Message ID | 20190805071038.32146-2-alxndr@bu.edu (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
Series | [RFC,v2,01/17] fuzz: Move initialization from main to qemu_init | expand |
On 05/08/19 09:11, Oleinik, Alexander wrote: > Using this, we avoid needing a special case to break out of main(), > early, when initializing the fuzzer, as we can just call qemu_init. > There is still a #define around main(), since it otherwise conflicts > with the libfuzzer main(). > > Signed-off-by: Alexander Oleinik <alxndr@bu.edu> > --- > include/sysemu/sysemu.h | 5 +++++ > vl.c | 25 +++++++++++++++++++++++-- > 2 files changed, 28 insertions(+), 2 deletions(-) > > diff --git a/include/sysemu/sysemu.h b/include/sysemu/sysemu.h > index 984c439ac9..a63d5ccce3 100644 > --- a/include/sysemu/sysemu.h > +++ b/include/sysemu/sysemu.h > @@ -184,6 +184,8 @@ QemuOpts *qemu_get_machine_opts(void); > > bool defaults_enabled(void); > > +int qemu_init(int argc, char **argv, char **envp); > + > extern QemuOptsList qemu_legacy_drive_opts; > extern QemuOptsList qemu_common_drive_opts; > extern QemuOptsList qemu_drive_opts; > @@ -197,4 +199,7 @@ extern QemuOptsList qemu_global_opts; > extern QemuOptsList qemu_mon_opts; > extern QemuOptsList qemu_semihosting_config_opts; > > +#ifdef CONFIG_FUZZ > +int real_main(int argc, char **argv, char **envp); > +#endif > #endif > diff --git a/vl.c b/vl.c > index 130a389712..914bb9b2de 100644 > --- a/vl.c > +++ b/vl.c > @@ -130,6 +130,10 @@ int main(int argc, char **argv) > #include "sysemu/iothread.h" > #include "qemu/guest-random.h" > > +#ifdef CONFIG_FUZZ > +#include "tests/libqtest.h" > +#endif Why is this #include needed? If you leave out the changes to introduce real_main, the patch can be committed independent of the rest. Those can be introduced in patch 2 or even 12 ("Add fuzzer skeleton"). Paolo > #define MAX_VIRTIO_CONSOLES 1 > > static const char *data_dir[16]; > @@ -2854,7 +2858,7 @@ static void user_register_global_props(void) > global_init_func, NULL, NULL); > } > > -int main(int argc, char **argv, char **envp) > +int qemu_init(int argc, char **argv, char **envp) > { > int i; > int snapshot, linux_boot; > @@ -4453,7 +4457,7 @@ int main(int argc, char **argv, char **envp) > if (vmstate_dump_file) { > /* dump and exit */ > dump_vmstate_json_to_file(vmstate_dump_file); > - return 0; > + exit(0); > } > > if (incoming) { > @@ -4470,6 +4474,23 @@ int main(int argc, char **argv, char **envp) > accel_setup_post(current_machine); > os_setup_post(); > > + return 0; > +} > +#ifdef CONFIG_FUZZ > +/* > + * Without this, the compiler complains about all of the unused > + * cleanup and shutdown() functions > + */ > +int real_main(int argc, char **argv, char **envp) > +#else > +int main(int argc, char **argv, char **envp) > +#endif > +{ > + int ret = qemu_init(argc, argv, envp); > + if (ret != 0) { > + return ret; > + } > + > main_loop(); > > gdbserver_cleanup(); >
On Mon, Aug 05, 2019 at 09:43:06AM +0200, Paolo Bonzini wrote: >On 05/08/19 09:11, Oleinik, Alexander wrote: >> Using this, we avoid needing a special case to break out of main(), >> early, when initializing the fuzzer, as we can just call qemu_init. >> There is still a #define around main(), since it otherwise conflicts >> with the libfuzzer main(). >> >> Signed-off-by: Alexander Oleinik <alxndr@bu.edu> >> --- >> include/sysemu/sysemu.h | 5 +++++ >> vl.c | 25 +++++++++++++++++++++++-- >> 2 files changed, 28 insertions(+), 2 deletions(-) >> >> diff --git a/include/sysemu/sysemu.h b/include/sysemu/sysemu.h >> index 984c439ac9..a63d5ccce3 100644 >> --- a/include/sysemu/sysemu.h >> +++ b/include/sysemu/sysemu.h >> @@ -184,6 +184,8 @@ QemuOpts *qemu_get_machine_opts(void); >> >> bool defaults_enabled(void); >> >> +int qemu_init(int argc, char **argv, char **envp); >> + >> extern QemuOptsList qemu_legacy_drive_opts; >> extern QemuOptsList qemu_common_drive_opts; >> extern QemuOptsList qemu_drive_opts; >> @@ -197,4 +199,7 @@ extern QemuOptsList qemu_global_opts; >> extern QemuOptsList qemu_mon_opts; >> extern QemuOptsList qemu_semihosting_config_opts; >> >> +#ifdef CONFIG_FUZZ >> +int real_main(int argc, char **argv, char **envp); >> +#endif >> #endif >> diff --git a/vl.c b/vl.c >> index 130a389712..914bb9b2de 100644 >> --- a/vl.c >> +++ b/vl.c >> @@ -130,6 +130,10 @@ int main(int argc, char **argv) >> #include "sysemu/iothread.h" >> #include "qemu/guest-random.h" >> >> +#ifdef CONFIG_FUZZ >> +#include "tests/libqtest.h" >> +#endif > >Why is this #include needed? > >If you leave out the changes to introduce real_main, the patch can be >committed independent of the rest. Those can be introduced in patch 2 >or even 12 ("Add fuzzer skeleton"). The build actually fails for me due to this include, because it has it's own and different declaration of qtest_init: In file included from vl.c:134: .../qemu-upstream-libfuzz/./tests/libqtest.h:57:13: error: conflicting types for 'qtest_init' QTestState *qtest_init(const char *extra_args); ^ .../qemu-upstream-libfuzz/include/sysemu/qtest.h:27:6: note: previous declaration is here void qtest_init(const char *qtest_chrdev, const char *qtest_log, Error **errp); ^ In file included from vl.c:134: .../qemu-upstream-libfuzz/./tests/libqtest.h:640:35: error: too few arguments to function call, expected 3, have 1 global_qtest = qtest_init(args); ~~~~~~~~~~ ^ .../qemu-upstream-libfuzz/include/sysemu/qtest.h:27:1: note: 'qtest_init' declared here void qtest_init(const char *qtest_chrdev, const char *qtest_log, Error **errp); ^ 2 errors generated. (It's probably a separate issue as to why there are 2 functions with the same name, are not static and have different signatures in the first place) Thanks, Darren.
diff --git a/include/sysemu/sysemu.h b/include/sysemu/sysemu.h index 984c439ac9..a63d5ccce3 100644 --- a/include/sysemu/sysemu.h +++ b/include/sysemu/sysemu.h @@ -184,6 +184,8 @@ QemuOpts *qemu_get_machine_opts(void); bool defaults_enabled(void); +int qemu_init(int argc, char **argv, char **envp); + extern QemuOptsList qemu_legacy_drive_opts; extern QemuOptsList qemu_common_drive_opts; extern QemuOptsList qemu_drive_opts; @@ -197,4 +199,7 @@ extern QemuOptsList qemu_global_opts; extern QemuOptsList qemu_mon_opts; extern QemuOptsList qemu_semihosting_config_opts; +#ifdef CONFIG_FUZZ +int real_main(int argc, char **argv, char **envp); +#endif #endif diff --git a/vl.c b/vl.c index 130a389712..914bb9b2de 100644 --- a/vl.c +++ b/vl.c @@ -130,6 +130,10 @@ int main(int argc, char **argv) #include "sysemu/iothread.h" #include "qemu/guest-random.h" +#ifdef CONFIG_FUZZ +#include "tests/libqtest.h" +#endif + #define MAX_VIRTIO_CONSOLES 1 static const char *data_dir[16]; @@ -2854,7 +2858,7 @@ static void user_register_global_props(void) global_init_func, NULL, NULL); } -int main(int argc, char **argv, char **envp) +int qemu_init(int argc, char **argv, char **envp) { int i; int snapshot, linux_boot; @@ -4453,7 +4457,7 @@ int main(int argc, char **argv, char **envp) if (vmstate_dump_file) { /* dump and exit */ dump_vmstate_json_to_file(vmstate_dump_file); - return 0; + exit(0); } if (incoming) { @@ -4470,6 +4474,23 @@ int main(int argc, char **argv, char **envp) accel_setup_post(current_machine); os_setup_post(); + return 0; +} +#ifdef CONFIG_FUZZ +/* + * Without this, the compiler complains about all of the unused + * cleanup and shutdown() functions + */ +int real_main(int argc, char **argv, char **envp) +#else +int main(int argc, char **argv, char **envp) +#endif +{ + int ret = qemu_init(argc, argv, envp); + if (ret != 0) { + return ret; + } + main_loop(); gdbserver_cleanup();
Using this, we avoid needing a special case to break out of main(), early, when initializing the fuzzer, as we can just call qemu_init. There is still a #define around main(), since it otherwise conflicts with the libfuzzer main(). Signed-off-by: Alexander Oleinik <alxndr@bu.edu> --- include/sysemu/sysemu.h | 5 +++++ vl.c | 25 +++++++++++++++++++++++-- 2 files changed, 28 insertions(+), 2 deletions(-)