This repository provides a collection of JS test suites from ChakraCore, SpiderMonkey, V8, JavaScriptCore, and Test262 repositories. This set was used for evaluation in our paper, "Montage: A Neural Network Language Model-Guided JavaScript Engine Fuzzer", which appeared in USENIX Security 2020.
We collected JS files from each repository as of the following dates.
Repository | Date | Link |
---|---|---|
ChakraCore | January 30, 2017 | link |
SpiderMonkey | January 31, 2017 | link |
V8 | January 31, 2017 | link |
JavaScriptCore | January 31, 2017 | link |
Test262 | January 23, 2017 | link |
The following paragraph is taken from Sec. 4.3 of the paper "Fuzzing with Code Fragments", which is published in USENIX Security 2012.
To run JS tests, each JS test may need its proper test harness which contains
definitions required for the test. A good example is the SpiderMonkey's test
suite. The top level directory contains a file shell.js
with definitions
required for all tests. Every subdirectory may contain an additional shell.js
with further definitions that might only be required for the tests in that
directory. To run a test, the JavaScript engine must execute all shell files in
the correct order, followed by the test itself.
We addressed this issue by inserting JS statements that load the required JS harness for each file.
Please refer to php-packer for removing duplicate JS files.
This work was done by Jihoon Kim while he was at SoftSec Lab, KAIST.