Software Analysis for the Web: Achievements and Prospects

Software Analysis for the Web:
Achievements and Prospects
Ali Mesbah
University of British Columbia
http://ece.ubc.ca/~amesbah/

2
Web Evolution Challenges
Achievements Prospects

STATIC WEBSITES
File ServerBrowser
HTML
HTTP
Request
Response
HTML
HTML
HTML
HTML
Internet
HTML

DYNAMIC WEBSITES
ServerBrowser
HTML
HTTP
Request
Response
Internet
HTML
Generate
HTML

RESTFUL WEBSITES
Stateless ServerBrowser
HTML
HTTP
Request
Response
Internet
HTML
Generate
HTML
“Principled design of the modern Web architecture”, Fielding and Tylor, ICSE 2000

RICH INTERNET APPS
ServerBrowser
Flash
HTTP
Request
Response
Internet
Flash
Generate
Flash
RIA Plugin

MODERN WEB APPS
Stateless ServerBrowser
Async HTTP
Request
Response
Internet
JSON
Generate
JSON
DOMCSS
JS

Web Apps

9
“write once, run
anywhere”
Instantaneous
software delivery

Web-based services such as and
have changed how people develop
software
10

11
Web Evolution Challenges
Achievements Prospects

12
Challenges
Heterogeneous
Async
Dynamic
Interactions
Distributed Stateless
Event-driven
Stateless ServerBrowser
Async HTTP
Request
Response
Internet
JSON
JS, Java,
PHP, Ruby,
etc
DOMCSS
JS

JavaScript: the Diﬃcult Parts
1.Dynamic and weakly-typed
•types can change dynamically
•objects/functions can change
•First-class functions
2.Event-driven
3.Asynchronous callbacks
4.Prototype-based
•objects inherent from objects
•can be redeﬁned at runtime
5.Constructs such as eval
6.Interactions with DOM
7.Interpreted (not compiled)
8.…
Make Software
Analysis Challenging
13

14
Web Evolution Challenges
Achievements Prospects

Industrial Achievements
Mocha
Esprima
Rhino
jsHint
jsLint
Qunit
Selenium
Istanbul
Closure Compiler
Flow

Web Code Analysis
•Static Analysis
•Points-to analysis (WALA)
•Approximate call graphs
•Data-ﬂow analysis
•Dynamic Analysis
•Code quality checking
•Tracing and visualization
•Unused code detection

Web Code Analysis
•Static Analysis
•Points-to analysis
•Approximate call graphs
•Data-ﬂow analysis
•Hybrid Analysis
•Taint and blended analysis
•Change impact analysis
•Event-ﬂow analysis
•Dynamic Analysis
•Code quality checking
•Tracing and visualization
•Unused code detection

18
checkPrice()
XHR
updateItem()
suggestItem()
getUpdatedPrice() calculateTax()
addTaxToPrice()
Function
XHR object
DOM
element
Directed and
labeled edge
Static analysis

Dynamic analysis
checkPrice()
XHR
updateItem()
suggestItem()
getUpdatedPrice() calculateTax()
#item231
#price-ca
.price
displaySuggesCon()
Function
XHR object
DOM
element
Directed and
labeled edge

Hybrid analysis
checkPrice()
XHR
updateItem()
suggestItem()
getUpdatedPrice() calculateTax()
addTaxToPrice()
#item231
#price-ca
.price
displaySuggesDon()
Function
XHR object
DOM
element
Directed and
labeled edge

Web Code Testing
•Different types of testing
•Cross-Browser testing
•Deterministic capture/replay
•Regression testing
•Test Adequecy
•Guided mutation analysis
•State-based coverage
•Code coverage
•Test Generation
•Event-based Crawling
•Feedback-directed execution
•(Dynamic) symbolic execution

22State Coverage

23

24
Web Evolution Challenges
Achievements Prospects

Cross-Language Analysis
We don’t know how to infer proper
control ﬂow graphs for web code.
Stateless ServerBrowser
Async HTTP
Request
Response
Internet
JSON
JS, Java,
PHP, Ruby,
etc
DOMCSS
JS

Cross-Language Program Slicing
Nguyen et al, FSE’14

Cross-Language Bug Detection
Ocariza et al, ICSE’15

Programmer Support in IDEs
•Code completion
•Refactoring
•Bug alerts
•Smell detection

Web Programmer Support in IDEs
•Code completion
•Refactoring
•Bug alerts
•Smell detection

Callback Hell

Refactoring to Promises

Test Case Maintenance
We need better:
Web element locators
Repair techniques

Benchmarks for Comparison
33
SIR
Defect4J
BugBench
?
DroidBench

Empirical Studies
Web analysis tools mainly built by reading best
practices or through developer intuition and
anecdotal observation
Example: what are the most common cross-project bug
patterns in web code?

Mining Repositories
Largely unexplored gold mines!

modules 250K

repositories 3.4M

developers 26K

MSR’13

Semi-automatic Learning

40
@Test
public void testAddNote(){
get("http://localhost:8080/theorganizer/");
ﬁndElement(By.id("logon_username")). sendKeys("user");
ﬁndElement(By.id("logon_password")). sendKeys("pswd");
ﬁndElement(By. cssSelector("input type ="image"")).click();
assertEquals("Welcome to The Organizer!", closeAlertAndGetItsText());
ﬁndElement(By.id("newNote")). click();
ﬁndElement(By.id("noteCreateShow_subject")).sendKeys("Running Example");
ﬁndElement(By.id("noteCreateShow_text")).sendKeys("Create a simple running example");
ﬁndElement(By. cssSelector("input type ="image"")).click();
assertEquals("Note has been created.", ﬁndElement(By.id("mainContent")). getText());
ﬁndElement(By.id("logoff")).click();
} +PKVKCN/QFGN
'ZVGPFGF/QFGN
@Test
public void testAddNote(){
get("http://localhost:8080/theorganizer/");
ﬁndElement(By.id("logon_username")). sendKeys("user");
ﬁndElement(By.id("logon_password")). sendKeys("pswd");
ﬁndElement(By. cssSelector("input type ="image"")).click();
assertEquals("Welcome to The Organizer!", closeAlertAndGetItsText());
ﬁndElement(By.id("newNote")). click();
ﬁndElement(By.id("noteCreateShow_subject")).sendKeys("Running Example");
ﬁndElement(By.id("noteCreateShow_text")).sendKeys("Create a simple running example");
ﬁndElement(By. cssSelector("input type ="image"")).click();
assertEquals("Note has been created.", ﬁndElement(By.id("mainContent")). getText());
ﬁndElement(By.id("logoff")).click();
}
+&'#
@Test
public void testAddNote(){
get("http://localhost:8080/theorganizer/");
ﬁndElement(By.id("logon_username")). sendKeys("user");
ﬁndElement(By.id("logon_password")). sendKeys("pswd");
ﬁndElement(By. cssSelector("input type ="image"")).click();
assertEquals("Welcome to The Organizer!", closeAlertAndGetItsText());
ﬁndElement(By.id("newNote")). click();
ﬁndElement(By.id("noteCreateShow_subject")).sendKeys("Running Example");
ﬁndElement(By.id("noteCreateShow_text")).sendKeys("Create a simple running example");
ﬁndElement(By. cssSelector("input type ="image"")).click();
assertEquals("Note has been created.", ﬁndElement(By.id("mainContent")). getText());
ﬁndElement(By.id("logoff")).click();
}
@Test
public void testAddNote(){
get("http://localhost:8080/theorganizer/");
ﬁndElement(By.id("logon_username")). sendKeys("user");
ﬁndElement(By.id("logon_password")). sendKeys("pswd");
ﬁndElement(By. cssSelector("input type ="image"")).click();
assertEquals("Welcome to The Organizer!", closeAlertAndGetItsText());
ﬁndElement(By.id("newNote")). click();
ﬁndElement(By.id("noteCreateShow_subject")).sendKeys("Running Example");
ﬁndElement(By.id("noteCreateShow_text")).sendKeys("Create a simple running example");
ﬁndElement(By. cssSelector("input type ="image"")).click();
assertEquals("Note has been created.", ﬁndElement(By.id("mainContent")). getText());
ﬁndElement(By.id("logoff")).click();
}
@Test
public void testAddNote(){
get("http://localhost:8080/theorganizer/");
ﬁndElement(By.id("logon_username")). sendKeys("user");
ﬁndElement(By.id("logon_password")). sendKeys("pswd");
ﬁndElement(By. cssSelector("input type ="image"")).click();
assertEquals("Welcome to The Organizer!", closeAlertAndGetItsText());
ﬁndElement(By.id("newNote")). click();
ﬁndElement(By.id("noteCreateShow_subject")).sendKeys("Running Example");
ﬁndElement(By.id("noteCreateShow_text")).sendKeys("Create a simple running example");
ﬁndElement(By. cssSelector("input type ="image"")).click();
assertEquals("Note has been created.", ﬁndElement(By.id("mainContent")). getText());
ﬁndElement(By.id("logoff")).click();
}
@Test
public void testAddNote(){
get("http://localhost:8080/theorganizer/");
ﬁndElement(By.id("logon_username")). sendKeys("user");
ﬁndElement(By.id("logon_password")). sendKeys("pswd");
ﬁndElement(By. cssSelector("input type ="image"")).click();
assertEquals("Welcome to The Organizer!", closeAlertAndGetItsText());
ﬁndElement(By.id("newNote")). click();
ﬁndElement(By.id("noteCreateShow_subject")).sendKeys("Running Example");
ﬁndElement(By.id("noteCreateShow_text")).sendKeys("Create a simple running example");
ﬁndElement(By. cssSelector("input type ="image"")).click();
assertEquals("Note has been created.", ﬁndElement(By.id("mainContent")). getText());
ﬁndElement(By.id("logoff")).click();
}
@Test
public void testAddNote(){
get("http://localhost:8080/theorganizer/");
ﬁndElement(By.id("logon_username")). sendKeys("user");
ﬁndElement(By.id("logon_password")). sendKeys("pswd");
ﬁndElement(By. cssSelector("input type ="image"")).click();
assertEquals("Welcome to The Organizer!", closeAlertAndGetItsText());
ﬁndElement(By.id("newNote")). click();
ﬁndElement(By.id("noteCreateShow_subject")).sendKeys("Running Example");
ﬁndElement(By.id("noteCreateShow_text")).sendKeys("Create a simple running example");
ﬁndElement(By. cssSelector("input type ="image"")).click();
assertEquals("Note has been created.", ﬁndElement(By.id("mainContent")). getText());
ﬁndElement(By.id("logoff")).click();
}
@Test
public void testAddNote(){
get("http://localhost:8080/theorganizer/");
ﬁndElement(By.id("logon_username")). sendKeys("user");
ﬁndElement(By.id("logon_password")). sendKeys("pswd");
ﬁndElement(By. cssSelector("input type ="image"")).click();
assertEquals("Welcome to The Organizer!", closeAlertAndGetItsText());
ﬁndElement(By.id("newNote")). click();
ﬁndElement(By.id("noteCreateShow_subject")).sendKeys("Running Example");
ﬁndElement(By.id("noteCreateShow_text")).sendKeys("Create a simple running example");
ﬁndElement(By. cssSelector("input type ="image"")).click();
assertEquals("Note has been created.", ﬁndElement(By.id("mainContent")). getText());
ﬁndElement(By.id("logoff")).click();
}
@Test
public void testAddNote(){
get("http://localhost:8080/theorganizer/");
ﬁndElement(By.id("logon_username")). sendKeys("user");
ﬁndElement(By.id("logon_password")). sendKeys("pswd");
ﬁndElement(By. cssSelector("input type ="image"")).click();
assertEquals("Welcome to The Organizer!", closeAlertAndGetItsText());
ﬁndElement(By.id("newNote")). click();
ﬁndElement(By.id("noteCreateShow_subject")).sendKeys("Running Example");
ﬁndElement(By.id("noteCreateShow_text")).sendKeys("Create a simple running example");
ﬁndElement(By. cssSelector("input type ="image"")).click();
assertEquals("Note has been created.", ﬁndElement(By.id("mainContent")). getText());
ﬁndElement(By.id("logoff")).click();
}
@Test
public void testAddNote(){
get("http://localhost:8080/theorganizer/");
ﬁndElement(By.id("logon_username")). sendKeys("user");
ﬁndElement(By.id("logon_password")). sendKeys("pswd");
ﬁndElement(By. cssSelector("input type ="image"")).click();
assertEquals("Welcome to The Organizer!", closeAlertAndGetItsText());
ﬁndElement(By.id("newNote")). click();
ﬁndElement(By.id("noteCreateShow_subject")).sendKeys("Running Example");
ﬁndElement(By.id("noteCreateShow_text")).sendKeys("Create a simple running example");
ﬁndElement(By. cssSelector("input type ="image"")).click();
assertEquals("Note has been created.", ﬁndElement(By.id("mainContent")). getText());
ﬁndElement(By.id("logoff")).click();
}
@Test
public void testAddNote(){
get("http://localhost:8080/theorganizer/");
ﬁndElement(By.id("logon_username")). sendKeys("user");
ﬁndElement(By.id("logon_password")). sendKeys("pswd");
ﬁndElement(By. cssSelector("input type ="image"")).click();
assertEquals("Welcome to The Organizer!", closeAlertAndGetItsText());
ﬁndElement(By.id("newNote")). click();
ﬁndElement(By.id("noteCreateShow_subject")).sendKeys("Running Example");
ﬁndElement(By.id("noteCreateShow_text")).sendKeys("Create a simple running example");
ﬁndElement(By. cssSelector("input type ="image"")).click();
assertEquals("Note has been created.", ﬁndElement(By.id("mainContent")). getText());
ﬁndElement(By.id("logoff")).click();
}
*WOCPYTKVVGP
VGUVECUGU
)GPGTCVGF
VGUVECUGU

Learning Assertions
A classiﬁcation problem:
•Is a web element important to be checked by an assertion?
Apply machine learning to train a classier
•Features: position, size, page-rank, LinkNum, ChildNum, …

FROM MONOLITHIC APPS
Stateless ServerBrowser
Async HTTP
Request
Response
Internet
JSON
Generate
JSON
DOMCSS
JS
42

TO MICRO SERVICES
Micro ServicesBrowser
Restful HTTP
Request
Response
Internet
JSON
DOMCSS
JS
Micro
Service
Micro
Service
Micro
Service
Micro
Service
Micro
Service
Micro
Service
Micro
Service
Micro
Service
Micro
Service
Micro
Service
Micro
Service
Micro
Service

44
On the client Even in hardware! On the server
JavaScript is everywhere

45
“write once, run
anywhere”
Instantaneous
software delivery
Anything that can be written as a web
app, will be written as a web app
(eventually)

Software Analysis for the Web: Achievements and Prospects

About This Presentation

Slide Content

Tags

Categories

Download

Quick Actions

Statistics

Related Slideshows

Software Analysis for the Web: Achievements and Prospects

About This Presentation

Slide Content

Slide 1

Slide 2

Slide 3

Slide 4

Slide 5

Slide 6

Slide 7

Slide 8

Slide 9

Slide 10

Slide 11

Slide 12

Slide 13

Slide 14

Slide 15

Slide 16

Slide 17

Slide 18

Slide 19

Slide 20

Slide 21

Slide 22

Slide 23

Slide 24

Slide 25

Slide 26

Slide 27

Slide 28

Slide 29

Slide 30

Slide 31

Slide 32

Slide 33

Slide 34

Slide 35

Slide 36

Slide 37

Slide 38

Slide 39

Slide 40

Slide 41

Slide 42

Slide 43

Slide 44

Slide 45

Tags

Categories

Download

Quick Actions

Statistics

Related Slideshows

8-top-ai-courses-for-customer-support-representatives-in-2025.pptx

7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx

25-essential-ai-courses-for-user-support-specialists-in-2025.pptx

8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx

Know for Certain

PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx