This patch serves as an example of a file generated with the
./scripts/oss-fuzz/output_reproducer.py script:
The source file in this patch was generated like this:
$ wget https://paste.debian.net/plain/118513 -O /tmp/trace
$ export QEMU_ARGS="-nographic -machine accel=qtest -m 512M \
-nodefaults -device sdhci-pci,sd-spec-version=3 -drive \
if=sd,index=0,file=null-co://,format=raw,id=mydrive \
-device sd-card,drive=mydrive -qtest stdio"
$ export QEMU_PATH=./qemu-system-i386
$ ./scripts/oss-fuzz/output_reproducer.py \
-owner "Alexander Bulekov <alxndr@bu.edu>" /tmp/trace | \
clang-format -style="{BasedOnStyle: llvm, IndentWidth: 4, \
ColumnLimit: 90, BreakBeforeBraces: Linux}" > ../tests/qtest/fuzz-sdhci.c
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
---
tests/qtest/fuzz-sdhci.c | 90 ++++++++++++++++++++++++++++++++++++++++
tests/qtest/meson.build | 2 +
2 files changed, 92 insertions(+)
create mode 100644 tests/qtest/fuzz-sdhci.c
diff --git a/tests/qtest/fuzz-sdhci.c b/tests/qtest/fuzz-sdhci.c
new file mode 100644
index 0000000000..0ce7378c69
--- /dev/null
+++ b/tests/qtest/fuzz-sdhci.c
@@ -0,0 +1,90 @@
+/*
+ * Autogenerated Fuzzer Test Case
+ *
+ * Copyright (c) 2021 Alexander Bulekov <alxndr@bu.edu>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#include "qemu/osdep.h"
+
+#include "libqos/libqtest.h"
+
+/*
+ * cat << EOF | ./qemu-system-i386 -nographic -machine accel=qtest -m 512M \
+ * -nodefaults -device sdhci-pci,sd-spec-version=3 -drive \
+ * if=sd,index=0,file=null-co://,format=raw,id=mydrive -device \
+ * sd-card,drive=mydrive -qtest stdio
+ * outl 0xcf8 0x80001010
+ * outl 0xcfc 0xfbefff00
+ * outl 0xcf8 0x80001001
+ * outl 0xcfc 0x06000000
+ * write 0xfbefff2c 0x1 0x05
+ * write 0xfbefff0f 0x1 0x37
+ * write 0xfbefff0a 0x1 0x01
+ * write 0xfbefff0f 0x1 0x29
+ * write 0xfbefff0f 0x1 0x02
+ * write 0xfbefff0f 0x1 0x03
+ * write 0xfbefff04 0x1 0x01
+ * write 0xfbefff05 0x1 0x01
+ * write 0xfbefff07 0x1 0x02
+ * write 0xfbefff0c 0x1 0x33
+ * write 0xfbefff0e 0x1 0x20
+ * write 0xfbefff0f 0x1 0x00
+ * write 0xfbefff2a 0x1 0x01
+ * write 0xfbefff0c 0x1 0x00
+ * write 0xfbefff03 0x1 0x00
+ * write 0xfbefff05 0x1 0x00
+ * write 0xfbefff2a 0x1 0x02
+ * write 0xfbefff0c 0x1 0x32
+ * write 0xfbefff01 0x1 0x01
+ * write 0xfbefff02 0x1 0x01
+ * write 0xfbefff03 0x1 0x01
+ * EOF
+ */
+static void test_fuzz(void)
+{
+ QTestState *s =
+ qtest_init("-nographic -m 512M -nodefaults -device sdhci-pci,sd-spec-version=3 "
+ "-drive if=sd,index=0,file=null-co://,format=raw,id=mydrive -device "
+ "sd-card,drive=mydrive ");
+ qtest_outl(s, 0xcf8, 0x80001010);
+ qtest_outl(s, 0xcfc, 0xfbefff00);
+ qtest_outl(s, 0xcf8, 0x80001001);
+ qtest_outl(s, 0xcfc, 0x06000000);
+ qtest_bufwrite(s, 0xfbefff2c, "\x05", 0x1);
+ qtest_bufwrite(s, 0xfbefff0f, "\x37", 0x1);
+ qtest_bufwrite(s, 0xfbefff0a, "\x01", 0x1);
+ qtest_bufwrite(s, 0xfbefff0f, "\x29", 0x1);
+ qtest_bufwrite(s, 0xfbefff0f, "\x02", 0x1);
+ qtest_bufwrite(s, 0xfbefff0f, "\x03", 0x1);
+ qtest_bufwrite(s, 0xfbefff04, "\x01", 0x1);
+ qtest_bufwrite(s, 0xfbefff05, "\x01", 0x1);
+ qtest_bufwrite(s, 0xfbefff07, "\x02", 0x1);
+ qtest_bufwrite(s, 0xfbefff0c, "\x33", 0x1);
+ qtest_bufwrite(s, 0xfbefff0e, "\x20", 0x1);
+ qtest_bufwrite(s, 0xfbefff0f, "\x00", 0x1);
+ qtest_bufwrite(s, 0xfbefff2a, "\x01", 0x1);
+ qtest_bufwrite(s, 0xfbefff0c, "\x00", 0x1);
+ qtest_bufwrite(s, 0xfbefff03, "\x00", 0x1);
+ qtest_bufwrite(s, 0xfbefff05, "\x00", 0x1);
+ qtest_bufwrite(s, 0xfbefff2a, "\x02", 0x1);
+ qtest_bufwrite(s, 0xfbefff0c, "\x32", 0x1);
+ qtest_bufwrite(s, 0xfbefff01, "\x01", 0x1);
+ qtest_bufwrite(s, 0xfbefff02, "\x01", 0x1);
+ qtest_bufwrite(s, 0xfbefff03, "\x01", 0x1);
+ qtest_quit(s);
+}
+int main(int argc, char **argv)
+{
+ const char *arch = qtest_get_arch();
+
+ g_test_init(&argc, &argv, NULL);
+
+ if (strcmp(arch, "i386") == 0) {
+ qtest_add_func("fuzz/test_fuzz", test_fuzz);
+ }
+
+ return g_test_run();
+}
diff --git a/tests/qtest/meson.build b/tests/qtest/meson.build
index c83bc211b6..97caf84443 100644
--- a/tests/qtest/meson.build
+++ b/tests/qtest/meson.build
@@ -56,6 +56,8 @@ qtests_i386 = \
'rtc-test',
'i440fx-test',
'fuzz-test',
+ 'fuzz-sdhci',
+ 'sdhci-test',
'fw_cfg-test',
'device-plug-test',
'drive_del-test',
--
2.28.0
On 2/18/21 10:12 PM, Alexander Bulekov wrote:
> This patch serves as an example of a file generated with the
> ./scripts/oss-fuzz/output_reproducer.py script:
> The source file in this patch was generated like this:
>
> $ wget https://paste.debian.net/plain/118513 -O /tmp/trace
> $ export QEMU_ARGS="-nographic -machine accel=qtest -m 512M \
> -nodefaults -device sdhci-pci,sd-spec-version=3 -drive \
> if=sd,index=0,file=null-co://,format=raw,id=mydrive \
> -device sd-card,drive=mydrive -qtest stdio"
> $ export QEMU_PATH=./qemu-system-i386
> $ ./scripts/oss-fuzz/output_reproducer.py \
> -owner "Alexander Bulekov <alxndr@bu.edu>" /tmp/trace | \
> clang-format -style="{BasedOnStyle: llvm, IndentWidth: 4, \
> ColumnLimit: 90, BreakBeforeBraces: Linux}" > ../tests/qtest/fuzz-sdhci.c
>
> Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
> ---
> tests/qtest/fuzz-sdhci.c | 90 ++++++++++++++++++++++++++++++++++++++++
> tests/qtest/meson.build | 2 +
> 2 files changed, 92 insertions(+)
> create mode 100644 tests/qtest/fuzz-sdhci.c
...
> diff --git a/tests/qtest/meson.build b/tests/qtest/meson.build
> index c83bc211b6..97caf84443 100644
> --- a/tests/qtest/meson.build
> +++ b/tests/qtest/meson.build
> @@ -56,6 +56,8 @@ qtests_i386 = \
> 'rtc-test',
> 'i440fx-test',
> 'fuzz-test',
> + 'fuzz-sdhci',
> + 'sdhci-test',
This line ^ belongs to the next patch.
> 'fw_cfg-test',
> 'device-plug-test',
> 'drive_del-test',
>
On 210219 2306, Philippe Mathieu-Daudé wrote:
> On 2/18/21 10:12 PM, Alexander Bulekov wrote:
> > This patch serves as an example of a file generated with the
> > ./scripts/oss-fuzz/output_reproducer.py script:
> > The source file in this patch was generated like this:
> >
> > $ wget https://paste.debian.net/plain/118513 -O /tmp/trace
> > $ export QEMU_ARGS="-nographic -machine accel=qtest -m 512M \
> > -nodefaults -device sdhci-pci,sd-spec-version=3 -drive \
> > if=sd,index=0,file=null-co://,format=raw,id=mydrive \
> > -device sd-card,drive=mydrive -qtest stdio"
> > $ export QEMU_PATH=./qemu-system-i386
> > $ ./scripts/oss-fuzz/output_reproducer.py \
> > -owner "Alexander Bulekov <alxndr@bu.edu>" /tmp/trace | \
> > clang-format -style="{BasedOnStyle: llvm, IndentWidth: 4, \
> > ColumnLimit: 90, BreakBeforeBraces: Linux}" > ../tests/qtest/fuzz-sdhci.c
> >
> > Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
> > ---
> > tests/qtest/fuzz-sdhci.c | 90 ++++++++++++++++++++++++++++++++++++++++
> > tests/qtest/meson.build | 2 +
> > 2 files changed, 92 insertions(+)
> > create mode 100644 tests/qtest/fuzz-sdhci.c
> ...
>
> > diff --git a/tests/qtest/meson.build b/tests/qtest/meson.build
> > index c83bc211b6..97caf84443 100644
> > --- a/tests/qtest/meson.build
> > +++ b/tests/qtest/meson.build
> > @@ -56,6 +56,8 @@ qtests_i386 = \
> > 'rtc-test',
> > 'i440fx-test',
> > 'fuzz-test',
> > + 'fuzz-sdhci',
> > + 'sdhci-test',
>
> This line ^ belongs to the next patch.
I think the line doesn't belong at all. The next patch justs adds to
fuzz-sdhci.c
>
> > 'fw_cfg-test',
> > 'device-plug-test',
> > 'drive_del-test',
> >
© 2016 - 2026 Red Hat, Inc.