1. Patchew
  2. QEMU
  3. View series

[PATCH v2 00/15] Add a General Virtual Device Fuzzer

Alexander Bulekov posted 15 patches 5 years, 5 months ago
Test docker-quick@centos7 passed
Test docker-mingw@fedora passed
Test checkpatch failed
Test FreeBSD passed
Failed in applying to current master (apply log)
There is a newer version of this series
exec.c                                        |   2 +
include/exec/memory.h                         |  16 +
include/exec/memory_ldst_cached.inc.h         |   3 +
memory_ldst.inc.c                             |   4 +
scripts/oss-fuzz/build.sh                     |   8 +-
scripts/oss-fuzz/build_general_fuzzers.py     |  62 ++
scripts/oss-fuzz/general_fuzzer_configs.yml   | 103 +++
scripts/oss-fuzz/minimize_qtest_trace.py      | 118 +++
.../oss-fuzz/reorder_fuzzer_qtest_trace.py    |  94 ++
scripts/oss-fuzz/target.c                     |  40 +
softmmu/memory.c                              |  14 +
tests/qtest/fuzz/Makefile.include             |   1 +
tests/qtest/fuzz/fuzz.c                       |  18 +-
tests/qtest/fuzz/fuzz.h                       |  26 +
tests/qtest/fuzz/general_fuzz.c               | 843 ++++++++++++++++++
15 files changed, 1348 insertions(+), 4 deletions(-)
create mode 100755 scripts/oss-fuzz/build_general_fuzzers.py
create mode 100644 scripts/oss-fuzz/general_fuzzer_configs.yml
create mode 100755 scripts/oss-fuzz/minimize_qtest_trace.py
create mode 100755 scripts/oss-fuzz/reorder_fuzzer_qtest_trace.py
create mode 100644 scripts/oss-fuzz/target.c
create mode 100644 tests/qtest/fuzz/general_fuzz.c
[PATCH v2 00/15] Add a General Virtual Device Fuzzer
Posted by Alexander Bulekov 5 years, 5 months ago 
v2:
	- Remove QOS dependency.
	- Add a custom crossover function
	- Fix broken minimization scripts
	- Fixes to the IO region and DMA handling code

This is a general virtual-device fuzzer, designed to fuzz devices over Port IO,
MMIO, and DMA.

To get started with this:
 1. Build the fuzzers (see docs/devel/fuzzing.txt)
    Note: Build with --enable-sanitizers, or create a "dictionary file":
    echo kw1=\"FUZZ\" > dict
    and pass it as an argument to libFuzzer with -dict=./dict
    This magic value is a command separator that lets the fuzzer perform
    multiple IO actions with a single input.

 2. Pick the qemu arguments you wish to fuzz:
    export QEMU_FUZZ_ARGS="-M q35 -device virtio-balloon"

 3. Tell the fuzzer which QOM objects or MemoryRegion names to fuzz. I find the
 "info qom-tree", "info qtree" and "info mtree" commands useful for identifying
 these. Supports globbing. Here I will try to simultaneously fuzz(for no good
 reason) virtio-balloon and e1000e, which is included by default in the q35:
    export QEMU_FUZZ_OBJECTS='virtio* e1000*'
    You can also try to fuzz the whole machine:
    export QEMU_FUZZ_OBJECTS='*'

 4. Run the fuzzer for 0 inputs. The fuzzer should output a list of
 MemoryRegions/PCI Devices it will try to fuzz. Confirm that these match your
 expectations.
    ./i386-softmmu/qemu-fuzz-i386 --fuzz-target=general-fuzz -runs=0

 5. Run the fuzzer:
    ./i386-softmmu/qemu-fuzz-i386 --fuzz-target=general-fuzz 


Basically, at the core, this fuzzer is an interpreter that splits the input
into a series of commands, such as mmio_write, pio_write, etc. We structure
these commands to hit only MemoryRegions that are associated with the devices
specified in QEMU_FUZZ_OBJECTS. Additionally, these patches add "hooks" to
functions that are typically used by virtual-devices to read from RAM (DMA).
These hooks attempt to populate these DMA regions with fuzzed data, just in
time.

Some of the issues I have found or reproduced with this fuzzer:
https://bugs.launchpad.net/bugs/1525123
https://bugs.launchpad.net/bugs/1681439
https://bugs.launchpad.net/bugs/1777315
https://bugs.launchpad.net/bugs/1878034
https://bugs.launchpad.net/bugs/1878043
https://bugs.launchpad.net/bugs/1878054
https://bugs.launchpad.net/bugs/1878057
https://bugs.launchpad.net/bugs/1878067
https://bugs.launchpad.net/bugs/1878134
https://bugs.launchpad.net/bugs/1878136
https://bugs.launchpad.net/bugs/1878253
https://bugs.launchpad.net/bugs/1878255
https://bugs.launchpad.net/bugs/1878259
https://bugs.launchpad.net/bugs/1878263
https://bugs.launchpad.net/bugs/1878323
https://bugs.launchpad.net/bugs/1878641
https://bugs.launchpad.net/bugs/1878642
https://bugs.launchpad.net/bugs/1878645
https://bugs.launchpad.net/bugs/1878651
https://bugs.launchpad.net/bugs/1879223
https://bugs.launchpad.net/bugs/1879227
https://bugs.launchpad.net/bugs/1879531
https://bugs.launchpad.net/bugs/1880355
https://bugs.launchpad.net/bugs/1880539
https://bugs.launchpad.net/bugs/1884693
https://bugs.launchpad.net/bugs/1886362
https://bugs.launchpad.net/bugs/1887303
https://bugs.launchpad.net/bugs/1887309
https://bugs.launchpad.net/bugs/697510

*** BLURB HERE ***

Alexander Bulekov (15):
  fuzz: Change the way we write qtest log to stderr
  fuzz: Add general virtual-device fuzzer
  fuzz: Add PCI features to the general fuzzer
  fuzz: Add DMA support to the generic-fuzzer
  fuzz: Declare DMA Read callback function
  fuzz: Add fuzzer callbacks to DMA-read functions
  fuzz: Add support for custom crossover functions
  fuzz: add a DISABLE_PCI op to general-fuzzer
  fuzz: add a crossover function to generic-fuzzer
  scripts/oss-fuzz: Add wrapper program for generic fuzzer
  scripts/oss-fuzz: Add general-fuzzer build script
  scripts/oss-fuzz: Add general-fuzzer configs for oss-fuzz
  scripts/oss-fuzz: build the general-fuzzer configs
  scripts/oss-fuzz: Add script to reorder a general-fuzzer trace
  scripts/oss-fuzz: Add crash trace minimization script

 exec.c                                        |   2 +
 include/exec/memory.h                         |  16 +
 include/exec/memory_ldst_cached.inc.h         |   3 +
 memory_ldst.inc.c                             |   4 +
 scripts/oss-fuzz/build.sh                     |   8 +-
 scripts/oss-fuzz/build_general_fuzzers.py     |  62 ++
 scripts/oss-fuzz/general_fuzzer_configs.yml   | 103 +++
 scripts/oss-fuzz/minimize_qtest_trace.py      | 118 +++
 .../oss-fuzz/reorder_fuzzer_qtest_trace.py    |  94 ++
 scripts/oss-fuzz/target.c                     |  40 +
 softmmu/memory.c                              |  14 +
 tests/qtest/fuzz/Makefile.include             |   1 +
 tests/qtest/fuzz/fuzz.c                       |  18 +-
 tests/qtest/fuzz/fuzz.h                       |  26 +
 tests/qtest/fuzz/general_fuzz.c               | 843 ++++++++++++++++++
 15 files changed, 1348 insertions(+), 4 deletions(-)
 create mode 100755 scripts/oss-fuzz/build_general_fuzzers.py
 create mode 100644 scripts/oss-fuzz/general_fuzzer_configs.yml
 create mode 100755 scripts/oss-fuzz/minimize_qtest_trace.py
 create mode 100755 scripts/oss-fuzz/reorder_fuzzer_qtest_trace.py
 create mode 100644 scripts/oss-fuzz/target.c
 create mode 100644 tests/qtest/fuzz/general_fuzz.c

-- 
2.27.0
Re: [PATCH v2 00/15] Add a General Virtual Device Fuzzer
Posted by no-reply@patchew.org 5 years, 5 months ago 
Patchew URL: https://patchew.org/QEMU/20200819061110.1320568-1-alxndr@bu.edu/



Hi,

This series seems to have some coding style problems. See output below for
more information:

Type: series
Message-id: 20200819061110.1320568-1-alxndr@bu.edu
Subject: [PATCH v2 00/15] Add a General Virtual Device Fuzzer

=== TEST SCRIPT BEGIN ===
#!/bin/bash
git rev-parse base > /dev/null || exit 0
git config --local diff.renamelimit 0
git config --local diff.renames True
git config --local diff.algorithm histogram
./scripts/checkpatch.pl --mailback base..
=== TEST SCRIPT END ===

Switched to a new branch 'test'
a8e119d scripts/oss-fuzz: Add crash trace minimization script
ae04d9e scripts/oss-fuzz: Add script to reorder a general-fuzzer trace
565c5c5 scripts/oss-fuzz: build the general-fuzzer configs
559cd36 scripts/oss-fuzz: Add general-fuzzer configs for oss-fuzz
54db062 scripts/oss-fuzz: Add general-fuzzer build script
8973b6e scripts/oss-fuzz: Add wrapper program for generic fuzzer
3452c68 fuzz: add a crossover function to generic-fuzzer
5c579c9 fuzz: add a DISABLE_PCI op to general-fuzzer
4f50ecd fuzz: Add support for custom crossover functions
95bd76d fuzz: Add fuzzer callbacks to DMA-read functions
89e6484 fuzz: Declare DMA Read callback function
a5441b1 fuzz: Add DMA support to the generic-fuzzer
9bd3375 fuzz: Add PCI features to the general fuzzer
a2759f3 fuzz: Add general virtual-device fuzzer
f9c6ddd fuzz: Change the way we write qtest log to stderr

=== OUTPUT BEGIN ===
1/15 Checking commit f9c6ddda8115 (fuzz: Change the way we write qtest log to stderr)
2/15 Checking commit a2759f329ffa (fuzz: Add general virtual-device fuzzer)
WARNING: added, moved or deleted file(s), does MAINTAINERS need updating?
#31: 
new file mode 100644

ERROR: missing space after enum definition
#68: FILE: tests/qtest/fuzz/general_fuzz.c:33:
+enum cmds{

ERROR: line over 90 characters
#108: FILE: tests/qtest/fuzz/general_fuzz.c:73:
+    AddressSpace *as = (io_space == get_system_memory()) ? &address_space_memory : &address_space_io;

ERROR: line over 90 characters
#124: FILE: tests/qtest/fuzz/general_fuzz.c:89:
+                if(address_space_translate(as, abs_addr, &xlat, &len, true, MEMTXATTRS_UNSPECIFIED) == mr){

ERROR: space required before the open brace '{'
#124: FILE: tests/qtest/fuzz/general_fuzz.c:89:
+                if(address_space_translate(as, abs_addr, &xlat, &len, true, MEMTXATTRS_UNSPECIFIED) == mr){

ERROR: space required before the open parenthesis '('
#124: FILE: tests/qtest/fuzz/general_fuzz.c:89:
+                if(address_space_translate(as, abs_addr, &xlat, &len, true, MEMTXATTRS_UNSPECIFIED) == mr){

ERROR: space required before the open brace '{'
#128: FILE: tests/qtest/fuzz/general_fuzz.c:93:
+                    if(mr->size){

ERROR: space required before the open parenthesis '('
#128: FILE: tests/qtest/fuzz/general_fuzz.c:93:
+                    if(mr->size){

ERROR: spaces required around that '-' (ctx:VxV)
#131: FILE: tests/qtest/fuzz/general_fuzz.c:96:
+                    result->len = mr->size-(result->addr-abs_addr);
                                           ^

ERROR: spaces required around that '-' (ctx:VxV)
#131: FILE: tests/qtest/fuzz/general_fuzz.c:96:
+                    result->len = mr->size-(result->addr-abs_addr);
                                                         ^

ERROR: space prohibited between function name and open parenthesis '('
#483: FILE: tests/qtest/fuzz/general_fuzz.c:448:
+    char **result = g_strsplit (getenv("QEMU_FUZZ_OBJECTS"), " ", -1);

ERROR: space required before the open brace '{'
#500: FILE: tests/qtest/fuzz/general_fuzz.c:465:
+    if(!fuzzable_memoryregions->len){

ERROR: space required before the open parenthesis '('
#500: FILE: tests/qtest/fuzz/general_fuzz.c:465:
+    if(!fuzzable_memoryregions->len){

total: 12 errors, 1 warnings, 501 lines checked

Patch 2/15 has style problems, please review.  If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.

3/15 Checking commit 9bd3375b88bc (fuzz: Add PCI features to the general fuzzer)
4/15 Checking commit a5441b1099c7 (fuzz: Add DMA support to the generic-fuzzer)
ERROR: externs should be avoided in .c files
#84: FILE: tests/qtest/fuzz/general_fuzz.c:97:
+void fuzz_dma_read_cb(size_t addr, size_t len, MemoryRegion *mr, bool is_write);

WARNING: line over 80 characters
#129: FILE: tests/qtest/fuzz/general_fuzz.c:142:
+        || (mr != MACHINE(qdev_get_machine())->ram && !(mr->ops == &unassigned_mem_ops))

total: 1 errors, 1 warnings, 247 lines checked

Patch 4/15 has style problems, please review.  If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.

5/15 Checking commit 89e64845b1dd (fuzz: Declare DMA Read callback function)
6/15 Checking commit 95bd76d180c1 (fuzz: Add fuzzer callbacks to DMA-read functions)
7/15 Checking commit 4f50ecd4705c (fuzz: Add support for custom crossover functions)
ERROR: space required before the open parenthesis '('
#30: FILE: tests/qtest/fuzz/fuzz.c:127:
+    if(fuzz_target->crossover) {

WARNING: line over 80 characters
#59: FILE: tests/qtest/fuzz/fuzz.h:91:
+     * seed: the seed that should be used to make mutations deterministic, when needed

total: 1 errors, 1 warnings, 57 lines checked

Patch 7/15 has style problems, please review.  If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.

8/15 Checking commit 5c579c959fec (fuzz: add a DISABLE_PCI op to general-fuzzer)
ERROR: do not initialise statics to 0 or NULL
#30: FILE: tests/qtest/fuzz/general_fuzz.c:97:
+static bool pci_disabled = false;

total: 1 errors, 0 warnings, 55 lines checked

Patch 8/15 has style problems, please review.  If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.

9/15 Checking commit 3452c68ac630 (fuzz: add a crossover function to generic-fuzzer)
ERROR: do not use C99 // comments
#49: FILE: tests/qtest/fuzz/general_fuzz.c:773:
+    // Copy in the first input

ERROR: spaces required around that '+' (ctx:VxV)
#51: FILE: tests/qtest/fuzz/general_fuzz.c:775:
+    memcpy(out+size, data1, copy);
               ^

ERROR: spaces required around that '+=' (ctx:VxW)
#52: FILE: tests/qtest/fuzz/general_fuzz.c:776:
+    size+= copy;
         ^

ERROR: spaces required around that '-=' (ctx:VxW)
#53: FILE: tests/qtest/fuzz/general_fuzz.c:777:
+    max_out_size-= copy;
                 ^

ERROR: do not use C99 // comments
#55: FILE: tests/qtest/fuzz/general_fuzz.c:779:
+    // Append a separator

ERROR: spaces required around that '+' (ctx:VxV)
#57: FILE: tests/qtest/fuzz/general_fuzz.c:781:
+    memcpy(out+size, SEPARATOR, copy);
               ^

ERROR: spaces required around that '+=' (ctx:VxW)
#58: FILE: tests/qtest/fuzz/general_fuzz.c:782:
+    size+= copy;
         ^

ERROR: spaces required around that '-=' (ctx:VxW)
#59: FILE: tests/qtest/fuzz/general_fuzz.c:783:
+    max_out_size-= copy;
                 ^

ERROR: do not use C99 // comments
#61: FILE: tests/qtest/fuzz/general_fuzz.c:785:
+    // Clear out the

ERROR: spaces required around that '+=' (ctx:VxW)
#66: FILE: tests/qtest/fuzz/general_fuzz.c:790:
+    size+= copy;
         ^

ERROR: spaces required around that '-=' (ctx:VxW)
#67: FILE: tests/qtest/fuzz/general_fuzz.c:791:
+    max_out_size-= copy;
                 ^

ERROR: spaces required around that '+' (ctx:VxV)
#70: FILE: tests/qtest/fuzz/general_fuzz.c:794:
+    memcpy(out+size, SEPARATOR, copy);
               ^

ERROR: spaces required around that '+=' (ctx:VxW)
#71: FILE: tests/qtest/fuzz/general_fuzz.c:795:
+    size+= copy;
         ^

ERROR: spaces required around that '-=' (ctx:VxW)
#72: FILE: tests/qtest/fuzz/general_fuzz.c:796:
+    max_out_size-= copy;
                 ^

ERROR: spaces required around that '+=' (ctx:VxW)
#78: FILE: tests/qtest/fuzz/general_fuzz.c:802:
+    size+= copy;
         ^

ERROR: spaces required around that '-=' (ctx:VxW)
#79: FILE: tests/qtest/fuzz/general_fuzz.c:803:
+    max_out_size-= copy;
                 ^

ERROR: spaces required around that '+' (ctx:VxV)
#82: FILE: tests/qtest/fuzz/general_fuzz.c:806:
+    memcpy(out+size, SEPARATOR, copy);
               ^

ERROR: spaces required around that '+=' (ctx:VxW)
#83: FILE: tests/qtest/fuzz/general_fuzz.c:807:
+    size+= copy;
         ^

ERROR: spaces required around that '-=' (ctx:VxW)
#84: FILE: tests/qtest/fuzz/general_fuzz.c:808:
+    max_out_size-= copy;
                 ^

ERROR: spaces required around that '+' (ctx:VxV)
#87: FILE: tests/qtest/fuzz/general_fuzz.c:811:
+    memcpy(out+size, data2, copy);
               ^

ERROR: spaces required around that '+=' (ctx:VxW)
#88: FILE: tests/qtest/fuzz/general_fuzz.c:812:
+    size+= copy;
         ^

ERROR: spaces required around that '-=' (ctx:VxW)
#89: FILE: tests/qtest/fuzz/general_fuzz.c:813:
+    max_out_size-= copy;
                 ^

total: 22 errors, 0 warnings, 93 lines checked

Patch 9/15 has style problems, please review.  If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.

10/15 Checking commit 8973b6e31476 (scripts/oss-fuzz: Add wrapper program for generic fuzzer)
WARNING: added, moved or deleted file(s), does MAINTAINERS need updating?
#19: 
new file mode 100644

total: 0 errors, 1 warnings, 40 lines checked

Patch 10/15 has style problems, please review.  If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
11/15 Checking commit 54db062fafe0 (scripts/oss-fuzz: Add general-fuzzer build script)
WARNING: added, moved or deleted file(s), does MAINTAINERS need updating?
#17: 
new file mode 100755

total: 0 errors, 1 warnings, 62 lines checked

Patch 11/15 has style problems, please review.  If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
12/15 Checking commit 559cd365394c (scripts/oss-fuzz: Add general-fuzzer configs for oss-fuzz)
WARNING: added, moved or deleted file(s), does MAINTAINERS need updating?
#16: 
new file mode 100644

total: 0 errors, 1 warnings, 103 lines checked

Patch 12/15 has style problems, please review.  If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
13/15 Checking commit 565c5c5cec66 (scripts/oss-fuzz: build the general-fuzzer configs)
14/15 Checking commit ae04d9edfe56 (scripts/oss-fuzz: Add script to reorder a general-fuzzer trace)
WARNING: added, moved or deleted file(s), does MAINTAINERS need updating?
#21: 
new file mode 100755

total: 0 errors, 1 warnings, 94 lines checked

Patch 14/15 has style problems, please review.  If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
15/15 Checking commit a8e119d529aa (scripts/oss-fuzz: Add crash trace minimization script)
WARNING: added, moved or deleted file(s), does MAINTAINERS need updating?
#16: 
new file mode 100755

total: 0 errors, 1 warnings, 118 lines checked

Patch 15/15 has style problems, please review.  If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
=== OUTPUT END ===

Test command exited with code: 1


The full log is available at
http://patchew.org/logs/20200819061110.1320568-1-alxndr@bu.edu/testing.checkpatch/?type=message.
---
Email generated automatically by Patchew [https://patchew.org/].
Please send your feedback to patchew-devel@redhat.com
Re: [PATCH v2 00/15] Add a General Virtual Device Fuzzer
Posted by Alexander Bulekov 5 years, 5 months ago 
Oops I forgot to do my checkpatch pass. I'll resend this, shortly.
-Alex

On 200818 2332, no-reply@patchew.org wrote:
> Patchew URL: https://patchew.org/QEMU/20200819061110.1320568-1-alxndr@bu.edu/
> 
> 
> 
> Hi,
> 
> This series seems to have some coding style problems. See output below for
> more information:
> 
> Type: series
> Message-id: 20200819061110.1320568-1-alxndr@bu.edu
> Subject: [PATCH v2 00/15] Add a General Virtual Device Fuzzer
> 
> === TEST SCRIPT BEGIN ===
> #!/bin/bash
> git rev-parse base > /dev/null || exit 0
> git config --local diff.renamelimit 0
> git config --local diff.renames True
> git config --local diff.algorithm histogram
> ./scripts/checkpatch.pl --mailback base..
> === TEST SCRIPT END ===
> 
> Switched to a new branch 'test'
> a8e119d scripts/oss-fuzz: Add crash trace minimization script
> ae04d9e scripts/oss-fuzz: Add script to reorder a general-fuzzer trace
> 565c5c5 scripts/oss-fuzz: build the general-fuzzer configs
> 559cd36 scripts/oss-fuzz: Add general-fuzzer configs for oss-fuzz
> 54db062 scripts/oss-fuzz: Add general-fuzzer build script
> 8973b6e scripts/oss-fuzz: Add wrapper program for generic fuzzer
> 3452c68 fuzz: add a crossover function to generic-fuzzer
> 5c579c9 fuzz: add a DISABLE_PCI op to general-fuzzer
> 4f50ecd fuzz: Add support for custom crossover functions
> 95bd76d fuzz: Add fuzzer callbacks to DMA-read functions
> 89e6484 fuzz: Declare DMA Read callback function
> a5441b1 fuzz: Add DMA support to the generic-fuzzer
> 9bd3375 fuzz: Add PCI features to the general fuzzer
> a2759f3 fuzz: Add general virtual-device fuzzer
> f9c6ddd fuzz: Change the way we write qtest log to stderr
> 
> === OUTPUT BEGIN ===
> 1/15 Checking commit f9c6ddda8115 (fuzz: Change the way we write qtest log to stderr)
> 2/15 Checking commit a2759f329ffa (fuzz: Add general virtual-device fuzzer)
> WARNING: added, moved or deleted file(s), does MAINTAINERS need updating?
> #31: 
> new file mode 100644
> 
> ERROR: missing space after enum definition
> #68: FILE: tests/qtest/fuzz/general_fuzz.c:33:
> +enum cmds{
> 
> ERROR: line over 90 characters
> #108: FILE: tests/qtest/fuzz/general_fuzz.c:73:
> +    AddressSpace *as = (io_space == get_system_memory()) ? &address_space_memory : &address_space_io;
> 
> ERROR: line over 90 characters
> #124: FILE: tests/qtest/fuzz/general_fuzz.c:89:
> +                if(address_space_translate(as, abs_addr, &xlat, &len, true, MEMTXATTRS_UNSPECIFIED) == mr){
> 
> ERROR: space required before the open brace '{'
> #124: FILE: tests/qtest/fuzz/general_fuzz.c:89:
> +                if(address_space_translate(as, abs_addr, &xlat, &len, true, MEMTXATTRS_UNSPECIFIED) == mr){
> 
> ERROR: space required before the open parenthesis '('
> #124: FILE: tests/qtest/fuzz/general_fuzz.c:89:
> +                if(address_space_translate(as, abs_addr, &xlat, &len, true, MEMTXATTRS_UNSPECIFIED) == mr){
> 
> ERROR: space required before the open brace '{'
> #128: FILE: tests/qtest/fuzz/general_fuzz.c:93:
> +                    if(mr->size){
> 
> ERROR: space required before the open parenthesis '('
> #128: FILE: tests/qtest/fuzz/general_fuzz.c:93:
> +                    if(mr->size){
> 
> ERROR: spaces required around that '-' (ctx:VxV)
> #131: FILE: tests/qtest/fuzz/general_fuzz.c:96:
> +                    result->len = mr->size-(result->addr-abs_addr);
>                                            ^
> 
> ERROR: spaces required around that '-' (ctx:VxV)
> #131: FILE: tests/qtest/fuzz/general_fuzz.c:96:
> +                    result->len = mr->size-(result->addr-abs_addr);
>                                                          ^
> 
> ERROR: space prohibited between function name and open parenthesis '('
> #483: FILE: tests/qtest/fuzz/general_fuzz.c:448:
> +    char **result = g_strsplit (getenv("QEMU_FUZZ_OBJECTS"), " ", -1);
> 
> ERROR: space required before the open brace '{'
> #500: FILE: tests/qtest/fuzz/general_fuzz.c:465:
> +    if(!fuzzable_memoryregions->len){
> 
> ERROR: space required before the open parenthesis '('
> #500: FILE: tests/qtest/fuzz/general_fuzz.c:465:
> +    if(!fuzzable_memoryregions->len){
> 
> total: 12 errors, 1 warnings, 501 lines checked
> 
> Patch 2/15 has style problems, please review.  If any of these errors
> are false positives report them to the maintainer, see
> CHECKPATCH in MAINTAINERS.
> 
> 3/15 Checking commit 9bd3375b88bc (fuzz: Add PCI features to the general fuzzer)
> 4/15 Checking commit a5441b1099c7 (fuzz: Add DMA support to the generic-fuzzer)
> ERROR: externs should be avoided in .c files
> #84: FILE: tests/qtest/fuzz/general_fuzz.c:97:
> +void fuzz_dma_read_cb(size_t addr, size_t len, MemoryRegion *mr, bool is_write);
> 
> WARNING: line over 80 characters
> #129: FILE: tests/qtest/fuzz/general_fuzz.c:142:
> +        || (mr != MACHINE(qdev_get_machine())->ram && !(mr->ops == &unassigned_mem_ops))
> 
> total: 1 errors, 1 warnings, 247 lines checked
> 
> Patch 4/15 has style problems, please review.  If any of these errors
> are false positives report them to the maintainer, see
> CHECKPATCH in MAINTAINERS.
> 
> 5/15 Checking commit 89e64845b1dd (fuzz: Declare DMA Read callback function)
> 6/15 Checking commit 95bd76d180c1 (fuzz: Add fuzzer callbacks to DMA-read functions)
> 7/15 Checking commit 4f50ecd4705c (fuzz: Add support for custom crossover functions)
> ERROR: space required before the open parenthesis '('
> #30: FILE: tests/qtest/fuzz/fuzz.c:127:
> +    if(fuzz_target->crossover) {
> 
> WARNING: line over 80 characters
> #59: FILE: tests/qtest/fuzz/fuzz.h:91:
> +     * seed: the seed that should be used to make mutations deterministic, when needed
> 
> total: 1 errors, 1 warnings, 57 lines checked
> 
> Patch 7/15 has style problems, please review.  If any of these errors
> are false positives report them to the maintainer, see
> CHECKPATCH in MAINTAINERS.
> 
> 8/15 Checking commit 5c579c959fec (fuzz: add a DISABLE_PCI op to general-fuzzer)
> ERROR: do not initialise statics to 0 or NULL
> #30: FILE: tests/qtest/fuzz/general_fuzz.c:97:
> +static bool pci_disabled = false;
> 
> total: 1 errors, 0 warnings, 55 lines checked
> 
> Patch 8/15 has style problems, please review.  If any of these errors
> are false positives report them to the maintainer, see
> CHECKPATCH in MAINTAINERS.
> 
> 9/15 Checking commit 3452c68ac630 (fuzz: add a crossover function to generic-fuzzer)
> ERROR: do not use C99 // comments
> #49: FILE: tests/qtest/fuzz/general_fuzz.c:773:
> +    // Copy in the first input
> 
> ERROR: spaces required around that '+' (ctx:VxV)
> #51: FILE: tests/qtest/fuzz/general_fuzz.c:775:
> +    memcpy(out+size, data1, copy);
>                ^
> 
> ERROR: spaces required around that '+=' (ctx:VxW)
> #52: FILE: tests/qtest/fuzz/general_fuzz.c:776:
> +    size+= copy;
>          ^
> 
> ERROR: spaces required around that '-=' (ctx:VxW)
> #53: FILE: tests/qtest/fuzz/general_fuzz.c:777:
> +    max_out_size-= copy;
>                  ^
> 
> ERROR: do not use C99 // comments
> #55: FILE: tests/qtest/fuzz/general_fuzz.c:779:
> +    // Append a separator
> 
> ERROR: spaces required around that '+' (ctx:VxV)
> #57: FILE: tests/qtest/fuzz/general_fuzz.c:781:
> +    memcpy(out+size, SEPARATOR, copy);
>                ^
> 
> ERROR: spaces required around that '+=' (ctx:VxW)
> #58: FILE: tests/qtest/fuzz/general_fuzz.c:782:
> +    size+= copy;
>          ^
> 
> ERROR: spaces required around that '-=' (ctx:VxW)
> #59: FILE: tests/qtest/fuzz/general_fuzz.c:783:
> +    max_out_size-= copy;
>                  ^
> 
> ERROR: do not use C99 // comments
> #61: FILE: tests/qtest/fuzz/general_fuzz.c:785:
> +    // Clear out the
> 
> ERROR: spaces required around that '+=' (ctx:VxW)
> #66: FILE: tests/qtest/fuzz/general_fuzz.c:790:
> +    size+= copy;
>          ^
> 
> ERROR: spaces required around that '-=' (ctx:VxW)
> #67: FILE: tests/qtest/fuzz/general_fuzz.c:791:
> +    max_out_size-= copy;
>                  ^
> 
> ERROR: spaces required around that '+' (ctx:VxV)
> #70: FILE: tests/qtest/fuzz/general_fuzz.c:794:
> +    memcpy(out+size, SEPARATOR, copy);
>                ^
> 
> ERROR: spaces required around that '+=' (ctx:VxW)
> #71: FILE: tests/qtest/fuzz/general_fuzz.c:795:
> +    size+= copy;
>          ^
> 
> ERROR: spaces required around that '-=' (ctx:VxW)
> #72: FILE: tests/qtest/fuzz/general_fuzz.c:796:
> +    max_out_size-= copy;
>                  ^
> 
> ERROR: spaces required around that '+=' (ctx:VxW)
> #78: FILE: tests/qtest/fuzz/general_fuzz.c:802:
> +    size+= copy;
>          ^
> 
> ERROR: spaces required around that '-=' (ctx:VxW)
> #79: FILE: tests/qtest/fuzz/general_fuzz.c:803:
> +    max_out_size-= copy;
>                  ^
> 
> ERROR: spaces required around that '+' (ctx:VxV)
> #82: FILE: tests/qtest/fuzz/general_fuzz.c:806:
> +    memcpy(out+size, SEPARATOR, copy);
>                ^
> 
> ERROR: spaces required around that '+=' (ctx:VxW)
> #83: FILE: tests/qtest/fuzz/general_fuzz.c:807:
> +    size+= copy;
>          ^
> 
> ERROR: spaces required around that '-=' (ctx:VxW)
> #84: FILE: tests/qtest/fuzz/general_fuzz.c:808:
> +    max_out_size-= copy;
>                  ^
> 
> ERROR: spaces required around that '+' (ctx:VxV)
> #87: FILE: tests/qtest/fuzz/general_fuzz.c:811:
> +    memcpy(out+size, data2, copy);
>                ^
> 
> ERROR: spaces required around that '+=' (ctx:VxW)
> #88: FILE: tests/qtest/fuzz/general_fuzz.c:812:
> +    size+= copy;
>          ^
> 
> ERROR: spaces required around that '-=' (ctx:VxW)
> #89: FILE: tests/qtest/fuzz/general_fuzz.c:813:
> +    max_out_size-= copy;
>                  ^
> 
> total: 22 errors, 0 warnings, 93 lines checked
> 
> Patch 9/15 has style problems, please review.  If any of these errors
> are false positives report them to the maintainer, see
> CHECKPATCH in MAINTAINERS.
> 
> 10/15 Checking commit 8973b6e31476 (scripts/oss-fuzz: Add wrapper program for generic fuzzer)
> WARNING: added, moved or deleted file(s), does MAINTAINERS need updating?
> #19: 
> new file mode 100644
> 
> total: 0 errors, 1 warnings, 40 lines checked
> 
> Patch 10/15 has style problems, please review.  If any of these errors
> are false positives report them to the maintainer, see
> CHECKPATCH in MAINTAINERS.
> 11/15 Checking commit 54db062fafe0 (scripts/oss-fuzz: Add general-fuzzer build script)
> WARNING: added, moved or deleted file(s), does MAINTAINERS need updating?
> #17: 
> new file mode 100755
> 
> total: 0 errors, 1 warnings, 62 lines checked
> 
> Patch 11/15 has style problems, please review.  If any of these errors
> are false positives report them to the maintainer, see
> CHECKPATCH in MAINTAINERS.
> 12/15 Checking commit 559cd365394c (scripts/oss-fuzz: Add general-fuzzer configs for oss-fuzz)
> WARNING: added, moved or deleted file(s), does MAINTAINERS need updating?
> #16: 
> new file mode 100644
> 
> total: 0 errors, 1 warnings, 103 lines checked
> 
> Patch 12/15 has style problems, please review.  If any of these errors
> are false positives report them to the maintainer, see
> CHECKPATCH in MAINTAINERS.
> 13/15 Checking commit 565c5c5cec66 (scripts/oss-fuzz: build the general-fuzzer configs)
> 14/15 Checking commit ae04d9edfe56 (scripts/oss-fuzz: Add script to reorder a general-fuzzer trace)
> WARNING: added, moved or deleted file(s), does MAINTAINERS need updating?
> #21: 
> new file mode 100755
> 
> total: 0 errors, 1 warnings, 94 lines checked
> 
> Patch 14/15 has style problems, please review.  If any of these errors
> are false positives report them to the maintainer, see
> CHECKPATCH in MAINTAINERS.
> 15/15 Checking commit a8e119d529aa (scripts/oss-fuzz: Add crash trace minimization script)
> WARNING: added, moved or deleted file(s), does MAINTAINERS need updating?
> #16: 
> new file mode 100755
> 
> total: 0 errors, 1 warnings, 118 lines checked
> 
> Patch 15/15 has style problems, please review.  If any of these errors
> are false positives report them to the maintainer, see
> CHECKPATCH in MAINTAINERS.
> === OUTPUT END ===
> 
> Test command exited with code: 1
> 
> 
> The full log is available at
> http://patchew.org/logs/20200819061110.1320568-1-alxndr@bu.edu/testing.checkpatch/?type=message.
> ---
> Email generated automatically by Patchew [https://patchew.org/].
> Please send your feedback to patchew-devel@redhat.com

Patchew 2.1-devel-b67e4c2

© 2016 - 2026 Red Hat, Inc.