forked from googleprojectzero/fuzzilli
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathExecution.swift
More file actions
133 lines (118 loc) · 4.01 KB
/
Execution.swift
File metadata and controls
133 lines (118 loc) · 4.01 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
// Copyright 2019 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// https://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
import Foundation
/// The possible outcome of a program execution.
public enum ExecutionOutcome: CustomStringConvertible, Equatable, Hashable {
case crashed(Int)
case failed(Int)
case succeeded
case timedOut
// This outcome is added to support native differential fuzzing.
// It should get very similar treatment to crashed -> if the run resulted
// in a differential, most likely there's a bug.
// Please note that this feature is unstable yet, so the statement above
// might not always be the case.
case differential
public var description: String {
switch self {
case .crashed(let signal):
return "Crashed (signal \(signal))"
case .failed(let exitcode):
return "Failed (exit code \(exitcode))"
case .succeeded:
return "Succeeded"
case .timedOut:
return "TimedOut"
case .differential:
return "Differential"
}
}
public func isCrash() -> Bool {
if case .crashed = self {
return true
} else {
return false
}
}
public func isFailure() -> Bool {
if case .failed = self {
return true
} else {
return false
}
}
public func isDifferential() -> Bool {
if case .differential = self {
return true
} else {
return false
}
}
}
/// The result of executing a program.
public protocol Execution {
var outcome: ExecutionOutcome { get }
var stdout: String { get }
var stderr: String { get }
var fuzzout: String { get }
var execTime: TimeInterval { get }
}
/// Struct to capture result of exection in differential mode
struct DiffExecution: Execution {
let outcome: ExecutionOutcome
let execTime: TimeInterval
let stdout: String
let stderr: String
let fuzzout: String
private init(
outcome: ExecutionOutcome,
execTime: TimeInterval,
stdout: String,
stderr: String,
fuzzout: String
) {
self.outcome = outcome
self.execTime = execTime
self.stdout = stdout
self.stderr = stderr
self.fuzzout = fuzzout
}
// TODO(mdanylo): we shouldn't pass dump outputs as a separate parameter,
// instead we should rather make them a part of a REPRL protocol between Fuzzilli and V8.
static func diff(
optExec: Execution, unoptExec: Execution,
optDumpOut: String, unoptDumpOut: String
) -> Execution {
assert(optExec.outcome == .succeeded && unoptExec.outcome == .succeeded)
func formatDiff(label: String, optData: String, unoptData: String) -> String {
return """
=== OPT \(label) ===
\(optData)
=== UNOPT \(label) ===
\(unoptData)
"""
}
let relateOutcome = DiffOracle.relate(optDumpOut, with: unoptDumpOut)
return DiffExecution(
outcome: relateOutcome ? .succeeded : .differential,
execTime: optExec.execTime,
stdout: formatDiff(
label: "STDOUT", optData: optExec.stdout, unoptData: unoptExec.stdout),
stderr: formatDiff(
label: "STDERR", optData: optExec.stderr, unoptData: unoptExec.stderr),
fuzzout: formatDiff(
label: "FUZZOUT", optData: optExec.fuzzout, unoptData: unoptExec.fuzzout)
)
}
}