research-article

Jalangi: a selective record-replay and dynamic analysis framework for JavaScript

Authors:

Swaroop Kalasapur,

Tasneem Brutch,

Simon GibbsAuthors Info & Claims

ESEC/FSE 2013: Proceedings of the 2013 9th Joint Meeting on Foundations of Software Engineering

Pages 488 - 498

https://doi.org/10.1145/2491411.2491447

Published: 18 August 2013 Publication History

Abstract

JavaScript is widely used for writing client-side web applications and is getting increasingly popular for writing mobile applications. However, unlike C, C++, and Java, there are not that many tools available for analysis and testing of JavaScript applications. In this paper, we present a simple yet powerful framework, called Jalangi, for writing heavy-weight dynamic analyses. Our framework incorporates two key techniques: 1) selective record-replay, a technique which enables to record and to faithfully replay a user-selected part of the program, and 2) shadow values and shadow execution, which enables easy implementation of heavy-weight dynamic analyses. Our implementation makes no special assumption about JavaScript, which makes it applicable to real-world JavaScript programs running on multiple platforms. We have implemented concolic testing, an analysis to track origins of nulls and undefined, a simple form of taint analysis, an analysis to detect likely type inconsistencies, and an object allocation profiler in Jalangi. Our evaluation of Jalangi on the SunSpider benchmark suite and on five web applications shows that Jalangi has an average slowdown of 26X during recording and 30X slowdown during replay and analysis. The slowdowns are comparable with slowdowns reported for similar tools, such as PIN and Valgrind for x86 binaries. We believe that the techniques proposed in this paper are applicable to other dynamic languages.

References

[1]

C. Anderson, P. Giannini, and S. Drossopoulou. Towards type inference for javascript. In 19th European conference on Object-Oriented Programming, ECOOP’05, pages 428–452, 2005.

Digital Library

[2]

S. Andrica and G. Candea. Warr: A tool for high-fidelity web application record and replay. In Dependable Systems Networks (DSN), pages 403–410, 2011.

Digital Library

[3]

S. Artzi, J. Dolby, S. H. Jensen, A. Møller, and F. Tip. A framework for automated testing of javascript web applications. In 33rd International Conference on Software Engineering, ICSE’11, pages 571–580. ACM, 2011.

Digital Library

[4]

C. Barrett and C. Tinelli. CVC3. In 19th International Conference on Computer Aided Verification (CAV ’07), volume 4590 of LNCS, pages 298–302, 2007.

Digital Library

[5]

N. Bjørner, N. Tillmann, and A. Voronkov. Path feasibility analysis for string-manipulating programs. In Tools and Algorithms for the Construction and Analysis of Systems, pages 307–321, 2009.

Digital Library

[6]

M. D. Bond, N. Nethercote, S. W. Kent, S. Z. Guyer, and K. S. McKinley. Tracking bad apples: reporting the origin of null and undefined value errors. In ACM SIGPLAN conference on Object-oriented programming systems and applications, OOPSLA ’07, pages 405–422, 2007.

Digital Library

[7]

D. Bruening, T. Garnett, and S. Amarasinghe. An infrastructure for adaptive dynamic optimization. In Code generation and optimization: feedback-directed and runtime optimization, CGO ’03, pages 265–275, 2003.

Digital Library

[8]

M. Burrows, S. Freund, and J. Wiener. Run-time type checking for binary programs. In Compiler Construction, volume 2622 of LNCS, pages 90–105. Springer, 2003.

Digital Library

[9]

J. Clause, W. Li, and A. Orso. Dytan: a generic dynamic taint analysis framework. In International symposium on Software testing and analysis, pages 196–206. ACM, 2007.

Digital Library

[10]

F. Cornelis, A. Georges, M. Christiaens, M. Ronsse, T. Ghesquiere, and K. D. Bosschere. A taxonomy of execution replay systems. In International Conference on Advances in Infrastructure for Electronic Business, Education, Science, Medicine, and Mobile Technologies on the Internet, 2003.

[11]

C. Dionne, M. Feeley, and J. Desbiens. A taxonomy of distributed debuggers based on execution replay. In International Conference on Parallel and Distributed Processing Techniques and Applications, pages 203–214, 1996.

[12]

A. Feldthaus, M. Schaefer, M. Sridharan, J. Dolby, and F. Tip. Eﬃcient construction of approximate call graphs for javascript ide services. In International Conference on Software Engineering, ICSE ’13, 2013.

Digital Library

[13]

P. Godefroid, N. Klarlund, and K. Sen. DART: Directed Automated Random Testing. In PLDI’05, June 2005.

Digital Library

[14]

S. H. Jensen, A. Møller, and P. Thiemann. Interprocedural analysis with lazy propagation. In 17th international conference on Static analysis, SAS’10, pages 320–339, 2010.

Digital Library

[15]

S. Joshi and A. Orso. Scarpe: A technique and tool for selective capture and replay of program executions. In Software Maintenance, 2007, pages 234–243, 2007.

[16]

C.-K. Luk, R. Cohn, R. Muth, H. Patil, A. Klauser, G. Lowney, S. Wallace, V. J. Reddi, and K. Hazelwood. Pin: building customized program analysis tools with dynamic instrumentation. In ACM SIGPLAN conference on Programming language design and implementation, PLDI ’05, pages 190–200. ACM, 2005.

Digital Library

[17]

A. Mesbah and A. van Deursen. Invariant-based automatic testing of ajax user interfaces. In 31st International Conference on Software Engineering, ICSE ’09, pages 210–220. IEEE, 2009.

Digital Library

[18]

J. Mickens, J. Elson, and J. Howell. Mugshot: deterministic capture and replay for javascript applications. In 7th USENIX conference on Networked systems design and implementation, NSDI’10, pages 11–11, 2010.

Digital Library

[19]

S. Narayanasamy, C. Pereira, H. Patil, R. Cohn, and B. Calder. Automatic logging of operating system effects to guide application-level architecture simulation. In International conference on Measurement and modeling of computer systems, SIGMETRICS ’06/Performance ’06, pages 216–227. ACM, 2006.

Digital Library

[20]

N. Nethercote and J. Seward. Valgrind: a framework for heavyweight dynamic binary instrumentation. In ACM SIGPLAN conference on Programming language design and implementation, PLDI ’07, pages 89–100. ACM, 2007.

Digital Library

[21]

J. Newsome and D. Song. Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software. In 12th Annual Network and Distributed System Security Symposium, 2005.

[22]

H. Patil, C. Pereira, M. Stallcup, G. Lueck, and J. Cownie. Pinplay: a framework for deterministic replay and reproducible analysis of parallel programs. In 8th annual IEEE/ACM international symposium on Code generation and optimization, CGO ’10, pages 2–11, 2010.

Digital Library

[23]

K. Pattabiraman and B. Zorn. Dodom: Leveraging dom invariants for web 2.0 application robustness testing. In IEEE 21st International Symposium on Software Reliability Engineering, ISSRE ’10, pages 191–200, 2010.

Digital Library

[24]

B. Petrov, M. Vechev, M. Sridharan, and J. Dolby. Race detection for web applications. In 33rd ACM SIGPLAN conference on Programming Language Design and Implementation, PLDI ’12, pages 251–262. ACM, 2012.

Digital Library

[25]

P. Ratanaworabhan, B. Livshits, and B. G. Zorn. Jsmeter: comparing the behavior of javascript benchmarks with real web applications. In USENIX conference on Web application development, WebApps’10, pages 3–3, 2010.

Digital Library

[26]

G. Richards, A. Gal, B. Eich, and J. Vitek. Automated construction of javascript benchmarks. In ACM international conference on Object oriented programming systems languages and applications, OOPSLA ’11, pages 677–694. ACM, 2011.

Digital Library

[27]

G. Richards, S. Lebresne, B. Burg, and J. Vitek. An analysis of the dynamic behavior of javascript programs. In ACM SIGPLAN conference on Programming language design and implementation, pages 1–12. ACM, 2010.

Digital Library

[28]

D. Saff, S. Artzi, J. H. Perkins, and M. D. Ernst. Automatic test factoring for java. In 20th IEEE/ACM international Conference on Automated software engineering, ASE ’05, pages 114–123, New York, NY, USA, 2005. ACM.

Digital Library

[29]

P. Saxena, D. Akhawe, S. Hanna, F. Mao, S. McCamant, and D. Song. A symbolic execution framework for javascript. In IEEE Symposium on Security and Privacy, SP ’10, pages 513–528. IEEE, 2010.

Digital Library

[30]

K. Sen, D. Marinov, and G. Agha. CUTE: A concolic unit testing engine for C. In ESEC/FSE’05, Sep 2005.

Digital Library

[31]

J. Seward and N. Nethercote. Using valgrind to detect undefined value errors with bit-precision. In Annual conference on USENIX Annual Technical Conference, ATEC ’05, pages 2–2, 2005.

Digital Library

[32]

M. Sridharan, J. Dolby, S. Chandra, M. Schäfer, and F. Tip. Correlation tracking for points-to analysis of javascript. In 26th European conference on Object-Oriented Programming, ECOOP’12, pages 435–458, 2012.

Digital Library

[33]

K. Vikram, A. Prateek, and B. Livshits. Ripley: automatically securing web 2.0 applications through replicated execution. In 16th ACM conference on Computer and communications security, pages 173–186. ACM, 2009.

Digital Library

[34]

S. Wei and B. G. Ryder. A practical blended analysis for dynamic features in javascript. Technical report, Department of Computer Science, Virginia Tech., 2012.

[35]

D. Yu, A. Chander, N. Islam, and I. Serikov. JavaScript instrumentation for browser security. In ACM symposium on Principles of programming languages, POPL ’07, pages 237–249, 2007.

Digital Library

[36]

Q. Zhao, D. Bruening, and S. Amarasinghe. Umbra: Eﬃcient and scalable memory shadowing. 8th Annual IEEE/ACM International Symposium on Code Generation and Optimization, pages 22–31, 2010.

Digital Library

Cited By

Baek DGetz JSim YLehmann DTitzer BRyu SPradel M(2024)Wasm-R3: Record-Reduce-Replay for Realistic and Standalone WebAssembly BenchmarksProceedings of the ACM on Programming Languages10.1145/36897878:OOPSLA2(2156-2182)Online publication date: 8-Oct-2024
https://dl.acm.org/doi/10.1145/3689787
Munsters AScull Pupo AGonzalez Boix E(2024)BoaSpect: An Expressive Instrumentation Platform for JavaScriptCompanion Proceedings of the 8th International Conference on the Art, Science, and Engineering of Programming10.1145/3660829.3660839(47-51)Online publication date: 11-Mar-2024
https://dl.acm.org/doi/10.1145/3660829.3660839
Guo ZKang MVenkatakrishnan VGjomemo RCao YLuo BLiao XXu JKirda ELie D(2024)ReactAppScan: Mining React Application Vulnerabilities via Component GraphProceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security10.1145/3658644.3670331(585-599)Online publication date: 2-Dec-2024
https://dl.acm.org/doi/10.1145/3658644.3670331
Show More Cited By

Index Terms

Jalangi: a selective record-replay and dynamic analysis framework for JavaScript
1. Software and its engineering
  1. Software creation and management
    1. Software verification and validation
      1. Software defect analysis
        Software testing and debugging

Recommendations

Efficient dynamic analysis for Node.js
CC '18: Proceedings of the 27th International Conference on Compiler Construction

Due to its popularity, there is an urgent need for dynamic program-analysis tools for Node.js, helping developers find bugs, performance bottlenecks, and bad coding practices. Frameworks based on code-level instrumentation enable dynamic analyses close ...
Jalangi: a tool framework for concolic testing, selective record-replay, and dynamic analysis of JavaScript
ESEC/FSE 2013: Proceedings of the 2013 9th Joint Meeting on Foundations of Software Engineering

We describe a tool framework, called Jalangi, for dynamic analysis and concolic testing of JavaScript programs. The framework is written in JavaScript and allows implementation of various heavy-weight dynamic analyses for JavaScript. Jalangi ...
Isolating JavaScript in dynamic code environments
APLWACA '10: Proceedings of the 2010 Workshop on Analysis and Programming Languages for Web Applications and Cloud Applications

We analyze the source code of four well-known large web applications, namely WordPress, phpBB, phpMyAdmin and Drupal. We want to quantify the level of language intermixing in modern web applications and, if possible, we want to categorize all coding ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

ESEC/FSE 2013: Proceedings of the 2013 9th Joint Meeting on Foundations of Software Engineering

August 2013

738 pages

ISBN:9781450322379

DOI:10.1145/2491411

General Chair:
Bertrand Meyer
ETH Zurich, Switzerland
,
Program Chairs:
Luciano Baresi
Politecnico di Milano, Italy
,
Mira Mezini
TU Darmstadt, Germany

Copyright © 2013 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSOFT: ACM Special Interest Group on Software Engineering

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 18 August 2013

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

ESEC/FSE'13

Sponsor:

SIGSOFT

ESEC/FSE'13: Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering

August 18 - 26, 2013

Saint Petersburg, Russia

Acceptance Rates

Overall Acceptance Rate 112 of 543 submissions, 21%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

227
Total Citations
View Citations
1,421
Total Downloads

Downloads (Last 12 months)86
Downloads (Last 6 weeks)8

Reflects downloads up to 06 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Baek DGetz JSim YLehmann DTitzer BRyu SPradel M(2024)Wasm-R3: Record-Reduce-Replay for Realistic and Standalone WebAssembly BenchmarksProceedings of the ACM on Programming Languages10.1145/36897878:OOPSLA2(2156-2182)Online publication date: 8-Oct-2024
https://dl.acm.org/doi/10.1145/3689787
Munsters AScull Pupo AGonzalez Boix E(2024)BoaSpect: An Expressive Instrumentation Platform for JavaScriptCompanion Proceedings of the 8th International Conference on the Art, Science, and Engineering of Programming10.1145/3660829.3660839(47-51)Online publication date: 11-Mar-2024
https://dl.acm.org/doi/10.1145/3660829.3660839
Guo ZKang MVenkatakrishnan VGjomemo RCao YLuo BLiao XXu JKirda ELie D(2024)ReactAppScan: Mining React Application Vulnerabilities via Component GraphProceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security10.1145/3658644.3670331(585-599)Online publication date: 2-Dec-2024
https://dl.acm.org/doi/10.1145/3658644.3670331
Bouzenia IKrishan BPradel M(2024)DyPyBench: A Benchmark of Executable Python SoftwareProceedings of the ACM on Software Engineering10.1145/36437421:FSE(338-358)Online publication date: 12-Jul-2024
https://doi.org/10.1145/3643742
Zheng DSen KRoychoudhury APaiva AAbreu RStorey MAniche MNagappan N(2024)Dynamic Inference of Likely Symbolic Tensor Shapes in Python Machine Learning ProgramsProceedings of the 46th International Conference on Software Engineering: Software Engineering in Practice10.1145/3639477.3639718(147-156)Online publication date: 14-Apr-2024
https://dl.acm.org/doi/10.1145/3639477.3639718
Hu GWang ZTang CShen JDong ZYao SChen H(2024)WeBridge: Synthesizing Stored Procedures for Large-Scale Real-World Web ApplicationsProceedings of the ACM on Management of Data10.1145/36393192:1(1-29)Online publication date: 26-Mar-2024
https://dl.acm.org/doi/10.1145/3639319
Kluban MMannan MYoussef A(2024)On Detecting and Measuring Exploitable JavaScript Functions in Real-world ApplicationsACM Transactions on Privacy and Security10.1145/363025327:1(1-37)Online publication date: 5-Feb-2024
https://dl.acm.org/doi/10.1145/3630253
Tzialla IWang JZhu JPanda AWalfish M(2024)Efficient Auditing of Event-driven Web ApplicationsProceedings of the Nineteenth European Conference on Computer Systems10.1145/3627703.3650089(1208-1224)Online publication date: 22-Apr-2024
https://dl.acm.org/doi/10.1145/3627703.3650089
Titzer BGilbert ETeo BAnand YTakayama KMiller HTsafrir DMusuvathi MGupta RAbu-Ghazaleh N(2024)Flexible Non-intrusive Dynamic Instrumentation for WebAssemblyProceedings of the 29th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 310.1145/3620666.3651338(398-415)Online publication date: 27-Apr-2024
https://dl.acm.org/doi/10.1145/3620666.3651338
Wang HTang ZTan SWang JLiu YFang HXia CWang ZRoychoudhury APaiva AAbreu RStorey M(2024)Combining Structured Static Code Information and Dynamic Symbolic Traces for Software Vulnerability PredictionProceedings of the IEEE/ACM 46th International Conference on Software Engineering10.1145/3597503.3639212(1-13)Online publication date: 20-May-2024
https://dl.acm.org/doi/10.1145/3597503.3639212
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents