JSConTest: Contract-Driven Testing and Path Effect Inference for JavaScript

Program understanding is a major obstacle during program maintenance. In an object-oriented language, understanding an operation requires understanding its type and its eect on the object network. The eect is particularly important for scripting languages where there is neither class structure that restricts the shape of an object nor any other kind of access control. We have designed and implemented JSConTest, a tool that provides a facility to annotate JavaScript programs with type and eect contracts and to create random tests out of the contracts. Run-time monitoring for contracts is implemented with a program transformation. The eect of an operation is described by access permissions, which abstract sets of access paths along which the operation reads or writes object properties. Type contracts can also be used to drive guided random testing of the program. JSConTest contains an algorithm for computing access permissions from a set of access paths obtained by running the program. The main ingredient of the algorithm is a novel heuristic that produces precise and concise results without user interaction. It has been applied to a range of examples with encouraging results.

[1]  Barton P. Miller,et al.  An empirical study of the robustness of Windows NT applications using random testing , 2000 .

[2]  簡聰富,et al.  物件導向軟體之架構(Object-Oriented Software Construction)探討 , 1989 .

[3]  Pierre Jouvelot,et al.  The type and effect discipline , 1992, [1992] Proceedings of the Seventh Annual IEEE Symposium on Logic in Computer Science.

[4]  Helen J. Wang,et al.  BrowserShield: vulnerability-driven filtering of dynamic HTML , 2006, OSDI '06.

[5]  Bertrand Meyer,et al.  ARTOO , 2008, 2008 ACM/IEEE 30th International Conference on Software Engineering.

[6]  Koushik Sen,et al.  DART: directed automated random testing , 2005, PLDI '05.

[7]  Colin Runciman,et al.  Smallcheck and lazy smallcheck: automatic exhaustive testing for small values , 2008, Haskell '08.

[8]  Carlos Pacheco,et al.  Directed random testing , 2009 .

[9]  Sorin Lerner,et al.  Staged information flow for javascript , 2009, PLDI '09.

[10]  Sarfraz Khurshid,et al.  Korat: automated testing based on Java predicates , 2002, ISSTA '02.

[11]  E. Mark Gold,et al.  Language Identification in the Limit , 1967, Inf. Control..

[12]  Per Capita,et al.  About the authors , 1995, Machine Vision and Applications.

[13]  Peyton Jones,et al.  Haskell 98 language and libraries : the revised report , 2003 .

[14]  Philip Wadler,et al.  Well-Typed Programs Can't Be Blamed , 2009, ESOP.

[15]  Yong Lei,et al.  Tool support for randomized unit testing , 2006, RT '06.

[16]  A. Jefferson Offutt,et al.  A semantic model of program faults , 1996, ISSTA '96.

[17]  Peter Thiemann,et al.  Recency Types for Analyzing Scripting Languages , 2010, ECOOP.

[18]  Jan Vitek,et al.  Thorn: robust, concurrent, extensible scripting on the JVM , 2009, OOPSLA '09.

[19]  Aaron Greenhouse,et al.  An Object-Oriented Effects System , 1999, ECOOP.

[20]  Glenford J. Myers,et al.  Art of Software Testing , 1979 .

[21]  Ajay Chander,et al.  JavaScript instrumentation for browser security , 2007, POPL '07.

[22]  Walid Taha,et al.  Gradual Typing for Objects , 2007, ECOOP.

[23]  Casey Klein,et al.  Randomized Testing in PLT Redex , 2009 .

[24]  Tsong Yueh Chen,et al.  Adaptive Random Testing: The ART of test case diversity , 2010, J. Syst. Softw..

[25]  Shriram Krishnamurthi,et al.  The Essence of JavaScript , 2010, ECOOP.

[26]  Koen Claessen,et al.  QuickCheck: a lightweight tool for random testing of Haskell programs , 2000, ICFP.

[27]  Matthias Felleisen,et al.  DrScheme: A Pedagogic Programming Environment for Scheme , 1997, PLILP.

[28]  Ankur Taly,et al.  Isolating JavaScript with Filters, Rewriting, and Wrappers , 2009, ESORICS.

[29]  Sam Tobin-Hochstadt,et al.  The design and implementation of typed scheme , 2008, POPL '08.

[30]  Christian Skalka Trace effects and object orientation , 2005, PPDP '05.

[31]  Mads Tofte,et al.  Region-based Memory Management , 1997, Inf. Comput..

[32]  Carl Eastlund DoubleCheck your theorems , 2009, ACL2 '09.

[33]  A. Deutsch,et al.  A storeless model of aliasing and its abstractions using finite representations of right-regular equivalence relations , 1992, Proceedings of the 1992 International Conference on Computer Languages.

[34]  Lars Birkedal,et al.  A constraint-based region inference algorithm , 2001, Theor. Comput. Sci..

[35]  Peter Thiemann,et al.  A Heuristic Approach for Computing Effects , 2011, TOOLS.

[36]  Yannis Smaragdakis,et al.  JCrasher: an automatic robustness tester for Java , 2004, Softw. Pract. Exp..

[37]  David K. Gifford,et al.  Integrating functional and imperative programming , 1986, LFP '86.

[38]  Peter Thiemann,et al.  Type Analysis for JavaScript , 2009, SAS.

[39]  Dana Angluin,et al.  Inductive Inference of Formal Languages from Positive Data , 1980, Inf. Control..

[40]  Matthias Felleisen,et al.  Semantic Casts: Contracts and Structural Subtyping in a Nominal World , 2004, ECOOP.

[41]  Annette Bieniusa,et al.  Access permission contracts for scripting languages , 2012, POPL '12.

[42]  Edward Fredkin,et al.  Trie memory , 1960, Commun. ACM.

[43]  Paul R. Cohen,et al.  Learning Deterministic Finite Automaton with a Recurrent Neural Network , 1998, ICGI.

[44]  François Denis,et al.  Learning Regular Languages from Simple Positive Examples , 2001, Machine Learning.

[45]  Simeon C. Ntafos,et al.  An Evaluation of Random Testing , 1984, IEEE Transactions on Software Engineering.

[46]  Carlos Urias Munoz,et al.  Automatic Generation of Random Self-Checking Test Cases , 1983, IBM Syst. J..

[47]  Peter Thiemann,et al.  Contract-Driven Testing of JavaScript Code , 2010, TOOLS.