qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: pending fuzzing patches (was Re: [PATCH 2/2] fuzz: log the arguments

From: Alexander Bulekov
Subject: Re: pending fuzzing patches (was Re: [PATCH 2/2] fuzz: log the arguments used to initialize QEMU)
Date: Mon, 18 Jan 2021 08:54:58 -0500 
On 210118 1030, Thomas Huth wrote:
> On 18/01/2021 09.43, Paolo Bonzini wrote:
> > On 17/01/21 21:10, Alexander Bulekov wrote:
> > > This is useful for building reproducers. Instead checking the code or
> > > the QEMU_FUZZ_ARGS, the arguments are at the top of the crash log.
> > > 
> > > Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
> > > ---
> > >   tests/qtest/fuzz/fuzz.c | 11 ++++++++++-
> > >   1 file changed, 10 insertions(+), 1 deletion(-)
> > > 
> > > diff --git a/tests/qtest/fuzz/fuzz.c b/tests/qtest/fuzz/fuzz.c
> > > index 238866a037..496d11a231 100644
> > > --- a/tests/qtest/fuzz/fuzz.c
> > > +++ b/tests/qtest/fuzz/fuzz.c
> > > @@ -159,6 +159,8 @@ int LLVMFuzzerInitialize(int *argc, char
> > > ***argv, char ***envp)
> > >       char *target_name;
> > >       const char *bindir;
> > >       char *datadir;
> > > +    GString *cmd_line;
> > > +    gchar *pretty_cmd_line;
> > >       bool serialize = false;
> > >       /* Initialize qgraph and modules */
> > > @@ -217,7 +219,7 @@ int LLVMFuzzerInitialize(int *argc, char
> > > ***argv, char ***envp)
> > >       }
> > >       /* Run QEMU's softmmu main with the fuzz-target dependent arguments 
> > > */
> > > -    GString *cmd_line = fuzz_target->get_init_cmdline(fuzz_target);
> > > +    cmd_line = fuzz_target->get_init_cmdline(fuzz_target);
> > >       g_string_append_printf(cmd_line, " %s -qtest /dev/null ",
> > >                              getenv("QTEST_LOG") ? "" : "-qtest-log 
> > > none");
> > > @@ -226,6 +228,13 @@ int LLVMFuzzerInitialize(int *argc, char
> > > ***argv, char ***envp)
> > >       wordexp(cmd_line->str, &result, 0);
> > >       g_string_free(cmd_line, true);
> > > +    if (getenv("QTEST_LOG")) {
> > > +        pretty_cmd_line  = g_strjoinv(" ", result.we_wordv + 1);
> > > +        printf("Starting %s with Arguments: %s\n",
> > > +                result.we_wordv[0], pretty_cmd_line);
> > > +        g_free(pretty_cmd_line);
> > > +    }
> > > +
> > >       qemu_init(result.we_wordc, result.we_wordv, NULL);
> > >       /* re-enable the rcu atfork, which was previously disabled in
> > > qemu_init */
> > > 
> > 
> > Hi Alexander, can you send _me_ a pull request for all the pending
> > fuzzing patches?  I haven't paid much attention, but I have seen
> > external contributions and I have the feeling that they aren't being
> > applied/reviewed promptly.
> 
> I'm normally taking the fuzzing patches through the qtest tree (and also
> merged some contributions last week, see 22ec0c696fd28e and the following
> commits) ... which patch series that got missed did you have in mind?
> 
> Anyway, the amount of fuzzer patches seems to have increased during the last
> weeks, and I'm not very familiar with the fuzzing stuff and also sometimes I
> do not get CC:-ed on fuzzing patches, so it might make sense indeed that
> Alexander now gathers the fuzzing patches and starts sending pull requests
> for these. Alexander, do you want to have a try now?
> 

Sure - I'll wait for both remaining series to be fully reviewed. Then
I'll follow this: https://wiki.qemu.org/Contribute/SubmitAPullRequest
-Alex


>  Thomas
>
reply via email to
[Prev in Thread] Current Thread [Next in Thread]