Static javascript call graphs

A comparative study

Gabor Antal, Peter Hegedus, Zoltan Toth, R. Ferenc, T. Gyimóthy

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

The popularity and wide adoption of JavaScript both at the client and server side makes its code analysis more important than ever before. Most of the algorithms for vulnerability analysis, coding issue detection, or type inference rely on the call graph representation of the underlying program. Despite some obvious advantages of dynamic analysis, static algorithms should also be considered for call graph construction as they do not require extensive test beds for programs and their costly execution and tracing. In this paper, we systematically compare five widely adopted static algorithms-implemented by the npm call graph, IBM WALA, Google Closure Compiler, Approximate Call Graph, and Type Analyzer for JavaScript tools-for building JavaScript call graphs on 26 WebKit SunSpider benchmark programs and 6 real-world Node.js modules. We provide a performance analysis as well as a quantitative and qualitative evaluation of the results. We found that there was a relatively large intersection of the found call edges among the algorithms, which proved to be 100% precise. However, most of the tools found edges that were missed by all others. ACG had the highest precision followed immediately by TAJS, but ACG found significantly more call edges. As for the combination of tools, ACG and TAJS together covered 99% of the found true edges by all algorithms, while maintaining a precision as high as 98%. Only two of the tools were able to analyze up-to-date multi-file Node.js modules due to incomplete language features support. They agreed on almost 60% of the call edges, but each of them found valid edges that the other missed.

Original languageEnglish
Title of host publicationProceedings - 18th IEEE International Working Conference on Source Code Analysis and Manipulation, SCAM 2018
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages177-186
Number of pages10
ISBN (Electronic)9781538682906
DOIs
Publication statusPublished - Nov 9 2018
Event18th IEEE International Working Conference on Source Code Analysis and Manipulation, SCAM 2018 - Madrid, Spain
Duration: Sep 23 2018Sep 24 2018

Other

Other18th IEEE International Working Conference on Source Code Analysis and Manipulation, SCAM 2018
CountrySpain
CityMadrid
Period9/23/189/24/18

Fingerprint

Dynamic analysis
Servers

Keywords

  • Call graph
  • Comparative study
  • JavaScript
  • Static code analysis

ASJC Scopus subject areas

  • Software
  • Safety, Risk, Reliability and Quality

Cite this

Antal, G., Hegedus, P., Toth, Z., Ferenc, R., & Gyimóthy, T. (2018). Static javascript call graphs: A comparative study. In Proceedings - 18th IEEE International Working Conference on Source Code Analysis and Manipulation, SCAM 2018 (pp. 177-186). [8530732] Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/SCAM.2018.00028

Static javascript call graphs : A comparative study. / Antal, Gabor; Hegedus, Peter; Toth, Zoltan; Ferenc, R.; Gyimóthy, T.

Proceedings - 18th IEEE International Working Conference on Source Code Analysis and Manipulation, SCAM 2018. Institute of Electrical and Electronics Engineers Inc., 2018. p. 177-186 8530732.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Antal, G, Hegedus, P, Toth, Z, Ferenc, R & Gyimóthy, T 2018, Static javascript call graphs: A comparative study. in Proceedings - 18th IEEE International Working Conference on Source Code Analysis and Manipulation, SCAM 2018., 8530732, Institute of Electrical and Electronics Engineers Inc., pp. 177-186, 18th IEEE International Working Conference on Source Code Analysis and Manipulation, SCAM 2018, Madrid, Spain, 9/23/18. https://doi.org/10.1109/SCAM.2018.00028
Antal G, Hegedus P, Toth Z, Ferenc R, Gyimóthy T. Static javascript call graphs: A comparative study. In Proceedings - 18th IEEE International Working Conference on Source Code Analysis and Manipulation, SCAM 2018. Institute of Electrical and Electronics Engineers Inc. 2018. p. 177-186. 8530732 https://doi.org/10.1109/SCAM.2018.00028
Antal, Gabor ; Hegedus, Peter ; Toth, Zoltan ; Ferenc, R. ; Gyimóthy, T. / Static javascript call graphs : A comparative study. Proceedings - 18th IEEE International Working Conference on Source Code Analysis and Manipulation, SCAM 2018. Institute of Electrical and Electronics Engineers Inc., 2018. pp. 177-186
@inproceedings{b7bc45a3c3ab400995ad3d7abcf1b218,
title = "Static javascript call graphs: A comparative study",
abstract = "The popularity and wide adoption of JavaScript both at the client and server side makes its code analysis more important than ever before. Most of the algorithms for vulnerability analysis, coding issue detection, or type inference rely on the call graph representation of the underlying program. Despite some obvious advantages of dynamic analysis, static algorithms should also be considered for call graph construction as they do not require extensive test beds for programs and their costly execution and tracing. In this paper, we systematically compare five widely adopted static algorithms-implemented by the npm call graph, IBM WALA, Google Closure Compiler, Approximate Call Graph, and Type Analyzer for JavaScript tools-for building JavaScript call graphs on 26 WebKit SunSpider benchmark programs and 6 real-world Node.js modules. We provide a performance analysis as well as a quantitative and qualitative evaluation of the results. We found that there was a relatively large intersection of the found call edges among the algorithms, which proved to be 100{\%} precise. However, most of the tools found edges that were missed by all others. ACG had the highest precision followed immediately by TAJS, but ACG found significantly more call edges. As for the combination of tools, ACG and TAJS together covered 99{\%} of the found true edges by all algorithms, while maintaining a precision as high as 98{\%}. Only two of the tools were able to analyze up-to-date multi-file Node.js modules due to incomplete language features support. They agreed on almost 60{\%} of the call edges, but each of them found valid edges that the other missed.",
keywords = "Call graph, Comparative study, JavaScript, Static code analysis",
author = "Gabor Antal and Peter Hegedus and Zoltan Toth and R. Ferenc and T. Gyim{\'o}thy",
year = "2018",
month = "11",
day = "9",
doi = "10.1109/SCAM.2018.00028",
language = "English",
pages = "177--186",
booktitle = "Proceedings - 18th IEEE International Working Conference on Source Code Analysis and Manipulation, SCAM 2018",
publisher = "Institute of Electrical and Electronics Engineers Inc.",

}

TY - GEN

T1 - Static javascript call graphs

T2 - A comparative study

AU - Antal, Gabor

AU - Hegedus, Peter

AU - Toth, Zoltan

AU - Ferenc, R.

AU - Gyimóthy, T.

PY - 2018/11/9

Y1 - 2018/11/9

N2 - The popularity and wide adoption of JavaScript both at the client and server side makes its code analysis more important than ever before. Most of the algorithms for vulnerability analysis, coding issue detection, or type inference rely on the call graph representation of the underlying program. Despite some obvious advantages of dynamic analysis, static algorithms should also be considered for call graph construction as they do not require extensive test beds for programs and their costly execution and tracing. In this paper, we systematically compare five widely adopted static algorithms-implemented by the npm call graph, IBM WALA, Google Closure Compiler, Approximate Call Graph, and Type Analyzer for JavaScript tools-for building JavaScript call graphs on 26 WebKit SunSpider benchmark programs and 6 real-world Node.js modules. We provide a performance analysis as well as a quantitative and qualitative evaluation of the results. We found that there was a relatively large intersection of the found call edges among the algorithms, which proved to be 100% precise. However, most of the tools found edges that were missed by all others. ACG had the highest precision followed immediately by TAJS, but ACG found significantly more call edges. As for the combination of tools, ACG and TAJS together covered 99% of the found true edges by all algorithms, while maintaining a precision as high as 98%. Only two of the tools were able to analyze up-to-date multi-file Node.js modules due to incomplete language features support. They agreed on almost 60% of the call edges, but each of them found valid edges that the other missed.

AB - The popularity and wide adoption of JavaScript both at the client and server side makes its code analysis more important than ever before. Most of the algorithms for vulnerability analysis, coding issue detection, or type inference rely on the call graph representation of the underlying program. Despite some obvious advantages of dynamic analysis, static algorithms should also be considered for call graph construction as they do not require extensive test beds for programs and their costly execution and tracing. In this paper, we systematically compare five widely adopted static algorithms-implemented by the npm call graph, IBM WALA, Google Closure Compiler, Approximate Call Graph, and Type Analyzer for JavaScript tools-for building JavaScript call graphs on 26 WebKit SunSpider benchmark programs and 6 real-world Node.js modules. We provide a performance analysis as well as a quantitative and qualitative evaluation of the results. We found that there was a relatively large intersection of the found call edges among the algorithms, which proved to be 100% precise. However, most of the tools found edges that were missed by all others. ACG had the highest precision followed immediately by TAJS, but ACG found significantly more call edges. As for the combination of tools, ACG and TAJS together covered 99% of the found true edges by all algorithms, while maintaining a precision as high as 98%. Only two of the tools were able to analyze up-to-date multi-file Node.js modules due to incomplete language features support. They agreed on almost 60% of the call edges, but each of them found valid edges that the other missed.

KW - Call graph

KW - Comparative study

KW - JavaScript

KW - Static code analysis

UR - http://www.scopus.com/inward/record.url?scp=85058310848&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85058310848&partnerID=8YFLogxK

U2 - 10.1109/SCAM.2018.00028

DO - 10.1109/SCAM.2018.00028

M3 - Conference contribution

SP - 177

EP - 186

BT - Proceedings - 18th IEEE International Working Conference on Source Code Analysis and Manipulation, SCAM 2018

PB - Institute of Electrical and Electronics Engineers Inc.

ER -