Talk given at the Univ of Illinois, Urbana-Champaign, Mar 26, 2012. [PDF]
JavaScript is today the de-facto client-side programming language for modern web applications. However, JavaScript is notorious for its difficult-to-analyze constructs and “laissez-faire” programming style, which makes it challenging to build robust and reliable web applications. Along with performance and security, reliability is a key factor that can make or break a web application. While there have been significant efforts to study (and improve) the former two entities, reliability of JavaScript applications has received little attention so far from the research community. This talk will present two directions to assess and improve the operational reliability of JavaScript-based web applications.
In the first part of this talk, I will present our recent results on studying the reliability of web applications in the wild. We use error messages printed to the JavaScript console of popular websites to understand the characteristics of the errors and their root causes. We also categorize the messages and study their correlations with the static and dynamic characteristics of the web application. Our study is carried out using the Firefox web browser and involves fifty of the top 100 Alexa most-visited websites. We find that JavaScript errors abound even in well-tested, mature web applications, and that they can often be surprisingly difficult to find through traditional testing and analysis techniques.
In the second part of the talk, I will present our work on JavaScript fault-localization, which is an essential step in understanding and improving web applications’ reliability. We find that about 80% of Javascript bugs occur as a result of interactions between JavaScript and the Document Object Model (DOM). We describe a trace-based technique to localize DOM-JavaScript interaction faults, and show that we can localize over 90% of DOM-JavaScript errors with it.
This is joint work with Frolin Ocariza Jr. (UBC), Ali Mesbah (UBC) and Ben Zorn (MSR).