syz-manager: extend periodic messages

Add coverage and number of reproducing programs to the periodic messages.
When all machines are busy reproducing crashes, it appears that
syz-manager hanged as number of executed programs does not increase.
Coverage is just a nice characteristic.
Also print machine check message, it appears once and contains useful info.

docs/setup.md

@@ -20,10 +20,10 @@ $ ./bin/syz-manager -config=my.cfg
 2017/06/14 16:39:05 booting test machines...
 2017/06/14 16:39:05 wait for the connection from test machine...
 2017/06/14 16:39:59 received first connection from test machine vm-9
-2017/06/14 16:40:05 executed programs: 9, crashes: 0
+2017/06/14 16:40:05 executed 293, cover 43260, crashes 0, repro 0
-2017/06/14 16:40:15 executed programs: 13, crashes: 0
+2017/06/14 16:40:15 executed 5992, cover 88463, crashes 0, repro 0
-2017/06/14 16:40:25 executed programs: 15042, crashes: 0
+2017/06/14 16:40:25 executed 10959, cover 116991, crashes 0, repro 0
-2017/06/14 16:40:35 executed programs: 24391, crashes: 0
+2017/06/14 16:40:35 executed 15504, cover 132403, crashes 0, repro 0
 ```
 
 More information on the configuration file format is available [here](configuration.md).

syz-manager/manager.go

@@ -41,22 +41,23 @@ var (
 )
 
 type Manager struct {
-	cfg          *mgrconfig.Config
+	cfg            *mgrconfig.Config
-	vmPool       *vm.Pool
+	vmPool         *vm.Pool
-	target       *prog.Target
+	target         *prog.Target
-	crashdir     string
+	crashdir       string
-	port         int
+	port           int
-	corpusDB     *db.DB
+	corpusDB       *db.DB
-	startTime    time.Time
+	startTime      time.Time
-	firstConnect time.Time
+	firstConnect   time.Time
-	lastPrioCalc time.Time
+	lastPrioCalc   time.Time
-	fuzzingTime  time.Duration
+	fuzzingTime    time.Duration
-	stats        map[string]uint64
+	stats          map[string]uint64
-	crashTypes   map[string]bool
+	crashTypes     map[string]bool
-	vmStop       chan bool
+	vmStop         chan bool
-	vmChecked    bool
+	vmChecked      bool
-	fresh        bool
+	fresh          bool
-	numFuzzing   uint32
+	numFuzzing     uint32
+	numReproducing uint32
 
 	dash *dashapi.Dashboard
 
@@ -262,8 +263,12 @@ func RunManager(cfg *mgrconfig.Config, target *prog.Target, syscalls map[int]boo
 			mgr.fuzzingTime += diff * time.Duration(atomic.LoadUint32(&mgr.numFuzzing))
 			executed := mgr.stats["exec total"]
 			crashes := mgr.stats["crashes"]
+			signal := len(mgr.corpusSignal)
 			mgr.mu.Unlock()
-			Logf(0, "executed programs: %v, crashes: %v", executed, crashes)
+			numReproducing := atomic.LoadUint32(&mgr.numReproducing)
+
+			Logf(0, "executed %v, cover %v, crashes %v, repro %v",
+				executed, signal, crashes, numReproducing)
 		}
 	}()
 
@@ -415,6 +420,7 @@ func (mgr *Manager) vmLoop() {
 				vmIndexes := append([]int{}, instances[len(instances)-instancesPerRepro:]...)
 				instances = instances[:len(instances)-instancesPerRepro]
 				reproInstances += instancesPerRepro
+				atomic.AddUint32(&mgr.numReproducing, 1)
 				Logf(1, "loop: starting repro of '%v' on instances %+v", crash.desc, vmIndexes)
 				go func() {
 					res, err := repro.Run(crash.log, mgr.cfg, mgr.vmPool, vmIndexes)
@@ -459,6 +465,7 @@ func (mgr *Manager) vmLoop() {
 				}
 			}
 		case res := <-reproDone:
+			atomic.AddUint32(&mgr.numReproducing, ^uint32(0))
 			crepro := false
 			desc := ""
 			if res.res != nil {
@@ -869,8 +876,8 @@ func (mgr *Manager) Check(a *CheckArgs, r *int) error {
 	if mgr.vmChecked {
 		return nil
 	}
-	Logf(1, "fuzzer %v vm check: %v calls enabled, kcov=%v, kleakcheck=%v, faultinjection=%v, compsenabled=%v",
+	Logf(0, "machine check: %v calls enabled, kcov=%v, kleakcheck=%v, faultinjection=%v, comps=%v",
-		a.Name, len(a.Calls), a.Kcov, a.Leak, a.Fault, a.CompsSupported)
+		len(a.Calls), a.Kcov, a.Leak, a.Fault, a.CompsSupported)
 	if len(a.Calls) == 0 {
 		Fatalf("no system calls enabled")
 	}