SJFuzz: Seed and Mutator Scheduling for JVM Fuzzing

Wu, Mingyuan1,2,5; Ouyang, Yicheng1; Lu, Minghai1; Chen, Junjie3; Zhao, Yingquan3; Cui, Heming2; Yang, Guowei4; Zhang, Yuqun1,5,6

10.1145/3611643.3616277

2023

31st ACM Joint Meeting of the European Software Engineering Conference / Symposium on the Foundations-of-Software-Engineering (ESEC/FSE)

PROCEEDINGS OF THE 31ST ACM JOINT MEETING EUROPEAN SOFTWARE ENGINEERING CONFERENCE AND SYMPOSIUM ON THE FOUNDATIONS OF SOFTWARE ENGINEERING, ESEC/FSE 2023

DEC 03-09, 2023

null,San Francisco,CA

1601 Broadway, 10th Floor, NEW YORK, NY, UNITED STATES

ASSOC COMPUTING MACHINERY

While the Java Virtual Machine ( JVM) plays a vital role in ensuring correct executions of Java applications, testing JVMs via generating and running class files on them can be rather challenging. The existing techniques, e.g., ClassFuzz and Classming, attempt to leverage the power of fuzzing and differential testing to cope with JVM intricacies by exposing discrepant execution results among different JVMs, i.e., inter-JVM discrepancies, for testing analytics. However, their adopted fuzzers are insufficiently guided since they include no well-designed seed and mutator scheduling mechanisms, leading to inefficient differential testing. To address such issues, in this paper, we propose SJFuzz, the first JVM fuzzing framework with seed and mutator scheduling mechanisms for automated JVM differential testing. Overall, SJFuzz aims to mutate class files via control flow mutators to facilitate the exposure of inter-JVM discrepancies. To this end, SJFuzz schedules seeds (class files) for mutations based on the discrepancy and diversity guidance. SJFuzz also schedules mutators for diversifying class file generation. To evaluate SJFuzz, we conduct an extensive study on multiple representative real-world JVMs, and the experimental results show that SJFuzz significantly outperforms the SOTA mutation-based and generation-based JVM fuzzers in terms of the inter-JVM discrepancy exposure. Moreover, SJFuzz successfully reported 46 potential JVM issues where 20 were confirmed as bugs and 16 have been fixed by the JVM developers.

JVM Testing Mutation-based Fuzzing

第一 ; 通讯

英语

EI ; CPCI-S

Guangdong Provincial Key Laboratory[2020B121201001]

Computer Science

Computer Science, Software Engineering ; Computer Science, Theory & Methods

WOS:001148157800086

Web of Science

1.Southern University of Science and Technology, Shenzhen, China
2.The University of Hong Kong, Hong Kong
3.College of Intelligence and Computing, Tianjin University, Tianjin, China
4.The University of Queensland, QLD, Australia
5.The Research Institute of Trustworthy Autonomous Systems, Shenzhen, China
6.Guangdong Provincial Key Laboratory of Brain-inspired Intelligent Computation, China

Wu, Mingyuan,Ouyang, Yicheng,Lu, Minghai,et al. SJFuzz: Seed and Mutator Scheduling for JVM Fuzzing[C]. 1601 Broadway, 10th Floor, NEW YORK, NY, UNITED STATES:ASSOC COMPUTING MACHINERY,2023.