Practical static analysis of JavaScript applications in the presence of frameworks and libraries

Magnus Madsen, Benjamin Livshits, Michael Fanning

Publikation: Bidrag til bog/antologi/rapport/proceedingKonferencebidrag i proceedingsForskningpeer review

Abstract

JavaScript is a language that is widely-used for both web- based and standalone applications such as those in the upcoming Windows 8 operating system. Analysis of JavaScript has long been known to be challenging due to its dynamic nature. On top of that, most JavaScript applications rely on large and complex libraries and frameworks, often written in a combination of JavaScript and native code such as C and C++. Stubs have been commonly employed as a partial specification mechanism to address the library problem; however, they are tedious to write, incomplete, and occasionally incorrect.

However, the manner in which library code is used within applications often sheds light on what library APIs return or consume as parameters. In this paper, we propose a technique which combines pointer analysis with use analysis to handle many challenges posed by large JavaScript libraries. Our approach enables a variety of applications, ranging from call graph discovery to auto-complete to supporting runtime optimizations. Our techniques have been implemented and empirically validated on a set of 25 Windows 8 JavaScript applications, averaging 1,587 lines of code, demonstrating a combination of scalability and precision.
OriginalsprogEngelsk
TitelProceedings of the 2013 9th Joint Meeting on Foundations of Software Engineering , ESEC/FSE 2013
RedaktørerBertrand Meyer, Luciano Baresi, Mira Mezini
Antal sider11
ForlagAssociation for Computing Machinery
Publikationsdato1 jan. 2013
Sider499-509
ISBN (Trykt)9781450322379
DOI
StatusUdgivet - 1 jan. 2013
Begivenhed9th Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering (ESEC/FSE) -
Varighed: 18 aug. 201326 aug. 2013

Konference

Konference9th Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering (ESEC/FSE)
Periode18/08/201326/08/2013

Fingeraftryk

Dyk ned i forskningsemnerne om 'Practical static analysis of JavaScript applications in the presence of frameworks and libraries'. Sammen danner de et unikt fingeraftryk.

Citationsformater