[RFC PATCH 3/5] tests: add a sdhci reproducer

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[RFC PATCH 3/5] tests: add a sdhci reproducer

From:	Alexander Bulekov
Subject:	[RFC PATCH 3/5] tests: add a sdhci reproducer
Date:	Thu, 18 Feb 2021 16:12:21 -0500

This patch serves as an example of a file generated with the
./scripts/oss-fuzz/output_reproducer.py script:
The source file in this patch was generated like this:

$ wget https://paste.debian.net/plain/118513 -O /tmp/trace
$ export QEMU_ARGS="-nographic -machine accel=qtest -m 512M \
-nodefaults -device sdhci-pci,sd-spec-version=3 -drive \
if=sd,index=0,file=null-co://,format=raw,id=mydrive \
-device sd-card,drive=mydrive -qtest stdio"
$ export QEMU_PATH=./qemu-system-i386
$ ./scripts/oss-fuzz/output_reproducer.py \
-owner "Alexander Bulekov <alxndr@bu.edu>" /tmp/trace | \
clang-format -style="{BasedOnStyle: llvm, IndentWidth: 4, \
ColumnLimit: 90, BreakBeforeBraces: Linux}" > ../tests/qtest/fuzz-sdhci.c

Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
---
 tests/qtest/fuzz-sdhci.c | 90 ++++++++++++++++++++++++++++++++++++++++
 tests/qtest/meson.build  |  2 +
 2 files changed, 92 insertions(+)
 create mode 100644 tests/qtest/fuzz-sdhci.c

diff --git a/tests/qtest/fuzz-sdhci.c b/tests/qtest/fuzz-sdhci.c
new file mode 100644
index 0000000000..0ce7378c69
--- /dev/null
+++ b/tests/qtest/fuzz-sdhci.c
@@ -0,0 +1,90 @@
+/*
+ * Autogenerated Fuzzer Test Case
+ *
+ * Copyright (c) 2021 Alexander Bulekov <alxndr@bu.edu>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#include "qemu/osdep.h"
+
+#include "libqos/libqtest.h"
+
+/*
+ * cat << EOF | ./qemu-system-i386 -nographic -machine accel=qtest -m 512M \
+ * -nodefaults -device sdhci-pci,sd-spec-version=3 -drive \
+ * if=sd,index=0,file=null-co://,format=raw,id=mydrive -device \
+ * sd-card,drive=mydrive -qtest stdio
+ * outl 0xcf8 0x80001010
+ * outl 0xcfc 0xfbefff00
+ * outl 0xcf8 0x80001001
+ * outl 0xcfc 0x06000000
+ * write 0xfbefff2c 0x1 0x05
+ * write 0xfbefff0f 0x1 0x37
+ * write 0xfbefff0a 0x1 0x01
+ * write 0xfbefff0f 0x1 0x29
+ * write 0xfbefff0f 0x1 0x02
+ * write 0xfbefff0f 0x1 0x03
+ * write 0xfbefff04 0x1 0x01
+ * write 0xfbefff05 0x1 0x01
+ * write 0xfbefff07 0x1 0x02
+ * write 0xfbefff0c 0x1 0x33
+ * write 0xfbefff0e 0x1 0x20
+ * write 0xfbefff0f 0x1 0x00
+ * write 0xfbefff2a 0x1 0x01
+ * write 0xfbefff0c 0x1 0x00
+ * write 0xfbefff03 0x1 0x00
+ * write 0xfbefff05 0x1 0x00
+ * write 0xfbefff2a 0x1 0x02
+ * write 0xfbefff0c 0x1 0x32
+ * write 0xfbefff01 0x1 0x01
+ * write 0xfbefff02 0x1 0x01
+ * write 0xfbefff03 0x1 0x01
+ * EOF
+ */
+static void test_fuzz(void)
+{
+    QTestState *s =
+        qtest_init("-nographic  -m 512M -nodefaults -device 
sdhci-pci,sd-spec-version=3 "
+                   "-drive if=sd,index=0,file=null-co://,format=raw,id=mydrive 
-device "
+                   "sd-card,drive=mydrive ");
+    qtest_outl(s, 0xcf8, 0x80001010);
+    qtest_outl(s, 0xcfc, 0xfbefff00);
+    qtest_outl(s, 0xcf8, 0x80001001);
+    qtest_outl(s, 0xcfc, 0x06000000);
+    qtest_bufwrite(s, 0xfbefff2c, "\x05", 0x1);
+    qtest_bufwrite(s, 0xfbefff0f, "\x37", 0x1);
+    qtest_bufwrite(s, 0xfbefff0a, "\x01", 0x1);
+    qtest_bufwrite(s, 0xfbefff0f, "\x29", 0x1);
+    qtest_bufwrite(s, 0xfbefff0f, "\x02", 0x1);
+    qtest_bufwrite(s, 0xfbefff0f, "\x03", 0x1);
+    qtest_bufwrite(s, 0xfbefff04, "\x01", 0x1);
+    qtest_bufwrite(s, 0xfbefff05, "\x01", 0x1);
+    qtest_bufwrite(s, 0xfbefff07, "\x02", 0x1);
+    qtest_bufwrite(s, 0xfbefff0c, "\x33", 0x1);
+    qtest_bufwrite(s, 0xfbefff0e, "\x20", 0x1);
+    qtest_bufwrite(s, 0xfbefff0f, "\x00", 0x1);
+    qtest_bufwrite(s, 0xfbefff2a, "\x01", 0x1);
+    qtest_bufwrite(s, 0xfbefff0c, "\x00", 0x1);
+    qtest_bufwrite(s, 0xfbefff03, "\x00", 0x1);
+    qtest_bufwrite(s, 0xfbefff05, "\x00", 0x1);
+    qtest_bufwrite(s, 0xfbefff2a, "\x02", 0x1);
+    qtest_bufwrite(s, 0xfbefff0c, "\x32", 0x1);
+    qtest_bufwrite(s, 0xfbefff01, "\x01", 0x1);
+    qtest_bufwrite(s, 0xfbefff02, "\x01", 0x1);
+    qtest_bufwrite(s, 0xfbefff03, "\x01", 0x1);
+    qtest_quit(s);
+}
+int main(int argc, char **argv)
+{
+    const char *arch = qtest_get_arch();
+
+    g_test_init(&argc, &argv, NULL);
+
+    if (strcmp(arch, "i386") == 0) {
+        qtest_add_func("fuzz/test_fuzz", test_fuzz);
+    }
+
+    return g_test_run();
+}
diff --git a/tests/qtest/meson.build b/tests/qtest/meson.build
index c83bc211b6..97caf84443 100644
--- a/tests/qtest/meson.build
+++ b/tests/qtest/meson.build
@@ -56,6 +56,8 @@ qtests_i386 = \
    'rtc-test',
    'i440fx-test',
    'fuzz-test',
+   'fuzz-sdhci',
+   'sdhci-test',
    'fw_cfg-test',
    'device-plug-test',
    'drive_del-test',
-- 
2.28.0

[Prev in Thread]

Current Thread

[Next in Thread]

[RFC PATCH 0/5] fuzz: add a script to help build reproducers, Alexander Bulekov, 2021/02/18
- [RFC PATCH 1/5] fuzz: add a script to build reproducers, Alexander Bulekov, 2021/02/18
- [RFC PATCH 3/5] tests: add a sdhci reproducer, Alexander Bulekov <=
  - Re: [RFC PATCH 3/5] tests: add a sdhci reproducer, Philippe Mathieu-Daudé, 2021/02/19
    - Re: [RFC PATCH 3/5] tests: add a sdhci reproducer, Alexander Bulekov, 2021/02/19
- [RFC PATCH 4/5] tests: add another sdhci reproducer, Alexander Bulekov, 2021/02/18
- [RFC PATCH 5/5] tests: add a xhci reproducer, Alexander Bulekov, 2021/02/18
- [RFC PATCH 2/5] fuzz: add instructions for building reproducers, Alexander Bulekov, 2021/02/18

Prev by Date: [RFC PATCH 1/5] fuzz: add a script to build reproducers
Next by Date: [RFC PATCH 4/5] tests: add another sdhci reproducer
Previous by thread: [RFC PATCH 1/5] fuzz: add a script to build reproducers
Next by thread: Re: [RFC PATCH 3/5] tests: add a sdhci reproducer
Index(es):
- Date
- Thread