# Static Analysis for Asynchronous JavaScript Programs

**Authors:** Thodoris Sotiropoulos (Athens University of Economics, Business), and Benjamin Livshits (Imperial College London)

arXiv: 1901.03575 · 2019-01-14

## TL;DR

This paper introduces a static analysis approach for asynchronous JavaScript, using callback graphs to improve understanding and bug detection in complex asynchronous code, achieving high precision and practical performance.

## Contribution

It presents one of the first static analysis schemes capable of handling nearly all asynchronous primitives in modern JavaScript, with a novel callback graph representation and parameterized analysis.

## Key findings

- Achieves 79% average precision on medium-sized programs.
- Analysis sensitivity improves precision by up to 28.5%.
- Maintains 88% average precision with efficient performance.

## Abstract

Asynchrony has become an inherent element of JavaScript, as an effort to improve the scalability and performance of modern web applications. To this end, JavaScript provides programmers with a wide range of constructs and features for developing code that performs asynchronous computations, including but not limited to timers, promises, and non-blocking I/O.   However, the data flow imposed by asynchrony is implicit, and not always well-understood by the developers who introduce many asynchrony-related bugs to their programs. Worse, there are few tools and techniques available for analyzing and reasoning about such asynchronous applications. In this work, we address this issue by designing and implementing one of the first static analysis schemes capable of dealing with almost all the asynchronous primitives of JavaScript up to the 7th edition of the ECMAScript specification.   Specifically, we introduce the callback graph, a representation for capturing data flow between asynchronous code. We exploit the callback graph for designing a more precise analysis that respects the execution order between different asynchronous functions. We parameterize our analysis with one novel context-sensitivity flavor, and we end up with multiple analysis variations for building callback graph.   We performed a number of experiments on a set of hand-written and real-world JavaScript programs. Our results show that our analysis can be applied to medium-sized programs achieving 79% precision on average. The findings further suggest that analysis sensitivity is beneficial for the vast majority of the benchmarks. Specifically, it is able to improve precision by up to 28.5%, while it achieves an 88% precision on average without highly sacrificing performance.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1901.03575/full.md

## Figures

57 figures with captions in the complete paper: https://tomesphere.com/paper/1901.03575/full.md

## References

39 references — full list in the complete paper: https://tomesphere.com/paper/1901.03575/full.md

---
Source: https://tomesphere.com/paper/1901.03575