Gulfstream: Incremental Static Analysis for Streaming JavaScript Applications
作者: Salvatore Guarnieri , Ben Livshits
DOI:
关键词: Mobile device 、 JavaScript 、 Computer science 、 Programming language 、 Offline analysis 、 Upload 、 Hybrid approach 、 Variety (cybernetics) 、 Code (cryptography) 、 World Wide Web 、 Static analysis
摘要: The advent of Web 2.0 has led to the proliferation client-side code that is typically written in JavaScript. Recently, there been an upsurge interest static analysis However, most approaches literature assume entire program available analysis. This, however, direct contradiction with nature programs are essentially being streamed at user’s browser. Users can see data pages form page updates, but same thing be done code, delaying downloading until it needed. In essence, never completely available, by interacting application, more and sent over This paper explores incremental as a way analyze streaming JavaScript programs. particular, we advocate use combined offline-online accomplish fast, online expense thorough costly offline on code. We find normal use, where updates small, incrementally update results quickly enough acceptable for everyday use. demonstrate this hybrid approach advantageous wide variety settings, especially mobile devices.
参考文章(20)
Simon Holm Jensen, Anders Møller, Peter Thiemann, None, Type Analysis for JavaScript static analysis symposium. pp. 238- 255 ,(2009) , 10.1007/978-3-642-03237-0_17
Emre Kiciman, B. Livshits, AjaxScope: a platform for remotely monitoring the client - side behavior of Web 2 ,(2007)
John Whaley, Dzintars Avots, Michael Carbin, Monica S. Lam, Using Datalog with Binary Decision Diagrams for Program Analysis Programming Languages and Systems. pp. 97- 118 ,(2005) , 10.1007/11575467_8
Helen J. Wang, Jon Howell, Xiaofeng Fan, Collin Jackson, MashupOS: operating system abstractions for client mashups HOTOS'07 Proceedings of the 11th USENIX workshop on Hot topics in operating systems. pp. 16- ,(2007)
John Ellson, Emden Gansner, Lefteris Koutsofios, Stephen C. North, Gordon Woodhull, Graphviz: Open source graph drawing tools graph drawing. pp. 483- 484 ,(2001) , 10.1007/3-540-45848-4_57
Opher Dubrovsky, Saher Esmeir, John Dunagan, Helen J. Wang, Charles Reis, BrowserShield: vulnerability-driven filtering of dynamic HTML operating systems design and implementation. pp. 61- 74 ,(2006) , 10.5555/1298455.1298462
Ana Milanova, Atanas Rountev, Barbara G. Ryder, Precise Call Graphs for C Programs with Function Pointers automated software engineering. ,vol. 11, pp. 7- 26 ,(2004) , 10.1023/B:AUSE.0000008666.56394.A1
Dachuan Yu, Ajay Chander, Nayeem Islam, Igor Serikov, JavaScript instrumentation for browser security symposium on principles of programming languages. ,vol. 42, pp. 237- 249 ,(2007) , 10.1145/1190215.1190252
Marc Berndl, Ondrej Lhoták, Feng Qian, Laurie Hendren, Navindra Umanee, Points-to analysis using BDDs programming language design and implementation. ,vol. 38, pp. 103- 114 ,(2003) , 10.1145/780822.781144
Christopher Anderson, Paola Giannini, Type Checking for JavaScript Electronic Notes in Theoretical Computer Science. ,vol. 138, pp. 37- 58 ,(2005) , 10.1016/J.ENTCS.2005.09.010