fuzz-utils icon indicating copy to clipboard operation
fuzz-utils copied to clipboard
verified publisher icon crytic

Real time coverage report chart

Open aviggiano opened this issue 1 year ago • 1 comments

Describe the desired feature

I would like to get a coverage report chart by parsing Echidna/Medusa logs

Example

echidna . --target CryticTester --config echidna.yaml | fuzz-utils --chart

image (Source)

or

medusa fuzz | fuzz-utils --chart

Also:

[I] ➜ cat /tmp/echidna.log
[2024-04-04 14:27:49.59] Compiling CryticTester.sol... Done! (0.799778s)
Analyzing contract: CryticTester.sol:CryticTester
[2024-04-04 14:27:53.46] Running slither on CryticTester.sol... Done! (0.939738s)
Loaded 0 transaction sequences from echidna/reproducers
Loaded 0 transaction sequences from echidna/coverage
[2024-04-04 14:27:54.41] [Worker 6] New maximum value of echidna_optimize_extracted_profit: 0
[2024-04-04 14:27:54.41] [Worker 2] New maximum value of echidna_optimize_extracted_profit: 0
[2024-04-04 14:27:54.41] [Worker 3] New maximum value of echidna_optimize_extracted_profit: 0
[2024-04-04 14:27:54.41] [Worker 7] New maximum value of echidna_optimize_extracted_profit: 0
[2024-04-04 14:27:54.41] [Worker 0] New maximum value of echidna_optimize_extracted_profit: 0
[2024-04-04 14:27:54.41] [Worker 4] New maximum value of echidna_optimize_extracted_profit: 0
[2024-04-04 14:27:54.41] [Worker 5] New maximum value of echidna_optimize_extracted_profit: 0
[2024-04-04 14:27:57.41] [status] tests: 0/1, fuzzing: 0/1000000, values: [0], cov: 2136, corpus: 0
[2024-04-04 14:28:00.41] [status] tests: 0/1, fuzzing: 0/1000000, values: [0], cov: 3053, corpus: 0
[2024-04-04 14:28:03.41] [status] tests: 0/1, fuzzing: 0/1000000, values: [0], cov: 3874, corpus: 0
[2024-04-04 14:28:06.41] [status] tests: 0/1, fuzzing: 0/1000000, values: [0], cov: 4086, corpus: 0
[2024-04-04 14:28:09.41] [status] tests: 0/1, fuzzing: 0/1000000, values: [0], cov: 4122, corpus: 0
[2024-04-04 14:28:12.47] [status] tests: 0/1, fuzzing: 0/1000000, values: [0], cov: 4682, corpus: 0
[2024-04-04 14:28:15.47] [status] tests: 0/1, fuzzing: 0/1000000, values: [0], cov: 5026, corpus: 0
[2024-04-04 14:28:18.86] [status] tests: 0/1, fuzzing: 0/1000000, values: [0], cov: 5542, corpus: 0
[2024-04-04 14:28:20.31] [Worker 7] New coverage: 5542 instr, 5 contracts, 1 seqs in corpus
[2024-04-04 14:28:20.63] [Worker 5] New coverage: 5542 instr, 5 contracts, 2 seqs in corpus
[2024-04-04 14:28:21.05] [Worker 2] New coverage: 5542 instr, 5 contracts, 3 seqs in corpus
[2024-04-04 14:28:21.86] [status] tests: 0/1, fuzzing: 303/1000000, values: [0], cov: 5542, corpus: 3

[I] ➜ tail -f /tmp/echidna.log | fuzz-utils --chart

aviggiano avatar Apr 04 '24 17:04 aviggiano

Uhm, I think that with our current infrastructure, it is hard to produce a plot like this that is not misleading. The reason is that we only keep track of the number of elements in the corpus, which is only somehow correlated with coverage. We need to have better logging of the PC reached, but perhaps at the expense of performance. We should be better prepared when this is merged.

gustavo-grieco avatar Aug 01 '24 14:08 gustavo-grieco