skip to main content
article

Precise and scalable static analysis of jQuery using a regular expression domain

Published:01 November 2016Publication History
Skip Abstract Section

Abstract

jQuery is the most popular JavaScript library but the state-of-the-art static analyzers for JavaScript applications fail to analyze simple programs that use jQuery. In this paper, we present a novel abstract string domain whose elements are simple regular expressions that can represent prefix, infix, and postfix substrings of a string and even their sets. We formalize the new domain in the abstract interpretation framework with abstract models of strings and objects commonly used in the existing JavaScript analyzers. For practical use of the domain, we present polynomial-time inclusion decision rules between the regular expressions and prove that the rules exactly capture the actual inclusion relation. We have implemented the domain as an extension of the open-source JavaScript analyzer, SAFE, and we show that the extension significantly improves the scalability and precision of the baseline analyzer in analyzing programs that use jQuery.

References

  1. ECMAScript Language Specification. Edition 5.1, 2011.Google ScholarGoogle Scholar
  2. P. A. Abdulla, A. Bouajjani, and B. Jonsson. On-the-fly analysis of systems with unbounded, lossy fifo channels. In Proceedings of the 10th International Conference on Computer Aided Verification. Springer Berlin Heidelberg, 1998. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. E. Andreasen and A. Møller. Determinacy in static analysis for jQuery. In Proceedings of the International Conference on Object Oriented Programming Systems Languages and Applications, 2014. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. T.-H. Choi, O. Lee, H. Kim, and K.-G. Doh. A practical string analyzer by the widening approach. In Proceedings of the Asian Symposium on Programming Languages and Systems, 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. A. S. Christensen, A. Møller, and M. I. Schwartzbach. Precise analysis of string expressions. In Proceedings of the International Symposium on Static Analysis, 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. P. Cousot and R. Cousot. Abstract interpretation: A unified lattice model for static analysis of programs by construction or approximation of fixpoints. In Proceedings of the Symposium on Principles of Programming Languages, 1977. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. H. Hosoya, J. Vouillon, and B. C. Pierce. Regular expression types for XML. ACM Transactions on Programming Languages and Systems, 27(1):46–90, 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. D. Hovland. The inclusion problem for regular expressions. Journal of Computer and System Sciences, 78(6), 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. S. H. Jensen, A. Møller, and P. Thiemann. Type analysis for JavaScript. In Proceedings of the International Symposium on Static Analysis. Springer-Verlag, 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. S. H. Jensen, M. Madsen, and A. Møller. Modeling the HTML DOM and browser API in static analysis of JavaScript web applications. In Proceedings of the International Symposium on Foundations of Software Engineering. ACM, 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. jQuery Foundation. jQuery. http://jquery.com.Google ScholarGoogle Scholar
  12. KAIST PLRG. http://plrg.kaist.ac.kr/pch.Google ScholarGoogle Scholar
  13. V. Kashyap, K. Dewey, E. A. Kuefner, J. Wagner, K. Gibbons, J. Sarracino, B. Wiedermann, and B. Hardekopf. JSAI: A static analysis platform for JavaScript. In Proceedings of the International Symposium on Foundations of Software Engineering, 2014. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. H. Lee, S. Won, J. Jin, J. Cho, and S. Ryu. SAFE: Formal specification and implementation of a scalable analysis framework for ECMAScript. In Workshop on Foundations of Object Oriented Languages, 2012.Google ScholarGoogle Scholar
  15. B. S. Lerner, L. Elberty, J. Li, and S. Krishnamurthi. Combining form and function: Static types for jQuery programs. In Proceedings of the European Conference on Object-Oriented Programming, 2013. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. M. Madsen and E. Andreasen. String analysis for dynamic field access. In Proceedings of the International Conference on Compiler Construction, 2014.Google ScholarGoogle ScholarCross RefCross Ref
  17. W. Martens, F. Neven, and T. Schwentick. Complexity of decision problems for simple regular expressions. In Proceedings of the International Symposium on Mathematical Foundations of Computer Science, 2004.Google ScholarGoogle ScholarCross RefCross Ref
  18. T. Milo and D. Suciu. Index structures for path expressions. In Proceedings of the International Conference on Database Theory, 1999. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. C. Park and S. Ryu. Scalable and precise static analysis of JavaScript applications via loop-sensitivity. In Proceedings of the European Conference on Object-Oriented Programming, 2015.Google ScholarGoogle Scholar
  20. C. Park, S. Won, J. Jin, and S. Ryu. Static analysis of JavaScript web applications in the wild via practical DOM. In Proceedings of the International Conference on Automated Software Engineering, 2015. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. J. G. Politz, A. Guha, and S. Krishnamurthi. Semantics and types for objects with first-class member names. In Workshop on Foundations of Object Oriented Languages, 2012.Google ScholarGoogle Scholar
  22. M. Schäfer, M. Sridharan, J. Dolby, and F. Tip. Dynamic determinacy analysis. In Proceedings of the Conference on Programming Language Design and Implementation, 2013. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. M. Sridharan, J. Dolby, S. Chandra, M. Schäfer, and F. Tip. Correlation tracking for points-to analysis of JavaScript. In Proceedings of the European Conference on Object-Oriented Programming, 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. L. J. Stockmeyer and A. R. Meyer. Word problems requiring exponential time(preliminary report). In Proceedings of the Annual ACM Symposium on Theory of Computing, 1973. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Precise and scalable static analysis of jQuery using a regular expression domain

    Recommendations

    Comments

    Login options

    Check if you have access through your login credentials or your institution to get full access on this article.

    Sign in

    Full Access

    • Published in

      cover image ACM SIGPLAN Notices
      ACM SIGPLAN Notices  Volume 52, Issue 2
      DLS '16
      February 2017
      131 pages
      ISSN:0362-1340
      EISSN:1558-1160
      DOI:10.1145/3093334
      Issue’s Table of Contents
      • cover image ACM Conferences
        DLS 2016: Proceedings of the 12th Symposium on Dynamic Languages
        November 2016
        131 pages
        ISBN:9781450344456
        DOI:10.1145/2989225

      Copyright © 2016 ACM

      Publisher

      Association for Computing Machinery

      New York, NY, United States

      Publication History

      • Published: 1 November 2016

      Check for updates

      Qualifiers

      • article

    PDF Format

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader
    About Cookies On This Site

    We use cookies to ensure that we give you the best experience on our website.

    Learn more

    Got it!