Dynamically Detecting DOM-Related Atomicity Violations in JavaScript with Asynchronous Call
In Web applications, atomicity violations caused by AJAX (Asynchronous JavaScript and XML) generate non-determinism and inconsistency. This paper introduces a dynamical detecting approach for atomicity violations in AJAX. Implemented based on Jalangi, an existing instrumentation framework, our techn...
Gespeichert in:
| Veröffentlicht in: | SATE 2016 : proceedings : 2016 International Conference on Software Analysis, Testing and Evolution : 3-4 November 2016, Kunming, Yunnan, China S. 42 - 47 |
|---|---|
| Hauptverfasser: | , , , |
| Format: | Tagungsbericht |
| Sprache: | Englisch |
| Veröffentlicht: |
IEEE
01.11.2016
|
| Schlagworte: | |
| Online-Zugang: | Volltext |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| Abstract | In Web applications, atomicity violations caused by AJAX (Asynchronous JavaScript and XML) generate non-determinism and inconsistency. This paper introduces a dynamical detecting approach for atomicity violations in AJAX. Implemented based on Jalangi, an existing instrumentation framework, our technique monitors the execution of a Web application and tracks the Function Callback Flow to find atomic regions by taint analysis. Next, we build a dynamic event model, so as to precisely record the related DOM elements in call and callback steps with low overhead. Then we develop an event-based algorithm to acquire the results, which are classified into different severity levels (benign or harmful). Finally, we conduct an empirical experiment on a subset of Alexa top-ranked websites. Our tool detects 175 DOM related atomicity violations in which 48.6% of violations are identified as harmful after manual inspection. |
|---|---|
| AbstractList | In Web applications, atomicity violations caused by AJAX (Asynchronous JavaScript and XML) generate non-determinism and inconsistency. This paper introduces a dynamical detecting approach for atomicity violations in AJAX. Implemented based on Jalangi, an existing instrumentation framework, our technique monitors the execution of a Web application and tracks the Function Callback Flow to find atomic regions by taint analysis. Next, we build a dynamic event model, so as to precisely record the related DOM elements in call and callback steps with low overhead. Then we develop an event-based algorithm to acquire the results, which are classified into different severity levels (benign or harmful). Finally, we conduct an empirical experiment on a subset of Alexa top-ranked websites. Our tool detects 175 DOM related atomicity violations in which 48.6% of violations are identified as harmful after manual inspection. |
| Author | Baowen Xu Lei Xu Dezhi Wang Weifeng Zhang |
| Author_xml | – sequence: 1 surname: Dezhi Wang fullname: Dezhi Wang email: mg1433058@smail.nju.edu.cn organization: State Key Lab. for Novel Software Technol., Nanjing Univ., Nanjing, China – sequence: 2 surname: Lei Xu fullname: Lei Xu email: xlei@nju.edu.cn organization: State Key Lab. for Novel Software Technol., Nanjing Univ., Nanjing, China – sequence: 3 surname: Baowen Xu fullname: Baowen Xu email: bwxu@nju.edu.cn organization: State Key Lab. for Novel Software Technol., Nanjing Univ., Nanjing, China – sequence: 4 surname: Weifeng Zhang fullname: Weifeng Zhang email: zhangwf@njupt.edu.cn organization: Sch. of Comput., Nanjing Univ. of Posts & Telecommun., Nanjing, China |
| BookMark | eNotj89LwzAAhSMo6OZu3rzkH2hN2vzqsbRzKpOBm148jCRNXaRLRhOV_vcG9PTg8b0P3gycO-8MADcY5Rij6m5b75Z5gTDLMTkDM0xRhQjFHF-CRQifCCFcMVGQ6gq8t5OTR6vlMEywNdHoaN0HbDfP2YsZZDQdrKNPgI0TfLM-Vda7AK2DT_JbbvVoTxH-2HiAdZicPoze-a8AmyS8Bhe9HIJZ_OccvN4vd81Dtt6sHpt6nVnMacwUET0pK1MYzXilS0U6ToTSFHGmaKmEYkLRHiGGeSL7XnJVkgLzTlJO02AObv-81hizP432KMdpz7lIN4vyFxjCUjM |
| CODEN | IEEPAD |
| ContentType | Conference Proceeding |
| DBID | 6IE 6IL CBEJK RIE RIL |
| DOI | 10.1109/SATE.2016.14 |
| DatabaseName | IEEE Electronic Library (IEL) Conference Proceedings IEEE Xplore POP ALL IEEE Xplore All Conference Proceedings IEEE Electronic Library (IEL) IEEE Proceedings Order Plans (POP All) 1998-Present |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: RIE name: IEEE Electronic Library (IEL) url: https://ieeexplore.ieee.org/ sourceTypes: Publisher |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Computer Science |
| EISBN | 1509045171 9781509045174 |
| EndPage | 47 |
| ExternalDocumentID | 7780192 |
| Genre | orig-research |
| GroupedDBID | 6IE 6IF 6IK 6IL 6IN AAJGR AAWTH ADFMO ALMA_UNASSIGNED_HOLDINGS BEFXN BFFAM BGNUA BKEBE BPEOZ CBEJK IEGSK IERZE OCL RIE RIL |
| ID | FETCH-LOGICAL-i175t-b48f439e2ec679c3b4d748bc5076b53b8b68b5f006178f4ffa7b34217da5759c3 |
| IEDL.DBID | RIE |
| ISICitedReferencesCount | 0 |
| ISICitedReferencesURI | http://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=Summon&SrcAuth=ProQuest&DestLinkType=CitingArticles&DestApp=WOS_CPL&KeyUT=000390672200008&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| IngestDate | Wed Aug 27 01:57:10 EDT 2025 |
| IsPeerReviewed | false |
| IsScholarly | false |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-i175t-b48f439e2ec679c3b4d748bc5076b53b8b68b5f006178f4ffa7b34217da5759c3 |
| PageCount | 6 |
| ParticipantIDs | ieee_primary_7780192 |
| PublicationCentury | 2000 |
| PublicationDate | 2016-Nov. |
| PublicationDateYYYYMMDD | 2016-11-01 |
| PublicationDate_xml | – month: 11 year: 2016 text: 2016-Nov. |
| PublicationDecade | 2010 |
| PublicationTitle | SATE 2016 : proceedings : 2016 International Conference on Software Analysis, Testing and Evolution : 3-4 November 2016, Kunming, Yunnan, China |
| PublicationTitleAbbrev | SATE |
| PublicationYear | 2016 |
| Publisher | IEEE |
| Publisher_xml | – name: IEEE |
| SSID | ssj0001968249 |
| Score | 1.6095413 |
| Snippet | In Web applications, atomicity violations caused by AJAX (Asynchronous JavaScript and XML) generate non-determinism and inconsistency. This paper introduces a... |
| SourceID | ieee |
| SourceType | Publisher |
| StartPage | 42 |
| SubjectTerms | AJAX Arrays atomicity violation detection Browsers dynamic analysis event-handler function callback flow HTML Instruments Runtime Software |
| Title | Dynamically Detecting DOM-Related Atomicity Violations in JavaScript with Asynchronous Call |
| URI | https://ieeexplore.ieee.org/document/7780192 |
| WOSCitedRecordID | wos000390672200008&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV3JasMwEB2S0ENPXZLSHR16rLJ5kXwMWSilTQNJS6CHIMkjMAS7JE4gf19JdpMeeunFCCMkmMHWm9F7MwAPWrs6XoKqDgrq-0pRGXQ882h3kIUyYMp5-oWNx3w-jyYVeNxrYRDRkc-waYfuLj_O1MamylqMcYtIqlBlLCy0Wod8ShRyE0rsue1Ra9qbDS13K2xaic6v3inu6Bid_G_TU2gcNHhksj9dzqCC6Tmc_DRhIOU3WYfPQdFTXiyXOzJAeydg5pPB2yt1RDeMSS-30mMDt8lHkpXcN5Kk5FlsxdT9NYhNx5LeepcqWyw326xJ3yzYgPfRcNZ_omXHBJoYGJBT6XNtEAZ2UYUsUp70Y-ZzqQzoM2b3JJchl4F2uMXM1Fow6fkmKomFbdSpvAuopVmKl0CEjDAWQpv1Ah8DFQkWq7aNaLWS3UBeQd3aavFVFMVYlGa6_vv1DRxbTxQivluo5asN3sGR2ubJenXvPPkNGc6iOQ |
| linkProvider | IEEE |
| linkToHtml | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV1LSwMxEB5qFfRUtRXf5uDR7Wsf2T2WPqja1kKrFDyUJDuBhbIr7W6h_94kXVsPXrwsYQkJzLCbbybzzQfwKKXp48Us0UBmOY4QFncbtnrUG0g97lJhPD2go5E_mwXjAjztuDCIaIrPsKqH5i4_TESmU2U1Sn2NSA7gUCtn5WytfUYl8HwVTOyq24PapDXt6uotr6pJOr_UU8zh0Sv9b9tTqOxZeGS8O1_OoIDxOZR-ZBhI_lWW4bOzVZVni8WGdFDfCqj5pPM2tEypG4aklWrysQLc5CNK8uo3EsXkha3ZxPw3iE7IktZqEwvdLjfJVqStFqzAe687bfetXDPBihQQSC3u-FJhDGyi8GggbO6E1PG5ULBPGd7mPvd87kqDXNRMKRnltqPikpBpqU5hX0AxTmK8BMJ4gCFjUq3nOuiKgNFQ1HVMKwVvuvwKytpW869tW4x5bqbrv18_wHF_OhzMB8-j1xs40V7ZUvpuoZguM7yDI7FOo9Xy3nj1G7mfpYI |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=proceeding&rft.title=SATE+2016+%3A+proceedings+%3A+2016+International+Conference+on+Software+Analysis%2C+Testing+and+Evolution+%3A+3-4+November+2016%2C+Kunming%2C+Yunnan%2C+China&rft.atitle=Dynamically+Detecting+DOM-Related+Atomicity+Violations+in+JavaScript+with+Asynchronous+Call&rft.au=Dezhi+Wang&rft.au=Lei+Xu&rft.au=Baowen+Xu&rft.au=Weifeng+Zhang&rft.date=2016-11-01&rft.pub=IEEE&rft.spage=42&rft.epage=47&rft_id=info:doi/10.1109%2FSATE.2016.14&rft.externalDocID=7780192 |