Abstract
Modern web pages are becoming increasingly full-featured, and this additional functionality often requires greater use of asynchrony. Unfortunately, this asynchrony can trigger unexpected concurrency errors, even though web page scripts are executed sequentially.
We present the first formulation of a happens-before relation for common web platform features. Developing this relation was a non-trivial task, due to complex feature interactions and browser differences. We also present a logical memory access model for web applications that abstracts away browser implementation details.
Based on the above, we implemented WebRacer, the first dynamic race detector for web applications. WebRacer is implemented atop the production-quality WebKit engine, enabling testing of full-featured web sites. WebRacer can also simulate certain user actions, exposing more races.
We evaluated WebRacer by testing a large set of Fortune 100 company web sites. We discovered many harmful races, and also gained insights into how developers handle asynchrony in practice.
- HTML5 DOM tree. http://dev.w3.org/html5/spec/Overview.html#dom-trees.Google Scholar
- Timeout specification. http://www.whatwg.org/specs/web-apps/current-work/multipage/timers.html#dom-windowtimers-settimeout.Google Scholar
- WebKit. http://www.webkit.org/.Google Scholar
- Shay Artzi, Julian Dolby, Simon Holm Jensen, Anders Møller, and Frank Tip. A Framework for Automated Testing of JavaScript Web Applications. In ICSE, May 2011. Google Scholar
Digital Library
- Document Object Model (DOM) Level 3 Events Specification. http://www.w3.org/TR/DOM-Level-3-Events/.Google Scholar
- ECMA. ECMAScript Language Specification, 5th edition, 2009. ECMA-262.Google Scholar
- Cormac Flanagan and Stephen N. Freund. FastTrack: efficient and precise dynamic race detection. In PLDI, 2009. Google Scholar
Digital Library
- Salvatore Guarnieri and V. Benjamin Livshits. Gatekeeper: Mostly static enforcement of security and reliability policies for JavaScript code. In USENIX Security Symposium, pages 151--168, 2009. Google Scholar
Digital Library
- Zef Hemel and Eelco Visser. Declaratively programming the mobile web with Mobl. In OOPSLA, 2011. Google Scholar
Digital Library
- HTML5 specification. http://www.w3.org/TR/html5/.Google Scholar
- James Ide, Ratislav Bodik, and Doug Kimelman. Concurrency concerns in rich Internet applications. In Workshop on Exploiting Concurrency Efficiently and Correctly (EC2), 2009.Google Scholar
- Dongseok Jang, Ranjit Jhala, Sorin Lerner, and Hovav Shacham. An empirical study of privacy-violating information flows in JavaScript web applications. In ACM Conference on Computer and Communications Security, pages 270--283, 2010. Google Scholar
Digital Library
- Simon Holm Jensen, Magnus Madsen, and Anders Møller. Modeling the HTML DOM and browser API in static analysis of JavaScript web applications. In ESEC/FSE, 2011.Google Scholar
Digital Library
- Simon Holm Jensen, Anders Møller, and Peter Thiemann. Interprocedural Analysis with Lazy Propagation. In SAS, 2010.Google Scholar
Digital Library
- Olav Junker Kjaer. Timing and synchronization in JavaScript. http://dev.opera.com/articles/view/timing-and-synchronization-in-javascript/. Accessed 03-November-2011.Google Scholar
- Leslie Lamport. Time, clocks, and the ordering of events in a distributed system. Commun. ACM, 21:558--565, July 1978. Google Scholar
Digital Library
- Mozilla Developer Network. https://developer.mozilla.org/.Google Scholar
- Leo A. Meyerovich, Arjun Guha, Jacob Baskin, Gregory H. Cooper, Michael Greenberg, Aleks Bromfield, and Shriram Krishnamurthi. Flapjax: a programming language for Ajax applications. In OOPSLA, 2009. Google Scholar
Digital Library
- Mozilla Developer Network. Avoiding intermittent oranges. https://developer.mozilla.org/en/QA/Avoiding_intermittent_oranges. Accessed 18-October-2011.Google Scholar
- Robert O'Callahan, December 2010. Personal communication.Google Scholar
- Joe Gibbs Politz, Spiridon Aristides Eliopoulos, Arjun Guha, and Shriram Krishnamurthi. ADsafety: Type-based verification of JavaScript sandboxing. In USENIX Security Symposium, 2011. Google Scholar
Digital Library
- Gregor Richards, Sylvain Lebresne, Brian Burg, and Jan Vitek. An analysis of the dynamic behavior of javascript programs. SIGPLAN Not., 45:1--12, June 2010. Google Scholar
Digital Library
- Henri Sivonen. HTML5 script execution changes in Firefox 4. http://hsivonen.iki.fi/script-execution/. Accessed 05-November-2011.Google Scholar
- Steve Souders. Even Faster Web Sites: Performance Best Practices for Web Developers. O'Reilly Media, 2009. Google Scholar
Digital Library
- Yunhui Zheng, Tao Bao, and Xiangyu Zhang. Statically locating web application bugs caused by asynchronous calls. In WWW, 2011. Google Scholar
Digital Library
Index Terms
Race detection for web applications
Recommendations
Effective race detection for event-driven programs
OOPSLA '13: Proceedings of the 2013 ACM SIGPLAN international conference on Object oriented programming systems languages & applicationsLike shared-memory multi-threaded programs, event-driven programs such as client-side web applications are susceptible to data races that are hard to reproduce and debug. Race detection for such programs is hampered by their pervasive use of ad hoc ...
Race detection for web applications
PLDI '12: Proceedings of the 33rd ACM SIGPLAN Conference on Programming Language Design and ImplementationModern web pages are becoming increasingly full-featured, and this additional functionality often requires greater use of asynchrony. Unfortunately, this asynchrony can trigger unexpected concurrency errors, even though web page scripts are executed ...
Help when needed, but no more: Efficient read/write partial snapshot
An atomic snapshot object is an object that can be concurrently accessed by asynchronous processes prone to crash. It is made of m components (base atomic registers) and is defined by two operations: an update operation that allows a process to ...







Comments