DLS 2016
Tue 1 Nov 2016 Amsterdam, Netherlands
co-located with SPLASH 2016
Tue 1 Nov 2016 11:20 - 11:45 at Matterhorn 1 - Session 2 Chair(s): Gilad Bracha

jQuery is the most popular JavaScript library but the state-of-the-art static analyzers for JavaScript applications fail to analyze simple programs that use jQuery. In this paper, we present a novel abstract string domain whose elements are simple regular expressions that can represent prefix, infix, and postfix substrings of a string and even their sets. We formalize the new domain in the abstract interpretation framework with abstract models of strings and objects commonly used in the existing JavaScript analyzers. For practical use of the domain, we present polynomial-time inclusion decision rules between the regular expressions and prove that the rules exactly capture the actual inclusion relation. We have implemented the domain as an extension of the open-source JavaScript analyzer, SAFE, and we show that the extension significantly improves the scalability and precision of the baseline analyzer in analyzing programs that use jQuery.

Tue 1 Nov

dls-2016-papers
10:30 - 12:10: DLS - Session 2 at Matterhorn 1
Chair(s): Gilad BrachaGoogle
dls-2016-papers10:30 - 10:55
Talk
Gianluca MezzettiAarhus University, Denmark, Anders MøllerAarhus University, Denmark, Fabio StroccoAarhus University, Denmark
DOI
dls-2016-papers10:55 - 11:20
Talk
Thomas S. HeinzeAarhus University, Denmark, Anders MøllerAarhus University, Denmark, Fabio StroccoAarhus University, Denmark
DOI
dls-2016-papers11:20 - 11:45
Talk
Changhee ParkKAIST, South Korea, Hyeonseung ImKangwon National University, South Korea, Sukyoung RyuKAIST, South Korea
DOI
dls-2016-papers11:45 - 12:10
Talk
Mattias De WaelVrije Universiteit Brussel, Belgium, Janwillem SwalensVrije Universiteit Brussel, Belgium, Wolfgang De MeuterVrije Universiteit Brussel, Belgium
DOI Pre-print File Attached