From nobody Sat Nov 15 14:09:05 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1595319132; cv=none; d=zohomail.com; s=zohoarc; b=DR6UcQcD2jLzBkiaCrGuLMafRVpJoQgANd1HlIw+VfOfLK7AQNt5zexAL44M22SPSTNRWsxcZZuHucic1Rqb+mItFdp/okqU44UxsfrpP2OJOa6bAkEtkacCVNa9c6VAiLpm088cnIH+grPRGZpXsJcuClup5RbJbAyJ7423cnc= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1595319132; h=Content-Type:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:Message-ID:References:Sender:Subject:To; bh=Mu18WrCCRIITXojXrMpQguDqsuSDeYwHxmbdTzzant8=; b=GZnLBi1p+WbLz0pSnMuw4jf9ClDheolwwlSWa8SydvuCIEZS3sGo8lBZfoJoW4i0UtHsJwbfCSIvQe8C5r6m6rrz/07aYXHllQ+znybxRCfcPuA9a66LcS9QrViQDnUMyOdDuqG0jDrWBn9Rex+H9Q+4XW5lHA8ttM8hAxjWy+E= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1595319132587988.3155568947303; Tue, 21 Jul 2020 01:12:12 -0700 (PDT) Received: from localhost ([::1]:39738 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jxnNj-0000mO-DQ for importer@patchew.org; Tue, 21 Jul 2020 04:12:11 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:34504) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jxnMh-0007Ur-D7 for qemu-devel@nongnu.org; Tue, 21 Jul 2020 04:11:07 -0400 Received: from us-smtp-2.mimecast.com ([207.211.31.81]:21907 helo=us-smtp-delivery-1.mimecast.com) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.90_1) (envelope-from ) id 1jxnMf-0004Ju-Qz for qemu-devel@nongnu.org; Tue, 21 Jul 2020 04:11:07 -0400 Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-173-yHa5DyuTPEqmuHCrVgkjZg-1; Tue, 21 Jul 2020 04:11:00 -0400 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id D15C8107ACCA; Tue, 21 Jul 2020 08:10:59 +0000 (UTC) Received: from thuth.com (ovpn-112-102.ams2.redhat.com [10.36.112.102]) by smtp.corp.redhat.com (Postfix) with ESMTP id DE9573C67; Tue, 21 Jul 2020 08:10:58 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1595319065; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:content-type:content-type:in-reply-to:in-reply-to: references:references; bh=Mu18WrCCRIITXojXrMpQguDqsuSDeYwHxmbdTzzant8=; b=LkdNu1X6bSwHPWdrzx1T9k5A0spV00MPyMVNER5LBc2jc6LspqLEr0t2WXhJ4gup8fo/xC u2nk2XdER965UdlPbuwOLPtT9u+Fo77LFref5ByX6nXc2zioTiZ0wxi5w/df6ebDvEoNis JGQ4rliAGPsMuecBdOwmZBpq+6nJdFQ= X-MC-Unique: yHa5DyuTPEqmuHCrVgkjZg-1 From: Thomas Huth To: peter.maydell@linaro.org, qemu-devel@nongnu.org Subject: [PULL 01/10] scripts/oss-fuzz: Limit target list to i386-softmmu Date: Tue, 21 Jul 2020 10:10:46 +0200 Message-Id: <20200721081055.14073-2-thuth@redhat.com> In-Reply-To: <20200721081055.14073-1-thuth@redhat.com> References: <20200721081055.14073-1-thuth@redhat.com> X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=207.211.31.81; envelope-from=thuth@redhat.com; helo=us-smtp-delivery-1.mimecast.com X-detected-operating-system: by eggs.gnu.org: First seen = 2020/07/21 03:39:19 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Spam_score_int: -30 X-Spam_score: -3.1 X-Spam_bar: --- X-Spam_report: (-3.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-1, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" The build.sh script only copies qemu-fuzz-i386 to the destination folder, so we can speed up the compilation step quite a bit by not compiling the other targets here. Signed-off-by: Thomas Huth --- scripts/oss-fuzz/build.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/oss-fuzz/build.sh b/scripts/oss-fuzz/build.sh index f5cee3d67e..a07b3022e8 100755 --- a/scripts/oss-fuzz/build.sh +++ b/scripts/oss-fuzz/build.sh @@ -68,7 +68,7 @@ mkdir -p "$DEST_DIR/lib/" # Copy the shared libraries he= re =20 # Build once to get the list of dynamic lib paths, and copy them over ../configure --disable-werror --cc=3D"$CC" --cxx=3D"$CXX" \ - --extra-cflags=3D"$EXTRA_CFLAGS" + --extra-cflags=3D"$EXTRA_CFLAGS" --target-list=3D"i386-softmmu" =20 if ! make CONFIG_FUZZ=3Dy CFLAGS=3D"$LIB_FUZZING_ENGINE" "-j$(nproc)" \ i386-softmmu/fuzz; then --=20 2.18.1 From nobody Sat Nov 15 14:09:05 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1595319241; cv=none; d=zohomail.com; s=zohoarc; b=K6DtqIkdlZcnfJnq4jpvlGFLkITbh0WOGMqz/iFae3pU7qK2YUC3f7EluGp65lDkd98nqKjt7vlLMveNtvqSbKTY9vmrJYFABj+F3EX9JXKmqEJ9/W4pmW4+JPbA0uelGY7v0cQV2JO8xPVnxd81hVBbQZz1tROMjkbQC9NH67I= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1595319241; h=Content-Type:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:Message-ID:References:Sender:Subject:To; bh=ksI6DxVRb9WUjZEjZRxkO2/ukg0emKrzyQcSJLbaae8=; b=E9ogzhE8hU3+JUsitdsAtJxQH47iL142ycc6FAdQX3Hw8YpSgpd1uWmHuxr3HfZoyU3LKpbzgIysN5PAzZEtfsXdPIMW1NokxlOUxVMqosuxLeMsqeskQe8NqUgmzgbHRv8n2F2Ju/zAkmSOPO9JoQAJlhD6v+ch/r917aDzSMU= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1595319241700348.6623944287725; Tue, 21 Jul 2020 01:14:01 -0700 (PDT) Received: from localhost ([::1]:47710 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jxnPU-00043O-FZ for importer@patchew.org; Tue, 21 Jul 2020 04:14:00 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:34528) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jxnMj-0007X9-6u for qemu-devel@nongnu.org; Tue, 21 Jul 2020 04:11:09 -0400 Received: from us-smtp-delivery-1.mimecast.com ([205.139.110.120]:20448 helo=us-smtp-1.mimecast.com) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.90_1) (envelope-from ) id 1jxnMh-0004K5-HB for qemu-devel@nongnu.org; Tue, 21 Jul 2020 04:11:08 -0400 Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-324-YtDQPfhCMTSOsqtM3wrqKQ-1; Tue, 21 Jul 2020 04:11:02 -0400 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 46A6D91270; Tue, 21 Jul 2020 08:11:01 +0000 (UTC) Received: from thuth.com (ovpn-112-102.ams2.redhat.com [10.36.112.102]) by smtp.corp.redhat.com (Postfix) with ESMTP id 3B0F82DE72; Tue, 21 Jul 2020 08:11:00 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1595319066; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:content-type:content-type:in-reply-to:in-reply-to: references:references; bh=ksI6DxVRb9WUjZEjZRxkO2/ukg0emKrzyQcSJLbaae8=; b=VwjbP6nSUJ5z8tfwIQC0z2zbJZRZqVr/Ga9bkMwUxgsOS/cBfTRvoG+xq/8ZEBJZtJrZ6n nvyKdZIwB7rbkz2rkA+XLxsJPy5CJy1WAh9+2lP73YHPXaJFN9zrXcwm/M9PRgqwTT6z6O eb5Az/c908yMRSM+n8lGsxFJiHQdMxg= X-MC-Unique: YtDQPfhCMTSOsqtM3wrqKQ-1 From: Thomas Huth To: peter.maydell@linaro.org, qemu-devel@nongnu.org Subject: [PULL 02/10] fuzz: Fix leak when assembling datadir path string Date: Tue, 21 Jul 2020 10:10:47 +0200 Message-Id: <20200721081055.14073-3-thuth@redhat.com> In-Reply-To: <20200721081055.14073-1-thuth@redhat.com> References: <20200721081055.14073-1-thuth@redhat.com> X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=205.139.110.120; envelope-from=thuth@redhat.com; helo=us-smtp-1.mimecast.com X-detected-operating-system: by eggs.gnu.org: First seen = 2020/07/21 01:30:29 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Spam_score_int: -40 X-Spam_score: -4.1 X-Spam_bar: ---- X-Spam_report: (-4.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-1, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Alexander Bulekov Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" From: Alexander Bulekov We freed the string containing the final datadir path, but did not free the path to the executable's directory that we get from g_path_get_dirname(). Fix that. Reported-by: Thomas Huth Signed-off-by: Alexander Bulekov Message-Id: <20200717163523.1591-1-alxndr@bu.edu> Signed-off-by: Thomas Huth --- tests/qtest/fuzz/fuzz.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/tests/qtest/fuzz/fuzz.c b/tests/qtest/fuzz/fuzz.c index 6bc17ef313..031594a686 100644 --- a/tests/qtest/fuzz/fuzz.c +++ b/tests/qtest/fuzz/fuzz.c @@ -143,7 +143,7 @@ int LLVMFuzzerInitialize(int *argc, char ***argv, char = ***envp) { =20 char *target_name; - char *dir; + char *bindir, *datadir; bool serialize =3D false; =20 /* Initialize qgraph and modules */ @@ -164,11 +164,13 @@ int LLVMFuzzerInitialize(int *argc, char ***argv, cha= r ***envp) * location of the executable. Using this we add exec_dir/pc-bios = to * the datadirs. */ - dir =3D g_build_filename(g_path_get_dirname(**argv), "pc-bios", NU= LL); - if (g_file_test(dir, G_FILE_TEST_IS_DIR)) { - qemu_add_data_dir(dir); + bindir =3D g_path_get_dirname(**argv); + datadir =3D g_build_filename(bindir, "pc-bios", NULL); + g_free(bindir); + if (g_file_test(datadir, G_FILE_TEST_IS_DIR)) { + qemu_add_data_dir(datadir); } - g_free(dir); + g_free(datadir); } else if (*argc > 1) { /* The target is specified as an argument */ target_name =3D (*argv)[1]; if (!strstr(target_name, "--fuzz-target=3D")) { --=20 2.18.1 From nobody Sat Nov 15 14:09:05 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1595319137; cv=none; d=zohomail.com; s=zohoarc; b=hSkYYkq6n7BVWZPouTC/b8kXQRdeVVbxpFQIx7dzwz1HGWwzygSAnF5oekXcJRMktvMhhhUXAPcN8BgxLSCTXdKPbtv9enwp+cKaZy6SaG5KsFIOtwxhcU80WSELaZqJI8Qz/mto8dP4xnpvgLK7zcxmly2u1fa7j4jeEj9budQ= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1595319137; h=Content-Type:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:Message-ID:References:Sender:Subject:To; bh=k45Qt3os4wd7ourRNG8YTcJpHm84McI5FBzK0pB4Mys=; b=IQR/z4/bqhGJyRmc/DtxAih9FAsTwWNQHt49eEiWsaNoo397O+1D4XMUdbKQao5qLyMzS+cBmmHzwrssueM8DNpWEBAafLN4jFl52yYczukGWCbndb8RTfOOytbUUZ2+scdHLgpAOEe8ws5P2BB9ClnoLZJjTMFsRwiPYleI7s8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1595319137277667.0605198789831; Tue, 21 Jul 2020 01:12:17 -0700 (PDT) Received: from localhost ([::1]:39966 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jxnNn-0000rq-TO for importer@patchew.org; Tue, 21 Jul 2020 04:12:15 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:34534) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jxnMj-0007YI-JV for qemu-devel@nongnu.org; Tue, 21 Jul 2020 04:11:09 -0400 Received: from us-smtp-2.mimecast.com ([205.139.110.61]:46933 helo=us-smtp-delivery-1.mimecast.com) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.90_1) (envelope-from ) id 1jxnMh-0004KA-Rw for qemu-devel@nongnu.org; Tue, 21 Jul 2020 04:11:09 -0400 Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-276-Pq3NX5nSMSOKimGY44_EDQ-1; Tue, 21 Jul 2020 04:11:03 -0400 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id B1B34102C7F1; Tue, 21 Jul 2020 08:11:02 +0000 (UTC) Received: from thuth.com (ovpn-112-102.ams2.redhat.com [10.36.112.102]) by smtp.corp.redhat.com (Postfix) with ESMTP id A511F2DE68; Tue, 21 Jul 2020 08:11:01 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1595319067; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:content-type:content-type:in-reply-to:in-reply-to: references:references; bh=k45Qt3os4wd7ourRNG8YTcJpHm84McI5FBzK0pB4Mys=; b=Ynp3A/DLyF1LWPzm3A2XI+LeIWv8fVk9jCppNJorOYgozlVxRnrGG9MeSWjat3nEmWQp/m /UqhC8/cUD4P5yPVR4fqctYmvRxL74e2uVQrJwnjlZyJYRGhNB/n7HZFHm1OtDeO9TqRQ+ dHoizcEwSJCt4ICtnPZ95ma9UgqnZsg= X-MC-Unique: Pq3NX5nSMSOKimGY44_EDQ-1 From: Thomas Huth To: peter.maydell@linaro.org, qemu-devel@nongnu.org Subject: [PULL 03/10] gitlab-ci.yml: Add oss-fuzz build tests Date: Tue, 21 Jul 2020 10:10:48 +0200 Message-Id: <20200721081055.14073-4-thuth@redhat.com> In-Reply-To: <20200721081055.14073-1-thuth@redhat.com> References: <20200721081055.14073-1-thuth@redhat.com> X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=205.139.110.61; envelope-from=thuth@redhat.com; helo=us-smtp-delivery-1.mimecast.com X-detected-operating-system: by eggs.gnu.org: First seen = 2020/07/21 01:26:46 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Spam_score_int: -40 X-Spam_score: -4.1 X-Spam_bar: ---- X-Spam_report: (-4.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-1, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Alexander Bulekov Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" From: Alexander Bulekov This tries to build and run the fuzzers with the same build-script used by oss-fuzz. This doesn't guarantee that the builds on oss-fuzz will also succeed, since oss-fuzz provides its own compiler and fuzzer vars, but it can catch changes that are not compatible with the the ./scripts/oss-fuzz/build.sh script. The strange way of finding fuzzer binaries stems from the method used by oss-fuzz: https://github.com/google/oss-fuzz/blob/master/infra/base-images/base-runne= r/targets_list Signed-off-by: Alexander Bulekov Message-Id: <20200720073223.22945-1-thuth@redhat.com> [thuth: Tweak the "script" to make it work, exclude slirp test, etc.] Signed-off-by: Thomas Huth --- .gitlab-ci.yml | 22 ++++++++++------------ 1 file changed, 10 insertions(+), 12 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 41597c3603..362e5ee755 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -164,22 +164,20 @@ build-clang: ppc-softmmu s390x-softmmu arm-linux-user MAKE_CHECK_ARGS: check =20 -build-fuzzer: +build-oss-fuzz: <<: *native_build_job_definition variables: IMAGE: fedora script: - - mkdir build - - cd build - - ../configure --cc=3Dclang --cxx=3Dclang++ --enable-fuzzing - --enable-sanitizers --target-list=3Dx86_64-softmmu - - make -j"$JOBS" all check-build x86_64-softmmu/fuzz - - make check - - for fuzzer in i440fx-qos-fork-fuzz i440fx-qos-noreset-fuzz - i440fx-qtest-reboot-fuzz virtio-scsi-flags-fuzz virtio-scsi-fuzz ;= do - echo Testing ${fuzzer} ... ; - x86_64-softmmu/qemu-fuzz-x86_64 --fuzz-target=3D${fuzzer} -runs= =3D1000 - || exit 1 ; + - mkdir build-oss-fuzz + - CC=3D"clang" CXX=3D"clang++" CFLAGS=3D"-fsanitize=3Daddress" + ./scripts/oss-fuzz/build.sh + - for fuzzer in $(find ./build-oss-fuzz/DEST_DIR/ -executable -type f + | grep -v slirp); do + grep "LLVMFuzzerTestOneInput" ${fuzzer} > /dev/null 2>&1 || contin= ue ; + echo Testing ${fuzzer} ... ; + ASAN_OPTIONS=3D"fast_unwind_on_malloc=3D0" + "${fuzzer}" -runs=3D1000 -seed=3D1 || exit 1 ; done =20 build-tci: --=20 2.18.1 From nobody Sat Nov 15 14:09:05 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1595319250; cv=none; d=zohomail.com; s=zohoarc; b=bbDYsYvatV/dDOpApMWNc22+b5BroBgdVb4u6X6F9nimyiTmzZt684ry7D4ajLjDgGWC+ZNjhoZzx6uXKGXAfwA2tg1iGHgQcjgFOffQMFjsvl8hdKbEH+enq2uWDGej0UaU7IAB6I2q7x6U5SXVs1wTk5hJH0zhBGIZ0mCCl0I= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1595319250; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=NDeCjODWd2sR1PLveUfus8P4jDOiazbulApwjnBgP2k=; b=H7qKqnE0P63KFySB9jQL7/P0vP8OTRtDxL7xhkA4/DtEPWqVOajEv1Bn9Iaq8KpUX3i1k01dgKtCOgkKPDQ858uXfINuGo6uJy9eCiTIRSz9b1R7UavqFJDjJxzeqX8Eb52LfU/4NkTz4tbsH3QdZvENMRggrwscsxDvupuwrBA= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1595319250967202.09404773819153; Tue, 21 Jul 2020 01:14:10 -0700 (PDT) Received: from localhost ([::1]:48248 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jxnPd-0004Gg-OH for importer@patchew.org; Tue, 21 Jul 2020 04:14:09 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:34556) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jxnMk-0007b6-K0 for qemu-devel@nongnu.org; Tue, 21 Jul 2020 04:11:10 -0400 Received: from us-smtp-2.mimecast.com ([207.211.31.81]:28220 helo=us-smtp-delivery-1.mimecast.com) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.90_1) (envelope-from ) id 1jxnMi-0004KI-6y for qemu-devel@nongnu.org; Tue, 21 Jul 2020 04:11:10 -0400 Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-227-6bkaSYZ_OXKlOCF7DYzZ4w-1; Tue, 21 Jul 2020 04:11:05 -0400 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 26A7B18C63C1; Tue, 21 Jul 2020 08:11:04 +0000 (UTC) Received: from thuth.com (ovpn-112-102.ams2.redhat.com [10.36.112.102]) by smtp.corp.redhat.com (Postfix) with ESMTP id 1B2272DE68; Tue, 21 Jul 2020 08:11:02 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1595319067; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=NDeCjODWd2sR1PLveUfus8P4jDOiazbulApwjnBgP2k=; b=fCykeDdO5+k6n4OH2asE/nrNLyexU7FH8wU7XM0Q0PsgHfsl8sE1WD8IQ05YBuoF59O/Wz av979rmq7NZA2XzexTvvmExlgW98AAjOqCLpEAtXLMGGw9pNZE6wx4eGm64UeFAfWpb24T wB/C5dHQ0fK685nTq48LfHnfJELe2Qk= X-MC-Unique: 6bkaSYZ_OXKlOCF7DYzZ4w-1 From: Thomas Huth To: peter.maydell@linaro.org, qemu-devel@nongnu.org Subject: [PULL 04/10] fuzz: build without AddressSanitizer, by default Date: Tue, 21 Jul 2020 10:10:49 +0200 Message-Id: <20200721081055.14073-5-thuth@redhat.com> In-Reply-To: <20200721081055.14073-1-thuth@redhat.com> References: <20200721081055.14073-1-thuth@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=207.211.31.81; envelope-from=thuth@redhat.com; helo=us-smtp-delivery-1.mimecast.com X-detected-operating-system: by eggs.gnu.org: First seen = 2020/07/21 03:39:19 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Spam_score_int: -30 X-Spam_score: -3.1 X-Spam_bar: --- X-Spam_report: (-3.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-1, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Alexander Bulekov Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: pass (identity @redhat.com) From: Alexander Bulekov We already have a nice --enable-sanitizers option to enable AddressSanitizer. There is no reason to duplicate and force this functionality in --enable-fuzzing. In the future, if more sanitizers are added to --enable-sanitizers, it might be impossible to build with both --enable-sanitizers and --enable-fuzzing, since not all sanitizers are compatible with libFuzzer. In that case, we could enable ASAN with --extra-cflags=3D"-fsanitize=3Daddress" Signed-off-by: Alexander Bulekov Message-Id: <20200706195534.14962-2-alxndr@bu.edu> Reviewed-by: Philippe Mathieu-Daud=C3=A9 Reviewed-by: Thomas Huth [thuth: Added missing $CFLAGS] Signed-off-by: Thomas Huth --- configure | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/configure b/configure index 33cee41f9c..4bd80ed507 100755 --- a/configure +++ b/configure @@ -6337,7 +6337,7 @@ fi # checks for fuzzer if test "$fuzzing" =3D "yes" ; then write_c_fuzzer_skeleton - if compile_prog "$CPU_CFLAGS -Werror -fsanitize=3Daddress,fuzzer" ""; th= en + if compile_prog "$CPU_CFLAGS -Werror -fsanitize=3Dfuzzer" ""; then have_fuzzer=3Dyes fi fi @@ -7893,11 +7893,11 @@ if test "$have_mlockall" =3D "yes" ; then fi if test "$fuzzing" =3D "yes" ; then if test "$have_fuzzer" =3D "yes"; then - FUZZ_LDFLAGS=3D" -fsanitize=3Daddress,fuzzer" - FUZZ_CFLAGS=3D" -fsanitize=3Daddress,fuzzer" - CFLAGS=3D"$CFLAGS -fsanitize=3Daddress,fuzzer-no-link" + FUZZ_LDFLAGS=3D" -fsanitize=3Dfuzzer" + FUZZ_CFLAGS=3D" -fsanitize=3Dfuzzer" + CFLAGS=3D"$CFLAGS -fsanitize=3Dfuzzer-no-link" else - error_exit "Your compiler doesn't support -fsanitize=3Daddress,fuzzer" + error_exit "Your compiler doesn't support -fsanitize=3Dfuzzer" exit 1 fi fi --=20 2.18.1 From nobody Sat Nov 15 14:09:05 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1595319143; cv=none; d=zohomail.com; s=zohoarc; b=QI6d6QRLDepF/8hCO31U8XvJUgJmNAwfKMfT52pXF8vtQIqqPRmxLBFNmkOsDbXnkr5B9q+T8sY6i2OtJgZr+0VIHS5AtVCY1LHdH9BsuyZWZDAJLu5vco9VNvqQBD7SmhPqogN9I+cip09LPcpNrsgaqnd1IdNEcPYfs5R2mLk= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1595319143; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=ZPtrztw9XpCfhwIOLgP9AbPXxCIFdvLDY4Et5nO8O1c=; b=H52aJXtymYD825l+XjvhqujBkKBEnSMLA9TYIFM8NiYvuL4/gzcSiEPWrJTqXoVpX1M8VvxKEhQ5+tOPh3N+MxWoJKrP/jixVo9hrhKkQW9cT+CSJQavqFMbK4Aw/VD9TsbD8daVHysSeOwg6TZ9YC6Yv+iISYF4vufXi6B42C0= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1595319143883129.76424885158008; Tue, 21 Jul 2020 01:12:23 -0700 (PDT) Received: from localhost ([::1]:40216 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jxnNu-0000xz-Eo for importer@patchew.org; Tue, 21 Jul 2020 04:12:22 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:34624) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jxnMm-0007fW-Li for qemu-devel@nongnu.org; Tue, 21 Jul 2020 04:11:12 -0400 Received: from us-smtp-delivery-1.mimecast.com ([207.211.31.120]:40330 helo=us-smtp-1.mimecast.com) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.90_1) (envelope-from ) id 1jxnMk-0004KX-NC for qemu-devel@nongnu.org; Tue, 21 Jul 2020 04:11:12 -0400 Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-339-rYbpRK0wOmubSoz-PevEDw-1; Tue, 21 Jul 2020 04:11:06 -0400 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id A991F801A03; Tue, 21 Jul 2020 08:11:05 +0000 (UTC) Received: from thuth.com (ovpn-112-102.ams2.redhat.com [10.36.112.102]) by smtp.corp.redhat.com (Postfix) with ESMTP id 84B2E19C66; Tue, 21 Jul 2020 08:11:04 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1595319069; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=ZPtrztw9XpCfhwIOLgP9AbPXxCIFdvLDY4Et5nO8O1c=; b=jGkvwhOYapMnNMo5eC2zkaC/sniaO+PVjRYkGzUlyiexPeKw5FKX7kd0IT5OmCBLgPPMMj iTmk72D1UaU+QyqYrIIPSM0U7VTRy5WPr6mA/AC1vLgR2ublG+FyN/V+IT/687naWhbqWi RCI4u95/LfBYErGlYnC8EfA5YEQHp34= X-MC-Unique: rYbpRK0wOmubSoz-PevEDw-1 From: Thomas Huth To: peter.maydell@linaro.org, qemu-devel@nongnu.org Subject: [PULL 05/10] docs/fuzz: describe building fuzzers with enable-sanitizers Date: Tue, 21 Jul 2020 10:10:50 +0200 Message-Id: <20200721081055.14073-6-thuth@redhat.com> In-Reply-To: <20200721081055.14073-1-thuth@redhat.com> References: <20200721081055.14073-1-thuth@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=207.211.31.120; envelope-from=thuth@redhat.com; helo=us-smtp-1.mimecast.com X-detected-operating-system: by eggs.gnu.org: First seen = 2020/07/21 01:46:39 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Spam_score_int: -30 X-Spam_score: -3.1 X-Spam_bar: --- X-Spam_report: (-3.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-1, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Alexander Bulekov Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: pass (identity @redhat.com) From: Alexander Bulekov Signed-off-by: Alexander Bulekov Message-Id: <20200706195534.14962-3-alxndr@bu.edu> Reviewed-by: Philippe Mathieu-Daud=C3=A9 Reviewed-by: Thomas Huth Signed-off-by: Thomas Huth --- docs/devel/fuzzing.txt | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/docs/devel/fuzzing.txt b/docs/devel/fuzzing.txt index db5641de74..12bf6aa0ca 100644 --- a/docs/devel/fuzzing.txt +++ b/docs/devel/fuzzing.txt @@ -23,9 +23,12 @@ AddressSanitizer mmaps ~20TB of memory, as part of its d= etection. This results in a large page-map, and a much slower fork(). =20 To build the fuzzers, install a recent version of clang: -Configure with (substitute the clang binaries with the version you install= ed): +Configure with (substitute the clang binaries with the version you install= ed). +Here, enable-sanitizers, is optional but it allows us to reliably detect b= ugs +such as out-of-bounds accesses, use-after-frees, double-frees etc. =20 - CC=3Dclang-8 CXX=3Dclang++-8 /path/to/configure --enable-fuzzing + CC=3Dclang-8 CXX=3Dclang++-8 /path/to/configure --enable-fuzzing \ + --enable-sanitizers =20 Fuzz targets are built similarly to system/softmmu: =20 --=20 2.18.1 From nobody Sat Nov 15 14:09:05 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1595319254; cv=none; d=zohomail.com; s=zohoarc; b=Ql8ih0pDHpz+VwK/cY+n58YXxvjeoHBUjwIGZ3yYwD0gZJmVS9DHvnz55v8sTeVXuljSQRjBxL1xzOCmMimFaOO/FGsAWqlUNYRbP6iZuE3/rJ5VU7mkfJ1UbEMIoHfhhPgCChiZuf/NZIKodTMF4MQdvUK8GtTvt0JTdIfq990= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1595319254; h=Content-Type:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:Message-ID:References:Sender:Subject:To; bh=Ed8qjShg83j6iJdRGGW66/wVId0nejMjJmWAPtjIA/c=; b=GH1faJE+NijYA6aycik+VpR3x3Rj+ErKNK63e8GpPY/m0eqbScPZgcY0jssFknnJROkGL232zk/c8EKd8RdBnmyHzHwGvb//ZPeNWl5xKxei1wNNMEzNkb0eRL0DDanZGOmorpmEU9dtdA7krdNqjrr1B3svgzqXlvJa2jS84Zs= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1595319254619757.5141656768457; Tue, 21 Jul 2020 01:14:14 -0700 (PDT) Received: from localhost ([::1]:48634 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jxnPh-0004Qh-6q for importer@patchew.org; Tue, 21 Jul 2020 04:14:13 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:34644) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jxnMn-0007hO-Ip for qemu-devel@nongnu.org; Tue, 21 Jul 2020 04:11:13 -0400 Received: from us-smtp-delivery-1.mimecast.com ([205.139.110.120]:33248 helo=us-smtp-1.mimecast.com) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.90_1) (envelope-from ) id 1jxnMl-0004Kq-Oa for qemu-devel@nongnu.org; Tue, 21 Jul 2020 04:11:13 -0400 Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-198-0VIbiRXROm23p4R5se3Edw-1; Tue, 21 Jul 2020 04:11:08 -0400 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 1E5F9107ACCA; Tue, 21 Jul 2020 08:11:07 +0000 (UTC) Received: from thuth.com (ovpn-112-102.ams2.redhat.com [10.36.112.102]) by smtp.corp.redhat.com (Postfix) with ESMTP id 137CA2DE68; Tue, 21 Jul 2020 08:11:05 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1595319071; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:content-type:content-type:in-reply-to:in-reply-to: references:references; bh=Ed8qjShg83j6iJdRGGW66/wVId0nejMjJmWAPtjIA/c=; b=ZYKMCBUCDtX75AMjCv+zTSjkEftzti+V5wfOK+MPLm6dtWanqfFa29xeoa43jCnVIdfRXh tT8Mnb5UMtQV7AgS+9+N+2Sb7iLJaI62TyML2KNdzQYJt9SpM4ZnZKndI2MfrJPhnpWFgo NDm5wy9aXTg2QgdPm6wi8xLZrWTElRc= X-MC-Unique: 0VIbiRXROm23p4R5se3Edw-1 From: Thomas Huth To: peter.maydell@linaro.org, qemu-devel@nongnu.org Subject: [PULL 06/10] docs/fuzz: add information about useful libFuzzer flags Date: Tue, 21 Jul 2020 10:10:51 +0200 Message-Id: <20200721081055.14073-7-thuth@redhat.com> In-Reply-To: <20200721081055.14073-1-thuth@redhat.com> References: <20200721081055.14073-1-thuth@redhat.com> X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=205.139.110.120; envelope-from=thuth@redhat.com; helo=us-smtp-1.mimecast.com X-detected-operating-system: by eggs.gnu.org: First seen = 2020/07/21 01:30:29 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Spam_score_int: -40 X-Spam_score: -4.1 X-Spam_bar: ---- X-Spam_report: (-4.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-1, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Alexander Bulekov Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" From: Alexander Bulekov Signed-off-by: Alexander Bulekov Message-Id: <20200706195534.14962-4-alxndr@bu.edu> Signed-off-by: Thomas Huth --- docs/devel/fuzzing.txt | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) diff --git a/docs/devel/fuzzing.txt b/docs/devel/fuzzing.txt index 12bf6aa0ca..6d18115239 100644 --- a/docs/devel/fuzzing.txt +++ b/docs/devel/fuzzing.txt @@ -48,6 +48,43 @@ Information about these is available by passing -help=3D1 Now the only thing left to do is wait for the fuzzer to trigger potential crashes. =20 +=3D=3D Useful libFuzzer flags =3D=3D + +As mentioned above, libFuzzer accepts some arguments. Passing -help=3D1 wi= ll list +the available arguments. In particular, these arguments might be helpful: + +$CORPUS_DIR/ : Specify a directory as the last argument to libFuzzer. libF= uzzer +stores each "interesting" input in this corpus directory. The next time yo= u run +libFuzzer, it will read all of the inputs from the corpus, and continue fu= zzing +from there. You can also specify multiple directories. libFuzzer loads exi= sting +inputs from all specified directories, but will only write new ones to the +first one specified. + +-max_len=3D4096 : specify the maximum byte-length of the inputs libFuzzer = will +generate. + +-close_fd_mask=3D{1,2,3} : close, stderr, or both. Useful for targets that +trigger many debug/error messages, or create output on the serial console. + +-jobs=3D4 -workers=3D4 : These arguments configure libFuzzer to run 4 fuzz= ers in +parallel (4 fuzzing jobs in 4 worker processes). Alternatively, with only +-jobs=3DN, libFuzzer automatically spawns a number of workers less than or= equal +to half the available CPU cores. Replace 4 with a number appropriate for y= our +machine. Make sure to specify a $CORPUS_DIR, which will allow the parallel +fuzzers to share information about the interesting inputs they find. + +-use_value_profile=3D1 : For each comparison operation, libFuzzer computes=20 +(caller_pc&4095) | (popcnt(Arg1 ^ Arg2) << 12) and places this in the cove= rage +table. Useful for targets with "magic" constants. If Arg1 came from the fu= zzer's +input and Arg2 is a magic constant, then each time the Hamming distance +between Arg1 and Arg2 decreases, libFuzzer adds the input to the corpus. + +-shrink=3D1 : Tries to make elements of the corpus "smaller". Might lead to +better coverage performance, depending on the target. + +Note that libFuzzer's exact behavior will depend on the version of +clang and libFuzzer used to build the device fuzzers. + =3D=3D Adding a new fuzzer =3D=3D Coverage over virtual devices can be improved by adding additional fuzzers. Fuzzers are kept in tests/qtest/fuzz/ and should be added to --=20 2.18.1 From nobody Sat Nov 15 14:09:05 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1595319251; cv=none; d=zohomail.com; s=zohoarc; b=WV8n598fRLboUKP81s5Ibiq5x+RVz/qAFRhh/gqybk85w09ZELa8eKlv2yLbDCkJOhzyLJQ2ABNn1Z5TQ3aH8GUg/wVAXobw9V/bugjsT5fudZHt5lMSG901YQDRiXTP4OF3jfK01RIHwk6l8ZZLDIiVlLFXzs99kF7NsR6vrT4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1595319251; h=Content-Type:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:Message-ID:References:Sender:Subject:To; bh=ldZrdFQQGz1Yy1QUIGAAXqyy0sFLWE05aOBnAswqw6M=; b=JA3TFTlqUuayjL2b3pZfqXsO2fQSudFEuIxb/Wg0PSG8SG56dP2kvfis0/vt0D2H3YL3UFiSbGylFZQNzGf7Ii1JX73LhOhYx3RZKrlY07h1dGeemN0PiF+DF3WZwv2jbk1I+qUGk57KO5whI4Nx6xtO7DVe6kt8hu9CmUKh8vg= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1595319251639474.21938286015916; Tue, 21 Jul 2020 01:14:11 -0700 (PDT) Received: from localhost ([::1]:48360 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jxnPe-0004JR-BE for importer@patchew.org; Tue, 21 Jul 2020 04:14:10 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:34664) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jxnMo-0007ks-DT for qemu-devel@nongnu.org; Tue, 21 Jul 2020 04:11:14 -0400 Received: from us-smtp-2.mimecast.com ([205.139.110.61]:37672 helo=us-smtp-delivery-1.mimecast.com) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.90_1) (envelope-from ) id 1jxnMm-0004L0-Gu for qemu-devel@nongnu.org; Tue, 21 Jul 2020 04:11:14 -0400 Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-360-IAa5m0N6MwaEzOG1UUA1ZA-1; Tue, 21 Jul 2020 04:11:09 -0400 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 88A4018C63C2; Tue, 21 Jul 2020 08:11:08 +0000 (UTC) Received: from thuth.com (ovpn-112-102.ams2.redhat.com [10.36.112.102]) by smtp.corp.redhat.com (Postfix) with ESMTP id 7E4DD19C66; Tue, 21 Jul 2020 08:11:07 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1595319071; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:content-type:content-type:in-reply-to:in-reply-to: references:references; bh=ldZrdFQQGz1Yy1QUIGAAXqyy0sFLWE05aOBnAswqw6M=; b=J/MsqyyNaO0urdVqtcjyT038z6oMqDOT9u96D31KGtzNLpGVjj0W3fb8be33ZV/eC1+S20 gyBx3yEkjeR0PgRwAywm02aip/RZ2mvaf7XDxVYOnkTfGbh+/ToUsynJEQbRzC8dJXVV8D T4+wlZ/QspmO8DUjDn+CYpi7wbtzHA4= X-MC-Unique: IAa5m0N6MwaEzOG1UUA1ZA-1 From: Thomas Huth To: peter.maydell@linaro.org, qemu-devel@nongnu.org Subject: [PULL 07/10] docs/fuzz: add instructions for generating a coverage report Date: Tue, 21 Jul 2020 10:10:52 +0200 Message-Id: <20200721081055.14073-8-thuth@redhat.com> In-Reply-To: <20200721081055.14073-1-thuth@redhat.com> References: <20200721081055.14073-1-thuth@redhat.com> X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=205.139.110.61; envelope-from=thuth@redhat.com; helo=us-smtp-delivery-1.mimecast.com X-detected-operating-system: by eggs.gnu.org: First seen = 2020/07/21 01:26:46 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Spam_score_int: -40 X-Spam_score: -4.1 X-Spam_bar: ---- X-Spam_report: (-4.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-1, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Alexander Bulekov Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" From: Alexander Bulekov Signed-off-by: Alexander Bulekov Message-Id: <20200706195534.14962-5-alxndr@bu.edu> [thuth: Replaced --enable-sanitizers with --enable-fuzzing] Signed-off-by: Thomas Huth --- docs/devel/fuzzing.txt | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/docs/devel/fuzzing.txt b/docs/devel/fuzzing.txt index 6d18115239..96d71c94d7 100644 --- a/docs/devel/fuzzing.txt +++ b/docs/devel/fuzzing.txt @@ -85,6 +85,25 @@ better coverage performance, depending on the target. Note that libFuzzer's exact behavior will depend on the version of clang and libFuzzer used to build the device fuzzers. =20 +=3D=3D Generating Coverage Reports =3D=3D +Code coverage is a crucial metric for evaluating a fuzzer's performance. +libFuzzer's output provides a "cov: " column that provides a total number = of +unique blocks/edges covered. To examine coverage on a line-by-line basis we +can use Clang coverage: + + 1. Configure libFuzzer to store a corpus of all interesting inputs (see + CORPUS_DIR above) + 2. ./configure the QEMU build with: + --enable-fuzzing \ + --extra-cflags=3D"-fprofile-instr-generate -fcoverage-mapping" + 3. Re-run the fuzzer. Specify $CORPUS_DIR/* as an argument, telling libfu= zzer + to execute all of the inputs in $CORPUS_DIR and exit. Once the process + exits, you should find a file, "default.profraw" in the working direct= ory. + 4. Execute these commands to generate a detailed HTML coverage-report: + llvm-profdata merge -output=3Ddefault.profdata default.profraw + llvm-cov show ./path/to/qemu-fuzz-i386 -instr-profile=3Ddefault.profdata \ + --format html -output-dir=3D/path/to/output/report + =3D=3D Adding a new fuzzer =3D=3D Coverage over virtual devices can be improved by adding additional fuzzers. Fuzzers are kept in tests/qtest/fuzz/ and should be added to --=20 2.18.1 From nobody Sat Nov 15 14:09:05 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1595319343; cv=none; d=zohomail.com; s=zohoarc; b=dW8Mxcb3FNkYyY4VOlxt/TSa29xXv6EcvZGXTADNcTDExQ3SCG5CVD8pFROFobOL6P77HTtShMLzgj/yGNEeKxWSLSHKecw9LN58eFDWLVix/HGGUhT5jxfjjJ+TDatMQ7pr1fg3BY7cq8BrH8MCFOH3wNLY+2+Ttbw3oNqbohM= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1595319343; h=Content-Type:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:Message-ID:References:Sender:Subject:To; bh=wK58u2jx7zTTrq7Y4C4MIIzV41TN06jMRdlS2wQR5pE=; b=V/qql2cfsJ90O/eox6Fq+I8X0H4YbF3ypiNTazygtOJXYpSIZqR1w20zndeQpBGQcN5vVdLgZe5af6APBSQVTVeSd4ND27RS/9lABHypBEAIkFJ4PuTTTbLoOtfVXxcW2amDHImX92jSypZxV8Rmg8qO43eg/L2Ge8bAv2ZJl+A= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1595319343318707.6483210491239; Tue, 21 Jul 2020 01:15:43 -0700 (PDT) Received: from localhost ([::1]:55744 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jxnR8-0007Kw-1z for importer@patchew.org; Tue, 21 Jul 2020 04:15:42 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:34678) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jxnMp-0007oL-QP for qemu-devel@nongnu.org; Tue, 21 Jul 2020 04:11:15 -0400 Received: from us-smtp-1.mimecast.com ([207.211.31.81]:27321 helo=us-smtp-delivery-1.mimecast.com) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.90_1) (envelope-from ) id 1jxnMn-0004LD-Pt for qemu-devel@nongnu.org; Tue, 21 Jul 2020 04:11:15 -0400 Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-301-pQZfCmp2OS-wgXMSrgYafQ-1; Tue, 21 Jul 2020 04:11:10 -0400 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id C241218C63C0; Tue, 21 Jul 2020 08:11:09 +0000 (UTC) Received: from thuth.com (ovpn-112-102.ams2.redhat.com [10.36.112.102]) by smtp.corp.redhat.com (Postfix) with ESMTP id E719919C66; Tue, 21 Jul 2020 08:11:08 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1595319072; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:content-type:content-type:in-reply-to:in-reply-to: references:references; bh=wK58u2jx7zTTrq7Y4C4MIIzV41TN06jMRdlS2wQR5pE=; b=a2XrJvkxS8nte2tQfFU+M4kpSQ+WA/SceiS2DUs3mBSw8Uv/9ghTjRkKmJ9rbv+yMpDQCo VkQcsnkEP/teYDUaZHxEHY0//M23yuBIWyEcsD8rX85lTovN1qGnah0iDzW4ldQfg3DfRj LhSMQaXutIL2r0rWjjteEPzuMKRjJp8= X-MC-Unique: pQZfCmp2OS-wgXMSrgYafQ-1 From: Thomas Huth To: peter.maydell@linaro.org, qemu-devel@nongnu.org Subject: [PULL 08/10] MAINTAINERS: Extend the device fuzzing section Date: Tue, 21 Jul 2020 10:10:53 +0200 Message-Id: <20200721081055.14073-9-thuth@redhat.com> In-Reply-To: <20200721081055.14073-1-thuth@redhat.com> References: <20200721081055.14073-1-thuth@redhat.com> X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=207.211.31.81; envelope-from=thuth@redhat.com; helo=us-smtp-delivery-1.mimecast.com X-detected-operating-system: by eggs.gnu.org: First seen = 2020/07/21 03:39:19 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Spam_score_int: -30 X-Spam_score: -3.1 X-Spam_bar: --- X-Spam_report: (-3.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-1, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" The file docs/devel/fuzzing.txt should be in this section, too, and add myself as a reviewer (since I often take the fuzzer patches through the qtest-next tree, I should be notified on patches, too). Message-Id: <20200721053926.17197-1-thuth@redhat.com> Signed-off-by: Thomas Huth --- MAINTAINERS | 2 ++ 1 file changed, 2 insertions(+) diff --git a/MAINTAINERS b/MAINTAINERS index 5e8616821a..3395abd4e1 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -2449,9 +2449,11 @@ M: Alexander Bulekov R: Paolo Bonzini R: Bandan Das R: Stefan Hajnoczi +R: Thomas Huth S: Maintained F: tests/qtest/fuzz/ F: scripts/oss-fuzz/ +F: docs/devel/fuzzing.txt =20 Register API M: Alistair Francis --=20 2.18.1 From nobody Sat Nov 15 14:09:05 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1595319359; cv=none; d=zohomail.com; s=zohoarc; b=iWjzQKyrQW0LMiOMAubtGX0y5b85OHTlC0ZLQAhNGIvGOVQDiah/BN3IY/bxhpUwjnga9FIcNP7WP42stWzbL2lmPgzKIqeEEtE5Cu47ssfOIjMDG9zXXnWo2+kBsduXVId1JYV6NrInXzsWvc+onQ4kwUS01UrMYkstqngv0H8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1595319359; h=Content-Type:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:Message-ID:References:Sender:Subject:To; bh=tzrM6pnN/7PeCZJ74bnRF97Eq/He8Hc0iuUwDmInoQc=; b=Ud77nY+sCTi7sbalmVcR7J1envZZ/46imiY5sqbNrrFn5EIn4SKVmv0p5osACpucOUB7KradMrRHDHyO2JF+Nhtfx5D8G70GoZrCaksQ+CTTaFb2cYn26+tUSsNET0ZpzuhACq82dpA6/YVww+HlS5cqMj2uMvLcUpjHUdKg5g8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1595319359349737.6674950795937; Tue, 21 Jul 2020 01:15:59 -0700 (PDT) Received: from localhost ([::1]:56806 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jxnRO-0007pc-4p for importer@patchew.org; Tue, 21 Jul 2020 04:15:58 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:34732) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jxnMs-0007vU-Vm for qemu-devel@nongnu.org; Tue, 21 Jul 2020 04:11:19 -0400 Received: from us-smtp-1.mimecast.com ([207.211.31.81]:38835 helo=us-smtp-delivery-1.mimecast.com) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.90_1) (envelope-from ) id 1jxnMr-0004N8-4m for qemu-devel@nongnu.org; Tue, 21 Jul 2020 04:11:18 -0400 Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-367-nCIEy559Nfq28o5WoIKdIQ-1; Tue, 21 Jul 2020 04:11:12 -0400 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 36DFC800468; Tue, 21 Jul 2020 08:11:11 +0000 (UTC) Received: from thuth.com (ovpn-112-102.ams2.redhat.com [10.36.112.102]) by smtp.corp.redhat.com (Postfix) with ESMTP id 2ADE319C66; Tue, 21 Jul 2020 08:11:09 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1595319076; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:content-type:content-type:in-reply-to:in-reply-to: references:references; bh=tzrM6pnN/7PeCZJ74bnRF97Eq/He8Hc0iuUwDmInoQc=; b=iZg+bMsQy2eVSxD5vGPyaWl0jAUagvvBWhsFkqHPJj9F5sl/VZIJ5Xm2yVAJLo0lj84UDN QQsXDIu/fr5N96oHBwXEe2LyU4Qjw+a/AL/S4QBw5OqweyTC1hejNHgpGkWV1RRlPDhrBK DfnMfklsiA06ZVNWGcpZ3uLEkVagz+Y= X-MC-Unique: nCIEy559Nfq28o5WoIKdIQ-1 From: Thomas Huth To: peter.maydell@linaro.org, qemu-devel@nongnu.org Subject: [PULL 09/10] msf2: Unbreak device-list-properties for "msf-soc" Date: Tue, 21 Jul 2020 10:10:54 +0200 Message-Id: <20200721081055.14073-10-thuth@redhat.com> In-Reply-To: <20200721081055.14073-1-thuth@redhat.com> References: <20200721081055.14073-1-thuth@redhat.com> X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=207.211.31.81; envelope-from=thuth@redhat.com; helo=us-smtp-delivery-1.mimecast.com X-detected-operating-system: by eggs.gnu.org: First seen = 2020/07/21 03:39:19 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Spam_score_int: -30 X-Spam_score: -3.1 X-Spam_bar: --- X-Spam_report: (-3.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-1, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Markus Armbruster Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" From: Markus Armbruster Watch this: $ qemu-system-aarch64 -M ast2600-evb -S -display none -qmp stdio {"QMP": {"version": {"qemu": {"micro": 50, "minor": 0, "major": 5}, "pa= ckage": "v5.0.0-2464-g3a9163af4e"}, "capabilities": ["oob"]}} {"execute": "qmp_capabilities"} {"return": {}} {"execute": "device-list-properties", "arguments": {"typename": "msf2-s= oc"}} Unsupported NIC model: ftgmac100 armbru@dusky:~/work/images$ echo $? 1 This is what breaks "make check SPEED=3Dslow". Root cause is m2sxxx_soc_initfn()'s messing with nd_table[] via qemu_check_nic_model(). That's wrong. We fixed the exact same bug for device "allwinner-a10" in commit 8aabc5437b "hw/arm/allwinner-a10: Do not use nd_table in instance_init function". Fix this instance the same way: move the offending code to m2sxxx_soc_realize(), where it's less wrong, and add a FIXME comment. Fixes: 05b7374a58 ("msf2: Add EMAC block to SmartFusion2 SoC") Signed-off-by: Markus Armbruster Message-Id: <20200715140440.3540942-2-armbru@redhat.com> Reviewed-by: Alistair Francis Reviewed-by: Thomas Huth Signed-off-by: Thomas Huth --- hw/arm/msf2-soc.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/hw/arm/msf2-soc.c b/hw/arm/msf2-soc.c index 16bb7c9916..33ea7df342 100644 --- a/hw/arm/msf2-soc.c +++ b/hw/arm/msf2-soc.c @@ -82,10 +82,6 @@ static void m2sxxx_soc_initfn(Object *obj) } =20 object_initialize_child(obj, "emac", &s->emac, TYPE_MSS_EMAC); - if (nd_table[0].used) { - qemu_check_nic_model(&nd_table[0], TYPE_MSS_EMAC); - qdev_set_nic_properties(DEVICE(&s->emac), &nd_table[0]); - } } =20 static void m2sxxx_soc_realize(DeviceState *dev_soc, Error **errp) @@ -187,6 +183,11 @@ static void m2sxxx_soc_realize(DeviceState *dev_soc, E= rror **errp) g_free(bus_name); } =20 + /* FIXME use qdev NIC properties instead of nd_table[] */ + if (nd_table[0].used) { + qemu_check_nic_model(&nd_table[0], TYPE_MSS_EMAC); + qdev_set_nic_properties(DEVICE(&s->emac), &nd_table[0]); + } dev =3D DEVICE(&s->emac); object_property_set_link(OBJECT(&s->emac), "ahb-bus", OBJECT(get_system_memory()), &error_abort); --=20 2.18.1 From nobody Sat Nov 15 14:09:05 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1595319417; cv=none; d=zohomail.com; s=zohoarc; b=EZczdrnQBhhaKOUJe6Zb9ndYdYLAZqoQa7D33vcvXOP34zo8oaaVu0E7V2CuHUqKCs1tI0rRBj+NGJtrRRr9Mh3FSzWjLDkOtvYg+NWMATwKnLaxlArYhjecrcGhDbF6Tv9n8O9axx+6+wjuUg9ruO+FrTShuISOMA77AFhJbZI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1595319417; h=Content-Type:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:Message-ID:References:Sender:Subject:To; bh=c31UckBapyQ7PA0FmBG8QNdyiHw16PrRPEEFlCLHzdw=; b=kzBd/52TYZpkYQiNym4v+x3sLjbBM96BMEyLQg7wwsam1qkEODsvNNQRXF7iInkKkW/zuDXxCGKQtZMwNwyak8zeZIvaTWE0twMJCeZQl0hVHnaQIwGuqD41XnIJMHzwEzCX82RFF2V6bWSuiGbYC2WT6a+jeo52WuBfwuc1e1s= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1595319417817938.9968921951686; Tue, 21 Jul 2020 01:16:57 -0700 (PDT) Received: from localhost ([::1]:59998 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jxnSK-0000jr-Lx for importer@patchew.org; Tue, 21 Jul 2020 04:16:56 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:34722) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jxnMs-0007uA-Dj for qemu-devel@nongnu.org; Tue, 21 Jul 2020 04:11:18 -0400 Received: from us-smtp-delivery-1.mimecast.com ([207.211.31.120]:31819 helo=us-smtp-1.mimecast.com) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.90_1) (envelope-from ) id 1jxnMq-0004Mt-Hs for qemu-devel@nongnu.org; Tue, 21 Jul 2020 04:11:18 -0400 Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-357-BpaeWHyvP02kls1kxFPxPA-1; Tue, 21 Jul 2020 04:11:13 -0400 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 86F7918C63C0; Tue, 21 Jul 2020 08:11:12 +0000 (UTC) Received: from thuth.com (ovpn-112-102.ams2.redhat.com [10.36.112.102]) by smtp.corp.redhat.com (Postfix) with ESMTP id 8AD033C67; Tue, 21 Jul 2020 08:11:11 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1595319075; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:content-type:content-type:in-reply-to:in-reply-to: references:references; bh=c31UckBapyQ7PA0FmBG8QNdyiHw16PrRPEEFlCLHzdw=; b=h46w18R+yPmiGE5f7ZKOxNbcEP7h38KAdo9f1wBQVIqxYU3tkb7Eobpk7hwNSZqD/D6ije CBm/TBzODcJA9b5/6Et0EZmg2dtSOxSyQ6a26szbRGA9gJNJVjKGz/ON6Ymu28BycGCH65 jWBjGXyXit2PzPWcEQ5jX7njyPw9QCs= X-MC-Unique: BpaeWHyvP02kls1kxFPxPA-1 From: Thomas Huth To: peter.maydell@linaro.org, qemu-devel@nongnu.org Subject: [PULL 10/10] hw: Mark nd_table[] misuse in realize methods FIXME Date: Tue, 21 Jul 2020 10:10:55 +0200 Message-Id: <20200721081055.14073-11-thuth@redhat.com> In-Reply-To: <20200721081055.14073-1-thuth@redhat.com> References: <20200721081055.14073-1-thuth@redhat.com> X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=207.211.31.120; envelope-from=thuth@redhat.com; helo=us-smtp-1.mimecast.com X-detected-operating-system: by eggs.gnu.org: First seen = 2020/07/21 01:46:39 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Spam_score_int: -30 X-Spam_score: -3.1 X-Spam_bar: --- X-Spam_report: (-3.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-1, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Markus Armbruster Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" From: Markus Armbruster nd_table[] contains NIC configuration for boards to pick up. Device code has no business looking there. Several devices do it anyway. Two of them already have a suitable FIXME comment: "allwinner-a10" and "msf2-soc". Copy it to the others: "allwinner-h3", "xlnx-versal", "xlnx,zynqmp", "sparc32-ledma", "riscv.sifive.u.soc". Signed-off-by: Markus Armbruster Message-Id: <20200715140440.3540942-3-armbru@redhat.com> Reviewed-by: Alistair Francis Reviewed-by: Niek Linnenbank Reviewed-by: Thomas Huth Signed-off-by: Thomas Huth --- hw/arm/allwinner-h3.c | 1 + hw/arm/xlnx-versal.c | 1 + hw/arm/xlnx-zynqmp.c | 1 + hw/dma/sparc32_dma.c | 1 + hw/riscv/sifive_u.c | 1 + 5 files changed, 5 insertions(+) diff --git a/hw/arm/allwinner-h3.c b/hw/arm/allwinner-h3.c index 8e09468e86..ff92ded82c 100644 --- a/hw/arm/allwinner-h3.c +++ b/hw/arm/allwinner-h3.c @@ -358,6 +358,7 @@ static void allwinner_h3_realize(DeviceState *dev, Erro= r **errp) "sd-bus"); =20 /* EMAC */ + /* FIXME use qdev NIC properties instead of nd_table[] */ if (nd_table[0].used) { qemu_check_nic_model(&nd_table[0], TYPE_AW_SUN8I_EMAC); qdev_set_nic_properties(DEVICE(&s->emac), &nd_table[0]); diff --git a/hw/arm/xlnx-versal.c b/hw/arm/xlnx-versal.c index ead038b971..e3aa4bd1e5 100644 --- a/hw/arm/xlnx-versal.c +++ b/hw/arm/xlnx-versal.c @@ -160,6 +160,7 @@ static void versal_create_gems(Versal *s, qemu_irq *pic) object_initialize_child(OBJECT(s), name, &s->lpd.iou.gem[i], TYPE_CADENCE_GEM); dev =3D DEVICE(&s->lpd.iou.gem[i]); + /* FIXME use qdev NIC properties instead of nd_table[] */ if (nd->used) { qemu_check_nic_model(nd, "cadence_gem"); qdev_set_nic_properties(dev, nd); diff --git a/hw/arm/xlnx-zynqmp.c b/hw/arm/xlnx-zynqmp.c index 772cfa3771..5855e5d5bf 100644 --- a/hw/arm/xlnx-zynqmp.c +++ b/hw/arm/xlnx-zynqmp.c @@ -455,6 +455,7 @@ static void xlnx_zynqmp_realize(DeviceState *dev, Error= **errp) for (i =3D 0; i < XLNX_ZYNQMP_NUM_GEMS; i++) { NICInfo *nd =3D &nd_table[i]; =20 + /* FIXME use qdev NIC properties instead of nd_table[] */ if (nd->used) { qemu_check_nic_model(nd, TYPE_CADENCE_GEM); qdev_set_nic_properties(DEVICE(&s->gem[i]), nd); diff --git a/hw/dma/sparc32_dma.c b/hw/dma/sparc32_dma.c index 9459178866..bcd1626fbd 100644 --- a/hw/dma/sparc32_dma.c +++ b/hw/dma/sparc32_dma.c @@ -341,6 +341,7 @@ static void sparc32_ledma_device_realize(DeviceState *d= ev, Error **errp) DeviceState *d; NICInfo *nd =3D &nd_table[0]; =20 + /* FIXME use qdev NIC properties instead of nd_table[] */ qemu_check_nic_model(nd, TYPE_LANCE); =20 d =3D qdev_new(TYPE_LANCE); diff --git a/hw/riscv/sifive_u.c b/hw/riscv/sifive_u.c index 19a976c9a6..e5682c38a9 100644 --- a/hw/riscv/sifive_u.c +++ b/hw/riscv/sifive_u.c @@ -714,6 +714,7 @@ static void sifive_u_soc_realize(DeviceState *dev, Erro= r **errp) } sysbus_mmio_map(SYS_BUS_DEVICE(&s->otp), 0, memmap[SIFIVE_U_OTP].base); =20 + /* FIXME use qdev NIC properties instead of nd_table[] */ if (nd->used) { qemu_check_nic_model(nd, TYPE_CADENCE_GEM); qdev_set_nic_properties(DEVICE(&s->gem), nd); --=20 2.18.1