| 1 | The following changes since commit 64175afc695c0672876fbbfc31b299c86d562cb4: | 1 | The following changes since commit 27c94566379069fb8930bb1433dcffbf7df3203d: |
|---|---|---|---|
| 2 | 2 | ||
| 3 | arm_gicv3: Fix ICC_BPR1 reset value when EL3 not implemented (2017-06-07 17:21:44 +0100) | 3 | Merge remote-tracking branch 'remotes/edgar/tags/edgar/xilinx-next-2020-04-30.for-upstream' into staging (2020-04-30 16:47:23 +0100) |
| 4 | 4 | ||
| 5 | are available in the git repository at: | 5 | are available in the Git repository at: |
| 6 | 6 | ||
| 7 | git://github.com/codyprime/qemu-kvm-jtc.git tags/block-pull-request | 7 | https://github.com/stefanha/qemu.git tags/block-pull-request |
| 8 | 8 | ||
| 9 | for you to fetch changes up to 56faeb9bb6872b3f926b3b3e0452a70beea10af2: | 9 | for you to fetch changes up to cc1adc4488059ac16d4d2772a7aa7cd1323deeca: |
| 10 | 10 | ||
| 11 | block/gluster.c: Handle qdict_array_entries() failure (2017-06-09 08:41:29 -0400) | 11 | lockable: Replace locks with lock guard macros (2020-05-01 09:19:25 +0100) |
| 12 | 12 | ||
| 13 | ---------------------------------------------------------------- | 13 | ---------------------------------------------------------------- |
| 14 | Gluster patch | 14 | Pull request |
| 15 | |||
| 16 | Fix the QEMU_LOCK_GUARD() macros, use them more widely, and allow fuzzer | ||
| 17 | targets to be invoked depending on argv[0]. | ||
| 18 | |||
| 15 | ---------------------------------------------------------------- | 19 | ---------------------------------------------------------------- |
| 16 | 20 | ||
| 17 | Peter Maydell (1): | 21 | Alexander Bulekov (1): |
| 18 | block/gluster.c: Handle qdict_array_entries() failure | 22 | fuzz: select fuzz target using executable name |
| 19 | 23 | ||
| 20 | block/gluster.c | 3 +-- | 24 | Daniel Brodsky (2): |
| 21 | 1 file changed, 1 insertion(+), 2 deletions(-) | 25 | lockable: fix __COUNTER__ macro to be referenced properly |
| 26 | lockable: replaced locks with lock guard macros where appropriate | ||
| 27 | |||
| 28 | Simran Singhal (1): | ||
| 29 | lockable: Replace locks with lock guard macros | ||
| 30 | |||
| 31 | include/qemu/lockable.h | 7 +++--- | ||
| 32 | include/qemu/rcu.h | 2 +- | ||
| 33 | block/iscsi.c | 7 ++---- | ||
| 34 | block/nfs.c | 51 +++++++++++++++++++---------------------- | ||
| 35 | cpus-common.c | 14 ++++------- | ||
| 36 | hw/display/qxl.c | 43 ++++++++++++++++------------------ | ||
| 37 | hw/hyperv/hyperv.c | 15 ++++++------ | ||
| 38 | hw/rdma/rdma_backend.c | 50 ++++++++++++++++++++-------------------- | ||
| 39 | hw/rdma/rdma_rm.c | 3 +-- | ||
| 40 | hw/vfio/platform.c | 5 ++-- | ||
| 41 | migration/migration.c | 3 +-- | ||
| 42 | migration/multifd.c | 8 +++---- | ||
| 43 | migration/ram.c | 3 +-- | ||
| 44 | monitor/misc.c | 4 +--- | ||
| 45 | tests/qtest/fuzz/fuzz.c | 19 ++++++++------- | ||
| 46 | ui/spice-display.c | 14 +++++------ | ||
| 47 | util/log.c | 4 ++-- | ||
| 48 | util/qemu-timer.c | 17 +++++++------- | ||
| 49 | util/rcu.c | 8 +++---- | ||
| 50 | util/thread-pool.c | 3 +-- | ||
| 51 | util/vfio-helpers.c | 5 ++-- | ||
| 52 | slirp | 2 +- | ||
| 53 | 22 files changed, 133 insertions(+), 154 deletions(-) | ||
| 22 | 54 | ||
| 23 | -- | 55 | -- |
| 24 | 2.9.3 | 56 | 2.25.3 |
| 25 | 57 | ||
| 26 | diff view generated by jsdifflib |
| 1 | From: Peter Maydell <peter.maydell@linaro.org> | 1 | From: Alexander Bulekov <alxndr@bu.edu> |
|---|---|---|---|
| 2 | 2 | ||
| 3 | In qemu_gluster_parse_json(), the call to qdict_array_entries() | 3 | The fuzzers are built into a binary (e.g. qemu-fuzz-i386). To select the |
| 4 | could return a negative error code, which we were ignoring | 4 | device to fuzz/fuzz target, we usually use the --fuzz-target= argument. |
| 5 | because we assigned the result to an unsigned variable. | 5 | This commit allows the fuzz-target to be specified using the name of the |
| 6 | Fix this by using the 'int' type instead, which matches the | 6 | executable. If the executable name ends with -target-FUZZ_TARGET, then |
| 7 | return type of qdict_array_entries() and also the type | 7 | we select the fuzz target based on this name, rather than the |
| 8 | we use for the loop enumeration variable 'i'. | 8 | --fuzz-target argument. This is useful for systems such as oss-fuzz |
| 9 | where we don't have control of the arguments passed to the fuzzer. | ||
| 9 | 10 | ||
| 10 | (Spotted by Coverity, CID 1360960.) | 11 | [Fixed incorrect indentation. |
| 12 | --Stefan] | ||
| 11 | 13 | ||
| 12 | Signed-off-by: Peter Maydell <peter.maydell@linaro.org> | 14 | Signed-off-by: Alexander Bulekov <alxndr@bu.edu> |
| 13 | Reviewed-by: Eric Blake <eblake@redhat.com> | 15 | Reviewed-by: Darren Kenny <darren.kenny@oracle.com> |
| 14 | Reviewed-by: Jeff Cody <jcody@redhat.com> | 16 | Message-id: 20200421182230.6313-1-alxndr@bu.edu |
| 15 | Message-id: 1496682098-1540-1-git-send-email-peter.maydell@linaro.org | 17 | Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> |
| 16 | Signed-off-by: Jeff Cody <jcody@redhat.com> | ||
| 17 | --- | 18 | --- |
| 18 | block/gluster.c | 3 +-- | 19 | tests/qtest/fuzz/fuzz.c | 19 +++++++++++-------- |
| 19 | 1 file changed, 1 insertion(+), 2 deletions(-) | 20 | slirp | 2 +- |
| 21 | 2 files changed, 12 insertions(+), 9 deletions(-) | ||
| 20 | 22 | ||
| 21 | diff --git a/block/gluster.c b/block/gluster.c | 23 | diff --git a/tests/qtest/fuzz/fuzz.c b/tests/qtest/fuzz/fuzz.c |
| 22 | index XXXXXXX..XXXXXXX 100644 | 24 | index XXXXXXX..XXXXXXX 100644 |
| 23 | --- a/block/gluster.c | 25 | --- a/tests/qtest/fuzz/fuzz.c |
| 24 | +++ b/block/gluster.c | 26 | +++ b/tests/qtest/fuzz/fuzz.c |
| 25 | @@ -XXX,XX +XXX,XX @@ static int qemu_gluster_parse_json(BlockdevOptionsGluster *gconf, | 27 | @@ -XXX,XX +XXX,XX @@ static void usage(char *path) |
| 26 | Error *local_err = NULL; | 28 | printf(" * %s : %s\n", tmp->target->name, |
| 27 | char *str = NULL; | 29 | tmp->target->description); |
| 28 | const char *ptr; | 30 | } |
| 29 | - size_t num_servers; | 31 | + printf("Alternatively, add -target-FUZZ_TARGET to the executable name\n"); |
| 30 | - int i, type; | 32 | exit(0); |
| 31 | + int i, type, num_servers; | 33 | } |
| 32 | 34 | ||
| 33 | /* create opts info from runtime_json_opts list */ | 35 | @@ -XXX,XX +XXX,XX @@ int LLVMFuzzerInitialize(int *argc, char ***argv, char ***envp) |
| 34 | opts = qemu_opts_create(&runtime_json_opts, NULL, 0, &error_abort); | 36 | module_call_init(MODULE_INIT_QOM); |
| 37 | module_call_init(MODULE_INIT_LIBQOS); | ||
| 38 | |||
| 39 | - if (*argc <= 1) { | ||
| 40 | + target_name = strstr(**argv, "-target-"); | ||
| 41 | + if (target_name) { /* The binary name specifies the target */ | ||
| 42 | + target_name += strlen("-target-"); | ||
| 43 | + } else if (*argc > 1) { /* The target is specified as an argument */ | ||
| 44 | + target_name = (*argv)[1]; | ||
| 45 | + if (!strstr(target_name, "--fuzz-target=")) { | ||
| 46 | + usage(**argv); | ||
| 47 | + } | ||
| 48 | + target_name += strlen("--fuzz-target="); | ||
| 49 | + } else { | ||
| 50 | usage(**argv); | ||
| 51 | } | ||
| 52 | |||
| 53 | /* Identify the fuzz target */ | ||
| 54 | - target_name = (*argv)[1]; | ||
| 55 | - if (!strstr(target_name, "--fuzz-target=")) { | ||
| 56 | - usage(**argv); | ||
| 57 | - } | ||
| 58 | - | ||
| 59 | - target_name += strlen("--fuzz-target="); | ||
| 60 | - | ||
| 61 | fuzz_target = fuzz_get_target(target_name); | ||
| 62 | if (!fuzz_target) { | ||
| 63 | usage(**argv); | ||
| 64 | diff --git a/slirp b/slirp | ||
| 65 | index XXXXXXX..XXXXXXX 160000 | ||
| 66 | --- a/slirp | ||
| 67 | +++ b/slirp | ||
| 68 | @@ -1 +1 @@ | ||
| 69 | -Subproject commit 2faae0f778f818fadc873308f983289df697eb93 | ||
| 70 | +Subproject commit 55ab21c9a36852915b81f1b41ebaf3b6509dd8ba | ||
| 35 | -- | 71 | -- |
| 36 | 2.9.3 | 72 | 2.25.3 |
| 37 | 73 | ||
| 38 | diff view generated by jsdifflib |