JavaScript is the most popular programming language for client-side web programming. Advances in browser technologies and JavaScript engines in the recent years have fueled the use of JavaScript in Rich Internet Applications, and several mobile platforms including Android, IOS, Tizen OS, Windows 8, Blackberry, and Firefox OS, support applications written in JavaScript/HTML5. With a renewed interest in JavaScript, many complex applications such as Google docs, Gmail, and a variety of games are being developed using HTML5/JavaScript. However, unlike C/C++, Java, and C#, JavaScript is significantly shorthanded in the tools landscape. The dynamic and reflective nature of JavaScript makes it hard to analyze it statically.
This project investigates a dynamic analysis framework and several dynamic analysis techniques for JavaScript. The analysis framework provides a few useful abstractions and an API that significantly simplifies implementation of dynamic analyses for JavaScript. The framework works through source code instrumentation and allows implementation of various heavy-weight dynamic analyses and test generation techniques. The projects investigates and implements several dynamic analyses including concolic testing, pure symbolic execution, a detector of likely type inconsistencies, and a runtime memory profiler. The techniques developed in this project are suitable for analyzing and testing that web applications written in JavaScript/HTML5 are free of common correctness and performance bugs. The techniques will benefit directly web applications programmers, and indirectly the numerous users of mobile and web applications.
