Download PDFOpen PDF in browser

Analyzing JavaScript Programs Using Octagon Domain

13 pagesPublished: March 13, 2019

Abstract

Static analyzers for JavaScript use constant propagation and interval domains to dis- cover numerical properties of program variables. These domains are non-relational and incapable of tracking relationships between variables, leading to imprecise analysis. This paper presents a static analyzer for the full language of JavaScript that employs the octagon domain to capture numerical properties of the program. Our work is built on top of TAJS (type analyzer for JavaScript) which employs a constant propagation domain for numerical properties. We reengineered TAJS’s abstract domain for abstractions of primitive values and its abstract domain for object abstractions and related transfer functions, resulting in an analyzer that is much more precise. Our experiments show an improvement in analysis precision of JavaScript programs with an acceptable increase in cost.

Keyphrases: abstract interpretation, javascript, octagon domain, static analysis

In: Gordon Lee and Ying Jin (editors). Proceedings of 34th International Conference on Computers and Their Applications, vol 58, pages 155-167.

BibTeX entry
@inproceedings{CATA2019:Analyzing_JavaScript_Programs_Using,
  author    = {Nabil Almashfi and Lunjin Lu},
  title     = {Analyzing JavaScript Programs Using Octagon Domain},
  booktitle = {Proceedings of 34th International Conference on Computers and Their Applications},
  editor    = {Gordon Lee and Ying Jin},
  series    = {EPiC Series in Computing},
  volume    = {58},
  publisher = {EasyChair},
  bibsource = {EasyChair, https://easychair.org},
  issn      = {2398-7340},
  url       = {/publications/paper/5fZF},
  doi       = {10.29007/6hc2},
  pages     = {155-167},
  year      = {2019}}
Download PDFOpen PDF in browser