syz-manager: extend periodic messages

Add coverage and number of reproducing programs to the periodic messages. When all machines are busy reproducing crashes, it appears that syz-manager hanged as number of executed programs does not increase. Coverage is just a nice characteristic. Also print machine check message, it appears once and contains useful info.
2024-11-23 19:39:40 +00:00 · 2017-10-17 15:00:01 +02:00 · 2017-10-17 15:00:01 +02:00 · a1bdb604cc
commit a1bdb604cc
parent 038cff25e2
2 changed files with 30 additions and 23 deletions
--- a/docs/setup.md
+++ b/docs/setup.md
@ -20,10 +20,10 @@ $ ./bin/syz-manager -config=my.cfg
 2017/06/14 16:39:05 booting test machines...
 2017/06/14 16:39:05 wait for the connection from test machine...
 2017/06/14 16:39:59 received first connection from test machine vm-9
-2017/06/14 16:40:05 executed programs: 9, crashes: 0
-2017/06/14 16:40:15 executed programs: 13, crashes: 0
-2017/06/14 16:40:25 executed programs: 15042, crashes: 0
-2017/06/14 16:40:35 executed programs: 24391, crashes: 0
+2017/06/14 16:40:05 executed 293, cover 43260, crashes 0, repro 0
+2017/06/14 16:40:15 executed 5992, cover 88463, crashes 0, repro 0
+2017/06/14 16:40:25 executed 10959, cover 116991, crashes 0, repro 0
+2017/06/14 16:40:35 executed 15504, cover 132403, crashes 0, repro 0
 ```

 More information on the configuration file format is available [here](configuration.md).
--- a/syz-manager/manager.go
+++ b/syz-manager/manager.go
@ -57,6 +57,7 @@ type Manager struct {
 	vmChecked      bool
 	fresh          bool
 	numFuzzing     uint32
+	numReproducing uint32

 	dash *dashapi.Dashboard

@ -262,8 +263,12 @@ func RunManager(cfg *mgrconfig.Config, target *prog.Target, syscalls map[int]boo
 			mgr.fuzzingTime += diff * time.Duration(atomic.LoadUint32(&mgr.numFuzzing))
 			executed := mgr.stats["exec total"]
 			crashes := mgr.stats["crashes"]
+			signal := len(mgr.corpusSignal)
 			mgr.mu.Unlock()
-			Logf(0, "executed programs: %v, crashes: %v", executed, crashes)
+			numReproducing := atomic.LoadUint32(&mgr.numReproducing)
+
+			Logf(0, "executed %v, cover %v, crashes %v, repro %v",
+				executed, signal, crashes, numReproducing)
 		}
 	}()

@ -415,6 +420,7 @@ func (mgr *Manager) vmLoop() {
 				vmIndexes := append([]int{}, instances[len(instances)-instancesPerRepro:]...)
 				instances = instances[:len(instances)-instancesPerRepro]
 				reproInstances += instancesPerRepro
+				atomic.AddUint32(&mgr.numReproducing, 1)
 				Logf(1, "loop: starting repro of '%v' on instances %+v", crash.desc, vmIndexes)
 				go func() {
 					res, err := repro.Run(crash.log, mgr.cfg, mgr.vmPool, vmIndexes)
@ -459,6 +465,7 @@ func (mgr *Manager) vmLoop() {
 				}
 			}
 		case res := <-reproDone:
+			atomic.AddUint32(&mgr.numReproducing, ^uint32(0))
 			crepro := false
 			desc := ""
 			if res.res != nil {
@ -869,8 +876,8 @@ func (mgr *Manager) Check(a *CheckArgs, r *int) error {
 	if mgr.vmChecked {
 		return nil
 	}
-	Logf(1, "fuzzer %v vm check: %v calls enabled, kcov=%v, kleakcheck=%v, faultinjection=%v, compsenabled=%v",
-		a.Name, len(a.Calls), a.Kcov, a.Leak, a.Fault, a.CompsSupported)
+	Logf(0, "machine check: %v calls enabled, kcov=%v, kleakcheck=%v, faultinjection=%v, comps=%v",
+		len(a.Calls), a.Kcov, a.Leak, a.Fault, a.CompsSupported)
 	if len(a.Calls) == 0 {
 		Fatalf("no system calls enabled")
 	}