Zobrazit v EDS

Jalangi: A selective record-replay and dynamic analysis framework for JavaScript

Uloženo v:
Podrobná bibliografie
Název: Jalangi: A selective record-replay and dynamic analysis framework for JavaScript
Autoři: Koushik Sen, Swaroop Kalasapur, Tasneem Brutch, Simon Gibbs
Přispěvatelé: The Pennsylvania State University CiteSeerX Archives
Zdroj: http://srl.cs.berkeley.edu/~ksen/papers/jalangi.pdf.
Rok vydání: 2013
Sbírka: CiteSeerX
Témata: Categories and Subject Descriptors D.2.5 [Software Engineering, Testing and Debugging— symbolic execution, testing tools General Terms Verification Keywords JavaScript, Dynamic Analysis, Concolic Testing
Popis: JavaScript is widely used for writing client-side web applica-tions and is getting increasingly popular for writing mobile applications. However, unlike C, C++, and Java, there are not that many tools available for analysis and testing of JavaScript applications. In this paper, we present a simple yet powerful framework, called Jalangi, for writing heavy-weight dynamic analyses. Our framework incorporates two key techniques: 1) selective record-replay, a technique which enables to record and to faithfully replay a user-selected part of the program, and 2) shadow values and shadow execution, which enables easy implementation of heavy-weight dynamic analyses. Our implementation makes no special assump-tion about JavaScript, which makes it applicable to real-world JavaScript programs running on multiple platforms. We have implemented concolic testing, an analysis to track origins of nulls and undefined, a simple form of taint anal-ysis, an analysis to detect likely type inconsistencies, and an object allocation profiler in Jalangi. Our evaluation of Jalangi on the SunSpider benchmark suite and on five web applications shows that Jalangi has an average slowdown of 26X during recording and 30X slowdown during replay and analysis. The slowdowns are comparable with slowdowns reported for similar tools, such as PIN and Valgrind for x86 binaries. We believe that the techniques proposed in this paper are applicable to other dynamic languages.
Druh dokumentu: text
Popis souboru: application/pdf
Jazyk: English
Relation: http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.455.9073; http://srl.cs.berkeley.edu/~ksen/papers/jalangi.pdf
Dostupnost: http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.455.9073
http://srl.cs.berkeley.edu/~ksen/papers/jalangi.pdf
Rights: Metadata may be used without restrictions as long as the oai identifier remains attached to it.
Přístupové číslo: edsbas.82BBD0FF
Databáze: BASE
Popis
Abstrakt:JavaScript is widely used for writing client-side web applica-tions and is getting increasingly popular for writing mobile applications. However, unlike C, C++, and Java, there are not that many tools available for analysis and testing of JavaScript applications. In this paper, we present a simple yet powerful framework, called Jalangi, for writing heavy-weight dynamic analyses. Our framework incorporates two key techniques: 1) selective record-replay, a technique which enables to record and to faithfully replay a user-selected part of the program, and 2) shadow values and shadow execution, which enables easy implementation of heavy-weight dynamic analyses. Our implementation makes no special assump-tion about JavaScript, which makes it applicable to real-world JavaScript programs running on multiple platforms. We have implemented concolic testing, an analysis to track origins of nulls and undefined, a simple form of taint anal-ysis, an analysis to detect likely type inconsistencies, and an object allocation profiler in Jalangi. Our evaluation of Jalangi on the SunSpider benchmark suite and on five web applications shows that Jalangi has an average slowdown of 26X during recording and 30X slowdown during replay and analysis. The slowdowns are comparable with slowdowns reported for similar tools, such as PIN and Valgrind for x86 binaries. We believe that the techniques proposed in this paper are applicable to other dynamic languages.