Leveraging diversity to find bugs in JavaScript engines
| Ano de defesa: | 2020 |
|---|---|
| Autor(a) principal: | |
| Orientador(a): | |
| Banca de defesa: | |
| Tipo de documento: | Dissertação |
| Tipo de acesso: | Acesso aberto |
| Idioma: | eng |
| Instituição de defesa: |
Universidade Federal de Pernambuco
UFPE Brasil Programa de Pos Graduacao em Ciencia da Computacao |
| Programa de Pós-Graduação: |
Não Informado pela instituição
|
| Departamento: |
Não Informado pela instituição
|
| País: |
Não Informado pela instituição
|
| Palavras-chave em Português: | |
| Link de acesso: | https://repositorio.ufpe.br/handle/123456789/38478 |
Resumo: | JavaScript is a very popular programming language today with several implementations competing for market dominance. Although a specification document and a conformance test suite exist to guide engine development, bugs occur and have important practical consequences. This work evaluates the importance of different techniques to find functional bugs in JavaScript engines. For that, we explored two existing techniques—test transplantation and cross-engine differential testing. The first technique runs test suites of a given engine in another engine. The second technique fuzzes existing inputs and then compares the output produced by different engines with a differential oracle. We considered engines from four major players in our experiments–V8, SpiderMonkey, ChakraCore, and JavaScriptCore. We present a tool capable of running tests on any javascript engine and obtaining reports based on the test output. It was possible to run the four engines in a test suite extracted from open-source projects, using the two techniques mentioned and we analyzed the behavior of each engine, classifying the output as a bug or not. The results indicate that both techniques revealed several bugs, many of which confirmed by developers. Overall, we reported 50 bugs in this study. Of which, 36 were confirmed by developers and 29 were fixed. To sum, our results show that the techniques are easy to apply and very effective in finding bugs in complex software, such as JavaScript engines. |
| id |
UFPE_2f1d3fb39fe3ab58cdbe7c318f5bc601 |
|---|---|
| oai_identifier_str |
oai:repositorio.ufpe.br:123456789/38478 |
| network_acronym_str |
UFPE |
| network_name_str |
Repositório Institucional da UFPE |
| repository_id_str |
|
| spelling |
Leveraging diversity to find bugs in JavaScript enginesEngenharia de softwareJavaScriptJavaScript is a very popular programming language today with several implementations competing for market dominance. Although a specification document and a conformance test suite exist to guide engine development, bugs occur and have important practical consequences. This work evaluates the importance of different techniques to find functional bugs in JavaScript engines. For that, we explored two existing techniques—test transplantation and cross-engine differential testing. The first technique runs test suites of a given engine in another engine. The second technique fuzzes existing inputs and then compares the output produced by different engines with a differential oracle. We considered engines from four major players in our experiments–V8, SpiderMonkey, ChakraCore, and JavaScriptCore. We present a tool capable of running tests on any javascript engine and obtaining reports based on the test output. It was possible to run the four engines in a test suite extracted from open-source projects, using the two techniques mentioned and we analyzed the behavior of each engine, classifying the output as a bug or not. The results indicate that both techniques revealed several bugs, many of which confirmed by developers. Overall, we reported 50 bugs in this study. Of which, 36 were confirmed by developers and 29 were fixed. To sum, our results show that the techniques are easy to apply and very effective in finding bugs in complex software, such as JavaScript engines.CAPESFACEPEAtualmente, o JavaScript é uma linguagem de programação muito popular, com várias implementações competindo pelo domínio do mercado. Embora exista um documento de especificação e um conjunto de testes de conformidade para orientar o desenvolvimento do motor (do inglês, engine), bugs ocorrem e têm importantes consequências práticas. Este trabalho avalia a importância do uso de diferentes técnicas para encontrar erros funcionais nos motores JavaScript. Para isso, exploramos duas técnicas de testes existentes - teste de transplante e teste diferencial entre motores. A primeira técnica executa suítes de teste de um determinado mecanismo em outro mecanismo. A segunda técnica aplica fuzzing nas entradas de teste e depois compara o resultado produzido em diferentes motores através de um oráculo diferencial. Consideramos os quatro principais motores da atualidade em nossos experimentos - V8, SpiderMonkey, ChakraCore e JavaScriptCore. Apresentamos uma ferramenta capaz de executar testes em qualquer motor javascript e obter relatórios baseado na saída dos testes. Com esta ferramenta, foi possível executar os quatro motores em uma suíte de testes extraídos de projetos open-source, utilizando as duas técnicas citadas e analisamos o comportamento de cada motor, classificando a saída como um bug ou não. Os resultados indicam que ambas as técnicas revelaram vários bugs, muitos dos quais já foram confirmados pelos desenvolvedores. No geral, relatamos 50 bugs neste estudo. Dos quais, 36 foram confirmados pelos desenvolvedores e 29 foram corrigidos. Em resumo, nossos resultados mostram que as técnicas são fáceis de aplicar e são muito eficazes para encontrar bugs em softwares complexos, como motores JavaScript.Universidade Federal de PernambucoUFPEBrasilPrograma de Pos Graduacao em Ciencia da Computacaod'AMORIM, Marcelo Bezerrahttp://lattes.cnpq.br/2282992454648401http://lattes.cnpq.br/3762670242328435LIMA, Igor Simões de Oliveira2020-11-03T20:15:09Z2020-11-03T20:15:09Z2020-01-17info:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/masterThesisapplication/pdfLIMA, Igor Simões de Oliveira. Leveraging diversity to find bugs in JavaScript engines. 2020. Dissertação (Mestrado em Ciência da Computação) – Universidade Federal de Pernambuco, Recife, 2020.https://repositorio.ufpe.br/handle/123456789/38478engAttribution-NonCommercial-NoDerivs 3.0 Brazilhttp://creativecommons.org/licenses/by-nc-nd/3.0/br/info:eu-repo/semantics/openAccessreponame:Repositório Institucional da UFPEinstname:Universidade Federal de Pernambuco (UFPE)instacron:UFPE2020-11-04T05:16:57Zoai:repositorio.ufpe.br:123456789/38478Repositório InstitucionalPUBhttps://repositorio.ufpe.br/oai/requestattena@ufpe.bropendoar:22212020-11-04T05:16:57Repositório Institucional da UFPE - Universidade Federal de Pernambuco (UFPE)false |
| dc.title.none.fl_str_mv |
Leveraging diversity to find bugs in JavaScript engines |
| title |
Leveraging diversity to find bugs in JavaScript engines |
| spellingShingle |
Leveraging diversity to find bugs in JavaScript engines LIMA, Igor Simões de Oliveira Engenharia de software JavaScript |
| title_short |
Leveraging diversity to find bugs in JavaScript engines |
| title_full |
Leveraging diversity to find bugs in JavaScript engines |
| title_fullStr |
Leveraging diversity to find bugs in JavaScript engines |
| title_full_unstemmed |
Leveraging diversity to find bugs in JavaScript engines |
| title_sort |
Leveraging diversity to find bugs in JavaScript engines |
| author |
LIMA, Igor Simões de Oliveira |
| author_facet |
LIMA, Igor Simões de Oliveira |
| author_role |
author |
| dc.contributor.none.fl_str_mv |
d'AMORIM, Marcelo Bezerra http://lattes.cnpq.br/2282992454648401 http://lattes.cnpq.br/3762670242328435 |
| dc.contributor.author.fl_str_mv |
LIMA, Igor Simões de Oliveira |
| dc.subject.por.fl_str_mv |
Engenharia de software JavaScript |
| topic |
Engenharia de software JavaScript |
| description |
JavaScript is a very popular programming language today with several implementations competing for market dominance. Although a specification document and a conformance test suite exist to guide engine development, bugs occur and have important practical consequences. This work evaluates the importance of different techniques to find functional bugs in JavaScript engines. For that, we explored two existing techniques—test transplantation and cross-engine differential testing. The first technique runs test suites of a given engine in another engine. The second technique fuzzes existing inputs and then compares the output produced by different engines with a differential oracle. We considered engines from four major players in our experiments–V8, SpiderMonkey, ChakraCore, and JavaScriptCore. We present a tool capable of running tests on any javascript engine and obtaining reports based on the test output. It was possible to run the four engines in a test suite extracted from open-source projects, using the two techniques mentioned and we analyzed the behavior of each engine, classifying the output as a bug or not. The results indicate that both techniques revealed several bugs, many of which confirmed by developers. Overall, we reported 50 bugs in this study. Of which, 36 were confirmed by developers and 29 were fixed. To sum, our results show that the techniques are easy to apply and very effective in finding bugs in complex software, such as JavaScript engines. |
| publishDate |
2020 |
| dc.date.none.fl_str_mv |
2020-11-03T20:15:09Z 2020-11-03T20:15:09Z 2020-01-17 |
| dc.type.status.fl_str_mv |
info:eu-repo/semantics/publishedVersion |
| dc.type.driver.fl_str_mv |
info:eu-repo/semantics/masterThesis |
| format |
masterThesis |
| status_str |
publishedVersion |
| dc.identifier.uri.fl_str_mv |
LIMA, Igor Simões de Oliveira. Leveraging diversity to find bugs in JavaScript engines. 2020. Dissertação (Mestrado em Ciência da Computação) – Universidade Federal de Pernambuco, Recife, 2020. https://repositorio.ufpe.br/handle/123456789/38478 |
| identifier_str_mv |
LIMA, Igor Simões de Oliveira. Leveraging diversity to find bugs in JavaScript engines. 2020. Dissertação (Mestrado em Ciência da Computação) – Universidade Federal de Pernambuco, Recife, 2020. |
| url |
https://repositorio.ufpe.br/handle/123456789/38478 |
| dc.language.iso.fl_str_mv |
eng |
| language |
eng |
| dc.rights.driver.fl_str_mv |
Attribution-NonCommercial-NoDerivs 3.0 Brazil http://creativecommons.org/licenses/by-nc-nd/3.0/br/ info:eu-repo/semantics/openAccess |
| rights_invalid_str_mv |
Attribution-NonCommercial-NoDerivs 3.0 Brazil http://creativecommons.org/licenses/by-nc-nd/3.0/br/ |
| eu_rights_str_mv |
openAccess |
| dc.format.none.fl_str_mv |
application/pdf |
| dc.publisher.none.fl_str_mv |
Universidade Federal de Pernambuco UFPE Brasil Programa de Pos Graduacao em Ciencia da Computacao |
| publisher.none.fl_str_mv |
Universidade Federal de Pernambuco UFPE Brasil Programa de Pos Graduacao em Ciencia da Computacao |
| dc.source.none.fl_str_mv |
reponame:Repositório Institucional da UFPE instname:Universidade Federal de Pernambuco (UFPE) instacron:UFPE |
| instname_str |
Universidade Federal de Pernambuco (UFPE) |
| instacron_str |
UFPE |
| institution |
UFPE |
| reponame_str |
Repositório Institucional da UFPE |
| collection |
Repositório Institucional da UFPE |
| repository.name.fl_str_mv |
Repositório Institucional da UFPE - Universidade Federal de Pernambuco (UFPE) |
| repository.mail.fl_str_mv |
attena@ufpe.br |
| _version_ |
1856041915551580160 |