Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
125 tokens/sec
GPT-4o
53 tokens/sec
Gemini 2.5 Pro Pro
42 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
47 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

Static JavaScript Call Graphs: A Comparative Study (2405.07206v1)

Published 12 May 2024 in cs.SE

Abstract: The popularity and wide adoption of JavaScript both at the client and server side makes its code analysis more important than ever before. Most of the algorithms for vulnerability analysis, coding issue detection, or type inference rely on the call graph representation of the underlying program. Despite some obvious advantages of dynamic analysis, static algorithms should also be considered for call graph construction as they do not require extensive test beds for programs and their costly execution and tracing. In this paper, we systematically compare five widely adopted static algorithms - implemented by the npm call graph, IBM WALA, Google Closure Compiler, Approximate Call Graph, and Type Analyzer for JavaScript tools - for building JavaScript call graphs on 26 WebKit SunSpider benchmark programs and 6 real-world Node.js modules. We provide a performance analysis as well as a quantitative and qualitative evaluation of the results. We found that there was a relatively large intersection of the found call edges among the algorithms, which proved to be 100 precise. However, most of the tools found edges that were missed by all others. ACG had the highest precision followed immediately by TAJS, but ACG found significantly more call edges. As for the combination of tools, ACG and TAJS together covered 99% of the found true edges by all algorithms, while maintaining a precision as high as 98%. Only two of the tools were able to analyze up-to-date multi-file Node.js modules due to incomplete language features support. They agreed on almost 60% of the call edges, but each of them found valid edges that the other missed.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (33)
  1. “Github octoverse website,” https://octoverse.github.com.
  2. S. H. Jensen, A. Møller, and P. Thiemann, “Type Analysis for Javascript,” in International Static Analysis Symposium.   Springer, 2009, pp. 238–255.
  3. A. Feldthaus, M. Schäfer, M. Sridharan, J. Dolby, and F. Tip, “Efficient Construction of Approximate Call Graphs for JavaScript IDE Services,” in Proceedings of the 2013 International Conference on Software Engineering, ser. ICSE ’13.   Piscataway, NJ, USA: IEEE Press, 2013, pp. 752–761.
  4. M. Madsen, B. Livshits, and M. Fanning, “Practical Static Analysis of Javascript Applications in the Presence of Frameworks and Libraries,” in Proceedings of the 2013 9th Joint Meeting on Foundations of Software Engineering.   ACM, 2013, pp. 499–509.
  5. M. Pradel, P. Schuh, and K. Sen, “Typedevil: Dynamic Type Inconsistency Analysis for Javascript,” in Proceedings of the 37th International Conference on Software Engineering - Volume 1, ser. ICSE ’15.   Piscataway, NJ, USA: IEEE Press, 2015, pp. 314–324.
  6. S. Mirshokraie, A. Mesbah, and K. Pattabiraman, “Efficient Javascript Mutation Testing,” in 2013 IEEE Sixth International Conference on Software Testing, Verification and Validation, March 2013, pp. 74–83.
  7. A. Feldthaus, T. Millstein, A. Møller, M. Schäfer, and F. Tip, “Tool-supported Refactoring for JavaScript,” SIGPLAN Not., vol. 46, no. 10, pp. 119–138, Oct. 2011.
  8. P. Bhattacharya, M. Iliofotou, I. Neamtiu, and M. Faloutsos, “Graph-based Analysis and Prediction for Software Evolution,” in 2012 34th International Conference on Software Engineering (ICSE), June 2012, pp. 419–429.
  9. A. F., “Interprocedural Data Flow Analysis,” in Information Processing 74 (Software).   North-Holland Publishing Co., Amsterdam, The Netherlands, 1974, pp. 398–402.
  10. S. L. Graham, P. B. Kessler, and M. K. Mckusick, “Gprof: A Call Graph Execution Profiler,” SIGPLAN Not., vol. 17, no. 6, pp. 120–126, Jun. 1982.
  11. J. Kinable and O. Kostakis, “Malware Classification Based on Call Graph Clustering,” Journal in computer virology, vol. 7, no. 4, pp. 233–245, 2011.
  12. F. Eichinger, K. Böhm, and M. Huber, “Mining Edge-Weighted Call Graphs to Localise Software Bugs,” in Machine Learning and Knowledge Discovery in Databases.   Berlin, Heidelberg: Springer Berlin Heidelberg, 2008, pp. 333–348.
  13. A. Rao and S. J. Steiner, “Debugging From a Call Graph,” Jan. 22 2013, uS Patent 8,359,584.
  14. T. Xie and D. Notkin, “An Empirical Study of Java Dynamic Call Graph Extractors,” University of Washington CSE Technical Report 02-12, vol. 3, 2002.
  15. G. C. Murphy, D. Notkin, W. G. Griswold, and E. S. Lan, “An Empirical Study of Static Call Graph Extractors,” ACM Trans. Softw. Eng. Methodol., vol. 7, no. 2, pp. 158–191, Apr. 1998.
  16. F. Eichinger, V. Pankratius, P. W. Große, and K. Böhm, “Localizing Defects in Multithreaded Programs by Mining Dynamic Call Graphs,” in Testing–Practice and Research Techniques.   Springer, 2010, pp. 56–71.
  17. M. Dmitriev, “Profiling Java Applications Using Code Hotswapping and Dynamic Call Graph Revelation,” SIGSOFT Softw. Eng. Notes, vol. 29, no. 1, pp. 139–150, Jan. 2004.
  18. T. Eisenbarth, R. Koschke, and D. Simon, “Aiding Program Comprehension by Static and Dynamic Feature Analysis,” in Proceedings of the IEEE International Conference on Software Maintenance (ICSM’01).   IEEE Computer Society, 2001, p. 602.
  19. S. Fink and J. Dolby, “WALA–The TJ Watson Libraries for Analysis,” 2012.
  20. J. Dijkstra, “Evaluation of Static JavaScript Call Graph Algorithms,” Ph.D. dissertation, Software Analysis and Transformation, 2014.
  21. O. Lhoták et al., “Comparing Call Graphs,” in Proceedings of the 7th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering.   ACM, 2007, pp. 37–42.
  22. K. Ali and O. Lhoták, “Application-Only Call Graph Construction,” in ECOOP 2012 – Object-Oriented Programming, J. Noble, Ed.   Berlin, Heidelberg: Springer Berlin Heidelberg, 2012, pp. 688–712.
  23. M. Rhino, “Javascript for java,” Project Website: http://www.mozilla.org/rhino, 2018.
  24. “Partial list of publications that rely on the WALA,” http://wala.sourceforge.net/wiki/index.php/Publications, 2018.
  25. M. Bazon, “UglifyJS,” https://github.com/mishoo/UglifyJS2, 2016.
  26. S. H. Jensen, A. Møller, and P. Thiemann, “Type Analysis for JavaScript,” in Proc. 16th International Static Analysis Symposium (SAS), ser. LNCS, vol. 5673.   Springer-Verlag, August 2009.
  27. “Facebook flow tool,” https://github.com/facebook/flow.
  28. V. Kashyap, K. Dewey, E. A. Kuefner, J. Wagner, K. Gibbons, J. Sarracino, B. Wiedermann, and B. Hardekopf, “JSAI: A Static Analysis Platform for JavaScript,” in Proceedings of the 22Nd ACM SIGSOFT International Symposium on Foundations of Software Engineering, ser. FSE 2014.   New York, NY, USA: ACM, 2014, pp. 121–132.
  29. H. Lee, S. Won, J. Jin, J. Cho, and S. Ryu, “SAFE: Formal Specification and Implementation of a Scalable Analysis Framework for ECMAScript,” in FOOL 2012: 19th International Workshop on Foundations of Object-Oriented Languages.   Citeseer, 2012, p. 96.
  30. “The code2flow tool,” https://github.com/scottrogowski/code2flow.
  31. “The javascript explorer callgraph tool,” https://github.com/shrivastava-apurva/Javascript-Explorer---Callgraph.
  32. “The callgraphjs tool,” https://github.com/asgerf/callgraphjs.dart.
  33. “Sunspider 1.0.2 benchmark,” https://github.com/WebKit/webkit/tree/master/PerformanceTests/SunSpider/tests/sunspider-1.0.2.
Citations (23)
View on Semantic Scholar

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now