Computer Science ›› 2017, Vol. 44 ›› Issue (4): 223-228.doi: 10.11896/j.issn.1002-137X.2017.04.048

Previous Articles     Next Articles

Finding Type Mismatch Defects of JavaScript Based on Static Analysis

WEI Miao, WU Yi-jian, SHEN Li-wei, PENG Xin and ZHAO Wen-yun   

  • Online:2018-11-13 Published:2018-11-13

Abstract: Because of the nature of the JavaScript language and the increase of amount of JavaScript code with the evolving software,a JavaScript program may have a lot of defects which are related to the runtime variable type.This kind of defect is often difficult to detect,only when runtime errors can find fault.It takes programmers a lot of time to locate and search the code bug by debugging manually.The proposed JavaScript defect inspection method is mainly used to check the possible runtime type unmatched defects.First of all,the JavaScript file was grouped in the project based on HTML,JSP page reference for JavaScript files.Secondly,JavaScript files were analyzed in groups and the variable type was inferred.Then we checked whether there is a multi-type attribute in the group,afterwards the use of the multi-type attribute was checked.Finally,the checking results was reported and the repair advice was gave.A tool for automatic detection of multi-type attribute defect in JavaScript was implemented,through the experiment in the real JavaScript projects,the feasibility of this method was illustrated and the existing JavaScript analysis method was compared to illustrate the effectiveness of this method,improving the JavaScript’s defect finding efficiency and effectiveness.

Key words: Static analysis,JavaScript,Defect finding

[1] stackoverflow .http://stackoverflow.com.
[2] esprima.http://esprima.org.
[3] escope.https://github.com/estools/escope.
[4] FELDTHAUS A,MLLER A.Semi-automatic rename refac-toring for JavaScript[J].AcmSigplan Notices,2013,48(10):323-338.
[5] LI S S,CHENG B Q,LI X F,et al.JavaScript Typing System with Prediction[J].Journal of Computer Research and Development,2012,49(2):421-431.(in Chinese) 李世胜,程歩奇,李晓峰,等.基于预测的JavaScript类型系统研究[J].计算机研究与发展,2012,49(2):421-431.
[6] DAMAS L,MILNER R.Principal type-schemes for functional programs[C]∥Proceedings of the 9th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages.ACM,1982:207-212.
[7] GUARNIERI S,LIVSHITS B.GATEKEEPER:Mostly StaticEnforcement of Security and Reliability Policies for JavaScript Code[J].Washington Sammyg,2009,7(4):151-168.
[8] MADSEN M,LIVSHITS B,FANNING M.Practical Static A-nalysis of JavaScript Applications in the Presence of Frameworks and Libraries[C]∥Proceedings of the 2013 9th Joint Meeting on Foundations of Software Engineering.ACM,2012:499-509.
[9] WEI S,RYDER B G.Practical blended taint analysis for JavaScript[C]∥Proceedings of the 2013 International Symposium on Software Testing and Analysis.ACM,2013:336-346.
[10] JENSEN S H,MLLER A,T HIEMANN P.Type Analysis for JavaScript[M]∥Static Analysis.Springer Berlin Heidelberg,2009:238-255.
[11] VARDOULAKIS D.CFA2:Pushdown Flow Analysis for Hi-gher-Order Languages[D].Boston:Northeastern University,2012
[12] OCARIZA F,BAJAJ K,P ATTABIRAMAN K,et al.An Empirical Study of Client-Side JavaScript Bugs[C]∥2013 ACM/IEEE International Symposium on Empirical Software Enginee-ring and Measurement.IEEE Computer Society,2013:55-64.
[13] OCARIZA F S,PATTABIRMAN K,MESBAH A.Vejovis:Suggesting Fixes for JavaScript Faults[C]∥International Conference on Software Engineering.2014:837-847.
[14] OCARIZA F S,PATTABIRMAN K,MESBAH A.DetectingInconsistencies in JavaScript MVC Applications[C]∥2015 IEEE/ACM 37th IEEE International Conference on Software Engineering (ICSE).IEEE,2015:325-335.
[15] FELDTHAUS A,SCH &#,FER M,et al.Efficient construction of approximate call graphs for JavaScript IDE services[C]∥International Conference on Software Engineering.IEEE Press,2013:752-761.
[16] collegesvis.https://github.com/nerdyworm/collegesvis.
[17] p4wn.https://github.com/douglasbagnall/p4wn.
[18] wander-mesh.https://github.com/notlion/wander-mesh.
[19] flow.http://flowtype.org.

No related articles found!
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!