面向JavaScript引擎报错机制的类别导向模糊测试方法  被引量：1

作　　者：卢凌 周志德 任志磊[1,2] 江贺 LU Ling;ZHOU Zhide;REN Zhilei;JIANG He(School of Software Engineering,Dalian University of Technology,Dalian,Liaoning 116620,China;Key Laboratory of Safety-Critical Software Ministry of Industry and Information Technology,Nanjing University of Aeronautics and Astronautics,Nanjing 210016,China)

机构地区：[1]大连理工大学软件学院,辽宁大连116620 [2]南京航空航天大学高安全系统的软件开发与验证技术工业和信息化部重点实验室,南京210016

出　　处：《计算机科学》2023年第12期49-57,共9页Computer Science

摘　　要：报错机制是JavaScript引擎必不可少的一部分。面对错误的程序,JavaScript引擎报错机制应输出合理的错误信息,指出错误的原因和位置,帮助开发人员修复错误。然而,JavaScript引擎报错机制中存在会阻碍开发人员修复错误的缺陷。文中提出了首个面向JavaScript引擎报错机制的类别导向模糊测试方法CAFJER。给定一个种子程序,CAFJER首先为其选择一个目标类别的错误信息,并进行动态分析得到其上下文信息。其次,CAFJER根据种子程序的上下文信息生成能触发目标类别错误信息的测试用例。然后,CAFJER将生成的测试用例输入不同JavaScript引擎中进行差分测试。若输出的错误信息间有所差异,则说明其中可能存在缺陷。最后,CAFJER自动过滤重复的和无效的测试用例,有效减少了人工的参与。为了验证CAFJER的有效性,将CAFJER与目前先进的相似方法JEST和DIPROM进行比较,实验结果表明,CAFJER在JavaScript引擎报错机制中发现的独特缺陷数分别是JEST和DIPROM的2.17倍和26倍。在为期3个月的实验中,CAFJER还向开发者提交了17个缺陷报告,其中7个已被确认。Error reporting mechanism is an indispensable part of JavaScript engines.For programs with errors,the error reporting mechanism of JavaScript engines should output reasonable error message,point out location and cause of the error,help develo-pers to repair the program.However,there are defects in the JavaScript engine error reporting mechanism that will preventdeve-lopers from repairing errors.In this paper,the first category directed fuzzy testing method for JavaScript engine error reporting mechanism called CAFJER is proposed.For a given seed program,CAFJER first selects an error message of the target category for it and dynamically analyzes it to obtain its context information.Secondly,CAFJER generates test cases that can trigger target category error information according to the context information of the seed program.Thirdly,CAFJER inputs the generated test cases into different JavaScript engines for differential testing.If there are differences between error messages thrown by Java-Script engines,it indicates that there may be a defect.Finally,CAFJER automatically filters repeated and invalid test cases,effectively reducing manual participation.In order to verify the effectiveness of CAFJER,it is compared with the current advanced similar methods JEST and DIPROM.Experimental results show that the unique defects found by CAFJER in the JavaScript engine error reporting mechanism is 2.17 times and 26.00 times that of JEST and DIPROM respectively.During the three-month experiment,CAFJER also submitted 17 defect reports to developers and 7 of which have been confirmed.

关 键 词：JAVASCRIPT 报错机制 错误信息 差分测试 程序变异 

分 类 号：TP311[自动化与计算机技术—计算机软件与理论]