Abstract
Although JavaScript is the programming language dominating the web, applications built with it are hard to diagnose due to its dynamic and permissive features.As a consequence, programmers use dynamic analysis tools to facilitate debugging and testing, putting the focus of research on instrumentation platforms which support the implementation and deployment of dynamic analyses.
With current instrumentation platforms for JavaScript, analysis developers face the choice between portability or performance.
Source code instrumentation platforms inject the analysis into the target program by rewriting its source code to a variant including the analysis.
Thereby it provides a portable approach that can run in any JavaScript engine but suffers from a high-performance overhead and a lack of transparency.
In contrast, abstract syntax tree instrumentation platforms wrap the parsed program tree within the engine with instructions that include the dynamic analysis for further execution.
This approach offers high performance but suffers from a lack of portability as it is often specific to a JavaScript engine.
The choice between portability or performance limits the analysis developer as they would preferably have both.
In this work, we explore our implementation BoaSpect, an instrumentation platform which offers portability to enable execution in different runtimes while offering good performance.
BoaSpect is built at the level of bytecode interpretation in the JavaScript interpreter Boa, which leverages on WebAssembly as its compilation target for portability.
A benefit of designing BoaSpect at the interpreter level is the opportunity to extend the instrumentation interface with lower-level traps to the analysis developer which is hard, if not impossible, to implement and maintain using source code instrumentation.
To evaluate BoaSpect, we develop analyses using our extended instrumentation interface.
More specifically we evaluate its performance using the Sunspider benchmark suite.
We observe three key insights.
First, our extended interface enables defining analyses which cannot be implemented for source code instrumentation platforms due to source code reflection limitations.
Next, when comparing the same input analyses for both BoaSpect and source code instrumentation running on the Boa execution engine, we observe BoaSpect's execution to be 3 to 5 times faster than that of source code instrumentation.
Third, when targetting our approach to WebAssembly it has a performance similar to source code instrumentation, while still enabling more analyses and better instrumentation transparency.
Date of Award | 16 Sep 2022 |
---|---|
Original language | English |
Awarding Institution |
|
Supervisor | Elisa Gonzalez Boix (Promotor) & Angel Luis Scull Pupo (Advisor) |
Keywords
- JavaScript
- dynamic analysis
- instrumentation platform