From patchwork Sun Jan 17 23:09:22 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Alexander Bulekov <alxndr@bu.edu>
X-Patchwork-Id: 12025879
Return-Path: 
 <SRS0=LVSM=GU=nongnu.org=qemu-devel-bounces+qemu-devel=archiver.kernel.org@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,HK_RANDOM_FROM,INCLUDES_CR_TRAILER,
	INCLUDES_PATCH,MAILING_LIST_MULTI,MSGID_FROM_MTA_HEADER,SPF_HELO_NONE,
	SPF_PASS,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 29D27C433E6
	for <qemu-devel@archiver.kernel.org>; Sun, 17 Jan 2021 23:12:07 +0000 (UTC)
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id 9630F22516
	for <qemu-devel@archiver.kernel.org>; Sun, 17 Jan 2021 23:12:06 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 9630F22516
Authentication-Results: mail.kernel.org;
 dmarc=none (p=none dis=none) header.from=bu.edu
Authentication-Results: mail.kernel.org;
 spf=pass
 smtp.mailfrom=qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org
Received: from localhost ([::1]:35562 helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from
 <qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org>)
	id 1l1HDJ-0006tH-DX
	for qemu-devel@archiver.kernel.org; Sun, 17 Jan 2021 18:12:05 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10]:44370)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <alxndr@bu.edu>) id 1l1HB0-0005bl-SM
 for qemu-devel@nongnu.org; Sun, 17 Jan 2021 18:09:43 -0500
Received: from mail-eopbgr760103.outbound.protection.outlook.com
 ([40.107.76.103]:12485 helo=NAM02-CY1-obe.outbound.protection.outlook.com)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <alxndr@bu.edu>) id 1l1HAy-0006XA-Ly
 for qemu-devel@nongnu.org; Sun, 17 Jan 2021 18:09:42 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=QKVtX42kndsIDd292iYd/M0Kz7KmGeY0AOwZwzoq7pOvBwRmkd67EZqW8JlbScS0WnbZ69FbMQo3vievIkgbsZsuzxtIRBKDlRg53W0zAKS4W3rhQCmbL3eghDAayOrTphlC+44Hr2oN39OosEE+w//N1EuLx57F32zeKC+MOvFyswP81wP1z/EcYbN8dvt8fINCWqpa3Ykwn4H3Jx0Hd8RB0RbusSkR9NZUE1xtWg3ujuBjd7tzE3WsR8Keh0g9x7NImkebJrJlCWDSD94WdWGmNHrHvszTt2LnWCeEyLYR4msj/e+wb3QJKpsBLAKC3oH4tvfpPA7o/KRdsx75HA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=yV4TKGcPLanKeb4fTwUMfOkPp6T9m4MhqCmi9JfUf6c=;
 b=DWCo0qWaQM+D+/QIL7eUuxHsJF4BPae/OvZuKy3N7ofa60PdgSDbXY2L7iif4zkR80QMDg8+ezD5zi1QIZmAqbyhVY1DuvFS1pbxlI+PXJbvk0C/HLewEV7XX9riUcbGJ5N0yWTsOhXJ80SjE0kchqDvlV0WsoZ4gNtV1T9Dco1E02haqkNSqpM706jhF2OR3JCG0/mGd5XvEsXKLGhVYCOYVRFxW4wHobl/vlU9sVAJu1BAmFYPu0RMwwz820gFMo+JUQkku7A7SXYn2tekRXenLHCct39rQr+iGfI17sUoA1JHhrfo+u/S1xxh73RFZOpRzPbitEz2qYpIT1nUhQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=bu.edu; dmarc=pass action=none header.from=bu.edu; dkim=pass
 header.d=bu.edu; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=bushare.onmicrosoft.com; s=selector2-bushare-onmicrosoft-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=yV4TKGcPLanKeb4fTwUMfOkPp6T9m4MhqCmi9JfUf6c=;
 b=gnZTFLszvjWE72/lVDEbeVlp8vZyUOOItOj9ES6x9QYEMhMm1IIxueKMwGEM/TqEurLaZQVTiQbMi1cF3Lfm2YRU7vK2ldq0SVoq8DtDMW2Q/Q8VaPVfTyvHRU62G3iZiulmDNZdrft4k0ETqykNWN0VLrb82NI9qPR6+hlgvZo=
Authentication-Results: nongnu.org; dkim=none (message not signed)
 header.d=none;nongnu.org; dmarc=none action=none header.from=bu.edu;
Received: from SN6PR03MB3871.namprd03.prod.outlook.com (2603:10b6:805:6d::32)
 by SN2PR03MB2208.namprd03.prod.outlook.com (2603:10b6:804:c::23) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3763.10; Sun, 17 Jan
 2021 23:09:36 +0000
Received: from SN6PR03MB3871.namprd03.prod.outlook.com
 ([fe80::e828:cd84:e00c:6310]) by SN6PR03MB3871.namprd03.prod.outlook.com
 ([fe80::e828:cd84:e00c:6310%6]) with mapi id 15.20.3763.014; Sun, 17 Jan 2021
 23:09:36 +0000
From: Alexander Bulekov <alxndr@bu.edu>
To: qemu-devel@nongnu.org
Subject: [PATCH v2 1/3] fuzz: enable dynamic args for generic-fuzz configs
Date: Sun, 17 Jan 2021 18:09:22 -0500
Message-Id: <20210117230924.449676-2-alxndr@bu.edu>
X-Mailer: git-send-email 2.28.0
In-Reply-To: <20210117230924.449676-1-alxndr@bu.edu>
References: <20210117230924.449676-1-alxndr@bu.edu>
X-Originating-IP: [72.74.210.193]
X-ClientProxiedBy: MN2PR05CA0018.namprd05.prod.outlook.com
 (2603:10b6:208:c0::31) To SN6PR03MB3871.namprd03.prod.outlook.com
 (2603:10b6:805:6d::32)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from stormtrooper.vrmnet (72.74.210.193) by
 MN2PR05CA0018.namprd05.prod.outlook.com (2603:10b6:208:c0::31) with Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.3784.7 via Frontend Transport; Sun, 17 Jan 2021 23:09:35 +0000
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 3f9dd350-8067-4c3b-4ff6-08d8bb3cf53d
X-MS-TrafficTypeDiagnostic: SN2PR03MB2208:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
 <SN2PR03MB2208D2A78A3E4E35C039E13EBAA50@SN2PR03MB2208.namprd03.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:7219;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 
 IEU2Gfsa8saienRcPuNfjdaXL7BlCMRsEXiLO3WSC23nywj/31wyyxl9D1vFNuCZzAuLW3+2UEzL7ZYuN+TmChD9Dwbe+tsHjBnuFqSCISqH4df9E/X2y95EQbyeb5ftXDOZ7S/hbEauA1I9EtTALaIM6URf5sxIjh6j/379quGMFy6XEptroxp8wqXQV8swzKg6tbxyesFVzc1dqLkW83IBHocK7nle19TdINP9Rr4rPWmxQzYV87rTozjaKbkvBSjdauahTjG5K8kcPibTSEsCRqrm1cvYDOGFDCtJgB6X/2bQc/f0cOgm2b31ZzrBBmcFlCeFtjmXkAukMlANd8xMQKBx0Ju81coDMDIE2UDlApZIk5nL00Ov+F6vdzwodmpL0sdokmsCUhIUkJ/RcW6wFdi9hi1DBXEZC+EzA+dQfOE9hjAMJMMtqn6gJsZw
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:;
 IPV:NLI; SFV:NSPM; H:SN6PR03MB3871.namprd03.prod.outlook.com; PTR:; CAT:NONE;
 SFS:(4636009)(39860400002)(136003)(396003)(366004)(346002)(376002)(6916009)(8676002)(54906003)(86362001)(8936002)(1076003)(2906002)(6506007)(16526019)(786003)(6486002)(36756003)(316002)(83380400001)(52116002)(478600001)(186003)(75432002)(26005)(6512007)(66946007)(66476007)(6666004)(5660300002)(956004)(4326008)(2616005)(66556008)(41533002);
 DIR:OUT; SFP:1102;
X-MS-Exchange-AntiSpam-MessageData: 
 t98w981koSz3OOrXQKmG5DqxHaPTWVyPggSxkg3E/WFwDfVFBFsgOpfP4BhtOqzJllc6OlTQbSV3ex6F+Fq86BIsw2sMVy9JOuWMVjyb5Rdnu7B6OcHcOsGVZIKgM/YqNrA/Ijeb/nD1bcUsLfEahxlzhY2v2v1bnxILyx9Mb+sZRTQL1Hcvzooc+4FJo1WRg/Mml1ulVF2SDhxj/SlcAYOyPkD5qRKzFm+5wNEZlztFLlvgVT0uRO4CsqNfjR6sS3k3BeGEzOchG8nyxNJa9KRbkrabdz7DRs/JNk12FJpasKIIkhkfGXCn3yQK1g2URp7hpngVPleQdB+d6aTgUPfnAMUAFt54mcEkvK8snAmmM7fJF2Iy/RhqypKM9yM9cZR6hcX0SzAHDqUfTw3ASCfCrJzGzFcjzN2DDS5KE2pJOVAXU3H3bCLTk/vRAb/Plr8M5j+53Z1Bq9EP1X33Y9wkhmd39gQdvvoSP5VDZZondYkMXUgy6ToYXsUaiODY/FI8CRXSo6iHvI3MOinN3TfT1Ie2tvE+JA7FrexZlTVyxbqUOLANp05OH0KXpljdCl8CmGv9eAqN/T61axOcPrMt/vdBCo53n+dqIcz41kNidkmD5CIOL1hkodYW7mWtSOTOo+ts892zkzpUVPahozmsz/1MaFLlQDW/cn6bnfUBSsq/c42I87sm85w1fArC4EUrLW2GNcsGRyEqH9sbGhogj/NuUwmjE2857P5b1wCZrkLIRrV1CekU2k6PFV/DjTR5nifVWfvh0lfGsJBGI3pZsC+QzJ2nLWCnOD+Ggupfe8pddmIEXjPbieZZApNfw3tPKlh6fDc3h6XbTNyqjzsIanC05ToEkUCYaQqPsaukX0OeV/HC3hNHaR5wjIp44L8beEF0/xatS9xAGajBLZVKZgqcV2wCX4UZ1Qxdl+PdCTRaEdEiUGF292GZCei2pcnSMhuw7aX0au0gpYvskUsxdLIB9Lx2pSXADJbAdfX3AzADPTWq55eVIpxCBpas
X-OriginatorOrg: bu.edu
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 3f9dd350-8067-4c3b-4ff6-08d8bb3cf53d
X-MS-Exchange-CrossTenant-AuthSource: SN6PR03MB3871.namprd03.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 17 Jan 2021 23:09:36.1754 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: d57d32cc-c121-488f-b07b-dfe705680c71
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 j94HQAoOfdTwTPq9HoMZTomSxXddSJY2Xi36Pi01PSD+4X+0wWuLtkhxrpLXbCEl
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN2PR03MB2208
Received-SPF: pass client-ip=40.107.76.103; envelope-from=alxndr@bu.edu;
 helo=NAM02-CY1-obe.outbound.protection.outlook.com
X-Spam_score_int: -8
X-Spam_score: -0.9
X-Spam_bar: /
X-Spam_report: (-0.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999,
 MSGID_FROM_MTA_HEADER=0.001, RCVD_IN_DNSWL_NONE=-0.0001,
 RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_PASS=-0.001,
 SPF_PASS=-0.001 autolearn=no autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Cc: Laurent Vivier <lvivier@redhat.com>, Thomas Huth <thuth@redhat.com>,
 Alexander Bulekov <alxndr@bu.edu>, Bandan Das <bsd@redhat.com>,
 Stefan Hajnoczi <stefanha@redhat.com>, Paolo Bonzini <pbonzini@redhat.com>
Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org
Sender: "Qemu-devel"
 <qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org>

For some device configurations, it is useful to configure some
resources, and adjust QEMU arguments at runtime, prior to fuzzing. This
patch adds an "argfunc" to generic the generic_fuzz_config. When
specified, it is responsible for configuring the resources and returning
a string containing the corresponding QEMU arguments. This can be useful
for targets that rely on e.g.:
 * a temporary qcow2 image
 * a temporary directory
 * an unused TCP port used to bind the VNC server

Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Thomas Huth <thuth@redhat.com>
---
 tests/qtest/fuzz/generic_fuzz.c         | 10 +++++++++-
 tests/qtest/fuzz/generic_fuzz_configs.h |  1 +
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/tests/qtest/fuzz/generic_fuzz.c b/tests/qtest/fuzz/generic_fuzz.c
index be76d47d2d..6adf62a5be 100644
--- a/tests/qtest/fuzz/generic_fuzz.c
+++ b/tests/qtest/fuzz/generic_fuzz.c
@@ -936,12 +936,20 @@ static GString *generic_fuzz_cmdline(FuzzTarget *t)
 
 static GString *generic_fuzz_predefined_config_cmdline(FuzzTarget *t)
 {
+    gchar *args;
     const generic_fuzz_config *config;
     g_assert(t->opaque);
 
     config = t->opaque;
     setenv("QEMU_AVOID_DOUBLE_FETCH", "1", 1);
-    setenv("QEMU_FUZZ_ARGS", config->args, 1);
+    if (config->argfunc) {
+        args = config->argfunc();
+        setenv("QEMU_FUZZ_ARGS", args, 1);
+        g_free(args);
+    } else {
+        g_assert_nonnull(config->args);
+        setenv("QEMU_FUZZ_ARGS", config->args, 1);
+    }
     setenv("QEMU_FUZZ_OBJECTS", config->objects, 1);
     return generic_fuzz_cmdline(t);
 }
diff --git a/tests/qtest/fuzz/generic_fuzz_configs.h b/tests/qtest/fuzz/generic_fuzz_configs.h
index 7fed035345..1a133655ee 100644
--- a/tests/qtest/fuzz/generic_fuzz_configs.h
+++ b/tests/qtest/fuzz/generic_fuzz_configs.h
@@ -16,6 +16,7 @@
 
 typedef struct generic_fuzz_config {
     const char *name, *args, *objects;
+    gchar* (*argfunc)(void); /* Result must be freeable by g_free() */
 } generic_fuzz_config;
 
 const generic_fuzz_config predefined_configs[] = {

From patchwork Sun Jan 17 23:09:23 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Alexander Bulekov <alxndr@bu.edu>
X-Patchwork-Id: 12025881
Return-Path: 
 <SRS0=LVSM=GU=nongnu.org=qemu-devel-bounces+qemu-devel=archiver.kernel.org@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-20.8 required=3.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,HK_RANDOM_FROM,INCLUDES_CR_TRAILER,
	INCLUDES_PATCH,MAILING_LIST_MULTI,MENTIONS_GIT_HOSTING,MSGID_FROM_MTA_HEADER,
	SPF_HELO_NONE,SPF_PASS,USER_AGENT_GIT autolearn=ham autolearn_force=no
	version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 25DC1C433DB
	for <qemu-devel@archiver.kernel.org>; Sun, 17 Jan 2021 23:12:07 +0000 (UTC)
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id A2A8F2251E
	for <qemu-devel@archiver.kernel.org>; Sun, 17 Jan 2021 23:12:06 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org A2A8F2251E
Authentication-Results: mail.kernel.org;
 dmarc=none (p=none dis=none) header.from=bu.edu
Authentication-Results: mail.kernel.org;
 spf=pass
 smtp.mailfrom=qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org
Received: from localhost ([::1]:35634 helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from
 <qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org>)
	id 1l1HDJ-0006vH-MI
	for qemu-devel@archiver.kernel.org; Sun, 17 Jan 2021 18:12:05 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10]:44382)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <alxndr@bu.edu>) id 1l1HB2-0005bt-KO
 for qemu-devel@nongnu.org; Sun, 17 Jan 2021 18:09:45 -0500
Received: from mail-eopbgr760103.outbound.protection.outlook.com
 ([40.107.76.103]:12485 helo=NAM02-CY1-obe.outbound.protection.outlook.com)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <alxndr@bu.edu>) id 1l1HB1-0006XA-3H
 for qemu-devel@nongnu.org; Sun, 17 Jan 2021 18:09:44 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=hO2e6rsDftnO4Ew3O2bMK/AqEeCezQKi8IRB1utV87CrOaxJz6CkYNefVsHO84MmpcA86mAE+ZDVyDudN1AASnJkaa5eiXlaGHmkS37ehJj9uSMQsHUZ9nIdA8WZu1/cuOj86QQBAi1UYybHoLTX/TICoFE7Sc77HJSWhCXfHHNtDMHs90kycBDEzCKXfFJoUtowpW+ABZEALPQJHn65D6Cm4BxPFINzjHY3hPaiQtjIbu6cAnHOpNeig+HjsfTwXrDuB5nWVC+bWJXXwvRscgjclNt8GCY2AsKUH9sVO6vMNCOA9cQU9dbYNPWwRfLE83vIchCWgcWoLK2APyPWnA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=CBL6nZhg2U1wRA0zDv33tSY7/qquZ26HytmM51GWKZU=;
 b=gIKsdHfWIdhplSsg30z/eyEAcb/JPJH+xQ9WFxON9ZvN+DtWouQGiJI6MNoFFStLpk4FxHv2U5M1waAJ6+cDmEyXkmPcBAVRPQtnu1lNvtVqcZY7XAYVVjq95tSsAfWBTi3kexMEYP1Mb3/TXS8/kDHp4CIF3eG958PgTkQK/QGnRnXJ0d8dGnlHNGhO+G3tM8/Tt8VOOmHDaWbNlgjkxdui2WKa7YIQZ3W2itrjzcuz8PoxIR/Lg/dBIJo1TJefE0FrLzKQfX5Il9PsyHgZfYjE6sZh5chuNgD+QMuW3jIrFYSjnyru/3VGU77BFUu366ndpVkTvwZOfpYLHyRQNQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=bu.edu; dmarc=pass action=none header.from=bu.edu; dkim=pass
 header.d=bu.edu; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=bushare.onmicrosoft.com; s=selector2-bushare-onmicrosoft-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=CBL6nZhg2U1wRA0zDv33tSY7/qquZ26HytmM51GWKZU=;
 b=RNco7cXj304P93Jse/9WgUeFw/ILoELMmWeg5SkvqZLsKmgroc40TfwW8WWIn5Jjx9CvQ1jSCWmChHmQ1tilnrxMT4aRnqg//6u9W1FWUeclbXKzqrmgbtewa68qVDaJ+gXIJRySDm5G8JZYlzBu7tIrH1ZUd+sQm9oO516pzi0=
Authentication-Results: nongnu.org; dkim=none (message not signed)
 header.d=none;nongnu.org; dmarc=none action=none header.from=bu.edu;
Received: from SN6PR03MB3871.namprd03.prod.outlook.com (2603:10b6:805:6d::32)
 by SN2PR03MB2208.namprd03.prod.outlook.com (2603:10b6:804:c::23) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3763.10; Sun, 17 Jan
 2021 23:09:37 +0000
Received: from SN6PR03MB3871.namprd03.prod.outlook.com
 ([fe80::e828:cd84:e00c:6310]) by SN6PR03MB3871.namprd03.prod.outlook.com
 ([fe80::e828:cd84:e00c:6310%6]) with mapi id 15.20.3763.014; Sun, 17 Jan 2021
 23:09:37 +0000
From: Alexander Bulekov <alxndr@bu.edu>
To: qemu-devel@nongnu.org
Subject: [PATCH v2 2/3] docs/fuzz: add some information about OSS-Fuzz
Date: Sun, 17 Jan 2021 18:09:23 -0500
Message-Id: <20210117230924.449676-3-alxndr@bu.edu>
X-Mailer: git-send-email 2.28.0
In-Reply-To: <20210117230924.449676-1-alxndr@bu.edu>
References: <20210117230924.449676-1-alxndr@bu.edu>
X-Originating-IP: [72.74.210.193]
X-ClientProxiedBy: MN2PR05CA0018.namprd05.prod.outlook.com
 (2603:10b6:208:c0::31) To SN6PR03MB3871.namprd03.prod.outlook.com
 (2603:10b6:805:6d::32)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from stormtrooper.vrmnet (72.74.210.193) by
 MN2PR05CA0018.namprd05.prod.outlook.com (2603:10b6:208:c0::31) with Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.3784.7 via Frontend Transport; Sun, 17 Jan 2021 23:09:36 +0000
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 29d4d4d9-9ff2-4f7f-e62c-08d8bb3cf5df
X-MS-TrafficTypeDiagnostic: SN2PR03MB2208:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
 <SN2PR03MB22089A372364958EA5090A04BAA50@SN2PR03MB2208.namprd03.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:7691;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 
 HlHd3VDOPGH9kqBkGf3a4PvOsdxIIn/PcUpIYkdUN1tgJoKQ69HVkW8hJWFZ4chVVKej6eJyWm78puoRZ+EsJc6YOtlwWQnG3/MRDlzmHpdxuAnzSQTfJN0w8njPa+FlYEnY+YpUa/7Y0FG1yoFYdE2825FBQeUAlNMNPxbWO/U2iQ21FsUkAIObiwgB2MIBgnkUe+JWrCnfN+Wfolbbo9QjU3S2Z/EbTE+PAIuGh2jT7aXTV84hxzU/C+PSXx/e1KrsEdR7ihElSw7ocRi7mKXkG2m5rMoo793JBN9bigXhD8OpB+qSIvtDrWCrqu8X/wH+s+FfoxeYfcn1Fc/NgJIyTr+APHZniz6uIXqoVl8OgjFFo1Q+OPbVlS+NhqYfaYsU9Jo1flJOg3L5VARgJSjV7/c3bn99rSOsdwDe6FrezY85VqhYSaWPsut/vI1WSFBSdZgJ19DTYmVgznygzA==
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:;
 IPV:NLI; SFV:NSPM; H:SN6PR03MB3871.namprd03.prod.outlook.com; PTR:; CAT:NONE;
 SFS:(4636009)(39860400002)(136003)(396003)(366004)(346002)(376002)(6916009)(8676002)(54906003)(86362001)(8936002)(1076003)(2906002)(6506007)(16526019)(786003)(6486002)(36756003)(316002)(52116002)(478600001)(186003)(75432002)(26005)(6512007)(66946007)(66476007)(6666004)(5660300002)(956004)(4326008)(2616005)(66556008);
 DIR:OUT; SFP:1102;
X-MS-Exchange-AntiSpam-MessageData: 
 kspOTf9KswwvsXqtecfH23ISj6vfWHTibawSTMy7u/V9HD6NIk3f2FGf9zeRKJKFihB94N1d2q2/V/QLQZZFa0wh3RQCms/vy7SCT87lH+hoSx01gtigmvTjJZjfjSEECenU2vqFceQ2pkE3vRSJd3cVayB4nAyuAaiIT1fFEdxG9dEbY+mIgO6umXIkYp9055ICmRcqeIQcnJ3K1QubqdVM58AMqdaEkXQzh71cSqa1MzrtPG2H5aNahcG+e9lUVhO8Tp7FMhIhSJY7dwv2EgQPtHq5semKEqQ1LtZ0frrT639j8+oNq1l6H9A7hRjAfhFbg/0S30aqExaqB47wdUD1aVEGL9VxDe/O/Pzq+PWae7ZylJjpOGC5lPPBISkyOI63bylYrt/6ZerdYUrxCa1jLLv2kcvPPzjt4xYrw49B+aiVOqv1az1kCgmzSe44dXNVaN4rtPcRYBANBkc8gMmtE1BTkNwDA0G4+6lvJC+p+DRiLCnoOzSTPlSG07vb4OJEf3Bv6oALUS5E/Mw0IcCarM4niaxKsK5C9703bhHPNlp/0S97UWpY3U5Ik8fLpkEqlL1g/Qs5/i6UJ472vsVQU/LzWMJpw7FD2MJmuxHbAkmZPcFqLJZKom+YSfITWGqU/vWQh75WRJrWUTQO8hqcPOzM2rMqsLKlQN827BcIJcVgBIyVWzWuw6NQlSWg3B/ch4bsWQMSIhOVKrIBzS6BSVTJIugpjiwzriyFFKS8H/IIZznbUjP0ZFKo3/yBfQc6dWO4PJOrdM/tF9CfRylHy8knt6m/oEPab17qN7CiA/N81SZykx4Uoy9poW722+RBVeGEX+gTn+B91UmhrZ8RsT7m8LLgLo1KFcfLQWPJ6avi+dsD1TI3XZeJqyTqenPx0uGVOQgiHTFASrkl2ZPqwE7udBTvwKow7Z1wmFAu6mwzFbcgKalZW7ZF3AYi8JcPdt2vuyHPDWC2ZqJdWqfYK1muPdHUBW13c3/q5XMksLU8ueH4bEvkJqpmWhw0
X-OriginatorOrg: bu.edu
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 29d4d4d9-9ff2-4f7f-e62c-08d8bb3cf5df
X-MS-Exchange-CrossTenant-AuthSource: SN6PR03MB3871.namprd03.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 17 Jan 2021 23:09:37.2489 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: d57d32cc-c121-488f-b07b-dfe705680c71
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 zKq/Ez6Ab6uS0Ul/x5nekyhLbEBC1XBLqn6cDPeKNx65zBn94mjSPIL6gfKlSSe3
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN2PR03MB2208
Received-SPF: pass client-ip=40.107.76.103; envelope-from=alxndr@bu.edu;
 helo=NAM02-CY1-obe.outbound.protection.outlook.com
X-Spam_score_int: -8
X-Spam_score: -0.9
X-Spam_bar: /
X-Spam_report: (-0.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999,
 MSGID_FROM_MTA_HEADER=0.001, RCVD_IN_DNSWL_NONE=-0.0001,
 RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_PASS=-0.001,
 SPF_PASS=-0.001 autolearn=no autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Cc: Alexander Bulekov <alxndr@bu.edu>, Bandan Das <bsd@redhat.com>,
 Thomas Huth <thuth@redhat.com>, Stefan Hajnoczi <stefanha@redhat.com>,
 Paolo Bonzini <pbonzini@redhat.com>
Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org
Sender: "Qemu-devel"
 <qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org>

Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
---
 docs/devel/fuzzing.rst | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/docs/devel/fuzzing.rst b/docs/devel/fuzzing.rst
index 6096242d99..8792358854 100644
--- a/docs/devel/fuzzing.rst
+++ b/docs/devel/fuzzing.rst
@@ -181,6 +181,32 @@ To ensure that these env variables have been configured correctly, we can use::
 
 The output should contain a complete list of matched MemoryRegions.
 
+OSS-Fuzz
+--------
+QEMU is continuously fuzzed on `OSS-Fuzz` __(https://github.com/google/oss-fuzz).
+By default, the OSS-Fuzz build will try to fuzz every fuzz-target. Since the
+generic-fuzz target requires additional information provided in environment
+variables, we pre-define some generic-fuzz configs in
+``tests/qtest/fuzz/generic_fuzz_configs.h``. Each config must specify:
+ * ``.name``: To identify the fuzzer config
+ * ``.args`` OR ``.argfunc``: A string or pointer to a function returning a
+   string.  These strings are used to specify the ``QEMU_FUZZ_ARGS``
+   environment variable.  ``argfunc`` is useful when the config relies on e.g.
+   a dynamically created temp directory, or a free tcp/udp port.
+ * ``.objects``: A string that specifies the ``QEMU_FUZZ_OBJECTS`` environment
+   variable.
+
+To fuzz additional devices/device configuration on OSS-Fuzz:
+ * Send patches for a new device-specific fuzzer
+ * Send patches for a new generic-fuzz config
+
+Build details:
+ * `The basic Dockerfile that sets up the environment for building QEMU's
+   fuzzers on OSS-Fuzz
+   <https://github.com/google/oss-fuzz/blob/master/projects/qemu/Dockerfile>`_
+ * The script responsible for building the fuzzers:
+   ``scripts/oss-fuzz/build.sh``
+
 Implementation Details / Fuzzer Lifecycle
 -----------------------------------------
 

From patchwork Sun Jan 17 23:09:24 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Alexander Bulekov <alxndr@bu.edu>
X-Patchwork-Id: 12025885
Return-Path: 
 <SRS0=LVSM=GU=nongnu.org=qemu-devel-bounces+qemu-devel=archiver.kernel.org@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,HK_RANDOM_FROM,INCLUDES_CR_TRAILER,
	INCLUDES_PATCH,MAILING_LIST_MULTI,MSGID_FROM_MTA_HEADER,SPF_HELO_NONE,
	SPF_PASS,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 9514CC433E0
	for <qemu-devel@archiver.kernel.org>; Sun, 17 Jan 2021 23:13:40 +0000 (UTC)
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id 1D7FE22516
	for <qemu-devel@archiver.kernel.org>; Sun, 17 Jan 2021 23:13:40 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 1D7FE22516
Authentication-Results: mail.kernel.org;
 dmarc=none (p=none dis=none) header.from=bu.edu
Authentication-Results: mail.kernel.org;
 spf=pass
 smtp.mailfrom=qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org
Received: from localhost ([::1]:40028 helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from
 <qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org>)
	id 1l1HEp-0000NO-9T
	for qemu-devel@archiver.kernel.org; Sun, 17 Jan 2021 18:13:39 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10]:44406)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <alxndr@bu.edu>) id 1l1HB7-0005dL-AZ
 for qemu-devel@nongnu.org; Sun, 17 Jan 2021 18:09:50 -0500
Received: from mail-eopbgr760103.outbound.protection.outlook.com
 ([40.107.76.103]:12485 helo=NAM02-CY1-obe.outbound.protection.outlook.com)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <alxndr@bu.edu>) id 1l1HB4-0006XA-W5
 for qemu-devel@nongnu.org; Sun, 17 Jan 2021 18:09:48 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=KzAcQl3+D++dCmKXKmZaQzxBU72ptUrt3uNeyegcS4ePRSxN+00Y6dXHw8QGNDm5m99QB3ZZgY7yZsE9ajKN2Z3MlU+6wjd+XPyONmed5ZXNraz9AuAZMUm+v9h7eQsvEf6xclL7mxVC9GH4XCiJPepVC8oIWOMZcby/NLS/RP3/ZmU61dL1ts8V+xEmsuaZ/uxhbglAXvLGgsD4n4qCHK6PdKDjKBMZ1f/L5NGkIvWNFRt5ljVXdXBEf+Elu1jEuZ8vLAzrU4xw7TdCmUk+9lNy0foIxdSkqzU31bVzm1sRfj8Ao2Fb2CA8ZUGehAnoEzg85y3/fiih/KUFt08aRQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=zOFt2e/UKzpOrLEo34OfHlZAptfi8NHhLckGsX+l5VQ=;
 b=WtEL6eJ9rpUKDj3cMAHZHmfD4KO5dCtCwPm/B8FtfIH6EImH5IRqnjXKd1Hd/22NrwQsthTC7AJMe48zjyEDoMfmPS65GyT2VrqHLJNToQaTFqXDtNXXiZXSMwXnmxLfLTYswsUNnsnC1V7ybvyye/9sm6izSCVPSlxmWSdgyjNBFbiE0EAZglc68MBOLg3eoNdbxy3uedqyJU3PnngAjTkoxohOk8nv9EZ+kyYOMkGk91I8YronjiiIh8Gh3KO39/tuPACPhS2g8RegF0j6nmorUEyMVNatftxA8iKrkYDS1Gr1qSxQSouIXbFT2a+yRe5NcPjzaTsQdoKyvyNz3g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=bu.edu; dmarc=pass action=none header.from=bu.edu; dkim=pass
 header.d=bu.edu; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=bushare.onmicrosoft.com; s=selector2-bushare-onmicrosoft-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=zOFt2e/UKzpOrLEo34OfHlZAptfi8NHhLckGsX+l5VQ=;
 b=X4kvLGNuVQ1ZEyJcg8WocwE3/fV1Jd5+7ZrAutRngpxs8y8239if3vb8pmU1SIrZntO3yhIOHjXnHsysB3Yf8cAmbIggZHWoVKOiFgtFib/h65tZplEHQoWnULwQHCyca/ckZiawH0PuNxNLWRHFOyHHCKJ4SAKiSw7fuAh3eHk=
Authentication-Results: nongnu.org; dkim=none (message not signed)
 header.d=none;nongnu.org; dmarc=none action=none header.from=bu.edu;
Received: from SN6PR03MB3871.namprd03.prod.outlook.com (2603:10b6:805:6d::32)
 by SN2PR03MB2208.namprd03.prod.outlook.com (2603:10b6:804:c::23) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3763.10; Sun, 17 Jan
 2021 23:09:38 +0000
Received: from SN6PR03MB3871.namprd03.prod.outlook.com
 ([fe80::e828:cd84:e00c:6310]) by SN6PR03MB3871.namprd03.prod.outlook.com
 ([fe80::e828:cd84:e00c:6310%6]) with mapi id 15.20.3763.014; Sun, 17 Jan 2021
 23:09:38 +0000
From: Alexander Bulekov <alxndr@bu.edu>
To: qemu-devel@nongnu.org
Subject: [PATCH v2 3/3] fuzz: add virtio-9p configurations for fuzzing
Date: Sun, 17 Jan 2021 18:09:24 -0500
Message-Id: <20210117230924.449676-4-alxndr@bu.edu>
X-Mailer: git-send-email 2.28.0
In-Reply-To: <20210117230924.449676-1-alxndr@bu.edu>
References: <20210117230924.449676-1-alxndr@bu.edu>
X-Originating-IP: [72.74.210.193]
X-ClientProxiedBy: MN2PR05CA0018.namprd05.prod.outlook.com
 (2603:10b6:208:c0::31) To SN6PR03MB3871.namprd03.prod.outlook.com
 (2603:10b6:805:6d::32)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from stormtrooper.vrmnet (72.74.210.193) by
 MN2PR05CA0018.namprd05.prod.outlook.com (2603:10b6:208:c0::31) with Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.3784.7 via Frontend Transport; Sun, 17 Jan 2021 23:09:37 +0000
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 44ef5e2b-8871-4709-dbd8-08d8bb3cf692
X-MS-TrafficTypeDiagnostic: SN2PR03MB2208:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
 <SN2PR03MB2208DF2AB00794D2DE4B29D4BAA50@SN2PR03MB2208.namprd03.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:8882;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 
 MXpjYLU17m/YqUmDmzuI1xjvdLaANyrJ/E8az9cgRkY7eSv1DZD4bZm7gA2EqzYwXiO5Fzt0TXJIBigyC+ATevEo70jJqBq0xWnFHvq+ipM4dXWx2yN1SGaCsmCmkTQ2bgatWd8rNCFbIAcG93EKiTLE+w+DVgPd4LlfNoMh04TSnzvyCj50d9Qf4aSPfhkdJKVFSAXHDo2rYut5FKAa8ZX4qKpqkbUssgCjbaGddxQorQxsLqB0yml6WJis8SlKbPdhK5FR4fSgCZKxbtF60V8F/qnRmmh+F2fl3Dm7307nuQBxQisnfrQKymueokNtyvQTefNIMIXA2VO2qP/wqmINeh2PalxI7L89xocuzQC8eKWIrYE4IvZOPHgPyb3rnTsPvqbVLKRa/Z7yXV2svg==
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:;
 IPV:NLI; SFV:NSPM; H:SN6PR03MB3871.namprd03.prod.outlook.com; PTR:; CAT:NONE;
 SFS:(4636009)(39860400002)(136003)(396003)(366004)(346002)(376002)(6916009)(8676002)(54906003)(86362001)(8936002)(1076003)(2906002)(6506007)(16526019)(786003)(6486002)(36756003)(316002)(83380400001)(52116002)(478600001)(186003)(75432002)(26005)(6512007)(66946007)(66476007)(6666004)(5660300002)(956004)(4326008)(2616005)(66556008);
 DIR:OUT; SFP:1102;
X-MS-Exchange-AntiSpam-MessageData: 
 OPPNLLHt++B3tNv93W6YDa8r7cWXpNFTJpIGuxm5qawv6fAoDRkQyFLT/xt2Ib7D748mRmLuJ31MEHZ6P8TXZuyTJ1cHhzw1a7Dcqz/+s0rSE233KfsXqJm3FyJt+FCUYTkjolVOXRVi8eWIHz57fkuLJdl+pea7UsaTMW+DvY7VoeeQ/aKNnygEGtplV8Uhn/nNaFmE31vG8pn6HZnmvBgBNMiE2fnTzF8gV5bQ3piF2AIaWxHjZroRLbK7L7NKGqwcBFEhvzyDn7RwKRpTKEa+GU2c7SuXpFRivWjLBIuUTDch6EW35GACa2BbHQlNqF+XSJrZrJajDZdk7RT7pzYxV+mNRB7ICcyMvCtZIKG4czx4PAe5nBBYXRs1GAyvBR7QBEhfKgbM1dwh/h2oCW/t3bRPfYscU4UC5Ucdi1vzBiJfg9Us5cN6j3a7UpC4zhDh0AtE2vCuTvKTsGfgqjdQaVuuEZjzSMywioFAj9lRmAUetNqp512TcCSf3sSVSFm4F7qEaJFBy5ceHIoqgl9bDYYrX62FY6L8YmzmwbwQIqZFZHLe8WbWsrCN6yyS6ItDaceVGl70XS2VgPshAYIvkzZDave9BImtbo7o2KlBb2IQYYXNxMPqnFyHDiHJHGeLXeLCBZKqg7ZLOqWvXj7y+8fiCSiRR74/01C8vB6hlmro6gIXU5yrtEbGQolV1Td3ICGq1OU0hjreIutlk2ijSmpRQndMtfc60darPxXLKwhv3f/pucg7kvwfL/sh6fjH3V/8Hs0fUQimlSDyrg4Y8wFnzYxzJ1PfVzXss4bBeDHzX1xxrCPOSnVWzWinxBhU3dU3nmDPTtzIpqI/bW44SQYLn54s8Bdvdc4SoRqH1sJGTxGmqmYv6PYZu/R8tkwP5+Jng6F/xT248O07bg6GaVNJWhneJKkpF0V8ZAU9JvUc7rckdSQ2bZsRiljQB8Tzehe1C4iBFlPOdg3J09W4ngdQClq4MGklSAsV06KtBm0dKm59keiqmsSfUPAO
X-OriginatorOrg: bu.edu
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 44ef5e2b-8871-4709-dbd8-08d8bb3cf692
X-MS-Exchange-CrossTenant-AuthSource: SN6PR03MB3871.namprd03.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 17 Jan 2021 23:09:38.3678 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: d57d32cc-c121-488f-b07b-dfe705680c71
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 3aDZ8WtmGK6llirnyXt0QJBn0C6j0RU8eQQg+n1SOAA1q25UGzXXpQpZX0rmV0Ij
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN2PR03MB2208
Received-SPF: pass client-ip=40.107.76.103; envelope-from=alxndr@bu.edu;
 helo=NAM02-CY1-obe.outbound.protection.outlook.com
X-Spam_score_int: -8
X-Spam_score: -0.9
X-Spam_bar: /
X-Spam_report: (-0.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999,
 MSGID_FROM_MTA_HEADER=0.001, RCVD_IN_DNSWL_NONE=-0.0001,
 RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_PASS=-0.001,
 SPF_PASS=-0.001 autolearn=no autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Cc: Laurent Vivier <lvivier@redhat.com>, Thomas Huth <thuth@redhat.com>,
 Christian Schoenebeck <qemu_oss@crudebyte.com>, Greg Kurz <groug@kaod.org>,
 Alexander Bulekov <alxndr@bu.edu>, Bandan Das <bsd@redhat.com>,
 Stefan Hajnoczi <stefanha@redhat.com>, Paolo Bonzini <pbonzini@redhat.com>
Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org
Sender: "Qemu-devel"
 <qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org>

virtio-9p devices are often used to expose a virtual-filesystem to the
guest. There have been some bugs reported in this device, such as
CVE-2018-19364, and CVE-2021-20181. We should fuzz this device

This patch adds two virtio-9p configurations:
 * One with the widely used -fsdev local driver. This driver leaks some
   state in the form of files/directories created in the shared dir.
 * One with the synth driver. While it is not used in the real world, this
   driver won't leak leak state between fuzz inputs.

Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Reviewed-by: Christian Schoenebeck <qemu_oss@crudebyte.com>
---
CC: Christian Schoenebeck <qemu_oss@crudebyte.com>
CC: Greg Kurz <groug@kaod.org>

I considered adding an atexit handler to remove the temp directory,
however I am worried that there might be some error that results in a
call to exit(), rather than abort(), which will cause problems for
future fork()-ed fuzzers. I don't think there are such calls in the 9p
code, however there might be something in the APIs used by 9p. As this
code is primarily for ephemeral OSS-Fuzz conainers, this shouldn't be
too much of an issue.

 tests/qtest/fuzz/generic_fuzz_configs.h | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/tests/qtest/fuzz/generic_fuzz_configs.h b/tests/qtest/fuzz/generic_fuzz_configs.h
index 1a133655ee..f99657cdbc 100644
--- a/tests/qtest/fuzz/generic_fuzz_configs.h
+++ b/tests/qtest/fuzz/generic_fuzz_configs.h
@@ -19,6 +19,16 @@ typedef struct generic_fuzz_config {
     gchar* (*argfunc)(void); /* Result must be freeable by g_free() */
 } generic_fuzz_config;
 
+static inline gchar *generic_fuzzer_virtio_9p_args(void){
+    char tmpdir[] = "/tmp/qemu-fuzz.XXXXXX";
+    g_assert_nonnull(mkdtemp(tmpdir));
+
+    return g_strdup_printf("-machine q35 -nodefaults "
+    "-device virtio-9p,fsdev=hshare,mount_tag=hshare "
+    "-fsdev local,id=hshare,path=%s,security_model=mapped-xattr,"
+    "writeout=immediate,fmode=0600,dmode=0700", tmpdir);
+}
+
 const generic_fuzz_config predefined_configs[] = {
     {
         .name = "virtio-net-pci-slirp",
@@ -60,6 +70,16 @@ const generic_fuzz_config predefined_configs[] = {
         .name = "virtio-mouse",
         .args = "-machine q35 -nodefaults -device virtio-mouse",
         .objects = "virtio*",
+    },{
+        .name = "virtio-9p",
+        .argfunc = generic_fuzzer_virtio_9p_args,
+        .objects = "virtio*",
+    },{
+        .name = "virtio-9p-synth",
+        .args = "-machine q35 -nodefaults "
+        "-device virtio-9p,fsdev=hshare,mount_tag=hshare "
+        "-fsdev synth,id=hshare",
+        .objects = "virtio*",
     },{
         .name = "e1000",
         .args = "-M q35 -nodefaults "