Proceedings of the 2009 ACM Symposium on Applied Computing 2009
DOI: 10.1145/1529282.1529711
|View full text |Cite
|
Sign up to set email alerts
|

Points-to analysis for JavaScript

Abstract: JavaScript is widely used by web developers and the complexity of JavaScript programs has increased over the last year. Therefore, the need for program analysis for JavaScript is evident. Points-to analysis for JavaScript is to determine the set of objects to which a reference variable or an object property may point. Points-to analysis for JavaScript is a basis for further program analyses for JavaScript. It has a wide range of applications in code optimization and software engineering tools. However, points-… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
1
1

Citation Types

0
38
0

Year Published

2009
2009
2017
2017

Publication Types

Select...
5
3

Relationship

0
8

Authors

Journals

citations
Cited by 45 publications
(38 citation statements)
references
References 12 publications
0
38
0
Order By: Relevance
“…The tool is implemented in Java and uses the JavaScript parser from the Mozilla Rhino project 10 . The new extensions amount to 7,500 lines of code on top of the existing 21,000 lines (excluding Rhino).…”
Section: Discussionmentioning
confidence: 99%
See 1 more Smart Citation
“…The tool is implemented in Java and uses the JavaScript parser from the Mozilla Rhino project 10 . The new extensions amount to 7,500 lines of code on top of the existing 21,000 lines (excluding Rhino).…”
Section: Discussionmentioning
confidence: 99%
“…More recently, Jang and Choe have presented a pointsto analysis for a restricted subset of JavaScript based on set constraints [10]. The points-to results are used for optimizations that inline property accesses.…”
Section: Related Workmentioning
confidence: 99%
“…(1) an unsound 2 dataflow analysis-based approach using baked-in abstractions and analysis sensitivities [17,26,31], or (2) a formally-specified type system requiring annotations to existing code, proven sound with respect to a specific JavaScript formal semantics but restricted to a small subset of the full JavaScript language [45,30,19,28]. No existing JavaScript analyses are formally specified, implemented using an executable abstract semantics, tested against a formal concrete semantics, or target configurable sensitivity.…”
Section: Related Workmentioning
confidence: 99%
“…Various previous works [15,45,31,39,25,44,24] propose different subsets of the JavaScript language and provide analyses for that subset. These analyses range from type inference, to pointer analysis, to numeric range and kind analysis.…”
Section: Related Workmentioning
confidence: 99%
“…The current state of the art is well surveyed by Andreasen and Møller [9], with the main tools in the field being WALA [50,54] and TAJS [9,28,27]. These tools (and others) provide traditional static analysis frameworks encompassing features such as points-to [26,54] and determinacy analysis [9,50], type inference [33,28] and security properties [23,24]. The modelling of the HTML DOM is generally treated as part of the heap abstraction [27,24] and thus the tree structure is not precisely tracked.…”
Section: Introductionmentioning
confidence: 99%