Abstract image of a woman sitting on books and studying on a laptop

Vejovis: Suggesting Fixes for JavaScript Faults

SALT Lab @ UBC, profile picture
SALT Lab @ UBC

The document describes Vejovis, a tool for suggesting fixes for JavaScript faults in web applications. It summarizes that most JavaScript mistakes made by programmers involve parameters passed to DOM API methods, which are the most impactful and difficult to fix faults. Vejovis analyzes fault symptoms and the DOM structure to suggest repairs, focusing on the prominent categories of parameter modification and DOM element validation fixes used by developers.

Engineering
1 of 49
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
Vejovis: Suggesting Fixes for JavaScript Faults Frolin S. Ocariza, Jr. Karthik Pattabiraman, Ali Mesbah University of British Columbia
Problem and Motivation 2 JavaScript in web applications has plenty of reliability issues JS faults are not trivially Average of 4 JavaScript faults in production websites [ISSRE’11] JS faults lead to major functionality/fixed [ESEM’security 13] issues [ESEM’13]
Problem and Motivation 3 JavaScript in web applications has plenty of reliability issues, these JavaScript faults matter and these JavaScript faults are non-trivial to fix
Faults in JavaScript Code } Study of JS bug reports [ESEM’13] } Key Insight: Most (65%) mistakes programmers make in JS propagate to parameters of DOM API method calls } DOM API methods: getElementById, getElementsByTagName, jQuery’s $(), etc. } We also found that such faults are the most impactful, and take the longest to fix DOM-RELATED FAULTS 4
DOM-Related Fault Example var x = “yes”;! var elem = document.getElementById(x);! 5 div div div id = “yes”
DOM-Related Fault Example var x = “no”;! var elem = document.getElementById(x);! 6 div div div id = “yes” MISTAKE!
DOM-Related Fault Example var x = “no”;! var elem = document.getElementById(x);! 7 div div div id = “yes” MISTAKE! ID parameter evaluates to “no”, which is not in the DOM
Goal 8 Facilitate the process of fixing DOM-related faults
Fault Model } Suggest repairs for DOM-related faults } Only one mistake made 9
Common Developer Fixes } Study of 190 fixed bug reports from 12 web apps elem = getElementById(param) elem.innerHTML = “…” 10
Common Developer Fixes } Study of 190 fixed bug reports from 12 web apps elem = getElementById(new_param) elem.innerHTML = “…” Ways Programmers Fix Faults 11 Modify the parameter • Parameter Modification
Common Developer Fixes } Study of 190 fixed bug reports from 12 web apps elem = getElementById(param) if (elem) elem.innerHTML = “…” • Parameter Modification • DOM Element Validation 12 Check if null Ways Programmers Fix Faults
Common Developer Fixes } Study of 190 fixed bug reports from 12 web apps elem = querySelector(param) elem.innerHTML = “…” Ways Programmers Fix Faults Modify the method • Parameter Modification • DOM Element Validation • Method Modification 13
Common Developer Fixes } Study of 190 fixed bug reports from 12 web apps elem = getElementById(param) elem.innerHTML = “…” Ways Programmers Fix Faults • Parameter Modification • DOM Element Validation • Method Modification 14 27.2% 25.7% 24.6%
Structure in DOM Method Parameters getElementById(“no”)! ???! 15 WRONG RIGHT Question: How do we know that we should replace “no” with “yes” Answer: We need to infer programmer intent - Very difficult to do in general, but… - We have the DOM! div div div id = “yes”
Structure in DOM Method Parameters getElementById(“no”)! getElementById(“yes”)! 16 WRONG RIGHT Question: How do we know that we should replace “no” with “yes” Answer: We need to infer programmer intent - Very difficult to do in general, but… - We have the DOM! div div div id = “yes”
CSS Selectors 17 div#sample > table tr.hello Tag name “tr” Class name “hello” Is descendant Tag name “div” Is child Tag name “table” ID “sample” Input to querySelector(), $(), etc. to retrieve list of elements
Design 18 Direct DOM Access Data Collector (box a) Web Application URL Symptom Analyzer (box b) Treatment Suggester (box c) Supplementary Information Symptoms Data Possible Sicknesses List of Workaround Suggestions Figure 3: High-level block diagram of our design.
Running Example 1 firstTag = “div”;! 2 prefix = “pain-”;! 3 suffix = “elem”;! 4 level1 = firstTag + “#” + prefix + suffix;! 5 level2 = “span.cls”;! 6 e = $(level1 + “ “ + level2);! 7 e[0].innerHTML = “new content”;! 19 Access DOM element using CSS selector
Running Example 1 firstTag = “div”;! 2 prefix = “pain-”;! 3 suffix = “elem”;! 4 level1 = firstTag + “#” + prefix + suffix;! 5 level2 = “span.cls”;! 6 e = $(level1 + “ “ + level2);! 7 e[0].innerHTML = “new content”;! 20 Lines to set up the CSS selector passed to $()
Running Example 1 firstTag = “div”;! 2 prefix = “pain-”;! 3 suffix = “elem”;! 4 level1 = firstTag + “#” + prefix + suffix;! 5 level2 = “span.cls”;! 6 e = $(level1 + “ “ + level2);! 7 e[0].innerHTML = “new content”;! 21 Constructed selector: div#pain-elem span.cls
Running Example 1 firstTag = “div”;! 2 prefix = “pain-”;! 3 suffix = “elem”;! 4 level1 = firstTag + “#” + prefix + suffix;! 5 level2 = “span.cls”;! 6 e = $(level1 + “ “ + level2);! 7 e[0].innerHTML = “new content”;! 22 Constructed selector: div#pain-elem span.cls div Id = “main-elem” div Id = “wrapper” span class=“cls” span class=“cls”
Running Example 1 firstTag = “div”;! 2 prefix = “pain-”;! 3 suffix = “elem”;! 4 level1 = firstTag + “#” + prefix + suffix;! 5 level2 = “span.cls”;! 6 e = $(level1 + “ “ + level2);! 7 e[0].innerHTML = “new content”;! 23 Constructed selector: div#pain-elem span.cls div Id = “main-elem” div Id = “wrapper” span class=“cls” span class=“cls” Would return empty set!
Main Idea } Parameter Analysis: What portion of the parameter do we replace? } Context Analysis: How do we perform the replacement in the code? where a call to aDOMAPI meth-od added, removed, or modified in modification refers to changing originally called, not the param-eter getElementsByClassName, the is called instead). This cat-egory 24 fixes. significantly large portions of the Java- restructured to implement the 10.5% of the fixes. 12% of the fixes. the most prominent cate-gories DOM Element Validation, the fixes. Therefore, we fo-cus Although we do not consider repair approach, our algo-rithm class of errors, at the cost of 7). describe how programmers modify We discuss our findings for – Parameter Modification, Direct DOM Access Data Collector (box a) Web Application URL Symptom Analyzer (box b) Treatment Suggester (box c) Supplementary Information Symptoms Data Possible Sicknesses List of Workaround Suggestions Figure 3: High-level block diagram of our design. Summary of Findings. Our study shows that the most prominent fix categories are Parameter Modification and DOM Element Vali-dation. Our analysis also shows the prevalence of string value mod-ifications
Parameter Analysis: Dividing Components 25 Method/Property Modification, where a call to aDOMAPI meth-od (or property) is either added, removed, or modified in the JavaScript code. Here, modification refers to changing the method (or property) originally called, not the param-eter (e.g., instead of calling getElementsByClassName, the method getElementsByTagName is called instead). This cat-egory makes up 24.6% of the fixes. Major Refactoring, where significantly large portions of the Java- Invalid selector: Script code div#are modified pain-and restructured to implement the fix. This category makes up 10.5% elem of the fixes. span.cls Other/Uncategorized, which make up 12% of the fixes. As seen in the above fix categories, the most prominent cate-gories are Parameter Modification and DOM Element Validation, which make up over half (52.9%) of the fixes. Therefore, we fo-cus on these categories in our work. Although we do not consider Divide into components Method/Property Modifications in our repair approach, our algo-rithm can be adapted to include this class of errors, at the cost of increasing its complexity (see Section 7). Application of Fixes. We next describe how programmers modify the JavaScript code to apply the fixes. We discuss our findings for the three most prominent fix categories – Parameter Modification, DOM Element Validation, and Method/Property Modification. Parameter Modification: We found that 67.3% of fixes belong-ing Direct DOM Access div | # | pain-elem | | span | . | cls to the Parameter Modification fix category involve the modifi-cation of string values. The vast majority (around 70%) of these string value modifications were direct modifications of string liter-als in the JavaScript code. However, we also found cases where the string value modification was applied by adding a call to string modification methods such as replace(). We also analyzed the DOM methods/properties whose parame-ters are affected by the modified values. For string value modifica-tions, the methods/properties involved in multiple bug report fixes are getElementById(), $() and jQuery(); together, fixes involv-ing these methods comprise 51.4% of all string value modifications. For non-string value modifications, fixes involved modification of the numerical values assigned to elements’ style properties, partic-ularly their alignment and scroll position. DOM Element Validation: 75.5% of fixes belonging to this cat-egory are applied by simply wrapping the code using the pertinent DOM element within an if statement that performs the necessary validation (so that the code only executes if the check passes). Data Collector (box a) Web Application URL Symptom Analyzer (box b) Treatment Suggester (box c) Supplementary Information Symptoms Data Possible Sicknesses List of Workaround Suggestions Figure 3: High-level block diagram of our design. Summary of Findings. Our study shows that the most fix categories are Parameter Modification and DOM Element Our analysis also shows the prevalence of string value and null/undefined checks when applying fixes. most parameter modifications are for values eventually in DOM methods that retrieve elements from the DOM, the $(), jQuery() and getElementById() methods. results motivate our fault model choice in Section 4 as well choice of possible sickness classes in Section 5.2. 4. FAULT MODEL In this work, we focus on DOM API methods that retrieve from the DOM using CSS selectors, IDs, tag names, names, as we found that these were the common sources made by programmers (Section 3). These DOM API include getElementById(), getElementsByTagName(), querySelector(), and querySelect-orAll(). We also support DOM API wrapper methods made by commonly used JavaScript libraries including those (e.g., $() and jQuery()); Prototype (e.g., $$() and tinyMCE (e.g., get()), among others. For simplicity, we to all these DOM API methods as the direct DOM access. We further focus on code-terminating DOM-related faults,
Parameter Analysis: Dividing Components 26 Invalid selector: div#pain-elem span.cls Divide into components Direct DOM Access div | # | pain-elem | | span | . | cls tag has-id id has-descendant tag has-class class Method/Property Modification, where a call to aDOMAPI meth-od (or property) is either added, removed, or modified in the JavaScript code. Here, modification refers to changing the method (or property) originally called, not the param-eter (e.g., instead of calling getElementsByClassName, the method getElementsByTagName is called instead). This cat-egory makes up 24.6% of the fixes. Major Refactoring, where significantly large portions of the Java- Script code are modified and restructured to implement the fix. This category makes up 10.5% of the fixes. Other/Uncategorized, which make up 12% of the fixes. As seen in the above fix categories, the most prominent cate-gories are Parameter Modification and DOM Element Validation, which make up over half (52.9%) of the fixes. Therefore, we fo-cus on these categories in our work. Although we do not consider Method/Property Modifications in our repair approach, our algo-rithm can be adapted to include this class of errors, at the cost of increasing its complexity (see Section 7). Application of Fixes. We next describe how programmers modify the JavaScript code to apply the fixes. We discuss our findings for the three most prominent fix categories – Parameter Modification, DOM Element Validation, and Method/Property Modification. Parameter Modification: We found that 67.3% of fixes belong-ing to the Parameter Modification fix category involve the modifi-cation of string values. The vast majority (around 70%) of these string value modifications were direct modifications of string liter-als in the JavaScript code. However, we also found cases where the string value modification was applied by adding a call to string modification methods such as replace(). We also analyzed the DOM methods/properties whose parame-ters are affected by the modified values. For string value modifica-tions, the methods/properties involved in multiple bug report fixes are getElementById(), $() and jQuery(); together, fixes involv-ing these methods comprise 51.4% of all string value modifications. For non-string value modifications, fixes involved modification of the numerical values assigned to elements’ style properties, partic-ularly their alignment and scroll position. DOM Element Validation: 75.5% of fixes belonging to this cat-egory are applied by simply wrapping the code using the pertinent DOM element within an if statement that performs the necessary validation (so that the code only executes if the check passes). Data Collector (box a) Web Application URL Symptom Analyzer (box b) Treatment Suggester (box c) Supplementary Information Symptoms Data Possible Sicknesses List of Workaround Suggestions Figure 3: High-level block diagram of our design. Summary of Findings. Our study shows that the most fix categories are Parameter Modification and DOM Element Our analysis also shows the prevalence of string value and null/undefined checks when applying fixes. most parameter modifications are for values eventually in DOM methods that retrieve elements from the DOM, the $(), jQuery() and getElementById() methods. results motivate our fault model choice in Section 4 as well choice of possible sickness classes in Section 5.2. 4. FAULT MODEL In this work, we focus on DOM API methods that retrieve from the DOM using CSS selectors, IDs, tag names, names, as we found that these were the common sources made by programmers (Section 3). These DOM API include getElementById(), getElementsByTagName(), querySelector(), and querySelect-orAll(). We also support DOM API wrapper methods made by commonly used JavaScript libraries including those (e.g., $() and jQuery()); Prototype (e.g., $$() and tinyMCE (e.g., get()), among others. For simplicity, we to all these DOM API methods as the direct DOM access. We further focus on code-terminating DOM-related faults,
Parameter Analysis: Dividing Components 27 Method/Property Modification, where a call to aDOMAPI meth-od (or property) is either added, removed, or modified in the JavaScript code. Here, modification refers to changing the method (or property) originally called, not the param-eter (e.g., instead of calling getElementsByClassName, the method getElementsByTagName is called instead). This cat-egory makes up 24.6% of the fixes. Major Refactoring, where significantly large portions of the Java- Invalid selector: Script code div#are modified pain-and restructured to implement the fix. This category makes up 10.5% elem of the fixes. span.cls Other/Uncategorized, which make up 12% of the fixes. As seen in the above fix categories, the most prominent cate-gories are Parameter Modification and DOM Element Validation, which make up over half (52.9%) of the fixes. Therefore, we fo-cus on these categories in our work. Although we do not consider Subdivide each Method/Property component Modifications in our repair approach, according our algo-rithm to dynamic backward can be adapted to slice include this class of errors, at the cost of increasing its complexity (see Section 7). Application of Fixes. We next describe how programmers modify the JavaScript code to apply the fixes. We discuss our findings for the three most prominent fix categories – Parameter Modification, DOM Element Validation, and Method/Property Modification. Parameter Modification: We found that 67.3% of fixes belong-ing Direct DOM Access div | # | pain- | elem | | span | . | cls to the Parameter Modification fix category involve the modifi-cation of string values. The vast majority (around 70%) of these string value modifications were direct modifications of string liter-als in the JavaScript code. However, we also found cases where the string value modification was applied by adding a call to string modification methods such as replace(). We also analyzed the DOM methods/properties whose parame-ters are affected by the modified values. For string value modifica-tions, the methods/properties involved in multiple bug report fixes are getElementById(), $() and jQuery(); together, fixes involv-ing these methods comprise 51.4% of all string value modifications. Line 2 Line 3 For non-string value modifications, fixes involved modification of the numerical values assigned to elements’ style properties, partic-ularly their alignment and scroll position. DOM Element Validation: 75.5% of fixes belonging to this cat-egory are applied by simply wrapping the code using the pertinent DOM element within an if statement that performs the necessary validation (so that the code only executes if the check passes). Data Collector (box a) Web Application URL Symptom Analyzer (box b) Treatment Suggester (box c) Supplementary Information Symptoms Data Possible Sicknesses List of Workaround Suggestions Figure 3: High-level block diagram of our design. Summary of Findings. Our study shows that the most fix categories are Parameter Modification and DOM Element Our analysis also shows the prevalence of string value and null/undefined checks when applying fixes. most parameter modifications are for values eventually in DOM methods that retrieve elements from the DOM, the $(), jQuery() and getElementById() methods. results motivate our fault model choice in Section 4 as well choice of possible sickness classes in Section 5.2. 4. FAULT MODEL In this work, we focus on DOM API methods that retrieve from the DOM using CSS selectors, IDs, tag names, names, as we found that these were the common sources made by programmers (Section 3). These DOM API include getElementById(), getElementsByTagName(), querySelector(), and querySelect-orAll(). We also support DOM API wrapper methods made by commonly used JavaScript libraries including those (e.g., $() and jQuery()); Prototype (e.g., $$() and tinyMCE (e.g., get()), among others. For simplicity, we to all these DOM API methods as the direct DOM access. We further focus on code-terminating DOM-related faults,
Parameter Analysis: Dividing Components 1 firstTag = “div”;! 2 prefix = “pain-”;! 3 suffix = “elem”;! 4 level1 = firstTag + “#” + prefix + suffix;! 5 level2 = “span.cls”;! 6 e = $(level1 + “ “ + level2);! 7 e[0].innerHTML = “new content”;! 28 Backward slice of “pain-elem” Invalid selector: div#pain-elem span.cls div Id = “main-elem” div Id = “wrapper” span class=“cls” span class=“cls”
Parameter Analysis: Dividing Components 29 Method/Property Modification, where a call to aDOMAPI meth-od (or property) is either added, removed, or modified in the JavaScript code. Here, modification refers to changing the method (or property) originally called, not the param-eter (e.g., instead of calling getElementsByClassName, the method getElementsByTagName is called instead). This cat-egory makes up 24.6% of the fixes. Major Refactoring, where significantly large portions of the Java- Invalid selector: Script code div#are modified pain-and restructured to implement the fix. This category makes up 10.5% elem of the fixes. span.cls Other/Uncategorized, which make up 12% of the fixes. As seen in the above fix categories, the most prominent cate-gories are Parameter Modification and DOM Element Validation, which make up over half (52.9%) of the fixes. Therefore, we fo-cus on these categories in our work. Although we do not consider Subdivide each Method/Property component Modifications in our repair approach, according our algo-rithm to dynamic backward can be adapted to slice include this class of errors, at the cost of increasing its complexity (see Section 7). Application of Fixes. We next describe how programmers modify the JavaScript code to apply the fixes. We discuss our findings for the three most prominent fix categories – Parameter Modification, DOM Element Validation, and Method/Property Modification. Parameter Modification: We found that 67.3% of fixes belong-ing Direct DOM Access div | # | pain- | elem | | span | . | cls to the Parameter Modification fix category involve the modifi-cation of string values. The vast majority (around 70%) of these string value modifications were direct modifications of string liter-als in the JavaScript code. However, we also found cases where the string value modification was applied by adding a call to string modification methods such as replace(). We also analyzed the DOM methods/properties whose parame-ters are affected by the modified values. For string value modifica-tions, the methods/properties involved in multiple bug report fixes are getElementById(), $() and jQuery(); together, fixes involv-ing these methods comprise 51.4% of all string value modifications. For non-string value modifications, fixes involved modification of the numerical values assigned to elements’ style properties, partic-ularly their alignment and scroll position. DOM Element Validation: 75.5% of fixes belonging to this cat-egory are applied by simply wrapping the code using the pertinent DOM element within an if statement that performs the necessary validation (so that the code only executes if the check passes). Data Collector (box a) Web Application URL Symptom Analyzer (box b) Treatment Suggester (box c) Supplementary Information Symptoms Data Possible Sicknesses List of Workaround Suggestions Figure 3: High-level block diagram of our design. Summary of Findings. Our study shows that the most fix categories are Parameter Modification and DOM Element Our analysis also shows the prevalence of string value and null/undefined checks when applying fixes. most parameter modifications are for values eventually in DOM methods that retrieve elements from the DOM, the $(), jQuery() and getElementById() methods. results motivate our fault model choice in Section 4 as well choice of possible sickness classes in Section 5.2. 4. FAULT MODEL In this work, we focus on DOM API methods that retrieve from the DOM using CSS selectors, IDs, tag names, names, as we found that these were the common sources made by programmers (Section 3). These DOM API include getElementById(), getElementsByTagName(), querySelector(), and querySelect-orAll(). We also support DOM API wrapper methods made by commonly used JavaScript libraries including those (e.g., $() and jQuery()); Prototype (e.g., $$() and tinyMCE (e.g., get()), among others. For simplicity, we to all these DOM API methods as the direct DOM access. We further focus on code-terminating DOM-related faults,
Parameter Analysis: Finding Valid Selectors 30 Method/Property Modification, where a call to aDOMAPI meth-od (or property) is either added, removed, or modified in the JavaScript code. Here, modification refers to changing the method (or property) originally called, not the param-eter (e.g., instead of calling getElementsByClassName, the method getElementsByTagName is called instead). This cat-egory makes up 24.6% of the fixes. Major Refactoring, where significantly large portions of the Java- Invalid selector: Script code div#are modified pain-and restructured to implement the fix. This category makes up 10.5% elem of the fixes. span.cls Other/Uncategorized, which make up 12% of the fixes. As seen in the above fix categories, the most prominent cate-gories which make up over half (52.9%) of the fixes. Therefore, we fo-cus on these categories in our work. Although we do not consider div are Parameter Modification and DOM Element Validation, Method/Property Modifications in our repair approach, our algo-rithm Id = “main-elem” div Id = “wrapper” can be adapted to include this class of errors, at the cost of increasing its complexity (see Section 7). Application of Fixes. We next describe how programmers modify the JavaScript code to apply the fixes. We discuss our findings for the three most prominent fix categories – span Parameter Modification, DOM Element Validation, and Method/class=“Property Modification. Parameter Modification: We found that 67.3% cls” of fixes belong-ing to the Parameter Modification fix category involve the modifi-cation of string values. The vast majority (around 70%) of these span string value modifications were direct modifications of string liter-als in the JavaScript code. However, we also found cases where class=“cls” the string value modification was applied by adding a call to string modification methods such as replace(). We also analyzed the DOM methods/properties whose parame-ters Direct DOM Access Construct VALID selectors are affected by the modified values. For string value modifica-tions, the methods/properties from involved in current multiple bug report fixes DOM that are “sufficiently close” are getElementById(), $() and jQuery(); together, these to methods the comprise erroneous 51.4% of all string value one fixes involv-ing modifications. For non-string value modifications, fixes involved modification of the numerical values assigned to elements’ style properties, partic-ularly their alignment and scroll position. DOM Element Validation: 75.5% of fixes belonging to this cat-egory are applied by simply wrapping the code using the pertinent DOM element within an if statement that performs the necessary validation (so that the code only executes if the check passes). Data Collector (box a) Web Application URL Symptom Analyzer (box b) Treatment Suggester (box c) Supplementary Information Symptoms Data Possible Sicknesses List of Workaround Suggestions Figure 3: High-level block diagram of our design. Summary of Findings. Our study shows that the most fix categories are Parameter Modification and DOM Element Our analysis also shows the prevalence of string value and null/undefined checks when applying fixes. most parameter modifications are for values eventually in DOM methods that retrieve elements from the DOM, the $(), jQuery() and getElementById() methods. results motivate our fault model choice in Section 4 as well choice of possible sickness classes in Section 5.2. 4. FAULT MODEL In this work, we focus on DOM API methods that retrieve from the DOM using CSS selectors, IDs, tag names, names, as we found that these were the common sources made by programmers (Section 3). These DOM API include getElementById(), getElementsByTagName(), querySelector(), and querySelect-orAll(). We also support DOM API wrapper methods made by commonly used JavaScript libraries including those (e.g., $() and jQuery()); Prototype (e.g., $$() and tinyMCE (e.g., get()), among others. For simplicity, we to all these DOM API methods as the direct DOM access. We further focus on code-terminating DOM-related faults,
Parameter Analysis: Finding Valid Selectors 31 Method/Property Modification, where a call to aDOMAPI meth-od (or property) is either added, removed, or modified in the JavaScript code. Here, modification refers to changing the method (or property) originally called, not the param-eter (e.g., instead of calling getElementsByClassName, the method getElementsByTagName is called instead). This cat-egory makes up 24.6% of the fixes. Major Refactoring, where significantly large portions of the Java- Invalid selector: Script code div#are modified pain-and restructured to implement the fix. This category makes up 10.5% elem of the fixes. span.cls Other/Uncategorized, which make up 12% of the fixes. As seen in the above fix categories, the most prominent cate-gories are Parameter Modification and DOM Element Validation, List of valid selectors: div#main-elem span.cls div#wrapper span.cls which make up over half (52.9%) of the fixes. Therefore, we fo-cus on these categories in our work. Although we do not consider div Method/Property Modifications in our repair approach, our algo-rithm Id = “main-elem” div Id = “wrapper” can be adapted to include this class of errors, at the cost of increasing its complexity (see Section 7). Application of Fixes. We next describe how programmers modify the JavaScript code to apply the fixes. We discuss our findings for the three most prominent fix categories – span Parameter Modification, DOM Element Validation, and Method/class=“Property Modification. Parameter Modification: We found that 67.3% cls” of fixes belong-ing to the Parameter Modification fix category involve the modifi-cation of string values. The vast majority (around 70%) of these span string value modifications were direct modifications of string liter-als in the JavaScript code. However, we also found cases where class=“cls” the string value modification was applied by adding a call to string modification methods such as replace(). We also analyzed the DOM methods/properties whose parame-ters Direct DOM Access Construct VALID selectors are affected by the modified values. For string value modifica-tions, the methods/properties from involved in current multiple bug report fixes DOM that are “sufficiently close” are getElementById(), $() and jQuery(); together, these to methods the comprise erroneous 51.4% of all string value one fixes involv-ing modifications. For non-string value modifications, fixes involved modification of the numerical values assigned to elements’ style properties, partic-ularly their alignment and scroll position. DOM Element Validation: 75.5% of fixes belonging to this cat-egory are applied by simply wrapping the code using the pertinent DOM element within an if statement that performs the necessary validation (so that the code only executes if the check passes). Data Collector (box a) Web Application URL Symptom Analyzer (box b) Treatment Suggester (box c) Supplementary Information Symptoms Data Possible Sicknesses List of Workaround Suggestions Figure 3: High-level block diagram of our design. Summary of Findings. Our study shows that the most fix categories are Parameter Modification and DOM Element Our analysis also shows the prevalence of string value and null/undefined checks when applying fixes. most parameter modifications are for values eventually in DOM methods that retrieve elements from the DOM, the $(), jQuery() and getElementById() methods. results motivate our fault model choice in Section 4 as well choice of possible sickness classes in Section 5.2. 4. FAULT MODEL In this work, we focus on DOM API methods that retrieve from the DOM using CSS selectors, IDs, tag names, names, as we found that these were the common sources made by programmers (Section 3). These DOM API include getElementById(), getElementsByTagName(), querySelector(), and querySelect-orAll(). We also support DOM API wrapper methods made by commonly used JavaScript libraries including those (e.g., $() and jQuery()); Prototype (e.g., $$() and tinyMCE (e.g., get()), among others. For simplicity, we to all these DOM API methods as the direct DOM access. We further focus on code-terminating DOM-related faults,
Parameter Analysis: Inferring Possible Replacements [Example] 32 Invalid selector: div#pain-elem span.cls div | # | pain- | elem | | span | . | cls
Parameter Analysis: Inferring Possible Replacements [Example] 33 Invalid selector: div#pain-elem span.cls div | # | pain- | elem | | span | . | cls Assumed incorrect
Parameter Analysis: Inferring Possible Replacements [Example] 34 Invalid selector: div#pain-elem span.cls div | # | | elem | | span | . | cls Use as pattern List of valid selectors: div#main-elem span.cls div#wrapper span.cls
Parameter Analysis: Inferring Possible Replacements [Example] 35 Invalid selector: div#pain-elem span.cls div | # | | elem | | span | . | cls List of valid selectors: div#main-elem span.cls – MATCHES PATTERN! div#wrapper span.cls
Method/Property Modification, where a call to aDOMAPI meth-od Context Analysis (or property) is either added, removed, or modified in the JavaScript code. Here, modification refers to changing the method (or property) originally called, not the param-eter (e.g., instead of calling getElementsByClassName, the method getElementsByTagName is called instead). This cat-egory makes up 24.6% of the fixes. Direct DOM Access 1 firstTag = “div”;! 2 prefix = “pain-”;! 3 suffix = “elem”;! 4 level1 = firstTag + “#” + prefix + suffix;! 5 level2 = “span.cls”;! 6 e = $(level1 + “ “ + level2);! 7 e[0].innerHTML = “new content”;! 36 Major Refactoring, where significantly large portions of the Java- Script code are modified and restructured to implement the fix. This category makes up 10.5% of the fixes. Other/Uncategorized, which make up 12% of the fixes. As seen in the above fix categories, the most prominent cate-gories are Parameter Modification and DOM Element Validation, which make up over half (52.9%) of the fixes. Therefore, we fo-cus on these categories in our work. Although we do not consider Method/Property Modifications in our repair approach, our algo-rithm can be adapted to include this class of errors, at the cost of increasing its complexity (see Section 7). Application of Fixes. We next describe how programmers modify the JavaScript code to apply the fixes. We discuss our findings for the three most prominent fix categories – Parameter Modification, DOM Element Validation, and Method/Property Modification. Parameter Modification: We found that 67.3% of fixes belong-ing to the Parameter Modification fix category involve the modifi-cation of string values. The vast majority (around 70%) of these string value modifications were direct modifications of string liter-als in the JavaScript code. However, we also found cases where Invalid selector: div#the string value modification was applied by adding a call to string modification pain-methods such elem as replace(). span.cls We also analyzed the DOM methods/properties whose parame-ters Replacement selector: are affected by the div#modified values. For string value modifica-tions, the methods/properties involved main-in multiple bug report elem fixes span.cls are getElementById(), $() and jQuery(); together, fixes involv-ing these methods comprise 51.4% of all string value modifications. For non-string value modifications, fixes involved modification of the numerical values assigned to elements’ style properties, partic-ularly their alignment and scroll position. DOM Element Validation: 75.5% of fixes belonging to this cat-egory are applied by simply wrapping the code using the pertinent DOM element within an if statement that performs the necessary validation (so that the code only executes if the check passes). Other modifications include (1) adding a check before the DOM element is used so that the method returns if the check fails; (2) adding a check before the DOM element is used such that the value of the DOM element or its property is updated if the check fails; (3) encapsulating the code using the DOM element in an if-else statement so that a backup value can be used in case the check fails; and finally (4) encapsulating the code in a try-catch state-ment. The most prevalent checks are null/undefined checks, i.e., the code has been modified to check if the DOM element is null or Data Collector (box a) Web Application URL Symptom Analyzer (box b) Treatment Suggester (box c) Supplementary Information Symptoms Data Possible Sicknesses List of Workaround Suggestions Figure 3: High-level block diagram of our design. Summary of Findings. Our study shows that the most prominent fix categories are Parameter Modification and DOM Element Our analysis also shows the prevalence of string value and null/undefined checks when applying fixes. most parameter modifications are for values eventually in DOM methods that retrieve elements from the DOM, particu-larly the $(), jQuery() and getElementById() methods. results motivate our fault model choice in Section 4 as well as choice of possible sickness classes in Section 5.2. 4. FAULT MODEL In this work, we focus on DOM API methods that retrieve from the DOM using CSS selectors, IDs, tag names, or names, as we found that these were the common sources of made by programmers (Section 3). These DOM API methods include getElementById(), getElementsByTagName(), getEl-ementsByClassName(), querySelector(), and querySelect-orAll(). We also support DOM API wrapper methods made by commonly used JavaScript libraries including those in (e.g., $() and jQuery()); Prototype (e.g., $$() and $()); tinyMCE (e.g., get()), among others. For simplicity, we will to all these DOM API methods as the direct DOM access. We further focus on code-terminating DOM-related faults, means theDOMAPI method returns null, undefined, or an set of elements, eventually leading to a null or an undefined excep-tion (thereby terminating JavaScript execution). However, our can also be extended to apply to output-related DOM-related faults, i.e., those that lead to incorrect output manifested on DOM. Such faults would require the programmer to manually the directDOMaccess. In contrast, with code-terminating faults, the direct DOM access can be determined automat-ically using the AUTOFLOX tool proposed in our prior work
Method/Property Modification, where a call to aDOMAPI meth-od Context Analysis (or property) is either added, removed, or modified in the JavaScript code. Here, modification refers to changing the method (or property) originally called, not the param-eter (e.g., instead of calling getElementsByClassName, the method getElementsByTagName is called instead). This cat-egory makes up 24.6% of the fixes. Direct DOM Access 1 firstTag = “div”;! 2 prefix = “main-”;! 3 suffix = “elem”;! 4 level1 = firstTag + “#” + prefix + suffix;! 5 level2 = “span.cls”;! 6 e = $(level1 + “ “ + level2);! 7 e[0].innerHTML = “new content”;! 37 Major Refactoring, where significantly large portions of the Java- Script code are modified and restructured to implement the fix. This category makes up 10.5% of the fixes. String literal replaced Other/Uncategorized, which make up 12% of the fixes. As seen in the above fix categories, the most prominent cate-gories are Parameter Modification and DOM Element Validation, which make up over half (52.9%) of the fixes. Therefore, we fo-cus on these categories in our work. Although we do not consider Method/Property Modifications in our repair approach, our algo-rithm can be adapted to include this class of errors, at the cost of increasing its complexity (see Section 7). Application of Fixes. We next describe how programmers modify the JavaScript code to apply the fixes. We discuss our findings for the three most prominent fix categories – Parameter Modification, DOM Element Validation, and Method/Property Modification. Parameter Modification: We found that 67.3% of fixes belong-ing to the Parameter Modification fix category involve the modifi-cation of string values. The vast majority (around 70%) of these string value modifications were direct modifications of string liter-als in the JavaScript code. However, we also found cases where Invalid selector: div#pain-elem span.cls the string value modification was applied by adding a call to string modification methods such as replace(). We also analyzed the DOM methods/properties whose parame-ters are affected by the modified values. For string value modifica-tions, the methods/properties involved in multiple bug report fixes Replacement selector: div#main-elem span.cls are getElementById(), $() and jQuery(); together, fixes involv-ing these methods comprise 51.4% of all string value modifications. For non-string value modifications, fixes involved modification of the numerical values assigned to elements’ style properties, partic-ularly their alignment and scroll position. DOM Element Validation: 75.5% of fixes belonging to this cat-egory are applied by simply wrapping the code using the pertinent DOM element within an if statement that performs the necessary validation (so that the code only executes if the check passes). Other modifications include (1) adding a check before the DOM element is used so that the method returns if the check fails; (2) adding a check before the DOM element is used such that the value of the DOM element or its property is updated if the check fails; (3) encapsulating the code using the DOM element in an if-else statement so that a backup value can be used in case the check fails; and finally (4) encapsulating the code in a try-catch state-ment. The most prevalent checks are null/undefined checks, i.e., the code has been modified to check if the DOM element is null or Data Collector (box a) Web Application URL Symptom Analyzer (box b) Treatment Suggester (box c) Supplementary Information Symptoms Data Possible Sicknesses List of Workaround Suggestions Figure 3: High-level block diagram of our design. Summary of Findings. Our study shows that the most prominent fix categories are Parameter Modification and DOM Element Our analysis also shows the prevalence of string value and null/undefined checks when applying fixes. most parameter modifications are for values eventually in DOM methods that retrieve elements from the DOM, particu-larly the $(), jQuery() and getElementById() methods. results motivate our fault model choice in Section 4 as well as choice of possible sickness classes in Section 5.2. 4. FAULT MODEL In this work, we focus on DOM API methods that retrieve from the DOM using CSS selectors, IDs, tag names, or names, as we found that these were the common sources of made by programmers (Section 3). These DOM API methods include getElementById(), getElementsByTagName(), getEl-ementsByClassName(), querySelector(), and querySelect-orAll(). We also support DOM API wrapper methods made by commonly used JavaScript libraries including those in (e.g., $() and jQuery()); Prototype (e.g., $$() and $()); tinyMCE (e.g., get()), among others. For simplicity, we will to all these DOM API methods as the direct DOM access. We further focus on code-terminating DOM-related faults, means theDOMAPI method returns null, undefined, or an set of elements, eventually leading to a null or an undefined excep-tion (thereby terminating JavaScript execution). However, our can also be extended to apply to output-related DOM-related faults, i.e., those that lead to incorrect output manifested on DOM. Such faults would require the programmer to manually the directDOMaccess. In contrast, with code-terminating faults, the direct DOM access can be determined automat-ically using the AUTOFLOX tool proposed in our prior work
Method/Property Modification, where a call to aDOMAPI meth-od Context Analysis (or property) is either added, removed, or modified in the JavaScript code. Here, modification refers to changing the method (or property) originally called, not the param-eter (e.g., instead of calling getElementsByClassName, the method getElementsByTagName is called instead). This cat-egory makes up 24.6% of the fixes. Direct DOM Access 1 firstTag = “div”;! 2 prefix = “main-”;! 3 suffix = “elem”;! 4 level1 = firstTag + “#” + prefix + suffix;! 5 level2 = “span.cls”;! 6 e = $(level1 + “ “ + level2);! 7 e[0].innerHTML = “new content”;! 38 Major Refactoring, where significantly large portions of the Java- Script code are modified and restructured to implement the fix. This category makes up 10.5% of the fixes. String literal replaced Other/Uncategorized, which make up 12% of the fixes. As seen in the above fix categories, the most prominent cate-gories are Parameter Modification and DOM Element Validation, which make up over half (52.9%) of the fixes. Therefore, we fo-cus on these categories in our work. Although we do not consider Method/Property Modifications in our repair approach, our algo-rithm can be adapted to include this class of errors, at the cost of increasing its complexity (see Section 7). Application of Fixes. We next describe how programmers modify the JavaScript code to apply the fixes. We discuss our findings for the three most prominent fix categories – Parameter Modification, DOM Element Validation, and Method/Property Modification. Parameter Modification: We found that 67.3% of fixes belong-ing to the Parameter Modification fix category involve the modifi-cation of string values. The vast majority (around 70%) of these string value modifications were direct modifications of string liter-als in the JavaScript code. However, we also found cases where Invalid selector: div#pain-elem span.cls the string value modification was applied by adding a call to string modification methods such as replace(). We also analyzed the DOM methods/properties whose parame-ters are affected by the modified values. For string value modifica-tions, the methods/properties involved in multiple bug report fixes Replacement selector: div#main-elem span.cls are getElementById(), $() and jQuery(); together, fixes involv-ing these methods comprise 51.4% of all string value modifications. For non-string value modifications, fixes involved modification of the numerical values assigned to elements’ style properties, partic-ularly Message: their alignment and scroll position. DOM Element Validation: 75.5% of fixes belonging to this cat-egory REPLACE STRING LITERAL are applied by simply “wrapping pain-” the code using the in pertinent line 2 with string literal “main-” DOM element within an if statement that performs the necessary validation (so that the code only executes if the check passes). Other modifications include (1) adding a check before the DOM element is used so that the method returns if the check fails; (2) adding a check before the DOM element is used such that the value of the DOM element or its property is updated if the check fails; (3) encapsulating the code using the DOM element in an if-else statement so that a backup value can be used in case the check fails; and finally (4) encapsulating the code in a try-catch state-ment. The most prevalent checks are null/undefined checks, i.e., the code has been modified to check if the DOM element is null or Data Collector (box a) Web Application URL Symptom Analyzer (box b) Treatment Suggester (box c) Supplementary Information Symptoms Data Possible Sicknesses List of Workaround Suggestions Figure 3: High-level block diagram of our design. Summary of Findings. Our study shows that the most prominent fix categories are Parameter Modification and DOM Element Our analysis also shows the prevalence of string value and null/undefined checks when applying fixes. most parameter modifications are for values eventually in DOM methods that retrieve elements from the DOM, particu-larly the $(), jQuery() and getElementById() methods. results motivate our fault model choice in Section 4 as well as choice of possible sickness classes in Section 5.2. 4. FAULT MODEL In this work, we focus on DOM API methods that retrieve from the DOM using CSS selectors, IDs, tag names, or names, as we found that these were the common sources of made by programmers (Section 3). These DOM API methods include getElementById(), getElementsByTagName(), getEl-ementsByClassName(), querySelector(), and querySelect-orAll(). We also support DOM API wrapper methods made by commonly used JavaScript libraries including those in (e.g., $() and jQuery()); Prototype (e.g., $$() and $()); tinyMCE (e.g., get()), among others. For simplicity, we will to all these DOM API methods as the direct DOM access. We further focus on code-terminating DOM-related faults, means theDOMAPI method returns null, undefined, or an set of elements, eventually leading to a null or an undefined excep-tion (thereby terminating JavaScript execution). However, our can also be extended to apply to output-related DOM-related faults, i.e., those that lead to incorrect output manifested on DOM. Such faults would require the programmer to manually the directDOMaccess. In contrast, with code-terminating faults, the direct DOM access can be determined automat-ically using the AUTOFLOX tool proposed in our prior work
Context Analysis: Non-”Replace” Messages } Loops – “replace” may be unsafe } String value doesn’t originate from string literal } Analyze the context! 39 MESSAGE TYPES REPLACE REPLACE AT ITERATION OFF BY ONE AT BEGINNING OFF BY ONE AT END MODIFY UPPER BOUND EXCLUDE ITERATION ENSURE
Implementation } Vejovis http://ece.ubc.ca/~frolino/projects/vejovis } Data collection: Rhino and Crawljax } Pattern matching: Hampi 40
Usage Model 41 VEJOVIS INPUTS OUTPUT URL AUTOFLOX DOM METHOD LOCATION LIST OF ACTIONABLE REPAIR MESSAGES
Evaluation: Research Questions RQ1: What is the accuracy of Vejovis in suggesting a correct repair? RQ2: How quickly can Vejovis determine possible replacements? What is its performance overhead? 42
RQ1: Accuracy of Vejovis Subjects JS Code Size (KB) Drupal 213 Ember.js 745 Joomla 434 jQuery 94 Moodle 352 MooTools 101 Prototype 164 Roundcube 729 TYPO3 2252 WikiMedia 160 WordPress 197 43 • 22 bug reports (2 per app, and randomly chosen) • Replicated bug and ran with Vejovis • Recall and Precision RECALL: 100% if correct fix appears; 0% otherwise PRECISION: Measure of extraneous suggestions
RQ1: Recall Subject Bug Report #1 Bug Report #2 Drupal ✔ ✔ Ember.js ✔ ✔ Joomla ✔ ✔ jQuery ✔ ✗ Moodle ✔ ✔ MooTools ✔ ✔ Prototype ✔ ✔ Roundcube ✔ ✗ TYPO3 ✔ ✔ WikiMedia ✔ ✔ WordPress ✔ ✔ 44 Overall Recall: 91%
RQ1: Precision Subject Bug Report #1 Bug Report #2 Drupal 3% 25% Ember.js 50% 33% Joomla 1% 1% jQuery 1% 0% Moodle 3% 3% MooTools 50% 50% Prototype 17% 50% Roundcube 1% 0% TYPO3 1% 100% WikiMedia 4% 1% WordPress 3% 1% 45 Avg. Precision: 2% 49 suggestions per bug on average! Improvements 1. Edit distance bound 2. Ranked suggestions
Alternative: Ranking Subject Bug Report 46 #1 Bug Report #2 Drupal 31 / 40 1 / 4 Ember.js 1 / 2 1 / 3 Joomla 1 / 88 1 / 88 jQuery 2 / 108 - Moodle 2 / 37 1 / 37 MooTools 2 / 2 1 / 2 Prototype 1 / 6 1 / 2 Roundcube 4 / 79 - TYPO3 1 / 187 1 / 1 WikiMedia 6 / 24 1 / 71 WordPress 13 / 30 1 / 170 #1 Ranking in 13 out of 20 bugs Conservative ranking Ranking seems to be beneficial
RQ2: Performance } Takes average of 44 seconds to find correct fix } Worst case: 91.1 seconds (Joomla) 47
Threats to Validity } External: Evaluated on 11 web apps } Internal: Took bugs from earlier empirical study 48
Conclusion } Vejovis: replacement suggestor for DOM-related faults } Project Link: http://ece.ubc.ca/~frolino/projects/vejovis } Evaluated on 22 real-world bugs } Good recall – 91% } Correct fix ranked #1 in 13/20 cases } Average 44 s to complete 49

More Related Content

PPTX
Testing the Untestable
Mark Baker
 
PPTX
Clean tests good tests
Shopsys Framework
 
PDF
Advanced java practical semester 6_computer science
Niraj Bharambe
 
ODP
Bring the fun back to java
ciklum_ods
 
PDF
FunctionalInterfaces
YourVirtual Class
 
DOC
Converting Db Schema Into Uml Classes
Kaniska Mandal
 
PDF
Javaslang @ Devoxx
David Schmitz
 
PPT
Test driven development_for_php
Lean Teams Consultancy
 
Testing the Untestable
Mark Baker
 
Clean tests good tests
Shopsys Framework
 
Advanced java practical semester 6_computer science
Niraj Bharambe
 
Bring the fun back to java
ciklum_ods
 
FunctionalInterfaces
YourVirtual Class
 
Converting Db Schema Into Uml Classes
Kaniska Mandal
 
Javaslang @ Devoxx
David Schmitz
 
Test driven development_for_php
Lean Teams Consultancy
 

What's hot (13)

PDF
Javaslang Talk @ Javaland 2017
David Schmitz
 
ODP
Clean code and refactoring
Yuriy Gerasimov
 
PDF
Why Your Test Suite Sucks - PHPCon PL 2015
CiaranMcNulty
 
PPTX
TDD Training
Manuela Grindei
 
PDF
Workshop quality assurance for php projects - phpdublin
Michelangelo van Dam
 
PDF
guice-servlet
Masaaki Yonebayashi
 
PDF
The django quiz
Agiliq Info Solutions India Pvt Ltd
 
PPT
TDD, BDD, RSpec
Nascenia IT
 
PPTX
Pi j1.3 operators
mcollison
 
PDF
Cracking OCA and OCP Java 8 Exams
Ganesh Samarthyam
 
KEY
Developer testing 101: Become a Testing Fanatic
LB Denker
 
PPT
Spring talk111204
s4al_com
 
PPT
Spring
s4al_com
 
Javaslang Talk @ Javaland 2017
David Schmitz
 
Clean code and refactoring
Yuriy Gerasimov
 
Why Your Test Suite Sucks - PHPCon PL 2015
CiaranMcNulty
 
TDD Training
Manuela Grindei
 
Workshop quality assurance for php projects - phpdublin
Michelangelo van Dam
 
guice-servlet
Masaaki Yonebayashi
 
The django quiz
Agiliq Info Solutions India Pvt Ltd
 
TDD, BDD, RSpec
Nascenia IT
 
Pi j1.3 operators
mcollison
 
Cracking OCA and OCP Java 8 Exams
Ganesh Samarthyam
 
Developer testing 101: Become a Testing Fanatic
LB Denker
 
Spring talk111204
s4al_com
 
Spring
s4al_com
 
Ad

Viewers also liked (14)

PDF
Automated Analysis of CSS Rules to Support Style Maintenance
SALT Lab @ UBC
 
PPTX
إندونيسيا
Nur Aqila Ashikin Ismail
 
PDF
DOM-based Test Adequacy Criteria for Web Applications
SALT Lab @ UBC
 
PPTX
Ελευθέριος Βενιζέλος
Irene Salvaraki
 
PDF
ผลไม้ไทย
akit2541
 
PPT
Λόρδος Βύρωνας
Irene Salvaraki
 
PPTX
Efficient JavaScript Mutation Testing
SALT Lab @ UBC
 
PDF
สำนวนสุภาษิตไทย
akit2541
 
DOCX
Karya Tulis Ilmiah (Rahma Mahmudah)
Rahma Mahmudah
 
PDF
Understanding JavaScript Event-based Interactions
SALT Lab @ UBC
 
PPTX
Arya 3
aryaakhil
 
DOCX
Dinesh_Mangal - Cement Industry
dineshmangal
 
PPTX
Το ημερολόγιο της Άννας Φράνκ
Irene Salvaraki
 
PPTX
Sífilis congénita expo
abigail_castro
 
Automated Analysis of CSS Rules to Support Style Maintenance
SALT Lab @ UBC
 
إندونيسيا
Nur Aqila Ashikin Ismail
 
DOM-based Test Adequacy Criteria for Web Applications
SALT Lab @ UBC
 
Ελευθέριος Βενιζέλος
Irene Salvaraki
 
ผลไม้ไทย
akit2541
 
Λόρδος Βύρωνας
Irene Salvaraki
 
Efficient JavaScript Mutation Testing
SALT Lab @ UBC
 
สำนวนสุภาษิตไทย
akit2541
 
Karya Tulis Ilmiah (Rahma Mahmudah)
Rahma Mahmudah
 
Understanding JavaScript Event-based Interactions
SALT Lab @ UBC
 
Arya 3
aryaakhil
 
Dinesh_Mangal - Cement Industry
dineshmangal
 
Το ημερολόγιο της Άννας Φράνκ
Irene Salvaraki
 
Sífilis congénita expo
abigail_castro
 
Ad

Similar to Vejovis: Suggesting Fixes for JavaScript Faults (20)

PPTX
Dompletion: DOM-Aware JavaScript Code Completion
SALT Lab @ UBC
 
PPTX
Amin Milani Fard: Directed Model Inference for Testing and Analysis of Web Ap...
knowdiff
 
PDF
The DOM is a Mess @ Yahoo
jeresig
 
PPTX
Maintainable JavaScript 2012
Nicholas Zakas
 
PDF
Maintainable Javascript carsonified
Christian Heilmann
 
PPT
Javascript and Jquery Best practices
Sultan Khan
 
PPTX
jQuery Data Manipulate API - A source code dissecting journey
Huiyi Yan
 
PDF
Maintainable JavaScript 2011
Nicholas Zakas
 
PDF
Surviving javascript.pptx
Tamas Rev
 
PDF
Building a JavaScript Library
jeresig
 
KEY
User Interface Development with jQuery
colinbdclark
 
PDF
Functional Javascript
guest4d57e6
 
PPTX
Self-Generating Test Artifacts for Selenium/WebDriver
seleniumconf
 
PDF
JavaScript
Bharti Gupta
 
KEY
JavaScript Neednt Hurt - JavaBin talk
Thomas Kjeldahl Nilsson
 
PPT
Web Performance Tips
Ravi Raj
 
PDF
Managing and evolving JavaScript Code
Jean Carlo Emer
 
PPTX
unit4 wp.pptxjvlbpuvghuigv8ytg2ugvugvuygv
utsavsd11
 
PPTX
How do software engineers understand code changes?
Yida Tao
 
PDF
Zepto and the rise of the JavaScript Micro-Frameworks
Thomas Fuchs
 
Dompletion: DOM-Aware JavaScript Code Completion
SALT Lab @ UBC
 
Amin Milani Fard: Directed Model Inference for Testing and Analysis of Web Ap...
knowdiff
 
The DOM is a Mess @ Yahoo
jeresig
 
Maintainable JavaScript 2012
Nicholas Zakas
 
Maintainable Javascript carsonified
Christian Heilmann
 
Javascript and Jquery Best practices
Sultan Khan
 
jQuery Data Manipulate API - A source code dissecting journey
Huiyi Yan
 
Maintainable JavaScript 2011
Nicholas Zakas
 
Surviving javascript.pptx
Tamas Rev
 
Building a JavaScript Library
jeresig
 
User Interface Development with jQuery
colinbdclark
 
Functional Javascript
guest4d57e6
 
Self-Generating Test Artifacts for Selenium/WebDriver
seleniumconf
 
JavaScript
Bharti Gupta
 
JavaScript Neednt Hurt - JavaBin talk
Thomas Kjeldahl Nilsson
 
Web Performance Tips
Ravi Raj
 
Managing and evolving JavaScript Code
Jean Carlo Emer
 
unit4 wp.pptxjvlbpuvghuigv8ytg2ugvugvuygv
utsavsd11
 
How do software engineers understand code changes?
Yida Tao
 
Zepto and the rise of the JavaScript Micro-Frameworks
Thomas Fuchs
 

Recently uploaded (20)

PPT
Chapter 1 - Introduction to Manufacturing Technology_2.ppt
garciajeremiah070
 
PDF
Exploratory_Data_Analysis_Fundamentals.pdf
Ashutosh Satapathy
 
PDF
null (2) bgfbg bfgb bfgb fbfg bfbgf b.pdf
Ramez Hosny
 
PDF
Unit I -OPERATING SYSTEMS_SRM_KATTANKULATHUR.pptx.pdf
HarshDudhatra4
 
PPTX
Chemical Technological Processes, Feasibility Study and Chemical Process Indu...
Raihan87
 
PDF
Artificial Superintelligence (ASI) Alliance Vision Paper.pdf
SonaliPatil325517
 
PPTX
Module 8- Technological and Communication Skills.pptx
Ramya Nellutla
 
PDF
Java Basics-Introduction and program control
lohithsrikarb719
 
PDF
Computer System Architecture 3rd Edition-M Morris Mano.pdf
Nune SrinivasRao
 
PPTX
Graph Data Structures with Types, Traversals, Connectivity, and Real-Life App...
usham61
 
PDF
Implantable Drug Delivery System_NDDS_BPHARMACY__SEM VII_PCI .pdf
SabsKhan1
 
PDF
Prof. Dr. KAYIHURA A. SILAS MUNYANEZA, PhD..pdf
Rutherford University of Science and Technology, Rwanda
 
PPTX
Information Storage and Retrieval Techniques Unit III
jeyamohan2519
 
PDF
LOW POWER CLASS AB SI POWER AMPLIFIER FOR WIRELESS MEDICAL SENSOR NETWORK
RandyClara
 
PDF
First part_B-Image Processing - 1 of 2).pdf
barabre
 
PDF
August 2025 - Top 10 Read Articles in Network Security & Its Applications
IJNSA Journal
 
PDF
UEFA_Embodied_Carbon_Emissions_Football_Infrastructure.pdf
tuchinad02
 
PPTX
AUTOMOTIVE ENGINE MANAGEMENT (MECHATRONICS).pptx
joanaabban6
 
PPTX
ASME PCC-02 TRAINING -DESKTOP-NLE5HNP.pptx
laxmikantvjawale
 
PPTX
Software Engineering and software moduleing
deepikame6
 
Chapter 1 - Introduction to Manufacturing Technology_2.ppt
garciajeremiah070
 
Exploratory_Data_Analysis_Fundamentals.pdf
Ashutosh Satapathy
 
null (2) bgfbg bfgb bfgb fbfg bfbgf b.pdf
Ramez Hosny
 
Unit I -OPERATING SYSTEMS_SRM_KATTANKULATHUR.pptx.pdf
HarshDudhatra4
 
Chemical Technological Processes, Feasibility Study and Chemical Process Indu...
Raihan87
 
Artificial Superintelligence (ASI) Alliance Vision Paper.pdf
SonaliPatil325517
 
Module 8- Technological and Communication Skills.pptx
Ramya Nellutla
 
Java Basics-Introduction and program control
lohithsrikarb719
 
Computer System Architecture 3rd Edition-M Morris Mano.pdf
Nune SrinivasRao
 
Graph Data Structures with Types, Traversals, Connectivity, and Real-Life App...
usham61
 
Implantable Drug Delivery System_NDDS_BPHARMACY__SEM VII_PCI .pdf
SabsKhan1
 
Prof. Dr. KAYIHURA A. SILAS MUNYANEZA, PhD..pdf
Rutherford University of Science and Technology, Rwanda
 
Information Storage and Retrieval Techniques Unit III
jeyamohan2519
 
LOW POWER CLASS AB SI POWER AMPLIFIER FOR WIRELESS MEDICAL SENSOR NETWORK
RandyClara
 
First part_B-Image Processing - 1 of 2).pdf
barabre
 
August 2025 - Top 10 Read Articles in Network Security & Its Applications
IJNSA Journal
 
UEFA_Embodied_Carbon_Emissions_Football_Infrastructure.pdf
tuchinad02
 
AUTOMOTIVE ENGINE MANAGEMENT (MECHATRONICS).pptx
joanaabban6
 
ASME PCC-02 TRAINING -DESKTOP-NLE5HNP.pptx
laxmikantvjawale
 
Software Engineering and software moduleing
deepikame6
 

Vejovis: Suggesting Fixes for JavaScript Faults

  • 1. Vejovis: Suggesting Fixes for JavaScript Faults Frolin S. Ocariza, Jr. Karthik Pattabiraman, Ali Mesbah University of British Columbia
  • 2. Problem and Motivation 2 JavaScript in web applications has plenty of reliability issues JS faults are not trivially Average of 4 JavaScript faults in production websites [ISSRE’11] JS faults lead to major functionality/fixed [ESEM’security 13] issues [ESEM’13]
  • 3. Problem and Motivation 3 JavaScript in web applications has plenty of reliability issues, these JavaScript faults matter and these JavaScript faults are non-trivial to fix
  • 4. Faults in JavaScript Code } Study of JS bug reports [ESEM’13] } Key Insight: Most (65%) mistakes programmers make in JS propagate to parameters of DOM API method calls } DOM API methods: getElementById, getElementsByTagName, jQuery’s $(), etc. } We also found that such faults are the most impactful, and take the longest to fix DOM-RELATED FAULTS 4
  • 5. DOM-Related Fault Example var x = “yes”;! var elem = document.getElementById(x);! 5 div div div id = “yes”
  • 6. DOM-Related Fault Example var x = “no”;! var elem = document.getElementById(x);! 6 div div div id = “yes” MISTAKE!
  • 7. DOM-Related Fault Example var x = “no”;! var elem = document.getElementById(x);! 7 div div div id = “yes” MISTAKE! ID parameter evaluates to “no”, which is not in the DOM
  • 8. Goal 8 Facilitate the process of fixing DOM-related faults
  • 9. Fault Model } Suggest repairs for DOM-related faults } Only one mistake made 9
  • 10. Common Developer Fixes } Study of 190 fixed bug reports from 12 web apps elem = getElementById(param) elem.innerHTML = “…” 10
  • 11. Common Developer Fixes } Study of 190 fixed bug reports from 12 web apps elem = getElementById(new_param) elem.innerHTML = “…” Ways Programmers Fix Faults 11 Modify the parameter • Parameter Modification
  • 12. Common Developer Fixes } Study of 190 fixed bug reports from 12 web apps elem = getElementById(param) if (elem) elem.innerHTML = “…” • Parameter Modification • DOM Element Validation 12 Check if null Ways Programmers Fix Faults
  • 13. Common Developer Fixes } Study of 190 fixed bug reports from 12 web apps elem = querySelector(param) elem.innerHTML = “…” Ways Programmers Fix Faults Modify the method • Parameter Modification • DOM Element Validation • Method Modification 13
  • 14. Common Developer Fixes } Study of 190 fixed bug reports from 12 web apps elem = getElementById(param) elem.innerHTML = “…” Ways Programmers Fix Faults • Parameter Modification • DOM Element Validation • Method Modification 14 27.2% 25.7% 24.6%
  • 15. Structure in DOM Method Parameters getElementById(“no”)! ???! 15 WRONG RIGHT Question: How do we know that we should replace “no” with “yes” Answer: We need to infer programmer intent - Very difficult to do in general, but… - We have the DOM! div div div id = “yes”
  • 16. Structure in DOM Method Parameters getElementById(“no”)! getElementById(“yes”)! 16 WRONG RIGHT Question: How do we know that we should replace “no” with “yes” Answer: We need to infer programmer intent - Very difficult to do in general, but… - We have the DOM! div div div id = “yes”
  • 17. CSS Selectors 17 div#sample > table tr.hello Tag name “tr” Class name “hello” Is descendant Tag name “div” Is child Tag name “table” ID “sample” Input to querySelector(), $(), etc. to retrieve list of elements
  • 18. Design 18 Direct DOM Access Data Collector (box a) Web Application URL Symptom Analyzer (box b) Treatment Suggester (box c) Supplementary Information Symptoms Data Possible Sicknesses List of Workaround Suggestions Figure 3: High-level block diagram of our design.
  • 19. Running Example 1 firstTag = “div”;! 2 prefix = “pain-”;! 3 suffix = “elem”;! 4 level1 = firstTag + “#” + prefix + suffix;! 5 level2 = “span.cls”;! 6 e = $(level1 + “ “ + level2);! 7 e[0].innerHTML = “new content”;! 19 Access DOM element using CSS selector
  • 20. Running Example 1 firstTag = “div”;! 2 prefix = “pain-”;! 3 suffix = “elem”;! 4 level1 = firstTag + “#” + prefix + suffix;! 5 level2 = “span.cls”;! 6 e = $(level1 + “ “ + level2);! 7 e[0].innerHTML = “new content”;! 20 Lines to set up the CSS selector passed to $()
  • 21. Running Example 1 firstTag = “div”;! 2 prefix = “pain-”;! 3 suffix = “elem”;! 4 level1 = firstTag + “#” + prefix + suffix;! 5 level2 = “span.cls”;! 6 e = $(level1 + “ “ + level2);! 7 e[0].innerHTML = “new content”;! 21 Constructed selector: div#pain-elem span.cls
  • 22. Running Example 1 firstTag = “div”;! 2 prefix = “pain-”;! 3 suffix = “elem”;! 4 level1 = firstTag + “#” + prefix + suffix;! 5 level2 = “span.cls”;! 6 e = $(level1 + “ “ + level2);! 7 e[0].innerHTML = “new content”;! 22 Constructed selector: div#pain-elem span.cls div Id = “main-elem” div Id = “wrapper” span class=“cls” span class=“cls”
  • 23. Running Example 1 firstTag = “div”;! 2 prefix = “pain-”;! 3 suffix = “elem”;! 4 level1 = firstTag + “#” + prefix + suffix;! 5 level2 = “span.cls”;! 6 e = $(level1 + “ “ + level2);! 7 e[0].innerHTML = “new content”;! 23 Constructed selector: div#pain-elem span.cls div Id = “main-elem” div Id = “wrapper” span class=“cls” span class=“cls” Would return empty set!
  • 24. Main Idea } Parameter Analysis: What portion of the parameter do we replace? } Context Analysis: How do we perform the replacement in the code? where a call to aDOMAPI meth-od added, removed, or modified in modification refers to changing originally called, not the param-eter getElementsByClassName, the is called instead). This cat-egory 24 fixes. significantly large portions of the Java- restructured to implement the 10.5% of the fixes. 12% of the fixes. the most prominent cate-gories DOM Element Validation, the fixes. Therefore, we fo-cus Although we do not consider repair approach, our algo-rithm class of errors, at the cost of 7). describe how programmers modify We discuss our findings for – Parameter Modification, Direct DOM Access Data Collector (box a) Web Application URL Symptom Analyzer (box b) Treatment Suggester (box c) Supplementary Information Symptoms Data Possible Sicknesses List of Workaround Suggestions Figure 3: High-level block diagram of our design. Summary of Findings. Our study shows that the most prominent fix categories are Parameter Modification and DOM Element Vali-dation. Our analysis also shows the prevalence of string value mod-ifications
  • 25. Parameter Analysis: Dividing Components 25 Method/Property Modification, where a call to aDOMAPI meth-od (or property) is either added, removed, or modified in the JavaScript code. Here, modification refers to changing the method (or property) originally called, not the param-eter (e.g., instead of calling getElementsByClassName, the method getElementsByTagName is called instead). This cat-egory makes up 24.6% of the fixes. Major Refactoring, where significantly large portions of the Java- Invalid selector: Script code div#are modified pain-and restructured to implement the fix. This category makes up 10.5% elem of the fixes. span.cls Other/Uncategorized, which make up 12% of the fixes. As seen in the above fix categories, the most prominent cate-gories are Parameter Modification and DOM Element Validation, which make up over half (52.9%) of the fixes. Therefore, we fo-cus on these categories in our work. Although we do not consider Divide into components Method/Property Modifications in our repair approach, our algo-rithm can be adapted to include this class of errors, at the cost of increasing its complexity (see Section 7). Application of Fixes. We next describe how programmers modify the JavaScript code to apply the fixes. We discuss our findings for the three most prominent fix categories – Parameter Modification, DOM Element Validation, and Method/Property Modification. Parameter Modification: We found that 67.3% of fixes belong-ing Direct DOM Access div | # | pain-elem | | span | . | cls to the Parameter Modification fix category involve the modifi-cation of string values. The vast majority (around 70%) of these string value modifications were direct modifications of string liter-als in the JavaScript code. However, we also found cases where the string value modification was applied by adding a call to string modification methods such as replace(). We also analyzed the DOM methods/properties whose parame-ters are affected by the modified values. For string value modifica-tions, the methods/properties involved in multiple bug report fixes are getElementById(), $() and jQuery(); together, fixes involv-ing these methods comprise 51.4% of all string value modifications. For non-string value modifications, fixes involved modification of the numerical values assigned to elements’ style properties, partic-ularly their alignment and scroll position. DOM Element Validation: 75.5% of fixes belonging to this cat-egory are applied by simply wrapping the code using the pertinent DOM element within an if statement that performs the necessary validation (so that the code only executes if the check passes). Data Collector (box a) Web Application URL Symptom Analyzer (box b) Treatment Suggester (box c) Supplementary Information Symptoms Data Possible Sicknesses List of Workaround Suggestions Figure 3: High-level block diagram of our design. Summary of Findings. Our study shows that the most fix categories are Parameter Modification and DOM Element Our analysis also shows the prevalence of string value and null/undefined checks when applying fixes. most parameter modifications are for values eventually in DOM methods that retrieve elements from the DOM, the $(), jQuery() and getElementById() methods. results motivate our fault model choice in Section 4 as well choice of possible sickness classes in Section 5.2. 4. FAULT MODEL In this work, we focus on DOM API methods that retrieve from the DOM using CSS selectors, IDs, tag names, names, as we found that these were the common sources made by programmers (Section 3). These DOM API include getElementById(), getElementsByTagName(), querySelector(), and querySelect-orAll(). We also support DOM API wrapper methods made by commonly used JavaScript libraries including those (e.g., $() and jQuery()); Prototype (e.g., $$() and tinyMCE (e.g., get()), among others. For simplicity, we to all these DOM API methods as the direct DOM access. We further focus on code-terminating DOM-related faults,
  • 26. Parameter Analysis: Dividing Components 26 Invalid selector: div#pain-elem span.cls Divide into components Direct DOM Access div | # | pain-elem | | span | . | cls tag has-id id has-descendant tag has-class class Method/Property Modification, where a call to aDOMAPI meth-od (or property) is either added, removed, or modified in the JavaScript code. Here, modification refers to changing the method (or property) originally called, not the param-eter (e.g., instead of calling getElementsByClassName, the method getElementsByTagName is called instead). This cat-egory makes up 24.6% of the fixes. Major Refactoring, where significantly large portions of the Java- Script code are modified and restructured to implement the fix. This category makes up 10.5% of the fixes. Other/Uncategorized, which make up 12% of the fixes. As seen in the above fix categories, the most prominent cate-gories are Parameter Modification and DOM Element Validation, which make up over half (52.9%) of the fixes. Therefore, we fo-cus on these categories in our work. Although we do not consider Method/Property Modifications in our repair approach, our algo-rithm can be adapted to include this class of errors, at the cost of increasing its complexity (see Section 7). Application of Fixes. We next describe how programmers modify the JavaScript code to apply the fixes. We discuss our findings for the three most prominent fix categories – Parameter Modification, DOM Element Validation, and Method/Property Modification. Parameter Modification: We found that 67.3% of fixes belong-ing to the Parameter Modification fix category involve the modifi-cation of string values. The vast majority (around 70%) of these string value modifications were direct modifications of string liter-als in the JavaScript code. However, we also found cases where the string value modification was applied by adding a call to string modification methods such as replace(). We also analyzed the DOM methods/properties whose parame-ters are affected by the modified values. For string value modifica-tions, the methods/properties involved in multiple bug report fixes are getElementById(), $() and jQuery(); together, fixes involv-ing these methods comprise 51.4% of all string value modifications. For non-string value modifications, fixes involved modification of the numerical values assigned to elements’ style properties, partic-ularly their alignment and scroll position. DOM Element Validation: 75.5% of fixes belonging to this cat-egory are applied by simply wrapping the code using the pertinent DOM element within an if statement that performs the necessary validation (so that the code only executes if the check passes). Data Collector (box a) Web Application URL Symptom Analyzer (box b) Treatment Suggester (box c) Supplementary Information Symptoms Data Possible Sicknesses List of Workaround Suggestions Figure 3: High-level block diagram of our design. Summary of Findings. Our study shows that the most fix categories are Parameter Modification and DOM Element Our analysis also shows the prevalence of string value and null/undefined checks when applying fixes. most parameter modifications are for values eventually in DOM methods that retrieve elements from the DOM, the $(), jQuery() and getElementById() methods. results motivate our fault model choice in Section 4 as well choice of possible sickness classes in Section 5.2. 4. FAULT MODEL In this work, we focus on DOM API methods that retrieve from the DOM using CSS selectors, IDs, tag names, names, as we found that these were the common sources made by programmers (Section 3). These DOM API include getElementById(), getElementsByTagName(), querySelector(), and querySelect-orAll(). We also support DOM API wrapper methods made by commonly used JavaScript libraries including those (e.g., $() and jQuery()); Prototype (e.g., $$() and tinyMCE (e.g., get()), among others. For simplicity, we to all these DOM API methods as the direct DOM access. We further focus on code-terminating DOM-related faults,
  • 27. Parameter Analysis: Dividing Components 27 Method/Property Modification, where a call to aDOMAPI meth-od (or property) is either added, removed, or modified in the JavaScript code. Here, modification refers to changing the method (or property) originally called, not the param-eter (e.g., instead of calling getElementsByClassName, the method getElementsByTagName is called instead). This cat-egory makes up 24.6% of the fixes. Major Refactoring, where significantly large portions of the Java- Invalid selector: Script code div#are modified pain-and restructured to implement the fix. This category makes up 10.5% elem of the fixes. span.cls Other/Uncategorized, which make up 12% of the fixes. As seen in the above fix categories, the most prominent cate-gories are Parameter Modification and DOM Element Validation, which make up over half (52.9%) of the fixes. Therefore, we fo-cus on these categories in our work. Although we do not consider Subdivide each Method/Property component Modifications in our repair approach, according our algo-rithm to dynamic backward can be adapted to slice include this class of errors, at the cost of increasing its complexity (see Section 7). Application of Fixes. We next describe how programmers modify the JavaScript code to apply the fixes. We discuss our findings for the three most prominent fix categories – Parameter Modification, DOM Element Validation, and Method/Property Modification. Parameter Modification: We found that 67.3% of fixes belong-ing Direct DOM Access div | # | pain- | elem | | span | . | cls to the Parameter Modification fix category involve the modifi-cation of string values. The vast majority (around 70%) of these string value modifications were direct modifications of string liter-als in the JavaScript code. However, we also found cases where the string value modification was applied by adding a call to string modification methods such as replace(). We also analyzed the DOM methods/properties whose parame-ters are affected by the modified values. For string value modifica-tions, the methods/properties involved in multiple bug report fixes are getElementById(), $() and jQuery(); together, fixes involv-ing these methods comprise 51.4% of all string value modifications. Line 2 Line 3 For non-string value modifications, fixes involved modification of the numerical values assigned to elements’ style properties, partic-ularly their alignment and scroll position. DOM Element Validation: 75.5% of fixes belonging to this cat-egory are applied by simply wrapping the code using the pertinent DOM element within an if statement that performs the necessary validation (so that the code only executes if the check passes). Data Collector (box a) Web Application URL Symptom Analyzer (box b) Treatment Suggester (box c) Supplementary Information Symptoms Data Possible Sicknesses List of Workaround Suggestions Figure 3: High-level block diagram of our design. Summary of Findings. Our study shows that the most fix categories are Parameter Modification and DOM Element Our analysis also shows the prevalence of string value and null/undefined checks when applying fixes. most parameter modifications are for values eventually in DOM methods that retrieve elements from the DOM, the $(), jQuery() and getElementById() methods. results motivate our fault model choice in Section 4 as well choice of possible sickness classes in Section 5.2. 4. FAULT MODEL In this work, we focus on DOM API methods that retrieve from the DOM using CSS selectors, IDs, tag names, names, as we found that these were the common sources made by programmers (Section 3). These DOM API include getElementById(), getElementsByTagName(), querySelector(), and querySelect-orAll(). We also support DOM API wrapper methods made by commonly used JavaScript libraries including those (e.g., $() and jQuery()); Prototype (e.g., $$() and tinyMCE (e.g., get()), among others. For simplicity, we to all these DOM API methods as the direct DOM access. We further focus on code-terminating DOM-related faults,
  • 28. Parameter Analysis: Dividing Components 1 firstTag = “div”;! 2 prefix = “pain-”;! 3 suffix = “elem”;! 4 level1 = firstTag + “#” + prefix + suffix;! 5 level2 = “span.cls”;! 6 e = $(level1 + “ “ + level2);! 7 e[0].innerHTML = “new content”;! 28 Backward slice of “pain-elem” Invalid selector: div#pain-elem span.cls div Id = “main-elem” div Id = “wrapper” span class=“cls” span class=“cls”
  • 29. Parameter Analysis: Dividing Components 29 Method/Property Modification, where a call to aDOMAPI meth-od (or property) is either added, removed, or modified in the JavaScript code. Here, modification refers to changing the method (or property) originally called, not the param-eter (e.g., instead of calling getElementsByClassName, the method getElementsByTagName is called instead). This cat-egory makes up 24.6% of the fixes. Major Refactoring, where significantly large portions of the Java- Invalid selector: Script code div#are modified pain-and restructured to implement the fix. This category makes up 10.5% elem of the fixes. span.cls Other/Uncategorized, which make up 12% of the fixes. As seen in the above fix categories, the most prominent cate-gories are Parameter Modification and DOM Element Validation, which make up over half (52.9%) of the fixes. Therefore, we fo-cus on these categories in our work. Although we do not consider Subdivide each Method/Property component Modifications in our repair approach, according our algo-rithm to dynamic backward can be adapted to slice include this class of errors, at the cost of increasing its complexity (see Section 7). Application of Fixes. We next describe how programmers modify the JavaScript code to apply the fixes. We discuss our findings for the three most prominent fix categories – Parameter Modification, DOM Element Validation, and Method/Property Modification. Parameter Modification: We found that 67.3% of fixes belong-ing Direct DOM Access div | # | pain- | elem | | span | . | cls to the Parameter Modification fix category involve the modifi-cation of string values. The vast majority (around 70%) of these string value modifications were direct modifications of string liter-als in the JavaScript code. However, we also found cases where the string value modification was applied by adding a call to string modification methods such as replace(). We also analyzed the DOM methods/properties whose parame-ters are affected by the modified values. For string value modifica-tions, the methods/properties involved in multiple bug report fixes are getElementById(), $() and jQuery(); together, fixes involv-ing these methods comprise 51.4% of all string value modifications. For non-string value modifications, fixes involved modification of the numerical values assigned to elements’ style properties, partic-ularly their alignment and scroll position. DOM Element Validation: 75.5% of fixes belonging to this cat-egory are applied by simply wrapping the code using the pertinent DOM element within an if statement that performs the necessary validation (so that the code only executes if the check passes). Data Collector (box a) Web Application URL Symptom Analyzer (box b) Treatment Suggester (box c) Supplementary Information Symptoms Data Possible Sicknesses List of Workaround Suggestions Figure 3: High-level block diagram of our design. Summary of Findings. Our study shows that the most fix categories are Parameter Modification and DOM Element Our analysis also shows the prevalence of string value and null/undefined checks when applying fixes. most parameter modifications are for values eventually in DOM methods that retrieve elements from the DOM, the $(), jQuery() and getElementById() methods. results motivate our fault model choice in Section 4 as well choice of possible sickness classes in Section 5.2. 4. FAULT MODEL In this work, we focus on DOM API methods that retrieve from the DOM using CSS selectors, IDs, tag names, names, as we found that these were the common sources made by programmers (Section 3). These DOM API include getElementById(), getElementsByTagName(), querySelector(), and querySelect-orAll(). We also support DOM API wrapper methods made by commonly used JavaScript libraries including those (e.g., $() and jQuery()); Prototype (e.g., $$() and tinyMCE (e.g., get()), among others. For simplicity, we to all these DOM API methods as the direct DOM access. We further focus on code-terminating DOM-related faults,
  • 30. Parameter Analysis: Finding Valid Selectors 30 Method/Property Modification, where a call to aDOMAPI meth-od (or property) is either added, removed, or modified in the JavaScript code. Here, modification refers to changing the method (or property) originally called, not the param-eter (e.g., instead of calling getElementsByClassName, the method getElementsByTagName is called instead). This cat-egory makes up 24.6% of the fixes. Major Refactoring, where significantly large portions of the Java- Invalid selector: Script code div#are modified pain-and restructured to implement the fix. This category makes up 10.5% elem of the fixes. span.cls Other/Uncategorized, which make up 12% of the fixes. As seen in the above fix categories, the most prominent cate-gories which make up over half (52.9%) of the fixes. Therefore, we fo-cus on these categories in our work. Although we do not consider div are Parameter Modification and DOM Element Validation, Method/Property Modifications in our repair approach, our algo-rithm Id = “main-elem” div Id = “wrapper” can be adapted to include this class of errors, at the cost of increasing its complexity (see Section 7). Application of Fixes. We next describe how programmers modify the JavaScript code to apply the fixes. We discuss our findings for the three most prominent fix categories – span Parameter Modification, DOM Element Validation, and Method/class=“Property Modification. Parameter Modification: We found that 67.3% cls” of fixes belong-ing to the Parameter Modification fix category involve the modifi-cation of string values. The vast majority (around 70%) of these span string value modifications were direct modifications of string liter-als in the JavaScript code. However, we also found cases where class=“cls” the string value modification was applied by adding a call to string modification methods such as replace(). We also analyzed the DOM methods/properties whose parame-ters Direct DOM Access Construct VALID selectors are affected by the modified values. For string value modifica-tions, the methods/properties from involved in current multiple bug report fixes DOM that are “sufficiently close” are getElementById(), $() and jQuery(); together, these to methods the comprise erroneous 51.4% of all string value one fixes involv-ing modifications. For non-string value modifications, fixes involved modification of the numerical values assigned to elements’ style properties, partic-ularly their alignment and scroll position. DOM Element Validation: 75.5% of fixes belonging to this cat-egory are applied by simply wrapping the code using the pertinent DOM element within an if statement that performs the necessary validation (so that the code only executes if the check passes). Data Collector (box a) Web Application URL Symptom Analyzer (box b) Treatment Suggester (box c) Supplementary Information Symptoms Data Possible Sicknesses List of Workaround Suggestions Figure 3: High-level block diagram of our design. Summary of Findings. Our study shows that the most fix categories are Parameter Modification and DOM Element Our analysis also shows the prevalence of string value and null/undefined checks when applying fixes. most parameter modifications are for values eventually in DOM methods that retrieve elements from the DOM, the $(), jQuery() and getElementById() methods. results motivate our fault model choice in Section 4 as well choice of possible sickness classes in Section 5.2. 4. FAULT MODEL In this work, we focus on DOM API methods that retrieve from the DOM using CSS selectors, IDs, tag names, names, as we found that these were the common sources made by programmers (Section 3). These DOM API include getElementById(), getElementsByTagName(), querySelector(), and querySelect-orAll(). We also support DOM API wrapper methods made by commonly used JavaScript libraries including those (e.g., $() and jQuery()); Prototype (e.g., $$() and tinyMCE (e.g., get()), among others. For simplicity, we to all these DOM API methods as the direct DOM access. We further focus on code-terminating DOM-related faults,
  • 31. Parameter Analysis: Finding Valid Selectors 31 Method/Property Modification, where a call to aDOMAPI meth-od (or property) is either added, removed, or modified in the JavaScript code. Here, modification refers to changing the method (or property) originally called, not the param-eter (e.g., instead of calling getElementsByClassName, the method getElementsByTagName is called instead). This cat-egory makes up 24.6% of the fixes. Major Refactoring, where significantly large portions of the Java- Invalid selector: Script code div#are modified pain-and restructured to implement the fix. This category makes up 10.5% elem of the fixes. span.cls Other/Uncategorized, which make up 12% of the fixes. As seen in the above fix categories, the most prominent cate-gories are Parameter Modification and DOM Element Validation, List of valid selectors: div#main-elem span.cls div#wrapper span.cls which make up over half (52.9%) of the fixes. Therefore, we fo-cus on these categories in our work. Although we do not consider div Method/Property Modifications in our repair approach, our algo-rithm Id = “main-elem” div Id = “wrapper” can be adapted to include this class of errors, at the cost of increasing its complexity (see Section 7). Application of Fixes. We next describe how programmers modify the JavaScript code to apply the fixes. We discuss our findings for the three most prominent fix categories – span Parameter Modification, DOM Element Validation, and Method/class=“Property Modification. Parameter Modification: We found that 67.3% cls” of fixes belong-ing to the Parameter Modification fix category involve the modifi-cation of string values. The vast majority (around 70%) of these span string value modifications were direct modifications of string liter-als in the JavaScript code. However, we also found cases where class=“cls” the string value modification was applied by adding a call to string modification methods such as replace(). We also analyzed the DOM methods/properties whose parame-ters Direct DOM Access Construct VALID selectors are affected by the modified values. For string value modifica-tions, the methods/properties from involved in current multiple bug report fixes DOM that are “sufficiently close” are getElementById(), $() and jQuery(); together, these to methods the comprise erroneous 51.4% of all string value one fixes involv-ing modifications. For non-string value modifications, fixes involved modification of the numerical values assigned to elements’ style properties, partic-ularly their alignment and scroll position. DOM Element Validation: 75.5% of fixes belonging to this cat-egory are applied by simply wrapping the code using the pertinent DOM element within an if statement that performs the necessary validation (so that the code only executes if the check passes). Data Collector (box a) Web Application URL Symptom Analyzer (box b) Treatment Suggester (box c) Supplementary Information Symptoms Data Possible Sicknesses List of Workaround Suggestions Figure 3: High-level block diagram of our design. Summary of Findings. Our study shows that the most fix categories are Parameter Modification and DOM Element Our analysis also shows the prevalence of string value and null/undefined checks when applying fixes. most parameter modifications are for values eventually in DOM methods that retrieve elements from the DOM, the $(), jQuery() and getElementById() methods. results motivate our fault model choice in Section 4 as well choice of possible sickness classes in Section 5.2. 4. FAULT MODEL In this work, we focus on DOM API methods that retrieve from the DOM using CSS selectors, IDs, tag names, names, as we found that these were the common sources made by programmers (Section 3). These DOM API include getElementById(), getElementsByTagName(), querySelector(), and querySelect-orAll(). We also support DOM API wrapper methods made by commonly used JavaScript libraries including those (e.g., $() and jQuery()); Prototype (e.g., $$() and tinyMCE (e.g., get()), among others. For simplicity, we to all these DOM API methods as the direct DOM access. We further focus on code-terminating DOM-related faults,
  • 32. Parameter Analysis: Inferring Possible Replacements [Example] 32 Invalid selector: div#pain-elem span.cls div | # | pain- | elem | | span | . | cls
  • 33. Parameter Analysis: Inferring Possible Replacements [Example] 33 Invalid selector: div#pain-elem span.cls div | # | pain- | elem | | span | . | cls Assumed incorrect
  • 34. Parameter Analysis: Inferring Possible Replacements [Example] 34 Invalid selector: div#pain-elem span.cls div | # | | elem | | span | . | cls Use as pattern List of valid selectors: div#main-elem span.cls div#wrapper span.cls
  • 35. Parameter Analysis: Inferring Possible Replacements [Example] 35 Invalid selector: div#pain-elem span.cls div | # | | elem | | span | . | cls List of valid selectors: div#main-elem span.cls – MATCHES PATTERN! div#wrapper span.cls
  • 36. Method/Property Modification, where a call to aDOMAPI meth-od Context Analysis (or property) is either added, removed, or modified in the JavaScript code. Here, modification refers to changing the method (or property) originally called, not the param-eter (e.g., instead of calling getElementsByClassName, the method getElementsByTagName is called instead). This cat-egory makes up 24.6% of the fixes. Direct DOM Access 1 firstTag = “div”;! 2 prefix = “pain-”;! 3 suffix = “elem”;! 4 level1 = firstTag + “#” + prefix + suffix;! 5 level2 = “span.cls”;! 6 e = $(level1 + “ “ + level2);! 7 e[0].innerHTML = “new content”;! 36 Major Refactoring, where significantly large portions of the Java- Script code are modified and restructured to implement the fix. This category makes up 10.5% of the fixes. Other/Uncategorized, which make up 12% of the fixes. As seen in the above fix categories, the most prominent cate-gories are Parameter Modification and DOM Element Validation, which make up over half (52.9%) of the fixes. Therefore, we fo-cus on these categories in our work. Although we do not consider Method/Property Modifications in our repair approach, our algo-rithm can be adapted to include this class of errors, at the cost of increasing its complexity (see Section 7). Application of Fixes. We next describe how programmers modify the JavaScript code to apply the fixes. We discuss our findings for the three most prominent fix categories – Parameter Modification, DOM Element Validation, and Method/Property Modification. Parameter Modification: We found that 67.3% of fixes belong-ing to the Parameter Modification fix category involve the modifi-cation of string values. The vast majority (around 70%) of these string value modifications were direct modifications of string liter-als in the JavaScript code. However, we also found cases where Invalid selector: div#the string value modification was applied by adding a call to string modification pain-methods such elem as replace(). span.cls We also analyzed the DOM methods/properties whose parame-ters Replacement selector: are affected by the div#modified values. For string value modifica-tions, the methods/properties involved main-in multiple bug report elem fixes span.cls are getElementById(), $() and jQuery(); together, fixes involv-ing these methods comprise 51.4% of all string value modifications. For non-string value modifications, fixes involved modification of the numerical values assigned to elements’ style properties, partic-ularly their alignment and scroll position. DOM Element Validation: 75.5% of fixes belonging to this cat-egory are applied by simply wrapping the code using the pertinent DOM element within an if statement that performs the necessary validation (so that the code only executes if the check passes). Other modifications include (1) adding a check before the DOM element is used so that the method returns if the check fails; (2) adding a check before the DOM element is used such that the value of the DOM element or its property is updated if the check fails; (3) encapsulating the code using the DOM element in an if-else statement so that a backup value can be used in case the check fails; and finally (4) encapsulating the code in a try-catch state-ment. The most prevalent checks are null/undefined checks, i.e., the code has been modified to check if the DOM element is null or Data Collector (box a) Web Application URL Symptom Analyzer (box b) Treatment Suggester (box c) Supplementary Information Symptoms Data Possible Sicknesses List of Workaround Suggestions Figure 3: High-level block diagram of our design. Summary of Findings. Our study shows that the most prominent fix categories are Parameter Modification and DOM Element Our analysis also shows the prevalence of string value and null/undefined checks when applying fixes. most parameter modifications are for values eventually in DOM methods that retrieve elements from the DOM, particu-larly the $(), jQuery() and getElementById() methods. results motivate our fault model choice in Section 4 as well as choice of possible sickness classes in Section 5.2. 4. FAULT MODEL In this work, we focus on DOM API methods that retrieve from the DOM using CSS selectors, IDs, tag names, or names, as we found that these were the common sources of made by programmers (Section 3). These DOM API methods include getElementById(), getElementsByTagName(), getEl-ementsByClassName(), querySelector(), and querySelect-orAll(). We also support DOM API wrapper methods made by commonly used JavaScript libraries including those in (e.g., $() and jQuery()); Prototype (e.g., $$() and $()); tinyMCE (e.g., get()), among others. For simplicity, we will to all these DOM API methods as the direct DOM access. We further focus on code-terminating DOM-related faults, means theDOMAPI method returns null, undefined, or an set of elements, eventually leading to a null or an undefined excep-tion (thereby terminating JavaScript execution). However, our can also be extended to apply to output-related DOM-related faults, i.e., those that lead to incorrect output manifested on DOM. Such faults would require the programmer to manually the directDOMaccess. In contrast, with code-terminating faults, the direct DOM access can be determined automat-ically using the AUTOFLOX tool proposed in our prior work
  • 37. Method/Property Modification, where a call to aDOMAPI meth-od Context Analysis (or property) is either added, removed, or modified in the JavaScript code. Here, modification refers to changing the method (or property) originally called, not the param-eter (e.g., instead of calling getElementsByClassName, the method getElementsByTagName is called instead). This cat-egory makes up 24.6% of the fixes. Direct DOM Access 1 firstTag = “div”;! 2 prefix = “main-”;! 3 suffix = “elem”;! 4 level1 = firstTag + “#” + prefix + suffix;! 5 level2 = “span.cls”;! 6 e = $(level1 + “ “ + level2);! 7 e[0].innerHTML = “new content”;! 37 Major Refactoring, where significantly large portions of the Java- Script code are modified and restructured to implement the fix. This category makes up 10.5% of the fixes. String literal replaced Other/Uncategorized, which make up 12% of the fixes. As seen in the above fix categories, the most prominent cate-gories are Parameter Modification and DOM Element Validation, which make up over half (52.9%) of the fixes. Therefore, we fo-cus on these categories in our work. Although we do not consider Method/Property Modifications in our repair approach, our algo-rithm can be adapted to include this class of errors, at the cost of increasing its complexity (see Section 7). Application of Fixes. We next describe how programmers modify the JavaScript code to apply the fixes. We discuss our findings for the three most prominent fix categories – Parameter Modification, DOM Element Validation, and Method/Property Modification. Parameter Modification: We found that 67.3% of fixes belong-ing to the Parameter Modification fix category involve the modifi-cation of string values. The vast majority (around 70%) of these string value modifications were direct modifications of string liter-als in the JavaScript code. However, we also found cases where Invalid selector: div#pain-elem span.cls the string value modification was applied by adding a call to string modification methods such as replace(). We also analyzed the DOM methods/properties whose parame-ters are affected by the modified values. For string value modifica-tions, the methods/properties involved in multiple bug report fixes Replacement selector: div#main-elem span.cls are getElementById(), $() and jQuery(); together, fixes involv-ing these methods comprise 51.4% of all string value modifications. For non-string value modifications, fixes involved modification of the numerical values assigned to elements’ style properties, partic-ularly their alignment and scroll position. DOM Element Validation: 75.5% of fixes belonging to this cat-egory are applied by simply wrapping the code using the pertinent DOM element within an if statement that performs the necessary validation (so that the code only executes if the check passes). Other modifications include (1) adding a check before the DOM element is used so that the method returns if the check fails; (2) adding a check before the DOM element is used such that the value of the DOM element or its property is updated if the check fails; (3) encapsulating the code using the DOM element in an if-else statement so that a backup value can be used in case the check fails; and finally (4) encapsulating the code in a try-catch state-ment. The most prevalent checks are null/undefined checks, i.e., the code has been modified to check if the DOM element is null or Data Collector (box a) Web Application URL Symptom Analyzer (box b) Treatment Suggester (box c) Supplementary Information Symptoms Data Possible Sicknesses List of Workaround Suggestions Figure 3: High-level block diagram of our design. Summary of Findings. Our study shows that the most prominent fix categories are Parameter Modification and DOM Element Our analysis also shows the prevalence of string value and null/undefined checks when applying fixes. most parameter modifications are for values eventually in DOM methods that retrieve elements from the DOM, particu-larly the $(), jQuery() and getElementById() methods. results motivate our fault model choice in Section 4 as well as choice of possible sickness classes in Section 5.2. 4. FAULT MODEL In this work, we focus on DOM API methods that retrieve from the DOM using CSS selectors, IDs, tag names, or names, as we found that these were the common sources of made by programmers (Section 3). These DOM API methods include getElementById(), getElementsByTagName(), getEl-ementsByClassName(), querySelector(), and querySelect-orAll(). We also support DOM API wrapper methods made by commonly used JavaScript libraries including those in (e.g., $() and jQuery()); Prototype (e.g., $$() and $()); tinyMCE (e.g., get()), among others. For simplicity, we will to all these DOM API methods as the direct DOM access. We further focus on code-terminating DOM-related faults, means theDOMAPI method returns null, undefined, or an set of elements, eventually leading to a null or an undefined excep-tion (thereby terminating JavaScript execution). However, our can also be extended to apply to output-related DOM-related faults, i.e., those that lead to incorrect output manifested on DOM. Such faults would require the programmer to manually the directDOMaccess. In contrast, with code-terminating faults, the direct DOM access can be determined automat-ically using the AUTOFLOX tool proposed in our prior work
  • 38. Method/Property Modification, where a call to aDOMAPI meth-od Context Analysis (or property) is either added, removed, or modified in the JavaScript code. Here, modification refers to changing the method (or property) originally called, not the param-eter (e.g., instead of calling getElementsByClassName, the method getElementsByTagName is called instead). This cat-egory makes up 24.6% of the fixes. Direct DOM Access 1 firstTag = “div”;! 2 prefix = “main-”;! 3 suffix = “elem”;! 4 level1 = firstTag + “#” + prefix + suffix;! 5 level2 = “span.cls”;! 6 e = $(level1 + “ “ + level2);! 7 e[0].innerHTML = “new content”;! 38 Major Refactoring, where significantly large portions of the Java- Script code are modified and restructured to implement the fix. This category makes up 10.5% of the fixes. String literal replaced Other/Uncategorized, which make up 12% of the fixes. As seen in the above fix categories, the most prominent cate-gories are Parameter Modification and DOM Element Validation, which make up over half (52.9%) of the fixes. Therefore, we fo-cus on these categories in our work. Although we do not consider Method/Property Modifications in our repair approach, our algo-rithm can be adapted to include this class of errors, at the cost of increasing its complexity (see Section 7). Application of Fixes. We next describe how programmers modify the JavaScript code to apply the fixes. We discuss our findings for the three most prominent fix categories – Parameter Modification, DOM Element Validation, and Method/Property Modification. Parameter Modification: We found that 67.3% of fixes belong-ing to the Parameter Modification fix category involve the modifi-cation of string values. The vast majority (around 70%) of these string value modifications were direct modifications of string liter-als in the JavaScript code. However, we also found cases where Invalid selector: div#pain-elem span.cls the string value modification was applied by adding a call to string modification methods such as replace(). We also analyzed the DOM methods/properties whose parame-ters are affected by the modified values. For string value modifica-tions, the methods/properties involved in multiple bug report fixes Replacement selector: div#main-elem span.cls are getElementById(), $() and jQuery(); together, fixes involv-ing these methods comprise 51.4% of all string value modifications. For non-string value modifications, fixes involved modification of the numerical values assigned to elements’ style properties, partic-ularly Message: their alignment and scroll position. DOM Element Validation: 75.5% of fixes belonging to this cat-egory REPLACE STRING LITERAL are applied by simply “wrapping pain-” the code using the in pertinent line 2 with string literal “main-” DOM element within an if statement that performs the necessary validation (so that the code only executes if the check passes). Other modifications include (1) adding a check before the DOM element is used so that the method returns if the check fails; (2) adding a check before the DOM element is used such that the value of the DOM element or its property is updated if the check fails; (3) encapsulating the code using the DOM element in an if-else statement so that a backup value can be used in case the check fails; and finally (4) encapsulating the code in a try-catch state-ment. The most prevalent checks are null/undefined checks, i.e., the code has been modified to check if the DOM element is null or Data Collector (box a) Web Application URL Symptom Analyzer (box b) Treatment Suggester (box c) Supplementary Information Symptoms Data Possible Sicknesses List of Workaround Suggestions Figure 3: High-level block diagram of our design. Summary of Findings. Our study shows that the most prominent fix categories are Parameter Modification and DOM Element Our analysis also shows the prevalence of string value and null/undefined checks when applying fixes. most parameter modifications are for values eventually in DOM methods that retrieve elements from the DOM, particu-larly the $(), jQuery() and getElementById() methods. results motivate our fault model choice in Section 4 as well as choice of possible sickness classes in Section 5.2. 4. FAULT MODEL In this work, we focus on DOM API methods that retrieve from the DOM using CSS selectors, IDs, tag names, or names, as we found that these were the common sources of made by programmers (Section 3). These DOM API methods include getElementById(), getElementsByTagName(), getEl-ementsByClassName(), querySelector(), and querySelect-orAll(). We also support DOM API wrapper methods made by commonly used JavaScript libraries including those in (e.g., $() and jQuery()); Prototype (e.g., $$() and $()); tinyMCE (e.g., get()), among others. For simplicity, we will to all these DOM API methods as the direct DOM access. We further focus on code-terminating DOM-related faults, means theDOMAPI method returns null, undefined, or an set of elements, eventually leading to a null or an undefined excep-tion (thereby terminating JavaScript execution). However, our can also be extended to apply to output-related DOM-related faults, i.e., those that lead to incorrect output manifested on DOM. Such faults would require the programmer to manually the directDOMaccess. In contrast, with code-terminating faults, the direct DOM access can be determined automat-ically using the AUTOFLOX tool proposed in our prior work
  • 39. Context Analysis: Non-”Replace” Messages } Loops – “replace” may be unsafe } String value doesn’t originate from string literal } Analyze the context! 39 MESSAGE TYPES REPLACE REPLACE AT ITERATION OFF BY ONE AT BEGINNING OFF BY ONE AT END MODIFY UPPER BOUND EXCLUDE ITERATION ENSURE
  • 40. Implementation } Vejovis http://ece.ubc.ca/~frolino/projects/vejovis } Data collection: Rhino and Crawljax } Pattern matching: Hampi 40
  • 41. Usage Model 41 VEJOVIS INPUTS OUTPUT URL AUTOFLOX DOM METHOD LOCATION LIST OF ACTIONABLE REPAIR MESSAGES
  • 42. Evaluation: Research Questions RQ1: What is the accuracy of Vejovis in suggesting a correct repair? RQ2: How quickly can Vejovis determine possible replacements? What is its performance overhead? 42
  • 43. RQ1: Accuracy of Vejovis Subjects JS Code Size (KB) Drupal 213 Ember.js 745 Joomla 434 jQuery 94 Moodle 352 MooTools 101 Prototype 164 Roundcube 729 TYPO3 2252 WikiMedia 160 WordPress 197 43 • 22 bug reports (2 per app, and randomly chosen) • Replicated bug and ran with Vejovis • Recall and Precision RECALL: 100% if correct fix appears; 0% otherwise PRECISION: Measure of extraneous suggestions
  • 44. RQ1: Recall Subject Bug Report #1 Bug Report #2 Drupal ✔ ✔ Ember.js ✔ ✔ Joomla ✔ ✔ jQuery ✔ ✗ Moodle ✔ ✔ MooTools ✔ ✔ Prototype ✔ ✔ Roundcube ✔ ✗ TYPO3 ✔ ✔ WikiMedia ✔ ✔ WordPress ✔ ✔ 44 Overall Recall: 91%
  • 45. RQ1: Precision Subject Bug Report #1 Bug Report #2 Drupal 3% 25% Ember.js 50% 33% Joomla 1% 1% jQuery 1% 0% Moodle 3% 3% MooTools 50% 50% Prototype 17% 50% Roundcube 1% 0% TYPO3 1% 100% WikiMedia 4% 1% WordPress 3% 1% 45 Avg. Precision: 2% 49 suggestions per bug on average! Improvements 1. Edit distance bound 2. Ranked suggestions
  • 46. Alternative: Ranking Subject Bug Report 46 #1 Bug Report #2 Drupal 31 / 40 1 / 4 Ember.js 1 / 2 1 / 3 Joomla 1 / 88 1 / 88 jQuery 2 / 108 - Moodle 2 / 37 1 / 37 MooTools 2 / 2 1 / 2 Prototype 1 / 6 1 / 2 Roundcube 4 / 79 - TYPO3 1 / 187 1 / 1 WikiMedia 6 / 24 1 / 71 WordPress 13 / 30 1 / 170 #1 Ranking in 13 out of 20 bugs Conservative ranking Ranking seems to be beneficial
  • 47. RQ2: Performance } Takes average of 44 seconds to find correct fix } Worst case: 91.1 seconds (Joomla) 47
  • 48. Threats to Validity } External: Evaluated on 11 web apps } Internal: Took bugs from earlier empirical study 48
  • 49. Conclusion } Vejovis: replacement suggestor for DOM-related faults } Project Link: http://ece.ubc.ca/~frolino/projects/vejovis } Evaluated on 22 real-world bugs } Good recall – 91% } Correct fix ranked #1 in 13/20 cases } Average 44 s to complete 49