隨著科技的演進，工程師和使用者不斷地嘗試在速度和效率上尋求突
破，為了達到這一個目的並行 (Concurrency) 這一個概念應運而生，但是也
因此造成了很多致命的問題，並因此危害到許多系統的執行，在這些問題中
就有一個是競爭條件 (Race Condition)。
在現今，人們會透過網路去取得各式各樣的資訊、購物、玩遊戲、交易
等，為了應付人們大量的請求與需求，讓網路程式支援並行這一功能勢在必
行，但是在享受並行所帶來的好處同時，也需要正視潛在的危害，這也正是
本篇論文希望探討並解決的。
儘管競爭問題一直被不斷地討論，並且提出一個又一個地有效並且準
確的方法，但是科技的進化與程式語言的迭代，而在 JavaScript 這一個單
執行緒 (Single-Threaded) 程式語言中，也出現了本不該存在的競爭問題，
但是作為目前被廣泛使用的客戶端語言，這無疑使得這一個問題無比重要。
在研究這項問題時，根據競爭條件 (Race Condition) 的特性，我們選用
了 Call Graph、抽象語法樹 (Abstract Syntax Tree) 以及靜態分析的技術，在
這些技術的幫助下我們有效並且輕鬆的找出潛在的競爭條件。
在以下的文章中，我們會詳細的說明並且解釋，我們選用這些技術的方
法和原因。

With the evolution of technology, engineers and users are constantly trying
to seek breakthroughs in speed and efficiency. In order to achieve this goal, the
concept of Concurrency is brought out, but this concept also causes many fatal
problems, one of these problems is the race condition.
Nowadays, people use the Internet to obtain all kinds of information, shop,
play games, trade, etc. In order to handle lots of requests from systems and needs
of people, it is imperative for the web application to support the concurrent mech-
anism, but when we enjoy the benefit from concurrency, it is also necessary to
face up to the potential risk, which is exactly what this paper hopes to explore and
solve.
Although the race condition has been constantly discussed, and effective and
accurate solutions have been proposed one after another, this problem still occur
in JavaScript applications. Technology continuously evolves, and so do program-
ming languages, JavaScript, a single-threaded programming language, there are
also problems that should not exist. However, as the most commonly used client-
side language, this undoubtedly makes this issue extremely important.
In our research, we adopt techniques such as Call Graph, Abstract Syntax
Tree (AST), and static analysis to study and address race conditions. Leveraging
these techniques, we can effectively and easily identify potential race conditions.
In this paper, we will provide a detailed explanation of why we chose these
techniques and the methods we employed. We will explore the characteristics of
race conditions and demonstrate how Call Graph, Abstract Syntax Tree, and static
analysis help us identify potential race conditions.

[1] E Mutlu, S Tasiran, B Livshits. “Detecting JavaScript Races that Matter”, in
Proc. ESEC/FSE, 2015
[2] M Madsen, F Tip, O Lhoták. “Static Analysis of Event-Driven Node.js Ja-
vaScript Ap-plications”, in Proc. ACM SIGPLAN Conference on Object-Ori-
ented Programming, Systems, Languages, and Applications (OOPSLA),
2015
[3] S Alimadadi, A Mesbah, K Pattabiraman. “Understanding Asynchronous In-
teractions in Full-Stack JavaScript”, in Proc. of 38th International Conference
on Software Engi-neering (ICSE), 2016
[4] S Park, W Xu, I Yun, D Jang. “Fuzzing JavaScript Engines with Aspect-pre-
serving Mutation”, in 2020 IEEE Symposium on Security and Privacy (SP),
2020
[5] C Flanagan, SN Freund. “Detecting Race Conditions in Large Programs”, in
Proceed-ings of the ACM SIGPLAN-SIGSOFT Workshop on Program Anal-
ysis for Software Tools and Engineering (PASTE’01), pages 90–96, 2001
[6] C Flanagan, SN Freund. “FastTrack: Efficient and Precise Dynamic Race De-
tection” Community ACM, Vol. 53, Issue 11, 2010
[7] J. Ide, R. Bodik, and D. Kimelman. “Concurrency Concerns in Rich Internet
Applica-tions”, In ECEC, 2009
[8] S Hong, Y Park, M Kim. “Detecting Concurrency Errors in Client-side Ja-
vaScript Web Applications” in Proc. of IEEE 7th International Conference on
Software Testing, Veri-fication and Validation, 2014
52[9] R. H. B. Netzer and B. P. Miller, “What are race conditions?: Some issues and
formalizations”, ACM Lett. Program. Languages Syst., vol. 1, no. 1, pages
74–88, 1992.
[10] D. Engler and K. Ashcraft, “RacerX: Effective, static detection of race condi-
tions and deadlocks”, in Proc. ACM Symp. Operating Syst. Principles, Bolton
Landing, NY, USA, pages 237–252, 2003.
[11] Y. Yu, T. Rodeheffer, and W. Chen. “Racetrack: Efficient detection of data
race conditions via adaptive tracking", In SOSP, 2005.
[12] Usage statistics of JavaScript as client-side programming language on web-
sites (https://w3techs.com/technologies/details/cp-javascript)
[13] How Many Websites Are There? – The Growth of The Web (1990–2022)
(https://firstsiteguide.com/how-many-websites/)
[14] NodeJS & Event Loop: Not So Single-Threaded (https://blog.bitsrc.io/node-
js-event-loop-and-multi-threading-e42e5fd16a77)
[15] K. Sen, “Race directed random testing of concurrent programs”, in Proc.
ACM Conf. Program. Language Design Implementation, pages 11–21, 2008
[16] Stefan Savage, Michael Burrows, Greg Nelson, Patrick Sobalvarro, and
Thomas Anderson. 1997. “Eraser: A dynamic data race detector for multi-
threaded programs”. ACM Transactions on Computer Systems (TOCS), Vol-
ume 15, Issue 4, pages 391–411, 1997.
[17] Polyvios Pratikakis, Jeffrey S. Foster, and Michael Hicks, “LOCKSMITH:
Practical static race detection for C”, ACM Transactions on Programming
Languages and Systems, Volume 33, Issue 1, pages 1-55, 2011
[18] Mayur Naik, Alex Aiken, John Whaley, “Effective static race detection for
Java”, In Proceedings of the 27th ACM SIGPLAN Conference on
53Programming Language Design and Implementation (Ottawa, Ontario, Can-
ada) (PLDI ’06). ACM, New York, NY, USA, 308–319, 2006.
[19] Cormac Flanagan, Stephen N. Freund, “Type-Based Race Detection for Java”,
In ACM SIGPLAN Conference on Programming Language Design and Im-
plementation (PLDI’00). ACM SIGPLAN Notices Volume 35, Issue 5, pages
219–232, 2000.
[20] JAVASCRIPT (https://www.w3.org/standards/webdesign/script)
[21] Atomics
(https://developer.mozilla.org/en-US/docs/Web/JavaScript/Refer-
ence/Global_Objects/Atomics)