Orchestrating dynamic analyses of distributed processes for full-stack JavaScript programs
- 7 April 2020
- journal article
- research article
- Published by Association for Computing Machinery (ACM) in ACM SIGPLAN Notices
- Vol. 53 (9), 107-118
- https://doi.org/10.1145/3393934.3278135
Abstract
Dynamic analyses are commonly implemented by instrumenting the program under analysis. Examples of such analyses for JavaScript range from checkers of user- defined invariants to concolic testers. For a full-stack JavaScript program, these analyses would benefit from reasoning about the state of the client-side and server-side processes it is comprised of. Lifting a dynamic analysis so that it supports full-stack programs can be challenging. It involves distributed communication to maintain the analysis state across all processes, which has to be deadlock-free. In this paper, we advocate maintaining distributed analysis state in a centralized analysis process instead — which is communicated with from the processes under analysis. The approach is supported by a dynamic analysis platform that provides abstractions for this communication. We evaluate the approach through a case study. We use the platform to build a distributed origin analysis, capable of tracking the expressions from which values originate from across process boundaries, and deploy it on collaborative drawing application. The results show that our approach greatly simplifies the lifting process at the cost of a computational overhead. We deem this overhead acceptable for analyses intended for use at development time.Keywords
This publication has 19 references indexed in Scilit:
- A Survey of Dynamic Analysis and Test Generation for JavaScriptACM Computing Surveys, 2017
- Understanding asynchronous interactions in full-stack JavaScriptPublished by Association for Computing Machinery (ACM) ,2016
- Type-aware concolic testing of JavaScript programsPublished by Association for Computing Machinery (ACM) ,2016
- Feedback-directed instrumentation for deployed JavaScript applicationsPublished by Association for Computing Machinery (ACM) ,2016
- JITProf: pinpointing JIT-unfriendly JavaScript codePublished by Association for Computing Machinery (ACM) ,2015
- DLint: dynamically checking bad coding practices in JavaScriptPublished by Association for Computing Machinery (ACM) ,2015
- SymJS: automatic symbolic testing of JavaScript web applicationsPublished by Association for Computing Machinery (ACM) ,2014
- A Systematic Survey of Program Comprehension through Dynamic AnalysisIEEE Transactions on Software Engineering, 2009
- ValgrindACM SIGPLAN Notices, 2007
- PinACM SIGPLAN Notices, 2005