display.c revision 39bd2b01852f7308211c5982ed20d30a4d39bd85
1/* 2 * 3 * honggfuzz - display statistics 4 * ----------------------------------------- 5 * 6 * Author: Robert Swiecki <swiecki@google.com> 7 * 8 * Copyright 2010-2015 by Google Inc. All Rights Reserved. 9 * 10 * Licensed under the Apache License, Version 2.0 (the "License"); you may 11 * not use this file except in compliance with the License. You may obtain 12 * a copy of the License at 13 * 14 * http://www.apache.org/licenses/LICENSE-2.0 15 * 16 * Unless required by applicable law or agreed to in writing, software 17 * distributed under the License is distributed on an "AS IS" BASIS, 18 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 19 * implied. See the License for the specific language governing 20 * permissions and limitations under the License. 21 * 22 */ 23 24#define _WITH_DPRINTF 25 26#include "common.h" 27#include "display.h" 28 29#include <string.h> 30#include <stdarg.h> 31#include <stdio.h> 32#include <unistd.h> 33#include <inttypes.h> 34 35#include "log.h" 36#include "util.h" 37 38#define ESC_CLEAR "\033[H\033[2J" 39#define ESC_NAV(x,y) "\033["#x";"#y"H" 40#define ESC_BOLD "\033[1m" 41#define ESC_RESET "\033[0m" 42 43static void display_put(const char *fmt, ...) 44{ 45 char buf[1024 * 4]; 46 47 va_list args; 48 va_start(args, fmt); 49 int ret = vsnprintf(buf, sizeof(buf), fmt, args); 50 va_end(args); 51 52 if (ret <= 0) { 53 return; 54 } 55 if (write(STDOUT_FILENO, buf, ret) == -1) { 56 return; 57 } 58} 59 60static void display_displayLocked(honggfuzz_t * hfuzz) 61{ 62 unsigned long elapsed = (unsigned long)(time(NULL) - hfuzz->timeStart); 63 64 size_t curr_exec_cnt = __sync_fetch_and_add(&hfuzz->mutationsCnt, 0UL); 65 /* 66 * We increase the mutation counter unconditionally in threads, but if it's 67 * above hfuzz->mutationsMax we don't really execute the fuzzing loop. 68 * Therefore at the end of fuzzing, the mutation counter might be higher 69 * than hfuzz->mutationsMax 70 */ 71 if (hfuzz->mutationsMax > 0 && curr_exec_cnt > hfuzz->mutationsMax) { 72 curr_exec_cnt = hfuzz->mutationsMax; 73 } 74 static size_t prev_exec_cnt = 0UL; 75 uintptr_t exec_per_sec = curr_exec_cnt - prev_exec_cnt; 76 prev_exec_cnt = curr_exec_cnt; 77 78 display_put("%s", ESC_CLEAR); 79 display_put("============================== STAT ==============================\n"); 80 81 display_put("Iterations: " ESC_BOLD "%zu" ESC_RESET, curr_exec_cnt); 82 if (hfuzz->mutationsMax) { 83 display_put(" (out of: " ESC_BOLD "%zu" ESC_RESET ")", hfuzz->mutationsMax); 84 } 85 display_put("\n"); 86 87 char start_time_str[128]; 88 util_getLocalTime("%F %T", start_time_str, sizeof(start_time_str), hfuzz->timeStart); 89 display_put("Start time: " ESC_BOLD "%s" ESC_RESET " (" ESC_BOLD "%lu" 90 ESC_RESET " seconds elapsed)\n", start_time_str, elapsed); 91 92 display_put("Input file/dir: '" ESC_BOLD "%s" ESC_RESET "'\n", hfuzz->inputFile); 93 display_put("Fuzzed cmd: '" ESC_BOLD "%s" ESC_RESET "'\n", hfuzz->cmdline_txt); 94 95 display_put("Fuzzing threads: " ESC_BOLD "%zu" ESC_RESET "\n", hfuzz->threadsMax); 96 display_put("Execs per second: " ESC_BOLD "%zu" ESC_RESET " (avg: " ESC_BOLD "%zu" ESC_RESET 97 ")\n", exec_per_sec, elapsed ? (curr_exec_cnt / elapsed) : 0); 98 99 /* If dry run, print also the input file count */ 100 if (hfuzz->flipRate == 0.0L && hfuzz->useVerifier) { 101 display_put("Input Files: '" ESC_BOLD "%zu" ESC_RESET "'\n", hfuzz->fileCnt); 102 } 103 104 display_put("Crashes: " ESC_BOLD "%zu" ESC_RESET " (unique: " ESC_BOLD "%zu" ESC_RESET 105 ", blacklist: " ESC_BOLD "%zu" ESC_RESET ", verified: " ESC_BOLD "%zu" ESC_RESET 106 ") \n", __sync_fetch_and_add(&hfuzz->crashesCnt, 0UL), 107 __sync_fetch_and_add(&hfuzz->uniqueCrashesCnt, 0UL), 108 __sync_fetch_and_add(&hfuzz->blCrashesCnt, 0UL), 109 __sync_fetch_and_add(&hfuzz->verifiedCrashesCnt, 0UL)); 110 display_put("Timeouts: " ESC_BOLD "%zu" ESC_RESET "\n", 111 __sync_fetch_and_add(&hfuzz->timeoutedCnt, 0UL)); 112 113 /* Feedback data sources are enabled. Start with common headers. */ 114 if (hfuzz->dynFileMethod != _HF_DYNFILE_NONE || hfuzz->useSanCov) { 115 display_put("Dynamic file size: " ESC_BOLD "%zu" ESC_RESET " (max: " ESC_BOLD "%zu" 116 ESC_RESET ")\n", hfuzz->dynamicFileBestSz, hfuzz->maxFileSz); 117 display_put("Dynamic file max iterations keep for chosen seed (" ESC_BOLD "%zu" ESC_RESET 118 "/" ESC_BOLD "%zu" ESC_RESET ")\n", 119 __sync_fetch_and_add(&hfuzz->dynFileIterExpire, 0UL), _HF_MAX_DYNFILE_ITER); 120 display_put("Coverage (max):\n"); 121 } 122 123 /* HW perf specific counters */ 124 if (hfuzz->dynFileMethod & _HF_DYNFILE_INSTR_COUNT) { 125 display_put(" - cpu instructions: " ESC_BOLD "%" PRIu64 ESC_RESET "\n", 126 __sync_fetch_and_add(&hfuzz->hwCnts.cpuInstrCnt, 0UL)); 127 } 128 if (hfuzz->dynFileMethod & _HF_DYNFILE_BRANCH_COUNT) { 129 display_put(" - cpu branches: " ESC_BOLD "%" PRIu64 ESC_RESET "\n", 130 __sync_fetch_and_add(&hfuzz->hwCnts.cpuBranchCnt, 0UL)); 131 } 132 if (hfuzz->dynFileMethod & _HF_DYNFILE_BTS_BLOCK) { 133 display_put(" - BTS unique blocks: " ESC_BOLD "%" PRIu64 ESC_RESET "\n", 134 __sync_fetch_and_add(&hfuzz->hwCnts.cpuBtsBlockCnt, 0UL)); 135 } 136 if (hfuzz->dynFileMethod & _HF_DYNFILE_BTS_EDGE) { 137 display_put(" - BTS unique edges: " ESC_BOLD "%" PRIu64 ESC_RESET "\n", 138 __sync_fetch_and_add(&hfuzz->hwCnts.cpuBtsEdgeCnt, 0UL)); 139 } 140 if (hfuzz->dynFileMethod & _HF_DYNFILE_CUSTOM) { 141 display_put(" - custom counter: " ESC_BOLD "%" PRIu64 ESC_RESET "\n", 142 __sync_fetch_and_add(&hfuzz->hwCnts.customCnt, 0UL)); 143 } 144 145 /* Sanitizer coverage specific counters */ 146 if (hfuzz->useSanCov) { 147 uint64_t hitBB = __sync_fetch_and_add(&hfuzz->sanCovCnts.hitBBCnt, 0UL); 148 uint64_t totalBB = __sync_fetch_and_add(&hfuzz->sanCovCnts.totalBBCnt, 0UL); 149 uint8_t covPer = totalBB ? ((hitBB * 100) / totalBB) : 0; 150 display_put(" - total hit #bb: " ESC_BOLD "%" PRIu64 ESC_RESET " (coverage %d%%)\n", 151 hitBB, covPer); 152 display_put(" - total #dso: " ESC_BOLD "%" PRIu64 ESC_RESET " (instrumented only)\n", 153 __sync_fetch_and_add(&hfuzz->sanCovCnts.iDsoCnt, 0UL)); 154 display_put(" - discovered #bb: " ESC_BOLD "%" PRIu64 ESC_RESET " (new from input seed)\n", 155 __sync_fetch_and_add(&hfuzz->sanCovCnts.newBBCnt, 0UL)); 156 display_put(" - crashes: " ESC_BOLD "%" PRIu64 ESC_RESET "\n", 157 __sync_fetch_and_add(&hfuzz->sanCovCnts.crashesCnt, 0UL)); 158 } 159 display_put("============================== LOGS ==============================\n"); 160} 161 162extern void display_display(honggfuzz_t * hfuzz) 163{ 164 display_displayLocked(hfuzz); 165} 166