blob: 345ae8193ecccef7817832c8a22cae0c0a647851 [file] [log] [blame]
Jaggerbaa20ea2015-09-06 01:12:08 +02001/*
2 *
3 * honggfuzz - display statistics
4 * -----------------------------------------
5 *
6 * Author: Robert Swiecki <swiecki@google.com>
7 *
8 * Copyright 2010-2015 by Google Inc. All Rights Reserved.
9 *
10 * Licensed under the Apache License, Version 2.0 (the "License"); you may
11 * not use this file except in compliance with the License. You may obtain
12 * a copy of the License at
13 *
14 * http://www.apache.org/licenses/LICENSE-2.0
15 *
16 * Unless required by applicable law or agreed to in writing, software
17 * distributed under the License is distributed on an "AS IS" BASIS,
18 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
19 * implied. See the License for the specific language governing
20 * permissions and limitations under the License.
21 *
22 */
23
24#define _WITH_DPRINTF
25
26#include "common.h"
27#include "display.h"
28
Robert Swieckife274392016-09-06 15:36:05 +020029#include <inttypes.h>
Robert Swiecki76727f62016-09-06 17:11:23 +020030#include <math.h>
Jaggerbaa20ea2015-09-06 01:12:08 +020031#include <string.h>
Jagger7acbf2e2015-09-06 20:02:32 +020032#include <stdarg.h>
Jaggerbaa20ea2015-09-06 01:12:08 +020033#include <stdio.h>
34#include <unistd.h>
35
36#include "log.h"
Robert Swiecki81c6a0d2015-09-08 15:43:20 +020037#include "util.h"
Jaggerbaa20ea2015-09-06 01:12:08 +020038
Jaggerbaa20ea2015-09-06 01:12:08 +020039#define ESC_CLEAR "\033[H\033[2J"
40#define ESC_NAV(x,y) "\033["#x";"#y"H"
Jagger76b11bc2015-09-06 02:11:44 +020041#define ESC_BOLD "\033[1m"
Robert Swieckia71a4992016-09-02 14:47:55 +020042#define ESC_RED "\033[31m"
Jagger76b11bc2015-09-06 02:11:44 +020043#define ESC_RESET "\033[0m"
Jaggerbaa20ea2015-09-06 01:12:08 +020044
Robert Swiecki508b19a2016-08-31 17:26:45 +020045#if defined(_HF_ARCH_LINUX)
46#define _HF_MONETARY_MOD "'"
47#else
48#define _HF_MONETARY_MOD ""
49#endif
50
Jagger7acbf2e2015-09-06 20:02:32 +020051static void display_put(const char *fmt, ...)
52{
Jagger7acbf2e2015-09-06 20:02:32 +020053 va_list args;
54 va_start(args, fmt);
Jaggerd9a2c322016-09-08 01:18:50 +020055 vfprintf(stdout, fmt, args);
Jagger7acbf2e2015-09-06 20:02:32 +020056 va_end(args);
Jaggerd9a2c322016-09-08 01:18:50 +020057 fflush(stdout);
Jagger7acbf2e2015-09-06 20:02:32 +020058}
59
Jaggera7d893d2016-08-30 23:43:28 +020060static void display_printKMG(uint64_t val)
61{
62 if (val >= 1000000000UL) {
63 display_put(" [%.2lfG]", (double)val / 1000000.0);
64 } else if (val >= 1000000UL) {
65 display_put(" [%.2lfM]", (double)val / 1000000.0);
66 } else if (val >= 1000UL) {
67 display_put(" [%.2lfk]", (double)val / 1000.0);
68 }
69}
70
Jagger9d8822d2016-09-28 21:02:28 +020071static double getCpuUse(long num_cpu)
Robert Swieckife274392016-09-06 15:36:05 +020072{
Robert Swieckic992a402016-09-07 15:44:39 +020073 static uint64_t prevIdleT = 0UL;
Robert Swieckife274392016-09-06 15:36:05 +020074
Jagger0593c662016-09-08 01:24:33 +020075 FILE *f = fopen("/proc/stat", "re");
Robert Swieckife274392016-09-06 15:36:05 +020076 if (f == NULL) {
Robert Swiecki76727f62016-09-06 17:11:23 +020077 return NAN;
Robert Swieckife274392016-09-06 15:36:05 +020078 }
79 defer {
80 fclose(f);
81 };
82 uint64_t userT, niceT, systemT, idleT;
Robert Swiecki76727f62016-09-06 17:11:23 +020083 if (fscanf
84 (f, "cpu %" PRIu64 "%" PRIu64 "%" PRIu64 "%" PRIu64, &userT, &niceT, &systemT,
85 &idleT) != 4) {
Robert Swieckife274392016-09-06 15:36:05 +020086 LOG_W("fscanf('/proc/stat') != 4");
Robert Swiecki76727f62016-09-06 17:11:23 +020087 return NAN;
Robert Swieckife274392016-09-06 15:36:05 +020088 }
89
Robert Swieckic992a402016-09-07 15:44:39 +020090 if (prevIdleT == 0UL) {
91 prevIdleT = idleT;
Robert Swiecki76727f62016-09-06 17:11:23 +020092 return NAN;
Robert Swieckife274392016-09-06 15:36:05 +020093 }
94
Jagger9d8822d2016-09-28 21:02:28 +020095 uint64_t cpuUse = (num_cpu * sysconf(_SC_CLK_TCK)) - (idleT - prevIdleT);
Robert Swieckic992a402016-09-07 15:44:39 +020096 prevIdleT = idleT;
97 return (double)cpuUse / sysconf(_SC_CLK_TCK) * 100;
Robert Swieckife274392016-09-06 15:36:05 +020098}
99
Robert Swiecki7353a8d2015-09-08 15:53:59 +0200100static void display_displayLocked(honggfuzz_t * hfuzz)
Jaggerbaa20ea2015-09-06 01:12:08 +0200101{
wifiadmin4aef9572016-05-15 11:02:07 +0800102 unsigned long elapsed_second = (unsigned long)(time(NULL) - hfuzz->timeStart);
Jagger286413c2016-05-15 14:58:24 +0200103 unsigned int day, hour, min, second;
104 char time_elapsed_str[64];
Jagger286413c2016-05-15 14:58:24 +0200105 if (elapsed_second < 24 * 3600) {
106 hour = elapsed_second / 3600;
107 min = (elapsed_second - 3600 * hour) / 60;
108 second = elapsed_second - hour * 3600 - min * 60;
Robert Swieckife274392016-09-06 15:36:05 +0200109 snprintf(time_elapsed_str, sizeof(time_elapsed_str), "%u hrs %u min %u sec", hour,
110 min, second);
Jagger286413c2016-05-15 14:58:24 +0200111 } else {
112 day = elapsed_second / 24 / 3600;
113 elapsed_second = elapsed_second - day * 24 * 3600;
114 hour = elapsed_second / 3600;
115 min = (elapsed_second - 3600 * hour) / 60;
116 second = elapsed_second - hour * 3600 - min * 60;
Robert Swieckife274392016-09-06 15:36:05 +0200117 snprintf(time_elapsed_str, sizeof(time_elapsed_str),
118 "%u days %u hrs %u min %u sec", day, hour, min, second);
wifiadmin4aef9572016-05-15 11:02:07 +0800119 }
Robert Swiecki81c6a0d2015-09-08 15:43:20 +0200120
Jaggerd34417d2016-03-16 01:26:54 +0100121 size_t curr_exec_cnt = ATOMIC_GET(hfuzz->mutationsCnt);
Robert Swiecki81c6a0d2015-09-08 15:43:20 +0200122 /*
123 * We increase the mutation counter unconditionally in threads, but if it's
124 * above hfuzz->mutationsMax we don't really execute the fuzzing loop.
125 * Therefore at the end of fuzzing, the mutation counter might be higher
126 * than hfuzz->mutationsMax
127 */
128 if (hfuzz->mutationsMax > 0 && curr_exec_cnt > hfuzz->mutationsMax) {
129 curr_exec_cnt = hfuzz->mutationsMax;
130 }
Robert Swiecki4eab0b52016-07-26 16:56:38 +0200131 float exeProgress = 0.0f;
132 if (hfuzz->mutationsMax > 0) {
133 exeProgress = ((float)curr_exec_cnt * 100 / hfuzz->mutationsMax);
134 }
135
Jaggerbaa20ea2015-09-06 01:12:08 +0200136 static size_t prev_exec_cnt = 0UL;
Jaggerbaa20ea2015-09-06 01:12:08 +0200137 uintptr_t exec_per_sec = curr_exec_cnt - prev_exec_cnt;
138 prev_exec_cnt = curr_exec_cnt;
Robert Swiecki0212d692016-08-30 16:45:33 +0200139 MX_SCOPED_LOCK(logMutexGet());
Jagger7acbf2e2015-09-06 20:02:32 +0200140 display_put("%s", ESC_CLEAR);
Jaggere7af11e2016-09-27 10:06:22 +0200141 display_put("----------------------------[ %s v%s ]---------------------------\n",
Jagger89aafd22016-09-15 02:05:26 +0200142 PROG_NAME, PROG_VERSION);
riuskskc222fe82016-09-10 20:46:57 +0800143 display_put(" Iterations : " ESC_BOLD "%" _HF_MONETARY_MOD "zu" ESC_RESET, curr_exec_cnt);
Jaggera7d893d2016-08-30 23:43:28 +0200144 display_printKMG(curr_exec_cnt);
Jaggerbaa20ea2015-09-06 01:12:08 +0200145 if (hfuzz->mutationsMax) {
Robert Swieckic992a402016-09-07 15:44:39 +0200146 display_put(" (out of: " ESC_BOLD "%zu" ESC_RESET " [" ESC_BOLD "%.2f" ESC_RESET
147 "%%])", hfuzz->mutationsMax, exeProgress);
Jaggerbaa20ea2015-09-06 01:12:08 +0200148 }
Robert Swieckie812ff52016-10-02 00:14:04 +0200149 switch (ATOMIC_GET(hfuzz->state)) {
150 case _HF_STATE_STATIC:
151 display_put("\n Phase : " ESC_BOLD "Static Main" ESC_RESET);
152 break;
153 case _HF_STATE_DYNAMIC_PRE:
154 display_put("\n Phase : " ESC_BOLD "Dynamic Pre" ESC_RESET);
155 break;
156 case _HF_STATE_DYNAMIC_MAIN:
157 display_put("\n Phase : " ESC_BOLD "Dynamic Main" ESC_RESET);
158 break;
159 default:
160 display_put("\n Phase : " ESC_BOLD "Unknown" ESC_RESET);
161 break;
162 }
163
Robert Swiecki81c6a0d2015-09-08 15:43:20 +0200164 char start_time_str[128];
165 util_getLocalTime("%F %T", start_time_str, sizeof(start_time_str), hfuzz->timeStart);
riuskskc222fe82016-09-10 20:46:57 +0800166 display_put("\n Run Time : " ESC_BOLD "%s" ESC_RESET " (since: " ESC_BOLD "%s" ESC_RESET
Robert Swieckife274392016-09-06 15:36:05 +0200167 ")\n", time_elapsed_str, start_time_str);
Robert Swieckie8f8e8d2016-10-03 23:51:32 +0200168 display_put(" Input Dir : '" ESC_BOLD "%s" ESC_RESET "'\n",
169 hfuzz->inputDir != NULL ? hfuzz->inputDir : "[NONE]");
riuskskc222fe82016-09-10 20:46:57 +0800170 display_put(" Fuzzed Cmd : '" ESC_BOLD "%s" ESC_RESET "'\n", hfuzz->cmdline_txt);
Jagger247c3b42016-03-21 23:24:05 +0100171 if (hfuzz->linux.pid > 0) {
Robert Swieckife274392016-09-06 15:36:05 +0200172 display_put("Remote cmd [" ESC_BOLD "%d" ESC_RESET "]: '" ESC_BOLD "%s" ESC_RESET
173 "'\n", hfuzz->linux.pid, hfuzz->linux.pidCmd);
Anestis Bechtsoudis7c88d7a2016-02-09 17:55:38 +0200174 }
Jaggerbaa20ea2015-09-06 01:12:08 +0200175
Jagger9d8822d2016-09-28 21:02:28 +0200176 static long num_cpu = 0;
177 if (num_cpu == 0) {
178 num_cpu = sysconf(_SC_NPROCESSORS_ONLN);
179 }
180 double cpuUse = getCpuUse(num_cpu);
riuskskc222fe82016-09-10 20:46:57 +0800181 display_put(" Fuzzing Threads : " ESC_BOLD "%zu" ESC_RESET ", CPUs: " ESC_BOLD "%ld" ESC_RESET
Jagger0593c662016-09-08 01:24:33 +0200182 ", CPU: " ESC_BOLD "%.1lf" ESC_RESET "%% (" ESC_BOLD "%.1lf" ESC_RESET "%%/CPU)\n",
Jagger9d8822d2016-09-28 21:02:28 +0200183 hfuzz->threadsMax, num_cpu, cpuUse, cpuUse / num_cpu);
Jaggerbaa20ea2015-09-06 01:12:08 +0200184
Jaggere7af11e2016-09-27 10:06:22 +0200185 display_put(" Speed (%s) : " ESC_BOLD "% " _HF_MONETARY_MOD "zu" ESC_RESET "/sec"
Robert Swieckife274392016-09-06 15:36:05 +0200186 " (avg: " ESC_BOLD "%" _HF_MONETARY_MOD "zu" ESC_RESET ")\n",
Jagger35f7cac2016-09-11 19:38:49 +0200187 hfuzz->persistent ? "Round" : "Execs", exec_per_sec,
Robert Swieckife274392016-09-06 15:36:05 +0200188 elapsed_second ? (curr_exec_cnt / elapsed_second) : 0);
Anestis Bechtsoudis46ea10e2015-11-07 18:16:25 +0200189 /* If dry run, print also the input file count */
Robert Swieckia96d78d2016-03-14 16:50:50 +0100190 if (hfuzz->origFlipRate == 0.0L && hfuzz->useVerifier) {
riuskskc222fe82016-09-10 20:46:57 +0800191 display_put(" Input Files : '" ESC_BOLD "%" _HF_MONETARY_MOD "zu" ESC_RESET "'\n",
Jagger55a54a02016-08-31 21:41:05 +0200192 hfuzz->fileCnt);
Anestis Bechtsoudis46ea10e2015-11-07 18:16:25 +0200193 }
Robert Swieckia71a4992016-09-02 14:47:55 +0200194
195 uint64_t crashesCnt = ATOMIC_GET(hfuzz->crashesCnt);
196 /* colored the crash count as red when exist crash */
riuskskc222fe82016-09-10 20:46:57 +0800197 display_put(" Crashes : " ESC_BOLD "%s" "%zu" ESC_RESET " (unique: %s" ESC_BOLD "%zu"
Robert Swieckife274392016-09-06 15:36:05 +0200198 ESC_RESET ", blacklist: " ESC_BOLD "%zu" ESC_RESET ", verified: "
199 ESC_BOLD "%zu" ESC_RESET ")\n", crashesCnt > 0 ? ESC_RED : "",
200 hfuzz->crashesCnt, crashesCnt > 0 ? ESC_RED : "",
201 ATOMIC_GET(hfuzz->uniqueCrashesCnt), ATOMIC_GET(hfuzz->blCrashesCnt),
202 ATOMIC_GET(hfuzz->verifiedCrashesCnt));
Jagger35f7cac2016-09-11 19:38:49 +0200203 display_put(" Timeouts : " ESC_BOLD "%" _HF_MONETARY_MOD "zu" ESC_RESET " [%"
204 _HF_MONETARY_MOD "zu sec.]\n", ATOMIC_GET(hfuzz->timeoutedCnt), hfuzz->tmOut);
Anestis Bechtsoudis02b99be2015-12-27 11:53:01 +0200205 /* Feedback data sources are enabled. Start with common headers. */
206 if (hfuzz->dynFileMethod != _HF_DYNFILE_NONE || hfuzz->useSanCov) {
Jaggerb2f07eb2016-09-26 02:24:41 +0200207 display_put(" Corpus size : " ESC_BOLD "%" _HF_MONETARY_MOD "zu" ESC_RESET
Jaggere7af11e2016-09-27 10:06:22 +0200208 ", max size (bytes): " ESC_BOLD "%" _HF_MONETARY_MOD "zu" ESC_RESET "\n",
Jaggerb2f07eb2016-09-26 02:24:41 +0200209 hfuzz->dynfileqCnt, hfuzz->maxFileSz);
Jagger35f7cac2016-09-11 19:38:49 +0200210 display_put(" Coverage :\n");
Jaggerbaa20ea2015-09-06 01:12:08 +0200211 }
Anestis Bechtsoudis02b99be2015-12-27 11:53:01 +0200212
213 /* HW perf specific counters */
Robert Swiecki53958402015-09-08 16:20:50 +0200214 if (hfuzz->dynFileMethod & _HF_DYNFILE_INSTR_COUNT) {
Jagger591c8552016-09-23 22:34:30 +0200215 display_put(" *** instructions: " ESC_BOLD "%" _HF_MONETARY_MOD PRIu64 ESC_RESET
Robert Swieckife274392016-09-06 15:36:05 +0200216 "\n", ATOMIC_GET(hfuzz->linux.hwCnts.cpuInstrCnt));
Robert Swiecki53958402015-09-08 16:20:50 +0200217 }
218 if (hfuzz->dynFileMethod & _HF_DYNFILE_BRANCH_COUNT) {
Jagger591c8552016-09-23 22:34:30 +0200219 display_put(" *** branches: " ESC_BOLD "%" _HF_MONETARY_MOD PRIu64 ESC_RESET
Robert Swieckife274392016-09-06 15:36:05 +0200220 "\n", ATOMIC_GET(hfuzz->linux.hwCnts.cpuBranchCnt));
Robert Swiecki53958402015-09-08 16:20:50 +0200221 }
Jagger3abc5602016-02-04 00:53:43 +0100222 if (hfuzz->dynFileMethod & _HF_DYNFILE_BTS_BLOCK) {
Jagger591c8552016-09-23 22:34:30 +0200223 display_put(" *** BTS blocks: " ESC_BOLD "%" _HF_MONETARY_MOD PRIu64 ESC_RESET
Robert Swieckife274392016-09-06 15:36:05 +0200224 "\n", ATOMIC_GET(hfuzz->linux.hwCnts.bbCnt));
Robert Swiecki53958402015-09-08 16:20:50 +0200225 }
Jagger3abc5602016-02-04 00:53:43 +0100226 if (hfuzz->dynFileMethod & _HF_DYNFILE_BTS_EDGE) {
Jagger591c8552016-09-23 22:34:30 +0200227 display_put(" *** BTS edges: " ESC_BOLD "%" _HF_MONETARY_MOD PRIu64 ESC_RESET
Robert Swieckife274392016-09-06 15:36:05 +0200228 "\n", ATOMIC_GET(hfuzz->linux.hwCnts.bbCnt));
Robert Swiecki53958402015-09-08 16:20:50 +0200229 }
Jaggera2addb62016-02-04 03:53:53 +0100230 if (hfuzz->dynFileMethod & _HF_DYNFILE_IPT_BLOCK) {
Jagger591c8552016-09-23 22:34:30 +0200231 display_put(" *** PT blocks: " ESC_BOLD "%" _HF_MONETARY_MOD PRIu64 ESC_RESET
Robert Swieckife274392016-09-06 15:36:05 +0200232 "\n", ATOMIC_GET(hfuzz->linux.hwCnts.bbCnt));
Jaggera2addb62016-02-04 03:53:53 +0100233 }
Robert Swiecki53958402015-09-08 16:20:50 +0200234 if (hfuzz->dynFileMethod & _HF_DYNFILE_CUSTOM) {
Jagger591c8552016-09-23 22:34:30 +0200235 display_put(" *** custom counter: " ESC_BOLD "%" _HF_MONETARY_MOD PRIu64 ESC_RESET
Robert Swieckife274392016-09-06 15:36:05 +0200236 "\n", ATOMIC_GET(hfuzz->linux.hwCnts.customCnt));
Robert Swiecki53958402015-09-08 16:20:50 +0200237 }
Robert Swiecki71b73722016-09-05 15:18:25 +0200238
Jaggerb01aaae2016-08-20 03:35:38 +0200239 if (hfuzz->dynFileMethod & _HF_DYNFILE_SOFT) {
Jagger34789a72016-09-08 00:36:09 +0200240 uint64_t softCntPc = ATOMIC_GET(hfuzz->linux.hwCnts.softCntPc);
241 uint64_t softCntCmp = ATOMIC_GET(hfuzz->linux.hwCnts.softCntCmp);
Jagger591c8552016-09-23 22:34:30 +0200242 display_put(" *** blocks seen: " ESC_BOLD "%" _HF_MONETARY_MOD PRIu64 ESC_RESET
Jagger34789a72016-09-08 00:36:09 +0200243 ", comparison map: " ESC_BOLD "%" _HF_MONETARY_MOD PRIu64 ESC_RESET "\n",
244 softCntPc, softCntCmp);
Jaggerb01aaae2016-08-20 03:35:38 +0200245 }
Anestis Bechtsoudis02b99be2015-12-27 11:53:01 +0200246
247 /* Sanitizer coverage specific counters */
Anestis Bechtsoudise83ec672015-12-26 20:28:28 +0200248 if (hfuzz->useSanCov) {
Jaggerd34417d2016-03-16 01:26:54 +0100249 uint64_t hitBB = ATOMIC_GET(hfuzz->sanCovCnts.hitBBCnt);
Jagger66e54602016-08-17 01:07:24 +0200250 uint64_t totalBB = ATOMIC_GET(hfuzz->sanCovCnts.totalBBCnt);
251 float covPer = totalBB ? (((float)hitBB * 100) / totalBB) : 0.0;
Jagger591c8552016-09-23 22:34:30 +0200252 display_put(" *** total hit #bb: " ESC_BOLD "%" _HF_MONETARY_MOD PRIu64 ESC_RESET
Robert Swieckic992a402016-09-07 15:44:39 +0200253 " (coverage " ESC_BOLD "%.2f" ESC_RESET "%%)\n", hitBB, covPer);
Jagger591c8552016-09-23 22:34:30 +0200254 display_put(" *** total #dso: " ESC_BOLD "%" _HF_MONETARY_MOD PRIu64 ESC_RESET
Jagger66e54602016-08-17 01:07:24 +0200255 " (instrumented only)\n", ATOMIC_GET(hfuzz->sanCovCnts.iDsoCnt));
Jagger591c8552016-09-23 22:34:30 +0200256 display_put(" *** discovered #bb: " ESC_BOLD "%" _HF_MONETARY_MOD PRIu64 ESC_RESET
Jagger66e54602016-08-17 01:07:24 +0200257 " (new from input seed)\n", ATOMIC_GET(hfuzz->sanCovCnts.newBBCnt));
Jagger591c8552016-09-23 22:34:30 +0200258 display_put(" *** crashes: " ESC_BOLD "%" _HF_MONETARY_MOD PRIu64 ESC_RESET
Robert Swieckife274392016-09-06 15:36:05 +0200259 "\n", ATOMIC_GET(hfuzz->sanCovCnts.crashesCnt));
Anestis Bechtsoudise83ec672015-12-26 20:28:28 +0200260 }
Jagger24e74362016-09-09 22:09:36 +0200261 display_put("-----------------------------------[ LOGS ]-----------------------------------\n");
Jaggerbaa20ea2015-09-06 01:12:08 +0200262}
Robert Swiecki7353a8d2015-09-08 15:53:59 +0200263
264extern void display_display(honggfuzz_t * hfuzz)
265{
Robert Swiecki7353a8d2015-09-08 15:53:59 +0200266 display_displayLocked(hfuzz);
Robert Swiecki7353a8d2015-09-08 15:53:59 +0200267}