display.c revision 77392728d91a8848fa9896dd7eea3d9690422417 
1/*
2 *
3 * honggfuzz - display statistics
4 * -----------------------------------------
5 *
6 * Author: Robert Swiecki <swiecki@google.com>
7 *
8 * Copyright 2010-2015 by Google Inc. All Rights Reserved.
9 *
10 * Licensed under the Apache License, Version 2.0 (the "License"); you may
11 * not use this file except in compliance with the License. You may obtain
12 * a copy of the License at
13 *
14 * http://www.apache.org/licenses/LICENSE-2.0
15 *
16 * Unless required by applicable law or agreed to in writing, software
17 * distributed under the License is distributed on an "AS IS" BASIS,
18 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
19 * implied. See the License for the specific language governing
20 * permissions and limitations under the License.
21 *
22 */
23
24#define _WITH_DPRINTF
25
26#include "common.h"
27#include "display.h"
28
29#include <string.h>
30#include <stdarg.h>
31#include <stdio.h>
32#include <unistd.h>
33#include <inttypes.h>
34
35#include "log.h"
36#include "util.h"
37
38#define ESC_CLEAR "\033[H\033[2J"
39#define ESC_NAV(x,y) "\033["#x";"#y"H"
40#define ESC_BOLD "\033[1m"
41#define ESC_RESET "\033[0m"
42
43static void display_put(const char *fmt, ...)
44{
45    char buf[1024 * 4];
46
47    va_list args;
48    va_start(args, fmt);
49    int ret = vsnprintf(buf, sizeof(buf), fmt, args);
50    va_end(args);
51
52    if (ret <= 0) {
53        return;
54    }
55    if (write(STDOUT_FILENO, buf, ret) == -1) {
56        return;
57    }
58}
59
60static void display_displayLocked(honggfuzz_t * hfuzz)
61{
62    unsigned long elapsed = (unsigned long)(time(NULL) - hfuzz->timeStart);
63
64    size_t curr_exec_cnt = __sync_fetch_and_add(&hfuzz->mutationsCnt, 0UL);
65    /*
66     * We increase the mutation counter unconditionally in threads, but if it's
67     * above hfuzz->mutationsMax we don't really execute the fuzzing loop.
68     * Therefore at the end of fuzzing, the mutation counter might be higher
69     * than hfuzz->mutationsMax
70     */
71    if (hfuzz->mutationsMax > 0 && curr_exec_cnt > hfuzz->mutationsMax) {
72        curr_exec_cnt = hfuzz->mutationsMax;
73    }
74    static size_t prev_exec_cnt = 0UL;
75    uintptr_t exec_per_sec = curr_exec_cnt - prev_exec_cnt;
76    prev_exec_cnt = curr_exec_cnt;
77
78    display_put("%s", ESC_CLEAR);
79    display_put("============================== STAT ==============================\n");
80
81    display_put("Iterations: " ESC_BOLD "%zu" ESC_RESET, curr_exec_cnt);
82    if (hfuzz->mutationsMax) {
83        display_put(" (out of: " ESC_BOLD "%zu" ESC_RESET ")", hfuzz->mutationsMax);
84    }
85    display_put("\n");
86
87    char start_time_str[128];
88    util_getLocalTime("%F %T", start_time_str, sizeof(start_time_str), hfuzz->timeStart);
89    display_put("Start time: " ESC_BOLD "%s" ESC_RESET " (" ESC_BOLD "%lu"
90                ESC_RESET " seconds elapsed)\n", start_time_str, elapsed);
91
92    display_put("Input file/dir: '" ESC_BOLD "%s" ESC_RESET "'\n", hfuzz->inputFile);
93    display_put("Fuzzed cmd: '" ESC_BOLD "%s" ESC_RESET "'\n", hfuzz->cmdline[0]);
94
95    display_put("Fuzzing threads: " ESC_BOLD "%zu" ESC_RESET "\n", hfuzz->threadsMax);
96    display_put("Execs per second: " ESC_BOLD "%zu" ESC_RESET " (avg: " ESC_BOLD "%zu" ESC_RESET
97                ")\n", exec_per_sec, elapsed ? (curr_exec_cnt / elapsed) : 0);
98
99    /* If dry run, print also the input file count */
100    if (hfuzz->flipRate == 0.0L && hfuzz->useVerifier) {
101        display_put("Input Files: '" ESC_BOLD "%zu" ESC_RESET "'\n", hfuzz->fileCnt);
102    }
103
104    display_put("Crashes: " ESC_BOLD "%zu" ESC_RESET " (unique: " ESC_BOLD "%zu" ESC_RESET
105                ", blacklist: " ESC_BOLD "%zu" ESC_RESET ", verified: " ESC_BOLD "%zu" ESC_RESET
106                ") \n", __sync_fetch_and_add(&hfuzz->crashesCnt, 0UL),
107                __sync_fetch_and_add(&hfuzz->uniqueCrashesCnt, 0UL),
108                __sync_fetch_and_add(&hfuzz->blCrashesCnt, 0UL),
109                __sync_fetch_and_add(&hfuzz->verifiedCrashesCnt, 0UL));
110    display_put("Timeouts: " ESC_BOLD "%zu" ESC_RESET "\n",
111                __sync_fetch_and_add(&hfuzz->timeoutedCnt, 0UL));
112
113    /* Feedback data sources are enabled. Start with common headers. */
114    if (hfuzz->dynFileMethod != _HF_DYNFILE_NONE || hfuzz->useSanCov) {
115        display_put("Dynamic file size: " ESC_BOLD "%zu" ESC_RESET " (max: " ESC_BOLD "%zu"
116                    ESC_RESET ")\n", hfuzz->dynamicFileBestSz, hfuzz->maxFileSz);
117        display_put("Dynamic file max iterations keep for chosen seed (" ESC_BOLD "%zu" ESC_RESET
118                    "/" ESC_BOLD "%zu" ESC_RESET ")\n",
119                    __sync_fetch_and_add(&hfuzz->dynFileIterExpire, 0UL), _HF_MAX_DYNFILE_ITER);
120        display_put("Coverage (max):\n");
121    }
122
123    /* HW perf specific counters */
124    if (hfuzz->dynFileMethod & _HF_DYNFILE_INSTR_COUNT) {
125        display_put("  - cpu instructions:      " ESC_BOLD "%" PRIu64 ESC_RESET "\n",
126                    __sync_fetch_and_add(&hfuzz->hwCnts.cpuInstrCnt, 0UL));
127    }
128    if (hfuzz->dynFileMethod & _HF_DYNFILE_BRANCH_COUNT) {
129        display_put("  - cpu branches:          " ESC_BOLD "%" PRIu64 ESC_RESET "\n",
130                    __sync_fetch_and_add(&hfuzz->hwCnts.cpuBranchCnt, 0UL));
131    }
132    if (hfuzz->dynFileMethod & _HF_DYNFILE_UNIQUE_BLOCK_COUNT) {
133        display_put("  - unique branch targets: " ESC_BOLD "%" PRIu64 ESC_RESET "\n",
134                    __sync_fetch_and_add(&hfuzz->hwCnts.pcCnt, 0UL));
135    }
136    if (hfuzz->dynFileMethod & _HF_DYNFILE_UNIQUE_EDGE_COUNT) {
137        display_put("  - unique branch pairs:   " ESC_BOLD "%" PRIu64 ESC_RESET "\n",
138                    __sync_fetch_and_add(&hfuzz->hwCnts.pathCnt, 0UL));
139    }
140    if (hfuzz->dynFileMethod & _HF_DYNFILE_CUSTOM) {
141        display_put("  - custom counter:        " ESC_BOLD "%" PRIu64 ESC_RESET "\n",
142                    __sync_fetch_and_add(&hfuzz->hwCnts.customCnt, 0UL));
143    }
144
145    /* Sanitizer coverage specific counters */
146    if (hfuzz->useSanCov) {
147        uint64_t hitBB = __sync_fetch_and_add(&hfuzz->sanCovCnts.hitBBCnt, 0UL);
148        uint64_t totalBB = __sync_fetch_and_add(&hfuzz->sanCovCnts.totalBBCnt, 0UL);
149        uint8_t covPer = totalBB ? ((hitBB * 100) / totalBB) : 0;
150        display_put("  - total hit #bb:  " ESC_BOLD "%" PRIu64 ESC_RESET " (coverage %d%%)\n",
151                    hitBB, covPer);
152        display_put("  - total #dso:     " ESC_BOLD "%" PRIu64 ESC_RESET " (instrumented only)\n",
153                    __sync_fetch_and_add(&hfuzz->sanCovCnts.iDsoCnt, 0UL));
154        display_put("  - discovered #bb: " ESC_BOLD "%" PRIu64 ESC_RESET " (new from input seed)\n",
155                    __sync_fetch_and_add(&hfuzz->sanCovCnts.newBBCnt, 0UL));
156        display_put("  - crashes:        " ESC_BOLD "%" PRIu64 ESC_RESET "\n",
157                    __sync_fetch_and_add(&hfuzz->sanCovCnts.crashesCnt, 0UL));
158    }
159    display_put("============================== LOGS ==============================\n");
160}
161
162extern void display_display(honggfuzz_t * hfuzz)
163{
164    display_displayLocked(hfuzz);
165}
166