over},
author = {Nishant Sinha and Nimit Singhania and Satish Chandra and Manu Sridharan},
year = {2012},
url = {files/CAV12Alternate.pdf},
booktitle = {Computer Aided Verification (CAV)},
doi = {http://link.springer.com/chapter/10.1007\%2F978-3-642-31424-7_42},
abstract = {Most symbolic bug detection techniques perform search over the program control flow graph based on either forward symbolic execution or backward weakest preconditions computation. The complexity of determining interprocedural all-path feasibility makes it difficult for such analysis to judge up-front whether the behavior of a particular caller or callee procedure is relevant to a given property violation. Consequently, these methods analyze several program fragments irrelevant to the property, often repeatedly, before arriving at a goal location or an entrypoint, thus wasting resources and diminishing their scalability. This paper presents a systematic and scalable technique for focused bug detection which, starting from the goal function, employs alternating backward and forward exploration on the program call graph to lazily infer a small scope of program fragments, sufficient to detect the bug or show its absence. The method learns caller and callee invariants for procedures from failed exploration attempts and uses them to direct future exploration towards a scope pertinent to the violation.}
}
@inproceedings{petrov2012race,
title = {Race detection for web applications},
author = {Boris Petrov and Martin Vechev and Manu Sridharan and Julian Dolby},
year = {2012},
url = {files/pldi12-wr.pdf},
booktitle = {Proceedings of the 33rd ACM SIGPLAN conference on Programming Language Design and Implementation},
doi = {http://dx.doi.org/10.1145/2254064.2254095},
abstract = { Modern web pages are becoming increasingly full-featured, and this additional
functionality often requires greater use of asynchrony. Unfortunately, this
asynchrony can trigger unexpected concurrency errors, even though web page
scripts are executed sequentially.
We present the first formulation of a happens-before relation for
common web platform features. Developing this relation was a non-trivial task, due to complex feature
interactions and browser differences. We also present
a logical memory access model for web applications that
abstracts away browser implementation details.
Based on the above, we implemented WebRacer, the first dynamic race
detector for web applications. WebRacer is implemented atop the
production-quality WebKit engine, enabling testing of full-featured web sites.
WebRacer can also simulate certain user actions,
exposing more races.
We evaluated WebRacer by testing a large set of Fortune 100 company web
sites. We discovered many harmful races, and also gained
insights into how developers handle asynchrony in practice.}
}
@incollection{sridharan13alias,
title = {Alias Analysis for Object-Oriented Programs},
author = {Manu Sridharan and Satish Chandra and Julian Dolby and Stephen J. Fink and Eran Yahav},
year = {2013},
url = {files/aliasAnalysisChapter.pdf},
booktitle = {Aliasing in Object-Oriented Programming},
publisher = {Springer},
editor = {David Clarke and Tobias Wrigstad and James Noble},
note = {\textbf{Note:} there is a bug in the algorithm given in Figure 3. A corrected version appears \url{http://dx.doi.org/10.1145/2955811.2955814}{in Dietrich et al}.},
abstract = {We present a high-level survey of state-of-the-art alias analyses for object-oriented programs, based on a years-long effort developing industrial-strength static analyses for Java. We first present common variants of points-to analysis, including a discussion of key implementation techniques. We then describe flow-sensitive techniques based on tracking of access paths, which can yield greater precision for certain clients. We also discuss how whole-program alias analysis has become less useful for modern Java programs, due to increasing use of reflection in libraries and frameworks. We have found that for real-world programs, an under-approximate alias analysis based on access-path tracking often provides the best results for a variety of practical clients.},
doi = {10.1007/978-3-642-36946-9_8}
}
@inproceedings{schafer13dynamic,
title = {Dynamic Determinacy Analysis},
author = {Max Sch\"afer and Manu Sridharan and Julian Dolby and Frank Tip},
year = {2013},
url = {files/PLDI13Determinacy.pdf},
booktitle = {PLDI},
abstract = {We present an analysis for identifying determinate variables and expressions that always have the same value at a given program point.
This information can be exploited by client analyses and tools to, e.g., identify dead code or specialize uses of dynamic language constructs such as eval, replacing them with equivalent static constructs.
Our analysis is completely dynamic and only needs to observe a single execution of the program, yet the determinacy facts it infers hold for any execution.
We present a formal soundness proof of the analysis for a simple imperative language, and a prototype implementation that handles full JavaScript.
Finally, we report on two case studies that explored how static analysis for JavaScript could leverage the information
gathered by dynamic determinacy analysis. We found that in some cases scalability of static pointer analysis
was improved dramatically, and that many uses of runtime code generation could be eliminated.},
doi = {10.1145/2499370.2462168}
}
@inproceedings{blackshear13thresher,
title = {Thresher: Precise Refutations for Heap Reachability},
author = {Sam Blackshear and Bor-Yuh Evan Chang and Manu Sridharan},
year = {2013},
url = {files/PLDI13Thresher.pdf},
booktitle = {PLDI},
abstract = { We present a precise, path-sensitive static analysis for reasoning about
heap reachability; that is, whether an object can be reached from another
variable or object via pointer dereferences. Precise reachability information is
useful for a number of clients, including static detection of a class of Android
memory leaks. For this client, we found the heap reachability
information computed by a state-of-the-art points-to analysis was too
imprecise, leading to numerous false-positive leak reports.
Our analysis combines a symbolic execution capable of path-sensitivity and strong updates with abstract heap information computed by an initial flow-insensitive points-to analysis.
This novel mixed representation allows us to achieve both precision and scalability by leveraging the initial points-to analysis result to guide execution and prune infeasible paths.
We have evaluated our techniques in the Thresher tool, which we have used to find several developer-confirmed leaks in open-source Android applications.},
doi = {10.1145/2499370.2462186}
}
@inproceedings{feldthaus13efficient,
title = {Efficient Construction of Approximate Call Graphs for {JavaScript IDE} Services},
author = {Asger Feldthaus and Max Sch\"afer and Manu Sridharan and Julian Dolby and Frank Tip},
year = {2013},
url = {files/ICSE-2013-Approximate.pdf},
booktitle = {ICSE},
abstract = {The rapid rise of JavaScript as one of the most popular programming languages of the present day has led to a demand for sophisticated IDE support similar to what is available for Java or C#. However, advanced tooling is hampered by the dynamic nature of the language, which makes any form of static analysis very difficult. We single out efficient call graph construction as a key problem to be solved in order to improve development tools for JavaScript. To address this problem, we present a scalable field-based flow analysis for constructing call graphs. Our evaluation on large real-world programs shows that the analysis, while in principle unsound, produces highly accurate call graphs in practice. Previous analyses do not scale to these programs, but our analysis handles them in a matter of seconds, thus proving its suitability for use in an interactive setting.},
doi = {10.1109/ICSE.2013.6606621}
}
@inproceedings{wloka2009refactoring,
title = {Refactoring for reentrancy},
author = {Jan Wloka and Manu Sridharan and Frank Tip},
year = {2009},
url = {files/esec095-wloka.pdf},
booktitle = {The Seventh Joint Meeting of the European Software Engineering Conference and ACM SIGSOFT Symposium on the Foundations of Software Engineering (ESEC/FSE)},
doi = {http://doi.acm.org/10.1145/1595696.1595723}
}
@inproceedings{1250748,
title = {Thin slicing},
author = {Manu Sridharan and Stephen J Fink and Rastislav Bod\'ik},
year = {2007},
url = {files/pldi07.pdf},
booktitle = {Proceedings of the 2007 ACM SIGPLAN Conference on Programming Language Design and Implementation},
doi = {http://doi.acm.org/10.1145/1250734.1250748}
}
@inproceedings{sridharan06refine,
title = {Refinement-based context-sensitive points-to analysis for {Java}},
author = {Manu Sridharan and Rastislav Bod\'ik},
year = {2006},
url = {files/pldi06.pdf},
booktitle = {ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI 2006)},
doi = {http://doi.acm.org/10.1145/1133255.1134027}
}
@article{shankar2005new,
title = {New Temperatures in {Domineering}},
author = {Ajeet Shankar and Manu Sridharan},
year = {2005},
url = {files/fg4.pdf},
journal = {INTEGERS},
volume = {5},
pages = {G04}
}
@inproceedings{sridharan05demand,
title = {Demand-driven points-to analysis for {Java}},
author = {Manu Sridharan and Denis Gopan and Lexin Shan and Rastislav Bod\'ik},
year = {2005},
url = {files/oopsla05.pdf},
booktitle = {20th Annual ACM Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA)},
doi = {http://doi.acm.org/10.1145/1094811.1094817}
}
@inproceedings{manevich04pse,
title = {{PSE}: explaining program failures via postmortem static analysis},
author = {Roman Manevich and Manu Sridharan and Stephen Adams and Manuvir Das and Zhe Yang},
year = {2004},
url = {files/fse04.pdf},
booktitle = {Twelfth International Symposium on the Foundations of Software Engineering (FSE)},
doi = {http://doi.acm.org/10.1145/1041685.1029907}
}
@inproceedings{shlyakhter03debugging,
title = {Debugging overconstrained declarative models using unsatisfiable cores},
author = {Ilya Shlyakhter and Robert Seater and Daniel Jackson and Manu Sridharan and Mana Taghdiri},
year = {2003},
url = {files/ucore.pdf},
booktitle = { IEEE International Conference on Automated Software Engineering (ASE)},
doi = {http://doi.ieeecomputersociety.org/10.1109/ASE.2003.1240298},
note = {\textbf{Best Paper Award}}
}
@inproceedings{chang03pml,
title = {{PML}: Toward a High-Level Formal Language for Biological Systems},
author = {Bor-Yuh Evan Chang and Manu Sridharan},
year = {2003},
url = {files/pml03-bioconcur.pdf},
booktitle = {Workshop on Concurrent Models in Molecular Biology (BioConcur)},
doi = {http://dx.doi.org/10.1016/j.entcs.2004.01.039}
}
@inproceedings{choi02efficient,
title = {Efficient and precise datarace detection for multithreaded object-oriented programs},
author = {Jong-Deok Choi and Keunwoo Lee and Alexey Loginov and Robert O'Callahan and Vivek Sarkar and Manu Sridharan},
year = {2002},
url = {files/drace-pldi02.pdf},
booktitle = {ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI)},
doi = {http://doi.acm.org/10.1145/543552.512560}
}
@inproceedings{alpern2001perturbation,
title = {A perturbation-free replay platform for cross-optimized multithreaded applications},
author = {Bowen Alpern and Jong-Deok Choi and Ton Ngo and Manu Sridharan and John Vlissides},
year = {2001},
url = {files/choi01perturbationfree.pdf},
booktitle = {15th International Parallel and Distributed Processing Symposium (IPDPS)},
doi = {http://doi.ieeecomputersociety.org/10.1109/IPDPS.2001.924957}
}
@inproceedings{jackson01micro,
title = {A micromodularity mechanism},
author = {Daniel Jackson and Ilya Shlyakhter and Manu Sridharan},
year = {2001},
url = {files/micromodularity.pdf},
booktitle = {Foundations of Software Engineering / European Software Engineering Conference (FSE/ESEC)},
doi = {http://doi.acm.org/10.1145/503209.503219}
}
@inproceedings{alpern2000dejavu,
title = {{DejaVu}: deterministic {Java} replay debugger for {Jalape\~no} {Java} virtual machine},
author = {Bowen Alpern and Ton Ngo and Jong-Deok Choi and Manu Sridharan},
year = {2000},
url = {files/dejavu_demo.pdf},
booktitle = {Addendum to the Proceedings of the Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA)},
doi = {http://doi.acm.org/10.1145/367845.368073}
}
@inproceedings{sridharan2000multi,
title = {Multi-agent {Q}-learning and regression trees for automated pricing decisions},
author = {Manu Sridharan and Gerald Tesauro},
year = {2000},
url = {files/icml00.pdf},
booktitle = {Seventeenth International Conference on Machine Learning (ICML)},
abstract = {We study the use of single-agent and multi-agent
Q-learning to learn seller pricing strategies in
three different two-seller models of agent
economies, using a simple regression tree
approximation scheme to represent the Q-functions.
Our results are highly encouraging -- regression
trees match the training times and policy
performance of lookup table Q-learning, while
offering significant advantages in storage size and
amount of training data required, and better
expected scaling to large numbers of agents. Clear
advantages are seen over neural networks, which
yield inferior policies and require much longer
training times. Our work is among the first to
demonstrate success in combining Q-learning with
regression trees. Also, with regression trees,
Q-learning appears much more feasible as a practical
approach to learning strategies in large multi-agent
economies.}
}