display.c revision 591c855f372225eb58ca23cf3ff4b3d698a8e532
1/* 2 * 3 * honggfuzz - display statistics 4 * ----------------------------------------- 5 * 6 * Author: Robert Swiecki <swiecki@google.com> 7 * 8 * Copyright 2010-2015 by Google Inc. All Rights Reserved. 9 * 10 * Licensed under the Apache License, Version 2.0 (the "License"); you may 11 * not use this file except in compliance with the License. You may obtain 12 * a copy of the License at 13 * 14 * http://www.apache.org/licenses/LICENSE-2.0 15 * 16 * Unless required by applicable law or agreed to in writing, software 17 * distributed under the License is distributed on an "AS IS" BASIS, 18 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 19 * implied. See the License for the specific language governing 20 * permissions and limitations under the License. 21 * 22 */ 23 24#define _WITH_DPRINTF 25 26#include "common.h" 27#include "display.h" 28 29#include <inttypes.h> 30#include <math.h> 31#include <string.h> 32#include <stdarg.h> 33#include <stdio.h> 34#include <unistd.h> 35 36#include "log.h" 37#include "util.h" 38 39#define ESC_CLEAR "\033[H\033[2J" 40#define ESC_NAV(x,y) "\033["#x";"#y"H" 41#define ESC_BOLD "\033[1m" 42#define ESC_RED "\033[31m" 43#define ESC_RESET "\033[0m" 44 45#if defined(_HF_ARCH_LINUX) 46#define _HF_MONETARY_MOD "'" 47#else 48#define _HF_MONETARY_MOD "" 49#endif 50 51static void display_put(const char *fmt, ...) 52{ 53 va_list args; 54 va_start(args, fmt); 55 vfprintf(stdout, fmt, args); 56 va_end(args); 57 fflush(stdout); 58} 59 60static void display_printKMG(uint64_t val) 61{ 62 if (val >= 1000000000UL) { 63 display_put(" [%.2lfG]", (double)val / 1000000.0); 64 } else if (val >= 1000000UL) { 65 display_put(" [%.2lfM]", (double)val / 1000000.0); 66 } else if (val >= 1000UL) { 67 display_put(" [%.2lfk]", (double)val / 1000.0); 68 } 69} 70 71static double getCpuUse() 72{ 73 static uint64_t prevIdleT = 0UL; 74 75 FILE *f = fopen("/proc/stat", "re"); 76 if (f == NULL) { 77 return NAN; 78 } 79 defer { 80 fclose(f); 81 }; 82 uint64_t userT, niceT, systemT, idleT; 83 if (fscanf 84 (f, "cpu %" PRIu64 "%" PRIu64 "%" PRIu64 "%" PRIu64, &userT, &niceT, &systemT, 85 &idleT) != 4) { 86 LOG_W("fscanf('/proc/stat') != 4"); 87 return NAN; 88 } 89 90 if (prevIdleT == 0UL) { 91 prevIdleT = idleT; 92 return NAN; 93 } 94 95 uint64_t cpuUse = (sysconf(_SC_NPROCESSORS_ONLN) * sysconf(_SC_CLK_TCK)) - (idleT - prevIdleT); 96 prevIdleT = idleT; 97 return (double)cpuUse / sysconf(_SC_CLK_TCK) * 100; 98} 99 100static void display_displayLocked(honggfuzz_t * hfuzz) 101{ 102 unsigned long elapsed_second = (unsigned long)(time(NULL) - hfuzz->timeStart); 103 unsigned int day, hour, min, second; 104 char time_elapsed_str[64]; 105 if (elapsed_second < 24 * 3600) { 106 hour = elapsed_second / 3600; 107 min = (elapsed_second - 3600 * hour) / 60; 108 second = elapsed_second - hour * 3600 - min * 60; 109 snprintf(time_elapsed_str, sizeof(time_elapsed_str), "%u hrs %u min %u sec", hour, 110 min, second); 111 } else { 112 day = elapsed_second / 24 / 3600; 113 elapsed_second = elapsed_second - day * 24 * 3600; 114 hour = elapsed_second / 3600; 115 min = (elapsed_second - 3600 * hour) / 60; 116 second = elapsed_second - hour * 3600 - min * 60; 117 snprintf(time_elapsed_str, sizeof(time_elapsed_str), 118 "%u days %u hrs %u min %u sec", day, hour, min, second); 119 } 120 121 size_t curr_exec_cnt = ATOMIC_GET(hfuzz->mutationsCnt); 122 /* 123 * We increase the mutation counter unconditionally in threads, but if it's 124 * above hfuzz->mutationsMax we don't really execute the fuzzing loop. 125 * Therefore at the end of fuzzing, the mutation counter might be higher 126 * than hfuzz->mutationsMax 127 */ 128 if (hfuzz->mutationsMax > 0 && curr_exec_cnt > hfuzz->mutationsMax) { 129 curr_exec_cnt = hfuzz->mutationsMax; 130 } 131 float exeProgress = 0.0f; 132 if (hfuzz->mutationsMax > 0) { 133 exeProgress = ((float)curr_exec_cnt * 100 / hfuzz->mutationsMax); 134 } 135 136 static size_t prev_exec_cnt = 0UL; 137 uintptr_t exec_per_sec = curr_exec_cnt - prev_exec_cnt; 138 prev_exec_cnt = curr_exec_cnt; 139 MX_SCOPED_LOCK(logMutexGet()); 140 display_put("%s", ESC_CLEAR); 141 display_put("------------------------------[ %s v%s ]------------------------------\n", 142 PROG_NAME, PROG_VERSION); 143 display_put(" Iterations : " ESC_BOLD "%" _HF_MONETARY_MOD "zu" ESC_RESET, curr_exec_cnt); 144 display_printKMG(curr_exec_cnt); 145 if (hfuzz->mutationsMax) { 146 display_put(" (out of: " ESC_BOLD "%zu" ESC_RESET " [" ESC_BOLD "%.2f" ESC_RESET 147 "%%])", hfuzz->mutationsMax, exeProgress); 148 } 149 char start_time_str[128]; 150 util_getLocalTime("%F %T", start_time_str, sizeof(start_time_str), hfuzz->timeStart); 151 display_put("\n Run Time : " ESC_BOLD "%s" ESC_RESET " (since: " ESC_BOLD "%s" ESC_RESET 152 ")\n", time_elapsed_str, start_time_str); 153 display_put(" Input File/Dir : '" ESC_BOLD "%s" ESC_RESET "'\n", hfuzz->inputFile); 154 display_put(" Fuzzed Cmd : '" ESC_BOLD "%s" ESC_RESET "'\n", hfuzz->cmdline_txt); 155 if (hfuzz->linux.pid > 0) { 156 display_put("Remote cmd [" ESC_BOLD "%d" ESC_RESET "]: '" ESC_BOLD "%s" ESC_RESET 157 "'\n", hfuzz->linux.pid, hfuzz->linux.pidCmd); 158 } 159 160 double cpuUse = getCpuUse(); 161 display_put(" Fuzzing Threads : " ESC_BOLD "%zu" ESC_RESET ", CPUs: " ESC_BOLD "%ld" ESC_RESET 162 ", CPU: " ESC_BOLD "%.1lf" ESC_RESET "%% (" ESC_BOLD "%.1lf" ESC_RESET "%%/CPU)\n", 163 hfuzz->threadsMax, sysconf(_SC_NPROCESSORS_ONLN), cpuUse, 164 cpuUse / sysconf(_SC_NPROCESSORS_ONLN)); 165 166 display_put(" Speed (%s) : " ESC_BOLD "% " _HF_MONETARY_MOD "zu" ESC_BOLD "/sec" ESC_RESET 167 " (avg: " ESC_BOLD "%" _HF_MONETARY_MOD "zu" ESC_RESET ")\n", 168 hfuzz->persistent ? "Round" : "Execs", exec_per_sec, 169 elapsed_second ? (curr_exec_cnt / elapsed_second) : 0); 170 /* If dry run, print also the input file count */ 171 if (hfuzz->origFlipRate == 0.0L && hfuzz->useVerifier) { 172 display_put(" Input Files : '" ESC_BOLD "%" _HF_MONETARY_MOD "zu" ESC_RESET "'\n", 173 hfuzz->fileCnt); 174 } 175 176 uint64_t crashesCnt = ATOMIC_GET(hfuzz->crashesCnt); 177 /* colored the crash count as red when exist crash */ 178 display_put(" Crashes : " ESC_BOLD "%s" "%zu" ESC_RESET " (unique: %s" ESC_BOLD "%zu" 179 ESC_RESET ", blacklist: " ESC_BOLD "%zu" ESC_RESET ", verified: " 180 ESC_BOLD "%zu" ESC_RESET ")\n", crashesCnt > 0 ? ESC_RED : "", 181 hfuzz->crashesCnt, crashesCnt > 0 ? ESC_RED : "", 182 ATOMIC_GET(hfuzz->uniqueCrashesCnt), ATOMIC_GET(hfuzz->blCrashesCnt), 183 ATOMIC_GET(hfuzz->verifiedCrashesCnt)); 184 display_put(" Timeouts : " ESC_BOLD "%" _HF_MONETARY_MOD "zu" ESC_RESET " [%" 185 _HF_MONETARY_MOD "zu sec.]\n", ATOMIC_GET(hfuzz->timeoutedCnt), hfuzz->tmOut); 186 /* Feedback data sources are enabled. Start with common headers. */ 187 if (hfuzz->dynFileMethod != _HF_DYNFILE_NONE || hfuzz->useSanCov) { 188 display_put(" Corpus size : " ESC_BOLD "%" _HF_MONETARY_MOD "zu" ESC_RESET "\n", 189 hfuzz->dynfileqCnt); 190 display_put(" Coverage :\n"); 191 } 192 193 /* HW perf specific counters */ 194 if (hfuzz->dynFileMethod & _HF_DYNFILE_INSTR_COUNT) { 195 display_put(" *** instructions: " ESC_BOLD "%" _HF_MONETARY_MOD PRIu64 ESC_RESET 196 "\n", ATOMIC_GET(hfuzz->linux.hwCnts.cpuInstrCnt)); 197 } 198 if (hfuzz->dynFileMethod & _HF_DYNFILE_BRANCH_COUNT) { 199 display_put(" *** branches: " ESC_BOLD "%" _HF_MONETARY_MOD PRIu64 ESC_RESET 200 "\n", ATOMIC_GET(hfuzz->linux.hwCnts.cpuBranchCnt)); 201 } 202 if (hfuzz->dynFileMethod & _HF_DYNFILE_BTS_BLOCK) { 203 display_put(" *** BTS blocks: " ESC_BOLD "%" _HF_MONETARY_MOD PRIu64 ESC_RESET 204 "\n", ATOMIC_GET(hfuzz->linux.hwCnts.bbCnt)); 205 } 206 if (hfuzz->dynFileMethod & _HF_DYNFILE_BTS_EDGE) { 207 display_put(" *** BTS edges: " ESC_BOLD "%" _HF_MONETARY_MOD PRIu64 ESC_RESET 208 "\n", ATOMIC_GET(hfuzz->linux.hwCnts.bbCnt)); 209 } 210 if (hfuzz->dynFileMethod & _HF_DYNFILE_IPT_BLOCK) { 211 display_put(" *** PT blocks: " ESC_BOLD "%" _HF_MONETARY_MOD PRIu64 ESC_RESET 212 "\n", ATOMIC_GET(hfuzz->linux.hwCnts.bbCnt)); 213 } 214 if (hfuzz->dynFileMethod & _HF_DYNFILE_CUSTOM) { 215 display_put(" *** custom counter: " ESC_BOLD "%" _HF_MONETARY_MOD PRIu64 ESC_RESET 216 "\n", ATOMIC_GET(hfuzz->linux.hwCnts.customCnt)); 217 } 218 219 if (hfuzz->dynFileMethod & _HF_DYNFILE_SOFT) { 220 uint64_t softCntPc = ATOMIC_GET(hfuzz->linux.hwCnts.softCntPc); 221 uint64_t softCntCmp = ATOMIC_GET(hfuzz->linux.hwCnts.softCntCmp); 222 display_put(" *** blocks seen: " ESC_BOLD "%" _HF_MONETARY_MOD PRIu64 ESC_RESET 223 ", comparison map: " ESC_BOLD "%" _HF_MONETARY_MOD PRIu64 ESC_RESET "\n", 224 softCntPc, softCntCmp); 225 } 226 227 /* Sanitizer coverage specific counters */ 228 if (hfuzz->useSanCov) { 229 uint64_t hitBB = ATOMIC_GET(hfuzz->sanCovCnts.hitBBCnt); 230 uint64_t totalBB = ATOMIC_GET(hfuzz->sanCovCnts.totalBBCnt); 231 float covPer = totalBB ? (((float)hitBB * 100) / totalBB) : 0.0; 232 display_put(" *** total hit #bb: " ESC_BOLD "%" _HF_MONETARY_MOD PRIu64 ESC_RESET 233 " (coverage " ESC_BOLD "%.2f" ESC_RESET "%%)\n", hitBB, covPer); 234 display_put(" *** total #dso: " ESC_BOLD "%" _HF_MONETARY_MOD PRIu64 ESC_RESET 235 " (instrumented only)\n", ATOMIC_GET(hfuzz->sanCovCnts.iDsoCnt)); 236 display_put(" *** discovered #bb: " ESC_BOLD "%" _HF_MONETARY_MOD PRIu64 ESC_RESET 237 " (new from input seed)\n", ATOMIC_GET(hfuzz->sanCovCnts.newBBCnt)); 238 display_put(" *** crashes: " ESC_BOLD "%" _HF_MONETARY_MOD PRIu64 ESC_RESET 239 "\n", ATOMIC_GET(hfuzz->sanCovCnts.crashesCnt)); 240 } 241 display_put("-----------------------------------[ LOGS ]-----------------------------------\n"); 242} 243 244extern void display_display(honggfuzz_t * hfuzz) 245{ 246 display_displayLocked(hfuzz); 247} 248