中图分类号：TP309 文献标志码：A DOI: 10.16157/j.issn.0258-7998.256463
中文引用格式： 丁加宇，沙乐天，潘家晔. 基于大语言模型的JS引擎模糊测试方法[J]. 电子技术应用，2026，52(2)：66-70.
英文引用格式： Ding Jiayu，Sha Letian，Pan Jiaye. Fuzz testing method for JavaScript engines based on large language model[J]. Application of Electronic Technique，2026，52(2)：66-70.

Fuzz testing method for JavaScript engines based on large language model

Abstract： Existing Fuzz tools for browser JavaScript engines are insufficient in detecting non-crashing vulnerabilities. To address this issue, an enhanced vulnerability detection method combining memory detection and large language models (LLMs) is proposed. This method improves the Fuzz tool's ability to identify potential vulnerabilities and reduces the false-negative rate. Additionally, the integration of LLMs with conventional mutators generates more complex and targeted test cases under the stimulus of Proof-of-Concept (PoC) sets, effectively exploring deeper code paths and increasing code coverage. Experimental results show that the improved tool significantly enhances branch coverage and vulnerability detection capabilities compared to existing tools.

Key words : Fuzz testing；JavaScript engine；use after free