| Message ID | 20200819061110.1320568-1-alxndr@bu.edu (mailing list archive) |
|---|---|
| Headers | show |
| Series | Add a General Virtual Device Fuzzer | expand |
Patchew URL: https://patchew.org/QEMU/20200819061110.1320568-1-alxndr@bu.edu/
Hi,
This series seems to have some coding style problems. See output below for
more information:
Type: series
Message-id: 20200819061110.1320568-1-alxndr@bu.edu
Subject: [PATCH v2 00/15] Add a General Virtual Device Fuzzer
=== TEST SCRIPT BEGIN ===
#!/bin/bash
git rev-parse base > /dev/null || exit 0
git config --local diff.renamelimit 0
git config --local diff.renames True
git config --local diff.algorithm histogram
./scripts/checkpatch.pl --mailback base..
=== TEST SCRIPT END ===
Switched to a new branch 'test'
a8e119d scripts/oss-fuzz: Add crash trace minimization script
ae04d9e scripts/oss-fuzz: Add script to reorder a general-fuzzer trace
565c5c5 scripts/oss-fuzz: build the general-fuzzer configs
559cd36 scripts/oss-fuzz: Add general-fuzzer configs for oss-fuzz
54db062 scripts/oss-fuzz: Add general-fuzzer build script
8973b6e scripts/oss-fuzz: Add wrapper program for generic fuzzer
3452c68 fuzz: add a crossover function to generic-fuzzer
5c579c9 fuzz: add a DISABLE_PCI op to general-fuzzer
4f50ecd fuzz: Add support for custom crossover functions
95bd76d fuzz: Add fuzzer callbacks to DMA-read functions
89e6484 fuzz: Declare DMA Read callback function
a5441b1 fuzz: Add DMA support to the generic-fuzzer
9bd3375 fuzz: Add PCI features to the general fuzzer
a2759f3 fuzz: Add general virtual-device fuzzer
f9c6ddd fuzz: Change the way we write qtest log to stderr
=== OUTPUT BEGIN ===
1/15 Checking commit f9c6ddda8115 (fuzz: Change the way we write qtest log to stderr)
2/15 Checking commit a2759f329ffa (fuzz: Add general virtual-device fuzzer)
WARNING: added, moved or deleted file(s), does MAINTAINERS need updating?
#31:
new file mode 100644
ERROR: missing space after enum definition
#68: FILE: tests/qtest/fuzz/general_fuzz.c:33:
+enum cmds{
ERROR: line over 90 characters
#108: FILE: tests/qtest/fuzz/general_fuzz.c:73:
+ AddressSpace *as = (io_space == get_system_memory()) ? &address_space_memory : &address_space_io;
ERROR: line over 90 characters
#124: FILE: tests/qtest/fuzz/general_fuzz.c:89:
+ if(address_space_translate(as, abs_addr, &xlat, &len, true, MEMTXATTRS_UNSPECIFIED) == mr){
ERROR: space required before the open brace '{'
#124: FILE: tests/qtest/fuzz/general_fuzz.c:89:
+ if(address_space_translate(as, abs_addr, &xlat, &len, true, MEMTXATTRS_UNSPECIFIED) == mr){
ERROR: space required before the open parenthesis '('
#124: FILE: tests/qtest/fuzz/general_fuzz.c:89:
+ if(address_space_translate(as, abs_addr, &xlat, &len, true, MEMTXATTRS_UNSPECIFIED) == mr){
ERROR: space required before the open brace '{'
#128: FILE: tests/qtest/fuzz/general_fuzz.c:93:
+ if(mr->size){
ERROR: space required before the open parenthesis '('
#128: FILE: tests/qtest/fuzz/general_fuzz.c:93:
+ if(mr->size){
ERROR: spaces required around that '-' (ctx:VxV)
#131: FILE: tests/qtest/fuzz/general_fuzz.c:96:
+ result->len = mr->size-(result->addr-abs_addr);
^
ERROR: spaces required around that '-' (ctx:VxV)
#131: FILE: tests/qtest/fuzz/general_fuzz.c:96:
+ result->len = mr->size-(result->addr-abs_addr);
^
ERROR: space prohibited between function name and open parenthesis '('
#483: FILE: tests/qtest/fuzz/general_fuzz.c:448:
+ char **result = g_strsplit (getenv("QEMU_FUZZ_OBJECTS"), " ", -1);
ERROR: space required before the open brace '{'
#500: FILE: tests/qtest/fuzz/general_fuzz.c:465:
+ if(!fuzzable_memoryregions->len){
ERROR: space required before the open parenthesis '('
#500: FILE: tests/qtest/fuzz/general_fuzz.c:465:
+ if(!fuzzable_memoryregions->len){
total: 12 errors, 1 warnings, 501 lines checked
Patch 2/15 has style problems, please review. If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
3/15 Checking commit 9bd3375b88bc (fuzz: Add PCI features to the general fuzzer)
4/15 Checking commit a5441b1099c7 (fuzz: Add DMA support to the generic-fuzzer)
ERROR: externs should be avoided in .c files
#84: FILE: tests/qtest/fuzz/general_fuzz.c:97:
+void fuzz_dma_read_cb(size_t addr, size_t len, MemoryRegion *mr, bool is_write);
WARNING: line over 80 characters
#129: FILE: tests/qtest/fuzz/general_fuzz.c:142:
+ || (mr != MACHINE(qdev_get_machine())->ram && !(mr->ops == &unassigned_mem_ops))
total: 1 errors, 1 warnings, 247 lines checked
Patch 4/15 has style problems, please review. If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
5/15 Checking commit 89e64845b1dd (fuzz: Declare DMA Read callback function)
6/15 Checking commit 95bd76d180c1 (fuzz: Add fuzzer callbacks to DMA-read functions)
7/15 Checking commit 4f50ecd4705c (fuzz: Add support for custom crossover functions)
ERROR: space required before the open parenthesis '('
#30: FILE: tests/qtest/fuzz/fuzz.c:127:
+ if(fuzz_target->crossover) {
WARNING: line over 80 characters
#59: FILE: tests/qtest/fuzz/fuzz.h:91:
+ * seed: the seed that should be used to make mutations deterministic, when needed
total: 1 errors, 1 warnings, 57 lines checked
Patch 7/15 has style problems, please review. If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
8/15 Checking commit 5c579c959fec (fuzz: add a DISABLE_PCI op to general-fuzzer)
ERROR: do not initialise statics to 0 or NULL
#30: FILE: tests/qtest/fuzz/general_fuzz.c:97:
+static bool pci_disabled = false;
total: 1 errors, 0 warnings, 55 lines checked
Patch 8/15 has style problems, please review. If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
9/15 Checking commit 3452c68ac630 (fuzz: add a crossover function to generic-fuzzer)
ERROR: do not use C99 // comments
#49: FILE: tests/qtest/fuzz/general_fuzz.c:773:
+ // Copy in the first input
ERROR: spaces required around that '+' (ctx:VxV)
#51: FILE: tests/qtest/fuzz/general_fuzz.c:775:
+ memcpy(out+size, data1, copy);
^
ERROR: spaces required around that '+=' (ctx:VxW)
#52: FILE: tests/qtest/fuzz/general_fuzz.c:776:
+ size+= copy;
^
ERROR: spaces required around that '-=' (ctx:VxW)
#53: FILE: tests/qtest/fuzz/general_fuzz.c:777:
+ max_out_size-= copy;
^
ERROR: do not use C99 // comments
#55: FILE: tests/qtest/fuzz/general_fuzz.c:779:
+ // Append a separator
ERROR: spaces required around that '+' (ctx:VxV)
#57: FILE: tests/qtest/fuzz/general_fuzz.c:781:
+ memcpy(out+size, SEPARATOR, copy);
^
ERROR: spaces required around that '+=' (ctx:VxW)
#58: FILE: tests/qtest/fuzz/general_fuzz.c:782:
+ size+= copy;
^
ERROR: spaces required around that '-=' (ctx:VxW)
#59: FILE: tests/qtest/fuzz/general_fuzz.c:783:
+ max_out_size-= copy;
^
ERROR: do not use C99 // comments
#61: FILE: tests/qtest/fuzz/general_fuzz.c:785:
+ // Clear out the
ERROR: spaces required around that '+=' (ctx:VxW)
#66: FILE: tests/qtest/fuzz/general_fuzz.c:790:
+ size+= copy;
^
ERROR: spaces required around that '-=' (ctx:VxW)
#67: FILE: tests/qtest/fuzz/general_fuzz.c:791:
+ max_out_size-= copy;
^
ERROR: spaces required around that '+' (ctx:VxV)
#70: FILE: tests/qtest/fuzz/general_fuzz.c:794:
+ memcpy(out+size, SEPARATOR, copy);
^
ERROR: spaces required around that '+=' (ctx:VxW)
#71: FILE: tests/qtest/fuzz/general_fuzz.c:795:
+ size+= copy;
^
ERROR: spaces required around that '-=' (ctx:VxW)
#72: FILE: tests/qtest/fuzz/general_fuzz.c:796:
+ max_out_size-= copy;
^
ERROR: spaces required around that '+=' (ctx:VxW)
#78: FILE: tests/qtest/fuzz/general_fuzz.c:802:
+ size+= copy;
^
ERROR: spaces required around that '-=' (ctx:VxW)
#79: FILE: tests/qtest/fuzz/general_fuzz.c:803:
+ max_out_size-= copy;
^
ERROR: spaces required around that '+' (ctx:VxV)
#82: FILE: tests/qtest/fuzz/general_fuzz.c:806:
+ memcpy(out+size, SEPARATOR, copy);
^
ERROR: spaces required around that '+=' (ctx:VxW)
#83: FILE: tests/qtest/fuzz/general_fuzz.c:807:
+ size+= copy;
^
ERROR: spaces required around that '-=' (ctx:VxW)
#84: FILE: tests/qtest/fuzz/general_fuzz.c:808:
+ max_out_size-= copy;
^
ERROR: spaces required around that '+' (ctx:VxV)
#87: FILE: tests/qtest/fuzz/general_fuzz.c:811:
+ memcpy(out+size, data2, copy);
^
ERROR: spaces required around that '+=' (ctx:VxW)
#88: FILE: tests/qtest/fuzz/general_fuzz.c:812:
+ size+= copy;
^
ERROR: spaces required around that '-=' (ctx:VxW)
#89: FILE: tests/qtest/fuzz/general_fuzz.c:813:
+ max_out_size-= copy;
^
total: 22 errors, 0 warnings, 93 lines checked
Patch 9/15 has style problems, please review. If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
10/15 Checking commit 8973b6e31476 (scripts/oss-fuzz: Add wrapper program for generic fuzzer)
WARNING: added, moved or deleted file(s), does MAINTAINERS need updating?
#19:
new file mode 100644
total: 0 errors, 1 warnings, 40 lines checked
Patch 10/15 has style problems, please review. If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
11/15 Checking commit 54db062fafe0 (scripts/oss-fuzz: Add general-fuzzer build script)
WARNING: added, moved or deleted file(s), does MAINTAINERS need updating?
#17:
new file mode 100755
total: 0 errors, 1 warnings, 62 lines checked
Patch 11/15 has style problems, please review. If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
12/15 Checking commit 559cd365394c (scripts/oss-fuzz: Add general-fuzzer configs for oss-fuzz)
WARNING: added, moved or deleted file(s), does MAINTAINERS need updating?
#16:
new file mode 100644
total: 0 errors, 1 warnings, 103 lines checked
Patch 12/15 has style problems, please review. If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
13/15 Checking commit 565c5c5cec66 (scripts/oss-fuzz: build the general-fuzzer configs)
14/15 Checking commit ae04d9edfe56 (scripts/oss-fuzz: Add script to reorder a general-fuzzer trace)
WARNING: added, moved or deleted file(s), does MAINTAINERS need updating?
#21:
new file mode 100755
total: 0 errors, 1 warnings, 94 lines checked
Patch 14/15 has style problems, please review. If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
15/15 Checking commit a8e119d529aa (scripts/oss-fuzz: Add crash trace minimization script)
WARNING: added, moved or deleted file(s), does MAINTAINERS need updating?
#16:
new file mode 100755
total: 0 errors, 1 warnings, 118 lines checked
Patch 15/15 has style problems, please review. If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
=== OUTPUT END ===
Test command exited with code: 1
The full log is available at
http://patchew.org/logs/20200819061110.1320568-1-alxndr@bu.edu/testing.checkpatch/?type=message.
---
Email generated automatically by Patchew [https://patchew.org/].
Please send your feedback to patchew-devel@redhat.com
Oops I forgot to do my checkpatch pass. I'll resend this, shortly. -Alex On 200818 2332, no-reply@patchew.org wrote: > Patchew URL: https://patchew.org/QEMU/20200819061110.1320568-1-alxndr@bu.edu/ > > > > Hi, > > This series seems to have some coding style problems. See output below for > more information: > > Type: series > Message-id: 20200819061110.1320568-1-alxndr@bu.edu > Subject: [PATCH v2 00/15] Add a General Virtual Device Fuzzer > > === TEST SCRIPT BEGIN === > #!/bin/bash > git rev-parse base > /dev/null || exit 0 > git config --local diff.renamelimit 0 > git config --local diff.renames True > git config --local diff.algorithm histogram > ./scripts/checkpatch.pl --mailback base.. > === TEST SCRIPT END === > > Switched to a new branch 'test' > a8e119d scripts/oss-fuzz: Add crash trace minimization script > ae04d9e scripts/oss-fuzz: Add script to reorder a general-fuzzer trace > 565c5c5 scripts/oss-fuzz: build the general-fuzzer configs > 559cd36 scripts/oss-fuzz: Add general-fuzzer configs for oss-fuzz > 54db062 scripts/oss-fuzz: Add general-fuzzer build script > 8973b6e scripts/oss-fuzz: Add wrapper program for generic fuzzer > 3452c68 fuzz: add a crossover function to generic-fuzzer > 5c579c9 fuzz: add a DISABLE_PCI op to general-fuzzer > 4f50ecd fuzz: Add support for custom crossover functions > 95bd76d fuzz: Add fuzzer callbacks to DMA-read functions > 89e6484 fuzz: Declare DMA Read callback function > a5441b1 fuzz: Add DMA support to the generic-fuzzer > 9bd3375 fuzz: Add PCI features to the general fuzzer > a2759f3 fuzz: Add general virtual-device fuzzer > f9c6ddd fuzz: Change the way we write qtest log to stderr > > === OUTPUT BEGIN === > 1/15 Checking commit f9c6ddda8115 (fuzz: Change the way we write qtest log to stderr) > 2/15 Checking commit a2759f329ffa (fuzz: Add general virtual-device fuzzer) > WARNING: added, moved or deleted file(s), does MAINTAINERS need updating? > #31: > new file mode 100644 > > ERROR: missing space after enum definition > #68: FILE: tests/qtest/fuzz/general_fuzz.c:33: > +enum cmds{ > > ERROR: line over 90 characters > #108: FILE: tests/qtest/fuzz/general_fuzz.c:73: > + AddressSpace *as = (io_space == get_system_memory()) ? &address_space_memory : &address_space_io; > > ERROR: line over 90 characters > #124: FILE: tests/qtest/fuzz/general_fuzz.c:89: > + if(address_space_translate(as, abs_addr, &xlat, &len, true, MEMTXATTRS_UNSPECIFIED) == mr){ > > ERROR: space required before the open brace '{' > #124: FILE: tests/qtest/fuzz/general_fuzz.c:89: > + if(address_space_translate(as, abs_addr, &xlat, &len, true, MEMTXATTRS_UNSPECIFIED) == mr){ > > ERROR: space required before the open parenthesis '(' > #124: FILE: tests/qtest/fuzz/general_fuzz.c:89: > + if(address_space_translate(as, abs_addr, &xlat, &len, true, MEMTXATTRS_UNSPECIFIED) == mr){ > > ERROR: space required before the open brace '{' > #128: FILE: tests/qtest/fuzz/general_fuzz.c:93: > + if(mr->size){ > > ERROR: space required before the open parenthesis '(' > #128: FILE: tests/qtest/fuzz/general_fuzz.c:93: > + if(mr->size){ > > ERROR: spaces required around that '-' (ctx:VxV) > #131: FILE: tests/qtest/fuzz/general_fuzz.c:96: > + result->len = mr->size-(result->addr-abs_addr); > ^ > > ERROR: spaces required around that '-' (ctx:VxV) > #131: FILE: tests/qtest/fuzz/general_fuzz.c:96: > + result->len = mr->size-(result->addr-abs_addr); > ^ > > ERROR: space prohibited between function name and open parenthesis '(' > #483: FILE: tests/qtest/fuzz/general_fuzz.c:448: > + char **result = g_strsplit (getenv("QEMU_FUZZ_OBJECTS"), " ", -1); > > ERROR: space required before the open brace '{' > #500: FILE: tests/qtest/fuzz/general_fuzz.c:465: > + if(!fuzzable_memoryregions->len){ > > ERROR: space required before the open parenthesis '(' > #500: FILE: tests/qtest/fuzz/general_fuzz.c:465: > + if(!fuzzable_memoryregions->len){ > > total: 12 errors, 1 warnings, 501 lines checked > > Patch 2/15 has style problems, please review. If any of these errors > are false positives report them to the maintainer, see > CHECKPATCH in MAINTAINERS. > > 3/15 Checking commit 9bd3375b88bc (fuzz: Add PCI features to the general fuzzer) > 4/15 Checking commit a5441b1099c7 (fuzz: Add DMA support to the generic-fuzzer) > ERROR: externs should be avoided in .c files > #84: FILE: tests/qtest/fuzz/general_fuzz.c:97: > +void fuzz_dma_read_cb(size_t addr, size_t len, MemoryRegion *mr, bool is_write); > > WARNING: line over 80 characters > #129: FILE: tests/qtest/fuzz/general_fuzz.c:142: > + || (mr != MACHINE(qdev_get_machine())->ram && !(mr->ops == &unassigned_mem_ops)) > > total: 1 errors, 1 warnings, 247 lines checked > > Patch 4/15 has style problems, please review. If any of these errors > are false positives report them to the maintainer, see > CHECKPATCH in MAINTAINERS. > > 5/15 Checking commit 89e64845b1dd (fuzz: Declare DMA Read callback function) > 6/15 Checking commit 95bd76d180c1 (fuzz: Add fuzzer callbacks to DMA-read functions) > 7/15 Checking commit 4f50ecd4705c (fuzz: Add support for custom crossover functions) > ERROR: space required before the open parenthesis '(' > #30: FILE: tests/qtest/fuzz/fuzz.c:127: > + if(fuzz_target->crossover) { > > WARNING: line over 80 characters > #59: FILE: tests/qtest/fuzz/fuzz.h:91: > + * seed: the seed that should be used to make mutations deterministic, when needed > > total: 1 errors, 1 warnings, 57 lines checked > > Patch 7/15 has style problems, please review. If any of these errors > are false positives report them to the maintainer, see > CHECKPATCH in MAINTAINERS. > > 8/15 Checking commit 5c579c959fec (fuzz: add a DISABLE_PCI op to general-fuzzer) > ERROR: do not initialise statics to 0 or NULL > #30: FILE: tests/qtest/fuzz/general_fuzz.c:97: > +static bool pci_disabled = false; > > total: 1 errors, 0 warnings, 55 lines checked > > Patch 8/15 has style problems, please review. If any of these errors > are false positives report them to the maintainer, see > CHECKPATCH in MAINTAINERS. > > 9/15 Checking commit 3452c68ac630 (fuzz: add a crossover function to generic-fuzzer) > ERROR: do not use C99 // comments > #49: FILE: tests/qtest/fuzz/general_fuzz.c:773: > + // Copy in the first input > > ERROR: spaces required around that '+' (ctx:VxV) > #51: FILE: tests/qtest/fuzz/general_fuzz.c:775: > + memcpy(out+size, data1, copy); > ^ > > ERROR: spaces required around that '+=' (ctx:VxW) > #52: FILE: tests/qtest/fuzz/general_fuzz.c:776: > + size+= copy; > ^ > > ERROR: spaces required around that '-=' (ctx:VxW) > #53: FILE: tests/qtest/fuzz/general_fuzz.c:777: > + max_out_size-= copy; > ^ > > ERROR: do not use C99 // comments > #55: FILE: tests/qtest/fuzz/general_fuzz.c:779: > + // Append a separator > > ERROR: spaces required around that '+' (ctx:VxV) > #57: FILE: tests/qtest/fuzz/general_fuzz.c:781: > + memcpy(out+size, SEPARATOR, copy); > ^ > > ERROR: spaces required around that '+=' (ctx:VxW) > #58: FILE: tests/qtest/fuzz/general_fuzz.c:782: > + size+= copy; > ^ > > ERROR: spaces required around that '-=' (ctx:VxW) > #59: FILE: tests/qtest/fuzz/general_fuzz.c:783: > + max_out_size-= copy; > ^ > > ERROR: do not use C99 // comments > #61: FILE: tests/qtest/fuzz/general_fuzz.c:785: > + // Clear out the > > ERROR: spaces required around that '+=' (ctx:VxW) > #66: FILE: tests/qtest/fuzz/general_fuzz.c:790: > + size+= copy; > ^ > > ERROR: spaces required around that '-=' (ctx:VxW) > #67: FILE: tests/qtest/fuzz/general_fuzz.c:791: > + max_out_size-= copy; > ^ > > ERROR: spaces required around that '+' (ctx:VxV) > #70: FILE: tests/qtest/fuzz/general_fuzz.c:794: > + memcpy(out+size, SEPARATOR, copy); > ^ > > ERROR: spaces required around that '+=' (ctx:VxW) > #71: FILE: tests/qtest/fuzz/general_fuzz.c:795: > + size+= copy; > ^ > > ERROR: spaces required around that '-=' (ctx:VxW) > #72: FILE: tests/qtest/fuzz/general_fuzz.c:796: > + max_out_size-= copy; > ^ > > ERROR: spaces required around that '+=' (ctx:VxW) > #78: FILE: tests/qtest/fuzz/general_fuzz.c:802: > + size+= copy; > ^ > > ERROR: spaces required around that '-=' (ctx:VxW) > #79: FILE: tests/qtest/fuzz/general_fuzz.c:803: > + max_out_size-= copy; > ^ > > ERROR: spaces required around that '+' (ctx:VxV) > #82: FILE: tests/qtest/fuzz/general_fuzz.c:806: > + memcpy(out+size, SEPARATOR, copy); > ^ > > ERROR: spaces required around that '+=' (ctx:VxW) > #83: FILE: tests/qtest/fuzz/general_fuzz.c:807: > + size+= copy; > ^ > > ERROR: spaces required around that '-=' (ctx:VxW) > #84: FILE: tests/qtest/fuzz/general_fuzz.c:808: > + max_out_size-= copy; > ^ > > ERROR: spaces required around that '+' (ctx:VxV) > #87: FILE: tests/qtest/fuzz/general_fuzz.c:811: > + memcpy(out+size, data2, copy); > ^ > > ERROR: spaces required around that '+=' (ctx:VxW) > #88: FILE: tests/qtest/fuzz/general_fuzz.c:812: > + size+= copy; > ^ > > ERROR: spaces required around that '-=' (ctx:VxW) > #89: FILE: tests/qtest/fuzz/general_fuzz.c:813: > + max_out_size-= copy; > ^ > > total: 22 errors, 0 warnings, 93 lines checked > > Patch 9/15 has style problems, please review. If any of these errors > are false positives report them to the maintainer, see > CHECKPATCH in MAINTAINERS. > > 10/15 Checking commit 8973b6e31476 (scripts/oss-fuzz: Add wrapper program for generic fuzzer) > WARNING: added, moved or deleted file(s), does MAINTAINERS need updating? > #19: > new file mode 100644 > > total: 0 errors, 1 warnings, 40 lines checked > > Patch 10/15 has style problems, please review. If any of these errors > are false positives report them to the maintainer, see > CHECKPATCH in MAINTAINERS. > 11/15 Checking commit 54db062fafe0 (scripts/oss-fuzz: Add general-fuzzer build script) > WARNING: added, moved or deleted file(s), does MAINTAINERS need updating? > #17: > new file mode 100755 > > total: 0 errors, 1 warnings, 62 lines checked > > Patch 11/15 has style problems, please review. If any of these errors > are false positives report them to the maintainer, see > CHECKPATCH in MAINTAINERS. > 12/15 Checking commit 559cd365394c (scripts/oss-fuzz: Add general-fuzzer configs for oss-fuzz) > WARNING: added, moved or deleted file(s), does MAINTAINERS need updating? > #16: > new file mode 100644 > > total: 0 errors, 1 warnings, 103 lines checked > > Patch 12/15 has style problems, please review. If any of these errors > are false positives report them to the maintainer, see > CHECKPATCH in MAINTAINERS. > 13/15 Checking commit 565c5c5cec66 (scripts/oss-fuzz: build the general-fuzzer configs) > 14/15 Checking commit ae04d9edfe56 (scripts/oss-fuzz: Add script to reorder a general-fuzzer trace) > WARNING: added, moved or deleted file(s), does MAINTAINERS need updating? > #21: > new file mode 100755 > > total: 0 errors, 1 warnings, 94 lines checked > > Patch 14/15 has style problems, please review. If any of these errors > are false positives report them to the maintainer, see > CHECKPATCH in MAINTAINERS. > 15/15 Checking commit a8e119d529aa (scripts/oss-fuzz: Add crash trace minimization script) > WARNING: added, moved or deleted file(s), does MAINTAINERS need updating? > #16: > new file mode 100755 > > total: 0 errors, 1 warnings, 118 lines checked > > Patch 15/15 has style problems, please review. If any of these errors > are false positives report them to the maintainer, see > CHECKPATCH in MAINTAINERS. > === OUTPUT END === > > Test command exited with code: 1 > > > The full log is available at > http://patchew.org/logs/20200819061110.1320568-1-alxndr@bu.edu/testing.checkpatch/?type=message. > --- > Email generated automatically by Patchew [https://patchew.org/]. > Please send your feedback to patchew-devel@redhat.com
v2: - Remove QOS dependency. - Add a custom crossover function - Fix broken minimization scripts - Fixes to the IO region and DMA handling code This is a general virtual-device fuzzer, designed to fuzz devices over Port IO, MMIO, and DMA. To get started with this: 1. Build the fuzzers (see docs/devel/fuzzing.txt) Note: Build with --enable-sanitizers, or create a "dictionary file": echo kw1=\"FUZZ\" > dict and pass it as an argument to libFuzzer with -dict=./dict This magic value is a command separator that lets the fuzzer perform multiple IO actions with a single input. 2. Pick the qemu arguments you wish to fuzz: export QEMU_FUZZ_ARGS="-M q35 -device virtio-balloon" 3. Tell the fuzzer which QOM objects or MemoryRegion names to fuzz. I find the "info qom-tree", "info qtree" and "info mtree" commands useful for identifying these. Supports globbing. Here I will try to simultaneously fuzz(for no good reason) virtio-balloon and e1000e, which is included by default in the q35: export QEMU_FUZZ_OBJECTS='virtio* e1000*' You can also try to fuzz the whole machine: export QEMU_FUZZ_OBJECTS='*' 4. Run the fuzzer for 0 inputs. The fuzzer should output a list of MemoryRegions/PCI Devices it will try to fuzz. Confirm that these match your expectations. ./i386-softmmu/qemu-fuzz-i386 --fuzz-target=general-fuzz -runs=0 5. Run the fuzzer: ./i386-softmmu/qemu-fuzz-i386 --fuzz-target=general-fuzz Basically, at the core, this fuzzer is an interpreter that splits the input into a series of commands, such as mmio_write, pio_write, etc. We structure these commands to hit only MemoryRegions that are associated with the devices specified in QEMU_FUZZ_OBJECTS. Additionally, these patches add "hooks" to functions that are typically used by virtual-devices to read from RAM (DMA). These hooks attempt to populate these DMA regions with fuzzed data, just in time. Some of the issues I have found or reproduced with this fuzzer: https://bugs.launchpad.net/bugs/1525123 https://bugs.launchpad.net/bugs/1681439 https://bugs.launchpad.net/bugs/1777315 https://bugs.launchpad.net/bugs/1878034 https://bugs.launchpad.net/bugs/1878043 https://bugs.launchpad.net/bugs/1878054 https://bugs.launchpad.net/bugs/1878057 https://bugs.launchpad.net/bugs/1878067 https://bugs.launchpad.net/bugs/1878134 https://bugs.launchpad.net/bugs/1878136 https://bugs.launchpad.net/bugs/1878253 https://bugs.launchpad.net/bugs/1878255 https://bugs.launchpad.net/bugs/1878259 https://bugs.launchpad.net/bugs/1878263 https://bugs.launchpad.net/bugs/1878323 https://bugs.launchpad.net/bugs/1878641 https://bugs.launchpad.net/bugs/1878642 https://bugs.launchpad.net/bugs/1878645 https://bugs.launchpad.net/bugs/1878651 https://bugs.launchpad.net/bugs/1879223 https://bugs.launchpad.net/bugs/1879227 https://bugs.launchpad.net/bugs/1879531 https://bugs.launchpad.net/bugs/1880355 https://bugs.launchpad.net/bugs/1880539 https://bugs.launchpad.net/bugs/1884693 https://bugs.launchpad.net/bugs/1886362 https://bugs.launchpad.net/bugs/1887303 https://bugs.launchpad.net/bugs/1887309 https://bugs.launchpad.net/bugs/697510 *** BLURB HERE *** Alexander Bulekov (15): fuzz: Change the way we write qtest log to stderr fuzz: Add general virtual-device fuzzer fuzz: Add PCI features to the general fuzzer fuzz: Add DMA support to the generic-fuzzer fuzz: Declare DMA Read callback function fuzz: Add fuzzer callbacks to DMA-read functions fuzz: Add support for custom crossover functions fuzz: add a DISABLE_PCI op to general-fuzzer fuzz: add a crossover function to generic-fuzzer scripts/oss-fuzz: Add wrapper program for generic fuzzer scripts/oss-fuzz: Add general-fuzzer build script scripts/oss-fuzz: Add general-fuzzer configs for oss-fuzz scripts/oss-fuzz: build the general-fuzzer configs scripts/oss-fuzz: Add script to reorder a general-fuzzer trace scripts/oss-fuzz: Add crash trace minimization script exec.c | 2 + include/exec/memory.h | 16 + include/exec/memory_ldst_cached.inc.h | 3 + memory_ldst.inc.c | 4 + scripts/oss-fuzz/build.sh | 8 +- scripts/oss-fuzz/build_general_fuzzers.py | 62 ++ scripts/oss-fuzz/general_fuzzer_configs.yml | 103 +++ scripts/oss-fuzz/minimize_qtest_trace.py | 118 +++ .../oss-fuzz/reorder_fuzzer_qtest_trace.py | 94 ++ scripts/oss-fuzz/target.c | 40 + softmmu/memory.c | 14 + tests/qtest/fuzz/Makefile.include | 1 + tests/qtest/fuzz/fuzz.c | 18 +- tests/qtest/fuzz/fuzz.h | 26 + tests/qtest/fuzz/general_fuzz.c | 843 ++++++++++++++++++ 15 files changed, 1348 insertions(+), 4 deletions(-) create mode 100755 scripts/oss-fuzz/build_general_fuzzers.py create mode 100644 scripts/oss-fuzz/general_fuzzer_configs.yml create mode 100755 scripts/oss-fuzz/minimize_qtest_trace.py create mode 100755 scripts/oss-fuzz/reorder_fuzzer_qtest_trace.py create mode 100644 scripts/oss-fuzz/target.c create mode 100644 tests/qtest/fuzz/general_fuzz.c