Changeset 72649 in vbox
- Timestamp:
- Jun 22, 2018 7:40:23 AM (7 years ago)
- Location:
- trunk
- Files:
-
- 4 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/include/iprt/fuzz.h
r72571 r72649 297 297 298 298 299 /** 300 * Fuzzing observer statistics. 301 */ 302 typedef struct RTFUZZOBSSTATS 303 { 304 /** Number of fuzzed inputs per second. */ 305 uint32_t cFuzzedInputsPerSec; 306 /** Number of overall fuzzed inputs. */ 307 uint32_t cFuzzedInputs; 308 /** Number of observed hangs. */ 309 uint32_t cFuzzedInputsHang; 310 /** Number of observed crashes. */ 311 uint32_t cFuzzedInputsCrash; 312 } RTFUZZOBSSTATS; 313 /** Pointer to a fuzzing observer statistics record. */ 314 typedef RTFUZZOBSSTATS *PRTFUZZOBSSTATS; 299 315 300 316 /** … … 324 340 */ 325 341 RTDECL(int) RTFuzzObsQueryCtx(RTFUZZOBS hFuzzObs, PRTFUZZCTX phFuzzCtx); 342 343 /** 344 * Queries the current statistics for the given fuzzing observer. 345 * 346 * @returns IPRT status code. 347 * @param hFuzzObs The fuzzing observer handle. 348 * @param pStats Where to store the statistics to. 349 */ 350 RTDECL(int) RTFuzzObsQueryStats(RTFUZZOBS hFuzzObs, PRTFUZZOBSSTATS pStats); 326 351 327 352 /** -
trunk/include/iprt/mangling.h
r72571 r72649 1039 1039 # define RTFuzzObsExecStop RT_MANGLER(RTFuzzObsExecStop) 1040 1040 # define RTFuzzObsQueryCtx RT_MANGLER(RTFuzzObsQueryCtx) 1041 # define RTFuzzObsQueryStats RT_MANGLER(RTFuzzObsQueryStats) 1041 1042 # define RTFuzzObsSetResultDirectory RT_MANGLER(RTFuzzObsSetResultDirectory) 1042 1043 # define RTFuzzObsSetTestBinary RT_MANGLER(RTFuzzObsSetTestBinary) -
trunk/src/VBox/Runtime/common/fuzz/fuzz-observer.cpp
r72571 r72649 125 125 /** Pointer to the array of observer thread states. */ 126 126 PRTFUZZOBSTHRD paObsThreads; 127 /** Timestamp of the last stats query. */ 128 uint64_t tsLastStats; 129 /** Last number of fuzzed inputs per second if we didn't gather enough data in between 130 * statistic queries. */ 131 uint32_t cFuzzedInputsPerSecLast; 132 /** Fuzzing statistics. */ 133 RTFUZZOBSSTATS Stats; 127 134 } RTFUZZOBSINT; 128 135 … … 754 761 RTPROCSTATUS ProcSts; 755 762 rc = rtFuzzObsExecCtxClientRun(pThis, pExecCtx, &ProcSts); 763 ASMAtomicIncU32(&pThis->Stats.cFuzzedInputs); 764 ASMAtomicIncU32(&pThis->Stats.cFuzzedInputsPerSec); 765 756 766 if (RT_SUCCESS(rc)) 757 767 { 758 768 if (ProcSts.enmReason != RTPROCEXITREASON_NORMAL) 769 { 770 ASMAtomicIncU32(&pThis->Stats.cFuzzedInputsCrash); 759 771 rc = rtFuzzObsAddInputToResults(pThis, pObsThrd->hFuzzInput, pExecCtx); 772 } 760 773 } 761 774 else if (rc == VERR_TIMEOUT) 775 { 776 ASMAtomicIncU32(&pThis->Stats.cFuzzedInputsHang); 762 777 rc = rtFuzzObsAddInputToResults(pThis, pObsThrd->hFuzzInput, pExecCtx); 778 } 763 779 else 764 780 AssertFailed(); … … 939 955 pThis->cThreads = 0; 940 956 pThis->paObsThreads = NULL; 957 pThis->tsLastStats = RTTimeMilliTS(); 958 pThis->Stats.cFuzzedInputsPerSec = 0; 959 pThis->Stats.cFuzzedInputs = 0; 960 pThis->Stats.cFuzzedInputsHang = 0; 961 pThis->Stats.cFuzzedInputsCrash = 0; 941 962 rc = RTFuzzCtxCreate(&pThis->hFuzzCtx); 942 963 if (RT_SUCCESS(rc)) … … 995 1016 996 1017 1018 RTDECL(int) RTFuzzObsQueryStats(RTFUZZOBS hFuzzObs, PRTFUZZOBSSTATS pStats) 1019 { 1020 PRTFUZZOBSINT pThis = hFuzzObs; 1021 AssertPtrReturn(pThis, VERR_INVALID_HANDLE); 1022 AssertPtrReturn(pStats, VERR_INVALID_POINTER); 1023 1024 uint64_t tsStatsQuery = RTTimeMilliTS(); 1025 uint32_t cFuzzedInputsPerSec = ASMAtomicXchgU32(&pThis->Stats.cFuzzedInputsPerSec, 0); 1026 1027 pStats->cFuzzedInputsCrash = ASMAtomicReadU32(&pThis->Stats.cFuzzedInputsCrash); 1028 pStats->cFuzzedInputsHang = ASMAtomicReadU32(&pThis->Stats.cFuzzedInputsHang); 1029 pStats->cFuzzedInputs = ASMAtomicReadU32(&pThis->Stats.cFuzzedInputs); 1030 uint64_t cPeriodSec = (tsStatsQuery - pThis->tsLastStats) / 1000; 1031 if (cPeriodSec) 1032 { 1033 pStats->cFuzzedInputsPerSec = cFuzzedInputsPerSec / cPeriodSec; 1034 pThis->cFuzzedInputsPerSecLast = pStats->cFuzzedInputsPerSec; 1035 pThis->tsLastStats = tsStatsQuery; 1036 } 1037 else 1038 pStats->cFuzzedInputsPerSec = pThis->cFuzzedInputsPerSecLast; 1039 return VINF_SUCCESS; 1040 } 1041 1042 997 1043 RTDECL(int) RTFuzzObsSetTmpDirectory(RTFUZZOBS hFuzzObs, const char *pszTmp) 998 1044 { … … 1052 1098 char **ppszOwn = pThis->papszArgs; 1053 1099 const char * const *ppsz = papszArgs; 1054 while ( *ppsz != NULL 1055 && RT_SUCCESS(rc)) 1100 for (unsigned i = 0; i < cArgs; i++) 1056 1101 { 1057 *ppszOwn = RTStrDup(*ppsz);1058 if (RT_UNLIKELY(! *ppszOwn))1102 pThis->papszArgs[i] = RTStrDup(papszArgs[i]); 1103 if (RT_UNLIKELY(!pThis->papszArgs[i])) 1059 1104 { 1060 while ( ppszOwn > pThis->papszArgs)1105 while (i > 0) 1061 1106 { 1062 ppszOwn--;1063 RTStrFree( *ppszOwn);1107 i--; 1108 RTStrFree(pThis->papszArgs[i]); 1064 1109 } 1065 1110 break; 1066 1111 } 1067 1068 ppszOwn++;1069 ppsz++;1070 1112 } 1071 1113 -
trunk/src/VBox/Runtime/common/fuzz/fuzzmastercmd.cpp
r72578 r72649 91 91 /** Flag whether to shutdown. */ 92 92 bool fShutdown; 93 /** Flag whether to send a response along with the ACK. */ 94 bool fAckResponse; 95 /** The response message. */ 96 char aszResponse[_1K]; 93 97 } RTFUZZCMDMASTER; 94 98 /** Pointer to a fuzzing master command state. */ … … 813 817 static int rtFuzzCmdMasterProcessJsonReqQueryStats(PRTFUZZCMDMASTER pThis, RTJSONVAL hJsonRoot, PRTERRINFO pErrInfo) 814 818 { 815 RT_NOREF(pThis, hJsonRoot, pErrInfo); 816 return VERR_NOT_IMPLEMENTED; 819 PRTFUZZRUN pFuzzRun; 820 int rc = rtFuzzCmdMasterQueryFuzzRunFromJson(pThis, hJsonRoot, "Id", pErrInfo, &pFuzzRun); 821 if (RT_SUCCESS(rc)) 822 { 823 RTFUZZOBSSTATS Stats; 824 rc = RTFuzzObsQueryStats(pFuzzRun->hFuzzObs, &Stats); 825 if (RT_SUCCESS(rc)) 826 { 827 const char s_szStats[] = "{ \"FuzzedInputsPerSec\": %u\n" 828 " \"FuzzedInputs\": %u\n" 829 " \"FuzzedInputsHang\": %u\n" 830 " \"FuzzedInputsCrash\": %u\n}"; 831 ssize_t cch = RTStrPrintf2(&pThis->aszResponse[0], sizeof(pThis->aszResponse), s_szStats, Stats.cFuzzedInputsPerSec, 832 Stats.cFuzzedInputs, Stats.cFuzzedInputsHang, Stats.cFuzzedInputsCrash); 833 if (cch > 0) 834 pThis->fAckResponse = true; 835 else 836 rc = rtFuzzCmdMasterErrorRc(pErrInfo, VERR_BUFFER_OVERFLOW, "Request error: Response data buffer overflow", rc); 837 } 838 else 839 rc = rtFuzzCmdMasterErrorRc(pErrInfo, rc, "Request error: Failed to query fuzzing statistics with %Rrc", rc); 840 } 841 842 return rc; 817 843 } 818 844 … … 902 928 * @returns nothing. 903 929 * @param hSocket The socket handle to send the ACK to. 904 */ 905 static void rtFuzzCmdMasterTcpSendAck(RTSOCKET hSocket) 930 * @param pszResponse Additional response data. 931 */ 932 static void rtFuzzCmdMasterTcpSendAck(RTSOCKET hSocket, const char *pszResponse) 906 933 { 907 934 const char s_szSucc[] = "{ \"Status\": \"ACK\" }\n"; 908 RTTcpWrite(hSocket, s_szSucc, sizeof(s_szSucc)); 935 const char s_szSuccResp[] = "{ \"Status\": \"ACK\"\n \"Response\":\n %s\n }\n"; 936 if (pszResponse) 937 { 938 char szTmp[_1K]; 939 ssize_t cchResp = RTStrPrintf2(szTmp, sizeof(szTmp), s_szSuccResp, pszResponse); 940 if (cchResp > 0) 941 RTTcpWrite(hSocket, szTmp, cchResp); 942 else 943 RTTcpWrite(hSocket, s_szSucc, strlen(s_szSucc)); 944 } 945 else 946 RTTcpWrite(hSocket, s_szSucc, sizeof(s_szSucc)); 909 947 } 910 948 … … 924 962 if (pErrInfo) 925 963 { 926 char szTmp[ 1024];964 char szTmp[_1K]; 927 965 ssize_t cchResp = RTStrPrintf2(szTmp, sizeof(szTmp), s_szFailInfo, pErrInfo->pszMsg); 928 966 if (cchResp > 0) … … 973 1011 RTErrInfoInitStatic(&ErrInfo); 974 1012 1013 pThis->fAckResponse = false; 1014 RT_ZERO(pThis->aszResponse); 975 1015 rc = RTJsonParseFromBuf(&hJsonReq, pbReq, cbReq, &ErrInfo.Core); 976 1016 if (RT_SUCCESS(rc)) … … 978 1018 rc = rtFuzzCmdMasterProcessJsonReq(pThis, hJsonReq, &ErrInfo.Core); 979 1019 if (RT_SUCCESS(rc)) 980 rtFuzzCmdMasterTcpSendAck(hSocket );1020 rtFuzzCmdMasterTcpSendAck(hSocket, pThis->fAckResponse ? pThis->aszResponse : NULL); 981 1021 else 982 1022 rtFuzzCmdMasterTcpSendNAck(hSocket, &ErrInfo.Core);
Note:
See TracChangeset
for help on using the changeset viewer.