Abstract
Many JavaScript programs are written in an event-driven style. In particular, in server-side Node.js applications, operations involving sockets, streams, and files are typically performed in an asynchronous manner, where the execution of listeners is triggered by events. Several types of programming errors are specific to such event-based programs (e.g., unhandled events, and listeners that are registered too late). We present the event-based call graph, a program representation that can be used to detect bugs related to event handling. We have designed and implemented three analyses for constructing event-based call graphs. Our results show that these analyses are capable of detecting problems reported on StackOverflow. Moreover, we show that the number of false positives reported by the analysis on a suite of small Node.js applications is manageable.
- E. Andreasen and A. Møller. Determinacy in Static Analysis for jQuery. In Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA), 2014. Google Scholar
Digital Library
- S. Artzi, J. Dolby, S. H. Jensen, A. Møller, and F. Tip. A Framework for Automated Testing of JavaScript Web Applications. In Proc. 33rd International Conference on Software Engineering (ICSE), 2011. Google Scholar
Digital Library
- S. Artzi, J. Dolby, F. Tip, and M. Pistoia. Fault Localization for Dynamic Web Applications. In IEEE Transactions on Software Engineering, 2012. Google Scholar
Digital Library
- M. Cantelon, M. Harter, T. Holowaychuk, and N. Rajlich. Node.js in Action. Manning Publications, 2014. Google Scholar
Digital Library
- R. Dahl. Node.js online documentation, 2014.Google Scholar
- A. Feldthaus and A. Møller. Semi-Automatic Rename Refactoring for JavaScript. In Proc. ACM SIGPLAN Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA), 2013. Google Scholar
Digital Library
- A. Feldthaus, T. Millstein, A. Møller, M. Schäfer, and F. Tip. Tool-supported Refactoring for JavaScript. In Proc. ACM SIGPLAN Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA), 2011. Google Scholar
Digital Library
- M. Felleisen, R. B. Findler, and M. Flatt. Semantics Engineering with PLT Redex. The MIT Press, 2009. Google Scholar
Digital Library
- S. Guarnieri and B. Livshits. GateKeeper: Mostly Static Enforcement of Security and Reliability Policies for JavaScript Code. In Proceedings of the Usenix Security Symposium, 2009. Google Scholar
Digital Library
- A. Guha, C. Saftoiu, and S. Krishnamurthi. The Essence of JavaScript. In Proc. 24th European Conference on Objectoriented Programming (ECOOP), 2010. Google Scholar
Digital Library
- S. Hong, Y. Park, and M. Kim. Detecting Concurrency Errors in Client-Side JavaScript Web Applications. In Proc. of 17th International Conference on Software Testing, Verification and Validation (ICST), 2014. Google Scholar
Digital Library
- S. H. Jensen, A. Møller, and P. Thiemann. Type Analysis for JavaScript. In Proc. 16th International Static Analysis Symposium (SAS), 2009. Google Scholar
Digital Library
- S. H. Jensen, M. Madsen, and A. Møller. Modeling the HTML DOM and Browser API in Static Analysis of JavaScript Web Applications. In Proc. 8th joint meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering (ESEC/FSE), 2011. Google Scholar
Digital Library
- S. H. Jensen, P. Jonsson, and A. Møller. Remedying the Eval That Men Do. In Proc. International Symposium on Software Testing and Analysis (ISSTA), 2012. Google Scholar
Digital Library
- R. Jhala and R. Majumdar. Interprocedural Analysis of Asynchronous Programs. In Proc. 34th Symposium on Principles of Programming Languages (POPL), 2007. Google Scholar
Digital Library
- J. B. Kam and J. D. Ullman. Monotone Data Flow Analysis Frameworks. Acta Informatica, 1977. Google Scholar
Digital Library
- V. Kashyap, J. Sarracino, J. Wagner, B. Wiedermann, and B. Hardekopf. Type Refinement for Static Analysis of JavaScript. In Proc. 9th Symposium on Dynamic Languages, 2013. Google Scholar
Digital Library
- V. Kashyap, K. Dewey, E. Kuefner, J. Wagner, K. Gibbons, J. Sarracino, B. Wiedermann, and B. Hardekopf. JSAI: A Static Analysis Platform for JavaScript. In Proc. 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering (FSE), 2014. Google Scholar
Digital Library
- B. S. Lerner, M. J. Carroll, D. P. Kimmel, H. Q.-D. L. Vallee, and S. Krishnamurthi. Modeling and reasoning about dom events. In Proc. 3rd USENIX Conference on Web Application Development, 2012. Google Scholar
Digital Library
- M. Lutz. Learning Python. O’Reilly, 5 edition, 2013. Google Scholar
Digital Library
- M. Madsen and E. Andreasen. String Analysis for Dynamic Field Access. In Proc. 23rd International Conference on Compiler Construction (CC), 2014.Google Scholar
Cross Ref
- M. Madsen and A. Møller. Sparse Dataflow Analysis with Pointers and Reachability. In Proc. 21st International Static Analysis Symposium (SAS), 2014.Google Scholar
Cross Ref
- M. Madsen, B. Livshits, and M. Fanning. Practical Static Analysis of JavaScript Applications in the Presence of Frameworks and Libraries. In Proc. European Software Engineering Conference and the Symposium on the Foundations of Software Engineering (ESEC/FSE), 2013. Google Scholar
Digital Library
- L. Mauborgne and X. Rival. Trace Partitioning in Abstract Interpretation based Static Analyzers. In Proc. 14th European Symposium on Programming (ESOP), 2005. Google Scholar
Digital Library
- F. Meawad, G. Richards, F. Morandat, and J. Vitek. Eval Begone!: Semi-automated Removal of Eval from JavaScript Programs. In Proc. ACM SIGPLAN Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA), 2012. Google Scholar
Digital Library
- A. Møller and M. Schwarz. Automated Detection of Client-State Manipulation Vulnerabilities. Transactions on Software Engineering and Methodology, 2014. Google Scholar
Digital Library
- E. Mutlu, S. Tasiran, and B. Livshits. I Know It When I See It: Observable Races in JavaScript Applications. In 8th Workshop on Dynamic Languages and Applications., 2014. Google Scholar
Digital Library
- B. Petrov, M. Vechev, M. Sridharan, and J. Dolby. Race Detection for Web Applications. In Proc. 33rd ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI), 2012. Google Scholar
Digital Library
- V. Raychev, M. Vechev, and M. Sridharan. Effective Race Detection for Event-driven Programs. In Proc. of 27th European Conference on Object-oriented Programming (ECOOP), 2013. Google Scholar
Digital Library
- T. Reps, S. Horwitz, and M. Sagiv. Precise Interprocedural Dataflow Analysis via Graph Reachability. In Proc. 22nd Symposium on Principles of Programming Languages (POPL), 1995. Google Scholar
Digital Library
- M. Schaefer, M. Sridharan, J. Dolby, and F. Tip. Effective Smart Completion for JavaScript. Technical Report RC25359, IBM Research, 2013.Google Scholar
- D. Thomas, A. Hunt, and C. Fowler. Programming Ruby 1.9 & 2.0: The Pragmatic Programmer’’s Guide. Pragmatic Bookshelf, 4 edition, 2013. Google Scholar
Digital Library
- O. Tripp, M. Pistoia, P. Cousot, R. Cousot, and S. Guarnieri. Andromeda: Accurate and Scalable Security Analysis of Web Applications. In Proc. 16th International Conference on Fundamental Approaches to Software Engineering (FASE), 2013. Google Scholar
Digital Library
- Y. Zheng, T. Bao, and X. Zhang. Statically Locating Web Application Bugs Caused by Asynchronous Calls. In Proc. 20th International Conference on World Wide Web, 2011. Google Scholar
Digital Library
- Introduction Motivating Examples StackOverflow Question 19167407 StackOverflow Question 19081270 Limitations of Current Static Analyses Language Design Choices Syntax of _ Runtime of _ Semantics of _ Other Event Features Beyond Call Graphs Event-Based Call Graphs Bug Finding Analysis Framework Evaluation Implementation Research Questions Q1: Finding and Understanding Bugs Q2: Precision and Performance Discussion JavaScript in the Browser Environment Other Languages Related Work ConclusionGoogle Scholar
Index Terms
Static analysis of event-driven Node.js JavaScript applications
Recommendations
Static analysis of event-driven Node.js JavaScript applications
OOPSLA 2015: Proceedings of the 2015 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and ApplicationsMany JavaScript programs are written in an event-driven style. In particular, in server-side Node.js applications, operations involving sockets, streams, and files are typically performed in an asynchronous manner, where the execution of listeners is ...
Type refinement for static analysis of JavaScript
DLS '13: Proceedings of the 9th symposium on Dynamic languagesStatic analysis of JavaScript has proven useful for a variety of purposes, including optimization, error checking, security auditing, program refactoring, and more. We propose a technique called type refinement that can improve the precision of such ...






Comments