An Empirical Study of Client-Side JavaScript Bugs (ESEM 2013)

Frolin Ocariza, Kartik Bajaj, Karthik Pattabiraman, and Ali Mesbah. An empirical study of client-side JavaScript bugs. In Proceedings of the ACM/IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM), 10 pages. IEEE Computer Society, 2013.

Abstract—Context: Client-side JavaScript is widely used in web applications to improve user-interactivity and minimize clientserver communications. Unfortunately, web applications are prone to JavaScript faults. While prior studies have demonstrated the prevalence of these faults, no attempts have been made to determine their root causes and consequences. Objective: The goal of our study is to understand the root causes and impacts of JavaScript faults and how the results can impact JavaScript programmers, testers and tool developers. Method: We perform an empirical study of 317 bug reports from 12 bug repositories. The bug reports are thoroughly examined to classify and extract information about the fault’s cause (the error) and consequence (the failure and impact). Result: The majority (65%) of JavaScript faults are DOM-related, meaning they are caused by faulty interactions of the JavaScript code with the Document Object Model (DOM). Further, 80% of the highest impact JavaScript faults are DOM-related. Finally, most JavaScript faults originate from programmer mistakes committed in the JavaScript code itself, as opposed to other web application components such as the server-side or HTML code. Conclusion: Given the prevalence of DOM-related faults, JavaScript programmers need development tools that can help them reason about the DOM. Also, testers should prioritize detection of DOM-related faults as most high impact faults belong to this category. Finally, developers can use the error patterns we found to design more powerful static analysis tools for JavaScript.

Real Challenges in Mobile App Development (ESEM 2013)

Mona Erfani Joorabchi, Ali Mesbah, and Philippe Kruchten. Real challenges in mobile app development. In Proceedings of the ACM/IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM), 10 pages. IEEE Computer Society, 2013.

Abstract—Context: Mobile app development is a relatively new phenomenon that is increasing rapidly due to the ubiquity and popularity of smartphones among end-users. Objective: The goal of our study is to gain an understanding of the main challenges developers face in practice when they build apps for different mobile devices. Method: We conducted a qualitative study, following a Grounded Theory approach, in which we interviewed 12 senior mobile developers from 9 different companies, followed by a semi-structured survey, with 188 respondents from the mobile development community. Results: The outcome is an overview of the current challenges faced by mobile developers in practice, such as developing apps across multiple platforms, lack of robust monitoring, analysis, and testing tools, and emulators that are slow or miss many features of mobile devices. Conclusion: Based on our findings of the current practices and challenges, we highlight areas that require more attention from the research and development community.

Hidden-web Induced by Client-side Scripting: An Empirical Study (ICWE 2013)

Zahra Behfarshad and Ali Mesbah. Hidden-web induced by client-side scripting: An empirical study. In Proceedings of the International Conference on Web Engineering (ICWE), 15 pages. Springer, 2013.

Abstract: Client-side JavaScript is increasingly used for enhancing web
application functionality, interactivity, and responsiveness. Through the
execution of JavaScript code in browsers, the DOM tree representing a
webpage at runtime, can be incrementally updated without requiring a
URL change. This dynamically updated content is hidden from general
search engines. In this paper, we present the rst empirical study on measuring and characterizing the hidden-web induced as a result of client-side JavaScript execution. Our study reveals that this type of hidden-web
content is prevalent in online web applications today: from the 500 websites we analyzed, 95% contain client-side hidden-web content; On those websites that contain client-side hidden-web content, (1) on average, 62%
of the web states are hidden, (2) per hidden state, there is an average of
19 kilobytes of data that is hidden from which 0.6 kilobytes contain textual content, (3) the DIV element is the most common clickable element
used (61%) to initiate this type of hidden-web state transition, and (4)
on average 25 minutes is required to dynamically crawl 50 DOM states.
Further, our study indicates that there is a correlation between DOM
tree size and hidden-web content, but no correlation exists between the
amount of JavaScript code and client-side hidden-web.

Efficient JavaScript Mutation Testing (ICST 2013)

Shabnam Mirshokraie, Ali Mesbah, and Karthik Pattabiraman (2013). Efficient JavaScript Mutation Testing. In Proceedings of the 6th IEEE International Conference on Software Testing, Verification and Validation, (ICST’13).

Abstract: Mutation testing is an effective test adequacy assessment technique. However, it suffers from two main issues. First, there is a high computational cost in executing the test suite against a potentially large pool of generated mutants. Second, there is much effort involved in filtering out equivalent mutants, which are syntactically different but semantically identical to the original program. Prior work has mainly focused on detecting equivalent mutants after the mutation generation phase, which is computationally expensive and has limited efficiency. In this paper, we propose a technique that leverages static and dynamic program analysis to guide the mutation generation process a-priori towards parts of the code that are error-prone or likely to influence the program’s output. Further, we focus on the JavaScript language, and propose a set of mutation operators that are specific to web applications. We implement our approach in a tool called Mutandis. We empirically evaluate Mutandis on a number of web applications to assess the efficacy of the approach.