Upload File

software analysis for the web: achievements and prospects

  • Home
  • Software
  • Software Analysis for the Web: Achievements and Prospects
45
Software Analysis for the Web: Achievements and Prospects Ali Mesbah University of British Columbia http://ece.ubc.ca/~amesbah/

Upload: ali-mesbah

Post on 13-Apr-2017

688 views

Category:

Software


1 download

Report

TRANSCRIPT

Page 1: Software Analysis for the Web: Achievements and Prospects

Software Analysis for the Web:Achievements and Prospects

Ali MesbahUniversity of British Columbia http://ece.ubc.ca/~amesbah/

http://www.ece.ubc.ca/~amesbah/
Page 2: Software Analysis for the Web: Achievements and Prospects

2

Web Evolution Challenges

Achievements Prospects

Page 3: Software Analysis for the Web: Achievements and Prospects

STATIC WEBSITESFile ServerBrowser

HTML

HTTPRequest

ResponseHTMLHTMLHTMLHTML

Internet

HTML

Page 4: Software Analysis for the Web: Achievements and Prospects

DYNAMIC WEBSITESServerBrowser

HTML

HTTPRequest

Response

Internet

HTML

Generate HTML

Page 5: Software Analysis for the Web: Achievements and Prospects

RESTFUL WEBSITESStateless ServerBrowser

HTML

HTTPRequest

Response

Internet

HTML

Generate HTML

“Principled design of the modern Web architecture”, Fielding and Tylor, ICSE 2000

Page 6: Software Analysis for the Web: Achievements and Prospects

RICH INTERNET APPSServerBrowser

Flash

HTTPRequest

Response

Internet

Flash

GenerateFlash

RIA Plugin

Page 7: Software Analysis for the Web: Achievements and Prospects

MODERN WEB APPS Stateless ServerBrowser

Async HTTPRequest

Response

Internet

JSON

GenerateJSON

DOMCSS

JS

Page 8: Software Analysis for the Web: Achievements and Prospects

Web Apps

Page 9: Software Analysis for the Web: Achievements and Prospects

9

“writeonce,runanywhere”

Instantaneoussoftwaredelivery

Page 10: Software Analysis for the Web: Achievements and Prospects

Web-basedservicessuchasandhavechangedhowpeopledevelop

software

10

Page 11: Software Analysis for the Web: Achievements and Prospects

11

Web Evolution Challenges

Achievements Prospects

Page 12: Software Analysis for the Web: Achievements and Prospects

12

Challenges

Heterogeneous

Async Dynamic Interactions

Distributed Stateless

Event-driven

Stateless ServerBrowser

Async HTTPRequest

Response

Internet

JSON

JS, Java, PHP, Ruby,

etc

DOMCSS

JS

Page 13: Software Analysis for the Web: Achievements and Prospects

JavaScript:theDifficultParts

1. Dynamic and weakly-typed• types can change dynamically• objects/functions can change

• First-class functions2. Event-driven3. Asynchronous callbacks4. Prototype-based

• objects inherent from objects• can be redefined at runtime

5. Constructs such as eval 6. Interactions with DOM7. Interpreted (not compiled)8. …

Make Software Analysis Challenging

13

Page 14: Software Analysis for the Web: Achievements and Prospects

14

Web Evolution Challenges

Achievements Prospects

Page 15: Software Analysis for the Web: Achievements and Prospects

Industrial Achievements

Mocha

Esprima Rhino

jsHint

jsLint

QunitSelenium

Istanbul

Closure Compiler

Flow

Page 16: Software Analysis for the Web: Achievements and Prospects

Web Code Analysis• Static Analysis

• Points-to analysis (WALA)• Approximate call graphs • Data-flow analysis

• Dynamic Analysis • Code quality checking• Tracing and visualization• Unused code detection

Page 17: Software Analysis for the Web: Achievements and Prospects

Web Code Analysis• Static Analysis

• Points-to analysis • Approximate call graphs • Data-flow analysis

• Hybrid Analysis • Taint and blended analysis • Change impact analysis • Event-flow analysis

• Dynamic Analysis • Code quality checking • Tracing and visualization • Unused code detection

Page 18: Software Analysis for the Web: Achievements and Prospects

18

checkPrice()

XHR

updateItem()

suggestItem()

getUpdatedPrice() calculateTax()

addTaxToPrice()

Function XHR object DOM element Directed and labeled edge

Static analysis

Page 19: Software Analysis for the Web: Achievements and Prospects

Dynamic analysis

checkPrice()

XHR

updateItem()

suggestItem()

getUpdatedPrice() calculateTax()

#item231

#price-ca.price

displaySuggesCon()

Function XHR object DOM element Directed and labeled edge

Page 20: Software Analysis for the Web: Achievements and Prospects

Hybrid analysischeckPrice()

XHR

updateItem()

suggestItem()

getUpdatedPrice() calculateTax()

addTaxToPrice()

#item231

#price-ca.price

displaySuggesDon()

Function XHR object DOM element Directed and labeled edge

Page 21: Software Analysis for the Web: Achievements and Prospects

Web Code Testing

• Different types of testing• Cross-Browser testing• Deterministic capture/replay • Regression testing

• Test Adequecy• Guided mutation analysis• State-based coverage • Code coverage

• Test Generation• Event-based Crawling • Feedback-directed execution• (Dynamic) symbolic execution

Page 22: Software Analysis for the Web: Achievements and Prospects

22

State Coverage

Page 23: Software Analysis for the Web: Achievements and Prospects

23

Page 24: Software Analysis for the Web: Achievements and Prospects

24

Web Evolution Challenges

Achievements Prospects

Page 25: Software Analysis for the Web: Achievements and Prospects

Cross-Language Analysis

We don’t know how to infer proper control flow graphs for web code.

Stateless ServerBrowser

Async HTTPRequest

Response

Internet

JSON

JS, Java, PHP, Ruby,

etc

DOMCSS

JS

Page 26: Software Analysis for the Web: Achievements and Prospects

Cross-Language Program Slicing

Nguyen et al, FSE’14

Page 27: Software Analysis for the Web: Achievements and Prospects

Cross-Language Bug Detection

Ocariza et al, ICSE’15

Page 28: Software Analysis for the Web: Achievements and Prospects

Programmer Support in IDEs

• Code completion• Refactoring• Bug alerts• Smell detection

Page 29: Software Analysis for the Web: Achievements and Prospects

Web Programmer Support in IDEs

• Code completion• Refactoring• Bug alerts• Smell detection

Page 30: Software Analysis for the Web: Achievements and Prospects

Callback Hell

Page 31: Software Analysis for the Web: Achievements and Prospects

Refactoring to Promises

Page 32: Software Analysis for the Web: Achievements and Prospects

Test Case Maintenance

We need better: Web element locators

Repair techniques

Page 33: Software Analysis for the Web: Achievements and Prospects

Benchmarks for Comparison

33

SIR

Defect4J

BugBench?

DroidBench

Page 34: Software Analysis for the Web: Achievements and Prospects

Empirical Studies

Web analysis tools mainly built by reading best practices or through developer intuition and

anecdotal observation

Example: what are the most common cross-project bug patterns in web code?

Page 35: Software Analysis for the Web: Achievements and Prospects

Mining Repositories

Largely unexplored gold mines!

Page 36: Software Analysis for the Web: Achievements and Prospects

modules 250K

Page 37: Software Analysis for the Web: Achievements and Prospects

repositories 3.4M

Page 38: Software Analysis for the Web: Achievements and Prospects

developers 26K

������������

���������

��

�� ��

����������

��������

�������� �

������ �

��������

������

�������� �

������ �

��

MSR’13

Page 39: Software Analysis for the Web: Achievements and Prospects

Semi-automatic Learning

Page 40: Software Analysis for the Web: Achievements and Prospects

40

@Testpublic void testAddNote(){ get("http://localhost:8080/theorganizer/"); findElement(By.id("logon_username")). sendKeys("user"); findElement(By.id("logon_password")). sendKeys("pswd"); findElement(By. cssSelector("input type ="image"")).click(); assertEquals("Welcome to The Organizer!", closeAlertAndGetItsText()); findElement(By.id("newNote")). click(); findElement(By.id("noteCreateShow_subject")).sendKeys("Running Example"); findElement(By.id("noteCreateShow_text")).sendKeys("Create a simple running example"); findElement(By. cssSelector("input type ="image"")).click(); assertEquals("Note has been created.", findElement(By.id("mainContent")). getText()); findElement(By.id("logoff")).click();}

@Testpublic void testAddNote(){ get("http://localhost:8080/theorganizer/"); findElement(By.id("logon_username")). sendKeys("user"); findElement(By.id("logon_password")). sendKeys("pswd"); findElement(By. cssSelector("input type ="image"")).click(); assertEquals("Welcome to The Organizer!", closeAlertAndGetItsText()); findElement(By.id("newNote")). click(); findElement(By.id("noteCreateShow_subject")).sendKeys("Running Example"); findElement(By.id("noteCreateShow_text")).sendKeys("Create a simple running example"); findElement(By. cssSelector("input type ="image"")).click(); assertEquals("Note has been created.", findElement(By.id("mainContent")). getText()); findElement(By.id("logoff")).click();}

@Testpublic void testAddNote(){ get("http://localhost:8080/theorganizer/"); findElement(By.id("logon_username")). sendKeys("user"); findElement(By.id("logon_password")). sendKeys("pswd"); findElement(By. cssSelector("input type ="image"")).click(); assertEquals("Welcome to The Organizer!", closeAlertAndGetItsText()); findElement(By.id("newNote")). click(); findElement(By.id("noteCreateShow_subject")).sendKeys("Running Example"); findElement(By.id("noteCreateShow_text")).sendKeys("Create a simple running example"); findElement(By. cssSelector("input type ="image"")).click(); assertEquals("Note has been created.", findElement(By.id("mainContent")). getText()); findElement(By.id("logoff")).click();}

@Testpublic void testAddNote(){ get("http://localhost:8080/theorganizer/"); findElement(By.id("logon_username")). sendKeys("user"); findElement(By.id("logon_password")). sendKeys("pswd"); findElement(By. cssSelector("input type ="image"")).click(); assertEquals("Welcome to The Organizer!", closeAlertAndGetItsText()); findElement(By.id("newNote")). click(); findElement(By.id("noteCreateShow_subject")).sendKeys("Running Example"); findElement(By.id("noteCreateShow_text")).sendKeys("Create a simple running example"); findElement(By. cssSelector("input type ="image"")).click(); assertEquals("Note has been created.", findElement(By.id("mainContent")). getText()); findElement(By.id("logoff")).click();}

@Testpublic void testAddNote(){ get("http://localhost:8080/theorganizer/"); findElement(By.id("logon_username")). sendKeys("user"); findElement(By.id("logon_password")). sendKeys("pswd"); findElement(By. cssSelector("input type ="image"")).click(); assertEquals("Welcome to The Organizer!", closeAlertAndGetItsText()); findElement(By.id("newNote")). click(); findElement(By.id("noteCreateShow_subject")).sendKeys("Running Example"); findElement(By.id("noteCreateShow_text")).sendKeys("Create a simple running example"); findElement(By. cssSelector("input type ="image"")).click(); assertEquals("Note has been created.", findElement(By.id("mainContent")). getText()); findElement(By.id("logoff")).click();}

@Testpublic void testAddNote(){ get("http://localhost:8080/theorganizer/"); findElement(By.id("logon_username")). sendKeys("user"); findElement(By.id("logon_password")). sendKeys("pswd"); findElement(By. cssSelector("input type ="image"")).click(); assertEquals("Welcome to The Organizer!", closeAlertAndGetItsText()); findElement(By.id("newNote")). click(); findElement(By.id("noteCreateShow_subject")).sendKeys("Running Example"); findElement(By.id("noteCreateShow_text")).sendKeys("Create a simple running example"); findElement(By. cssSelector("input type ="image"")).click(); assertEquals("Note has been created.", findElement(By.id("mainContent")). getText()); findElement(By.id("logoff")).click();}

@Testpublic void testAddNote(){ get("http://localhost:8080/theorganizer/"); findElement(By.id("logon_username")). sendKeys("user"); findElement(By.id("logon_password")). sendKeys("pswd"); findElement(By. cssSelector("input type ="image"")).click(); assertEquals("Welcome to The Organizer!", closeAlertAndGetItsText()); findElement(By.id("newNote")). click(); findElement(By.id("noteCreateShow_subject")).sendKeys("Running Example"); findElement(By.id("noteCreateShow_text")).sendKeys("Create a simple running example"); findElement(By. cssSelector("input type ="image"")).click(); assertEquals("Note has been created.", findElement(By.id("mainContent")). getText()); findElement(By.id("logoff")).click();}

@Testpublic void testAddNote(){ get("http://localhost:8080/theorganizer/"); findElement(By.id("logon_username")). sendKeys("user"); findElement(By.id("logon_password")). sendKeys("pswd"); findElement(By. cssSelector("input type ="image"")).click(); assertEquals("Welcome to The Organizer!", closeAlertAndGetItsText()); findElement(By.id("newNote")). click(); findElement(By.id("noteCreateShow_subject")).sendKeys("Running Example"); findElement(By.id("noteCreateShow_text")).sendKeys("Create a simple running example"); findElement(By. cssSelector("input type ="image"")).click(); assertEquals("Note has been created.", findElement(By.id("mainContent")). getText()); findElement(By.id("logoff")).click();}

@Testpublic void testAddNote(){ get("http://localhost:8080/theorganizer/"); findElement(By.id("logon_username")). sendKeys("user"); findElement(By.id("logon_password")). sendKeys("pswd"); findElement(By. cssSelector("input type ="image"")).click(); assertEquals("Welcome to The Organizer!", closeAlertAndGetItsText()); findElement(By.id("newNote")). click(); findElement(By.id("noteCreateShow_subject")).sendKeys("Running Example"); findElement(By.id("noteCreateShow_text")).sendKeys("Create a simple running example"); findElement(By. cssSelector("input type ="image"")).click(); assertEquals("Note has been created.", findElement(By.id("mainContent")). getText()); findElement(By.id("logoff")).click();}

@Testpublic void testAddNote(){ get("http://localhost:8080/theorganizer/"); findElement(By.id("logon_username")). sendKeys("user"); findElement(By.id("logon_password")). sendKeys("pswd"); findElement(By. cssSelector("input type ="image"")).click(); assertEquals("Welcome to The Organizer!", closeAlertAndGetItsText()); findElement(By.id("newNote")). click(); findElement(By.id("noteCreateShow_subject")).sendKeys("Running Example"); findElement(By.id("noteCreateShow_text")).sendKeys("Create a simple running example"); findElement(By. cssSelector("input type ="image"")).click(); assertEquals("Note has been created.", findElement(By.id("mainContent")). getText()); findElement(By.id("logoff")).click();}

@Testpublic void testAddNote(){ get("http://localhost:8080/theorganizer/"); findElement(By.id("logon_username")). sendKeys("user"); findElement(By.id("logon_password")). sendKeys("pswd"); findElement(By. cssSelector("input type ="image"")).click(); assertEquals("Welcome to The Organizer!", closeAlertAndGetItsText()); findElement(By.id("newNote")). click(); findElement(By.id("noteCreateShow_subject")).sendKeys("Running Example"); findElement(By.id("noteCreateShow_text")).sendKeys("Create a simple running example"); findElement(By. cssSelector("input type ="image"")).click(); assertEquals("Note has been created.", findElement(By.id("mainContent")). getText()); findElement(By.id("logoff")).click();}

Page 41: Software Analysis for the Web: Achievements and Prospects

Learning AssertionsA classification problem:

• Is a web element important to be checked by an assertion?

Apply machine learning to train a classier• Features: position, size, page-rank, LinkNum, ChildNum, …

Page 42: Software Analysis for the Web: Achievements and Prospects

FROM MONOLITHIC APPS

Stateless ServerBrowser

Async HTTPRequest

Response

Internet

JSON

GenerateJSON

DOMCSS

JS

42

Page 43: Software Analysis for the Web: Achievements and Prospects

TO MICRO SERVICES

Micro ServicesBrowser

Restful HTTPRequest

Response

Internet

JSON

DOMCSS

JS

MicroService

MicroService

MicroService

MicroService

MicroService

MicroService

MicroService

MicroService

MicroService

MicroService

MicroService

MicroService

Page 44: Software Analysis for the Web: Achievements and Prospects

44

On the client Even in hardware! On the server

JavaScriptiseverywhere

Page 45: Software Analysis for the Web: Achievements and Prospects

45

“writeonce,runanywhere”

Instantaneoussoftwaredelivery

Anythingthatcanbewrittenasawebapp,willbewrittenasawebapp

(eventually)


European Cities Move Towards Sustainability Achievements and Prospects 1992-2012

MOTOR VEHICLE EMISSIONS CONTROL: PAST ACHIEVEMENTS, FUTURE PROSPECTS

Software Analytics - Achievements and Challenges

05/07/06Standard Model 21 The Standard Model of Fundamental Interactions Achievements and Prospects Gilles Cohen-Tannoudji

Task Group 3 Achievements and Prospects Ankie Piters, KNMI

fusion as a future power source: recent achievements and prospects

Journal of Dairy Research Individual dairy cow management: achievements, obstacles … · This review deals with the prospects and achievements of individual dairy cow management

Medical Biotechnology - Achievements Prospects and Perceptions (Albert Sasson, 2005) - Book

Drugs from nature past achievements, future prospects · Drugs from nature" past achievements, future prospects GORDON M CRAGG, DAVID J NEWMAN Abstract Nature has been a source of

National Institute of Statistic and Geography of Mexico Mexican System of National Accounts: achievements and prospects

CNGrid: Progress, achievements, and prospects Prof. Qian Depei Director, Sino-German Joint Software Institute (JSI) Beihang University [email protected]

GHANA HOUSEHOLD ENERGY PROJECT Status, Achievements and Prospects

SOUTH CHINA SEA STUDIES IN CHINA: ACHIEVEMENTS ... · 11 SYBIL SOUTH CHINA SEA STUDIES IN CHINA: ACHIEVEMENTS, CONSTRAINTS AND PROSPECTS 87 A. Sovereignty and Jurisdiction Any territorial

ESPON Workshops 5 and 6 October 2010 in Bruxelles The ESPON 2013 Programme: Achievements and Prospects

Global Challenges and Local Opportunities: Achievements and Prospects in the Baltic … · 2018. 11. 20. · Global Challenges and Local Opportunities: Achievements and Prospects

Global Challenges and Local Opportunities: Achievements and Prospects in the Baltic States

10 Years Of XMM-Newton: Scientific Achievements …events.iasfbo.inaf.it/xray2009/pdf/schartel_n.pdf1 XMM-Newton 10 Years Of XMM-Newton: Scientific Achievements And Future Prospects

Achievements and Prospects for Advanced Reactor Design …€¦ · Achievements and Prospects for Advanced Reactor Design and Fuel Cycles ... 2 0 0 4 IAEA – Scientific ... Achievements

Achievements and prospects of genomics-assisted …oar.icrisat.org/6408/7/BiotecAdv_31_1120-1134_2013.pdfAchievements and prospects of genomics-assisted ... S. Murali Mohan a, Pooran

Spherical Tokamaks: Achievements and Prospects

Extension Infrastructure: Recent Achievements and Future Prospects

Achievements and prospects of advanced materials processed

Achievements and Prospects of Korean Studies in France

Energy Efficiency in the EU15: Achievements and Prospects

The Standard Model of Fundamental Interactions Achievements and Prospects

Prospects for an Engineering Discipline of Software · Prospects for an Engineering Discipline of Software Mary Shaw, Carnegie Me//on University Software engineering is not yet a

8 Years of Building the Awesome. XB Software Company's Achievements

BIOTECHNOLOGIES: CURRENT ACHIEVEMENTS AND … · biotechnologies: current achievements and prospects social acceptance of biotechnology-derived products medical and pharmaceutical

State of poverty: Achievements, challenges and Prospects

State of poverty: Achievements, challenges and Prospects MKUKUTA: Achievements, challenges and Prospects 1

Current achievements and future prospects in the genetic

Energy Efficiency in the EU15: Achievements and Prospects Wolfgang Eichhammer Fraunhofer Institute for Systems and Innovation Research

Software Modernization Revisited:Challenges and Prospects

Prospects for an Engineering Discipline of Software · Prospects for an Engineering Discipline of Software Abstract: Software engineering is not yet a true engineering discipline,

Sylvestre Ouedraogo - The involvement of Yam Pukri ARDYIS Advisory Committee: Achievements and prospects