Document Open Access Logo

Scalable and Precise Static Analysis of JavaScript Applications via Loop-Sensitivity

Authors Changhee Park, Sukyoung Ryu

PDF
Thumbnail PDF

File

LIPIcs.ECOOP.2015.735.pdf
  • Filesize: 0.69 MB
  • 22 pages

Document Identifiers

Author Details

Changhee Park
Sukyoung Ryu

Cite As Get BibTex

Changhee Park and Sukyoung Ryu. Scalable and Precise Static Analysis of JavaScript Applications via Loop-Sensitivity. In 29th European Conference on Object-Oriented Programming (ECOOP 2015). Leibniz International Proceedings in Informatics (LIPIcs), Volume 37, pp. 735-756, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2015) https://doi.org/10.4230/LIPIcs.ECOOP.2015.735

Abstract

The numbers and sizes of JavaScript applications are ever growing but static analysis techniques for analyzing large-scale JavaScript applications are not yet ready in a scalable and precise manner. Even when building complex software like compilers and operating systems in JavaScript, developers do not get much benefits from existing static analyzers, which suffer from mutually intermingled problems of scalability and imprecision.

In this paper, we present Loop-Sensitive Analysis (LSA) that improves the analysis scalability by enhancing the analysis precision in loops. LSA distinguishes loop iterations as many as needed by automatically choosing loop unrolling numbers during analysis. We formalize LSA in the abstract interpretation framework and prove its soundness and precision theorems using Coq. We evaluate our implementation of LSA using the analysis results of main web pages in the 5 most popular websites and those of the programs that use top 5 JavaScript libraries, and show that it outperforms the state-of-the-art JavaScript static analyzers in terms of analysis scalability. Our mechanization and implementation of LSA are both publicly available.

Subject Classification

Keywords
  • JavaScript
  • static analysis
  • loops

Metrics

  • Access Statistics
  • Total Accesses (updated on a weekly basis)
    0
    PDF Downloads
    0
    Metadata Views

Supplementary Materials

References

  1. Esben Andreasen and Anders Møller. Determinacy in static analysis for jQuery. In OOPSLA'14: Proceedings of the 2014 ACM International Conference on Object Oriented Programming Systems Languages and Applications. ACM, 2014. Google Scholar
  2. Thomas H. Austin and Cormac Flanagan. Efficient purely-dynamic information flow analysis. In PLAS'09: Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security. ACM, 2009. Google Scholar
  3. SungGyeong Bae, Hyunghun Cho, Inho Lim, and Sukyoung Ryu. SAFE_\scriptsize WAPI: Web API misuse detector for web applications. In ESEC/FSE'14: Proceedings of the 22nd ACM SIGSOFT Symposium and the 13th European Conference on Foundations of Software Engineering. ACM, 2014. Google Scholar
  4. Junhee Cho and Sukyoung Ryu. JavaScript module system: Exploring the design space. In Modularity'14: Proceedings of the 13th International Conference on Modularity, 2014. Google Scholar
  5. The Coq Proof Assistant. URL: http://coq.inria.fr/.
  6. Patrick Cousot. Semantic foundations of program analysis. In Program Flow Analysis: Theory and Applications, Chapter 10, pages 303-342. Prentice-Hall, Inc., 1981. Google Scholar
  7. Patrick Cousot and Radhia Cousot. Abstract interpretation: A unified lattice model for static analysis of programs by construction or approximation of fixpoints. In POPL'77: Proceedings of the 4th ACM SIGACT-SIGPLAN Symposium on Principles of Programming Languages. ACM, 1977. Google Scholar
  8. Patrick Cousot and Radhia Cousot. Systematic design of program analysis frameworks. In POPL'79: Proceedings of the 4th ACM SIGACT-SIGPLAN Symposium on Principles of Programming Languages. ACM, 1979. Google Scholar
  9. ECMA. ECMA-262: ECMAScript Language Specification. Edition 5.1, 2011. Google Scholar
  10. Maria Handjieva and Stanislav Tzolovski. Refining static analyses by trace-based partitioning using control flow. In Static Analysis, 5th International Symposium, SAS'98, Pisa, Italy, September 14-16, 1998, Proceedings, pages 200-214. Springer-Verlag, 1998. Google Scholar
  11. IBM Research. T.J. Watson Libraries for Analysis (WALA). URL: http://wala.sf.net.
  12. KAIST PLRG. Research material. URL: http://plrg.kaist.ac.kr/pch.
  13. KAIST PLRG. SAFE: Scalable analysis framework for ECMAScript. http://safe.kaist.ac.kr, 2014.
  14. Vineeth Kashyap, Kyle Dewey, Ethan A. Kuefner, John Wagner, Kevin Gibbons, John Sarracino, Ben Wiedermann, and Ben Hardekopf. JSAI: A static analysis platform for JavaScript. In FSE'14: Proceedings of the 22Nd ACM SIGSOFT International Symposium on Foundations of Software Engineering, 2014. Google Scholar
  15. Hongki Lee, Sooncheol Won, Joonho Jin, Junhee Cho, and Sukyoung Ryu. SAFE: Formal specification and implementation of a scalable analysis framework for ECMAScript. In FOOL'12: International Workshop on Foundations of Object Oriented Languages, 2012. Google Scholar
  16. Ondřej Lhoták and Laurie Hendren. Scaling Java points-to analysis using SPARK. In CC'03: Proceedings of the 12th International Conference on Compiler Construction. Springer-Verlag, 2003. Google Scholar
  17. Ravi Mangal, Mayur Naik, and Hongseok Yang. A correspondence between two approaches to interprocedural analysis in the presence of join. In ESOP 2014: Proceedings of the 23rd European Symposium on Programming. Springer, 2014. Google Scholar
  18. Anders Møller, Simon Holm Jensen, Peter Thiemann, Magnus Madsen, Matthias Diehn Ingesman, Peter Jonsson, and Esben Andreasen. TAJS: Type analyzer for JavaScript. https://github.com/cs-au-dk/TAJS, 2014.
  19. Xavier Rival and Laurent Mauborgne. The trace partitioning abstract domain. ACM TOPLAS, 29(5), 2007. Google Scholar
  20. Max Schäfer, Manu Sridharan, Julian Dolby, and Frank Tip. Dynamic determinacy analysis. In PLDI'13: Proceedings of the 34th ACM SIGPLAN Conference on Programming Language Design and Implementation. ACM, 2013. Google Scholar
  21. Micha Sharir and Amir Pnueli. Two approaches to interprocedural data flow analysis. In Program Flow Analysis: Theory and Applications, Chapter 7. Prentice-Hall, 1981. Google Scholar
  22. Yannis Smaragdakis, Martin Bravenboer, and Ondrej Lhoták. Pick your contexts well: Understanding object-sensitivity. In POPL'11: Proceedings of the 38th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages. ACM, 2011. Google Scholar
  23. Manu Sridharan, Julian Dolby, Satish Chandra, Max Schäfer, and Frank Tip. Correlation tracking for points-to analysis of JavaScript. In ECOOP'12: Proceedings of the 26th European Conference on Object-Oriented Programming. Springer-Verlag, 2012. Google Scholar
  24. Alfred Tarski. A lattice-theoretical fixpoint theorem and its applications. Pacific Journal of Mathematics, 1955. Google Scholar
  25. W3C. Document Object Model Events. http://www.w3.org/TR/2003/NOTE-DOM-Level-3-Events-20031107, 2003.
Questions / Remarks / Feedback
X

Feedback for Dagstuhl Publishing


Thanks for your feedback!

Feedback submitted

Could not send message

Please try again later or send an E-mail
© 2023-2024 Schloss Dagstuhl – LZI GmbH About DROPS Imprint Privacy Contact