Detecting And Locating Atomicity Violations In AJAX-based Web Applications

Web application is the software that runs at the client side or user interface by using a Web browser.A front-end Web application includes HTML pages,CSS style files,and related JavaScript files.AJAX(Asynchronous Javascript And XML)is the most common and most efficient implementation of asynchronous invocations in Web applications.The callback mechanism of asynchronous calls increases the throughput of client transactions,but it also causes concurrent defects between the browser and the server.Web application atomic violation is a special kind of concurrent defects,and the atomic area is interrupted by the asynchronous event callback mechanism.The operations of the triggered asynchronous events and callback executions within an atomic region should be continuous.When this continuous atomicity operation produces an asynchronous request behavior between the current asynchronous event and the callback operation sequence of another asynchronous event,the order becomes uncertain,and this situation ultimately affects the output of the results,and may cause the oversold products,the crashed systems and other serious problems.Existing research usually uses static analysis methods for Web application atomic violation detection.These methods have high coverage,but have the shortages of low accuracy and have difficulties in analyzing the dynamic characteristics of JavaScript.Therefore,according to the characteristics of JavaScript and dynamic analysis framework Jalangi,we have implemented the JavaScript atomicity violation detection and locating tool,AVChecker(short for Atomicity Violation Checker),based on the dynamic analysis and constraint solver.AVChecker includes five modules:dynamic instrumenting,atomic area identification,atomic violation detection,event modeling and atomic violation locating.(1)The dynamic instrumenting module first records the data flow and control flow information through the inserted statements,and then extracts some element information related to JavaScript functions in Web applications,including the XHR objects,the APIs corresponding to the DOM calls,the anonymous callback functions.(2)The atomic area recognition module mainly analyzes the call relation of JavaScript functions,including the calls of the callback functions,and then identifies the complete function executing chain of the callback phase,to identify three types of atomic regions,namely HTML,CSS and JavaScript.(3)Atomic violation detection module first constructs the inter-event constraints,including the atomic region constraints between events and the function constraints within events,then re-encodes these constraints,and uses the SMT solver to detect the existence of atomic violation.(4)Event modeling module collects Trace information and translates them into a complete event model(Aevent),and the modeling process includes the XHR object modeling,DOM element recognition and extraction,together with JavaScript callback function processing.(5)Atomic violation locating module achieves a fine-grained concurrent defect location,which firstly uses the finite state automata to express AJAX cycle,and then converts Trace to Aevent-based Trace according to the rules,finally locates the events against TAP(Target Aevent Pair),which lead to the atomic violations.The experiment dataset was selected from Alexa-top500,and we selected 22 sites that contain stable atomic violations.The experimental results show that AVChecker can effectively detect AJAX-based atomic violations in Web applications,and the result has low False Positives(18%).AVChecker has high accuracy rate(81.96%)when comparing with the existing method,EventRacer,and AVChecker can detect more types of DOM issues(175 vs 94).The experimental results show that the success rate of our locate algorithm is 84.5%.