From 894c11935f13121e7d29ec4391b74b35cef906a5 Mon Sep 17 00:00:00 2001 From: Alwin Berger Date: Wed, 30 Oct 2024 15:27:48 +0100 Subject: [PATCH] display stats --- fuzzers/FRET/src/systemstate/mutational.rs | 5 +++-- fuzzers/FRET/src/systemstate/report.rs | 18 ++++++++++++++++++ libafl/src/stages/mutational.rs | 7 +++++++ 3 files changed, 28 insertions(+), 2 deletions(-) diff --git a/fuzzers/FRET/src/systemstate/mutational.rs b/fuzzers/FRET/src/systemstate/mutational.rs index c08d0b97c6..ef47129d34 100644 --- a/fuzzers/FRET/src/systemstate/mutational.rs +++ b/fuzzers/FRET/src/systemstate/mutational.rs @@ -572,9 +572,10 @@ where if do_rerun { unsafe {num_snippet_rerun+=1;} let (_, corpus_idx) = fuzzer.evaluate_input(state, executor, manager, new_input)?; - if corpus_idx.is_some() { unsafe{num_snippet_success+=1; self.report_stats(state, manager);}} + if corpus_idx.is_some() { unsafe{num_snippet_success+=1};} - } else if {unsafe{num_snippet_stage_execs}} % 5 == 0 {self.report_stats(state, manager);} + } + self.report_stats(state, manager); Ok(()) } diff --git a/fuzzers/FRET/src/systemstate/report.rs b/fuzzers/FRET/src/systemstate/report.rs index fc639accce..20fef8b3a3 100644 --- a/fuzzers/FRET/src/systemstate/report.rs +++ b/fuzzers/FRET/src/systemstate/report.rs @@ -16,6 +16,10 @@ use libafl::{ use std::borrow::Cow; use serde_json::json; +use libafl::prelude::mutational::MUTATION_STAGE_ITER; +use libafl::prelude::mutational::MUTATION_STAGE_RETRY; +use libafl::prelude::mutational::MUTATION_STAGE_SUCCESS; + /// The [`AflStatsStage`] is a simple stage that computes and reports some stats. #[derive(Debug, Clone)] pub struct SchedulerStatsStage { @@ -118,6 +122,20 @@ where } } } + #[cfg(feature = "std")] + unsafe { + let _ = _manager.fire( + state, + Event::UpdateUserStats { + name: Cow::from("StdMutationalStage"), + value: UserStats::new( + UserStatsValue::String(Cow::from(format!("{} -> {}/{} {:.1}% ", MUTATION_STAGE_ITER, MUTATION_STAGE_SUCCESS, MUTATION_STAGE_RETRY, MUTATION_STAGE_SUCCESS as f32 * 100.0 / MUTATION_STAGE_RETRY as f32))), + AggregatorOps::None, + ), + phantom: PhantomData, + }, + ); + } } } diff --git a/libafl/src/stages/mutational.rs b/libafl/src/stages/mutational.rs index 31d07a2e68..3d45b7c287 100644 --- a/libafl/src/stages/mutational.rs +++ b/libafl/src/stages/mutational.rs @@ -73,6 +73,10 @@ where } } +pub static mut MUTATION_STAGE_ITER: usize = 0; +pub static mut MUTATION_STAGE_RETRY: usize = 0; +pub static mut MUTATION_STAGE_SUCCESS: usize = 0; + /// A Mutational stage is the stage in a fuzzing run that mutates inputs. /// Mutational stages will usually have a range of mutations that are /// being applied to the input one by one, between executions. @@ -106,6 +110,7 @@ where state: &mut Self::State, manager: &mut EM, ) -> Result<(), Error> { + unsafe {MUTATION_STAGE_ITER += 1;} start_timer!(state); // Here saturating_sub is needed as self.iterations() might be actually smaller than the previous value before reset. @@ -133,10 +138,12 @@ where if mutated == MutationResult::Skipped { continue; } + unsafe {MUTATION_STAGE_RETRY += 1;} // Time is measured directly the `evaluate_input` function let (untransformed, post) = input.try_transform_into(state)?; let (_, corpus_idx) = fuzzer.evaluate_input(state, executor, manager, untransformed)?; + if corpus_idx.is_some() { unsafe {MUTATION_STAGE_SUCCESS += 1;}} start_timer!(state); self.mutator_mut().post_exec(state, corpus_idx)?;