[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-commits] [qemu/qemu] c887d3: tests/qtest: Only run fuzz-megasas-te
|
From: |
Peter Maydell |
|
Subject: |
[Qemu-commits] [qemu/qemu] c887d3: tests/qtest: Only run fuzz-megasas-test if megasas... |
|
Date: |
Wed, 17 Mar 2021 15:24:28 -0700 |
Branch: refs/heads/staging
Home: https://github.com/qemu/qemu
Commit: c887d3339e5dc80ef9cec20a79d385ae36f9a13c
https://github.com/qemu/qemu/commit/c887d3339e5dc80ef9cec20a79d385ae36f9a13c
Author: Philippe Mathieu-Daudé <philmd@redhat.com>
Date: 2021-03-16 (Tue, 16 Mar 2021)
Changed paths:
M MAINTAINERS
A tests/qtest/fuzz-megasas-test.c
M tests/qtest/fuzz-test.c
M tests/qtest/meson.build
Log Message:
-----------
tests/qtest: Only run fuzz-megasas-test if megasas device is available
This test fails when QEMU is built without the megasas device,
restrict it to its availability.
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: b43957dcdda3c6190b94a0d186897f8fc8ecec7a
https://github.com/qemu/qemu/commit/b43957dcdda3c6190b94a0d186897f8fc8ecec7a
Author: Philippe Mathieu-Daudé <philmd@redhat.com>
Date: 2021-03-16 (Tue, 16 Mar 2021)
Changed paths:
M MAINTAINERS
M tests/qtest/fuzz-test.c
A tests/qtest/fuzz-virtio-scsi-test.c
M tests/qtest/meson.build
Log Message:
-----------
tests/qtest: Only run fuzz-virtio-scsi when virtio-scsi is available
This test fails when QEMU is built without the virtio-scsi device,
restrict it to its availability.
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: d3d39fc0184fdf2f4b2f5ab9c35f2a5085cfad4d
https://github.com/qemu/qemu/commit/d3d39fc0184fdf2f4b2f5ab9c35f2a5085cfad4d
Author: Philippe Mathieu-Daudé <philmd@redhat.com>
Date: 2021-03-16 (Tue, 16 Mar 2021)
Changed paths:
M MAINTAINERS
Log Message:
-----------
MAINTAINERS: Cover fuzzer reproducer tests within 'Device Fuzzing'
When we started to commit the fuzzer QTest reproducers to
fuzz-test.c in commit d8dd1095019 ("qtest: add fuzz test case"),
we forgot to add the corresponding MAINTAINERS entry. Do it now.
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: e8a2a62106d219016f8372c3888bbf555006243b
https://github.com/qemu/qemu/commit/e8a2a62106d219016f8372c3888bbf555006243b
Author: Alexander Bulekov <alxndr@bu.edu>
Date: 2021-03-16 (Tue, 16 Mar 2021)
Changed paths:
M tests/qtest/fuzz/generic_fuzz_configs.h
Log Message:
-----------
fuzz: fix the pro100 generic-fuzzer config
The device-type names for the pro100 network cards, are i8255.. We were
matching "eepro", which catches the PCI PIO/MMIO regions for those
devices, however misses the actual PCI device, which we use to map the
BARs, before fuzzing. Fix that
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: d0614b8e7a365e64ebf2ed068754787fae34d501
https://github.com/qemu/qemu/commit/d0614b8e7a365e64ebf2ed068754787fae34d501
Author: Alexander Bulekov <alxndr@bu.edu>
Date: 2021-03-16 (Tue, 16 Mar 2021)
Changed paths:
M tests/qtest/fuzz/generic_fuzz.c
Log Message:
-----------
fuzz: don't leave orphan llvm-symbolizers around
I noticed that with a sufficiently small timeout, the fuzzer fork-server
sometimes locks up. On closer inspection, the issue appeared to be
caused by entering our SIGALRM handler, while libfuzzer is in it's crash
handlers. Because libfuzzer relies on pipe communication with an
external child process to print out stack-traces, we shouldn't exit
early, and leave an orphan child. Check for children in the SIGALRM
handler to avoid this issue.
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Acked-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: 97ef5f8862e1442a8d1c6044e19aa19ce9d1e974
https://github.com/qemu/qemu/commit/97ef5f8862e1442a8d1c6044e19aa19ce9d1e974
Author: Alexander Bulekov <alxndr@bu.edu>
Date: 2021-03-16 (Tue, 16 Mar 2021)
Changed paths:
A scripts/oss-fuzz/output_reproducer.py
Log Message:
-----------
fuzz: add a script to build reproducers
Currently, bash and C crash reproducers are be built manually. This is a
problem, as we want to integrate reproducers into the tree, for
regression testing. This patch adds a script that converts a sequence of
QTest commands into a pasteable Bash reproducer, or a libqtest-based C
program. This will try to wrap pasteable reproducers to 72 chars, but
the generated C code will not have nice formatting. Therefore, the C
output of this script should be piped through an auto-formatter, such as
clang-format
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: 56f8f888ece06907b71a7f6f58e5be56d2d0767b
https://github.com/qemu/qemu/commit/56f8f888ece06907b71a7f6f58e5be56d2d0767b
Author: Alexander Bulekov <alxndr@bu.edu>
Date: 2021-03-16 (Tue, 16 Mar 2021)
Changed paths:
M docs/devel/fuzzing.rst
Log Message:
-----------
fuzz: add instructions for building reproducers
We have several scripts that help build reproducers, but no
documentation for how they should be used. Add some documentation
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: d7da0e560128e56f55a2f1f27fa66dd8c5db446c
https://github.com/qemu/qemu/commit/d7da0e560128e56f55a2f1f27fa66dd8c5db446c
Author: Alexander Bulekov <alxndr@bu.edu>
Date: 2021-03-16 (Tue, 16 Mar 2021)
Changed paths:
M tests/qtest/fuzz/generic_fuzz_configs.h
Log Message:
-----------
fuzz: add a am53c974 generic-fuzzer config
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: 230376d285b38f5b83882ebdd2e0d0570431dd09
https://github.com/qemu/qemu/commit/230376d285b38f5b83882ebdd2e0d0570431dd09
Author: Alexander Bulekov <alxndr@bu.edu>
Date: 2021-03-16 (Tue, 16 Mar 2021)
Changed paths:
M MAINTAINERS
M hw/mem/meson.build
A hw/mem/sparse-mem.c
A include/hw/mem/sparse-mem.h
Log Message:
-----------
memory: add a sparse memory device for fuzzing
For testing, it can be useful to simulate an enormous amount of memory
(e.g. 2^64 RAM). This adds an MMIO device that acts as sparse memory.
When something writes a nonzero value to a sparse-mem address, we
allocate a block of memory. For now, since the only user of this device
is the fuzzer, we do not track and free zeroed blocks. The device has a
very low priority (so it can be mapped beneath actual RAM, and virtual
device MMIO regions).
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: 25d309fb0d6c07e49c3d9250cdbacc16941d988e
https://github.com/qemu/qemu/commit/25d309fb0d6c07e49c3d9250cdbacc16941d988e
Author: Alexander Bulekov <alxndr@bu.edu>
Date: 2021-03-16 (Tue, 16 Mar 2021)
Changed paths:
M tests/qtest/fuzz/generic_fuzz.c
Log Message:
-----------
fuzz: configure a sparse-mem device, by default
The generic-fuzzer often provides randomized DMA addresses to
virtual-devices. For a 64-bit address-space, the chance of these
randomized addresses coinciding with RAM regions, is fairly small. Even
though the fuzzer's instrumentation eventually finds valid addresses,
this can take some-time, and slows-down fuzzing progress (especially,
when multiple DMA buffers are involved). To work around this, create
"fake" sparse-memory that spans all of the 64-bit address-space. Adjust
the DMA call-back to populate this sparse memory, correspondingly
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: 7cac7fea708a1ca46f16c4e816d88b40da755de1
https://github.com/qemu/qemu/commit/7cac7fea708a1ca46f16c4e816d88b40da755de1
Author: Alexander Bulekov <alxndr@bu.edu>
Date: 2021-03-16 (Tue, 16 Mar 2021)
Changed paths:
M softmmu/memory.c
M softmmu/physmem.c
Log Message:
-----------
fuzz: move some DMA hooks
For the sparse-mem device, we want the fuzzer to populate entire DMA
reads from sparse-mem, rather than hooking into the individual MMIO
memory_region_dispatch_read operations. Otherwise, the fuzzer will treat
each sequential read separately (and populate it with a separate
pattern). Work around this by rearranging some DMA hooks. Since the
fuzzer has it's own logic to skip accidentally writing to MMIO regions,
we can call the DMA cb, outside the flatview_translate loop.
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: 20cf7b8e13670b66939e92a211dc48edddb0ec53
https://github.com/qemu/qemu/commit/20cf7b8e13670b66939e92a211dc48edddb0ec53
Author: Denis Plotnikov <den-plotnikov@yandex-team.ru>
Date: 2021-03-16 (Tue, 16 Mar 2021)
Changed paths:
M configure
Log Message:
-----------
configure: add option to explicitly enable/disable libgio
Now, compilation of util/dbus is implicit and depends
on libgio presence on the building host.
The patch adds options to manage libgio dependencies explicitly.
Signed-off-by: Denis Plotnikov <den-plotnikov@yandex-team.ru>
Message-Id: <20210312151440.405776-1-den-plotnikov@yandex-team.ru>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: 26dbec410e9f5194767d17fd19cb64fc1f487e1b
https://github.com/qemu/qemu/commit/26dbec410e9f5194767d17fd19cb64fc1f487e1b
Author: Paolo Bonzini <pbonzini@redhat.com>
Date: 2021-03-16 (Tue, 16 Mar 2021)
Changed paths:
M accel/kvm/kvm-all.c
Log Message:
-----------
Revert "accel: kvm: Add aligment assert for kvm_log_clear_one_slot"
This reverts commit 3920552846e881bafa9f9aad0bb1a6eef874d7fb.
Thomas Huth reported a failure with CentOS 6 guests:
../../devel/qemu/accel/kvm/kvm-all.c:690: kvm_log_clear_one_slot: Assertion
`QEMU_IS_ALIGNED(start | size, psize)' failed.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: dc293f60b02ff9a4d51ccae153b1685cc8a34d79
https://github.com/qemu/qemu/commit/dc293f60b02ff9a4d51ccae153b1685cc8a34d79
Author: Paolo Bonzini <pbonzini@redhat.com>
Date: 2021-03-16 (Tue, 16 Mar 2021)
Changed paths:
M scsi/utils.c
Log Message:
-----------
scsi: fix sense code for EREMOTEIO
SENSE_CODE(LUN_COMM_FAILURE) has an ABORTED COMMAND sense key,
so it results in a retry in Linux. To ensure that EREMOTEIO
is forwarded to the guest, use a HARDWARE ERROR sense key
instead. Note that the code before commit d7a84021d was incorrect
because it used HARDWARE_ERROR as a SCSI status, not as a sense
key.
Reported-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: c963fee4b0a98e48c12ed5b063fc4aba6d018ffb
https://github.com/qemu/qemu/commit/c963fee4b0a98e48c12ed5b063fc4aba6d018ffb
Author: Pavel Dovgalyuk <pavel.dovgalyuk@ispras.ru>
Date: 2021-03-16 (Tue, 16 Mar 2021)
Changed paths:
M hw/timer/i8254.c
Log Message:
-----------
hw/i8254: fix vmstate load
QEMU timer of channel 0 in i8254 is used to raise irq
at the specified moment of time. This irq can be disabled
with irq_disabled flag. But when vmstate of the pit is
loaded, timer may be rearmed despite the disabled interrupts.
This patch adds irq_disabled flag check to fix that.
Signed-off-by: Pavel Dovgalyuk <Pavel.Dovgalyuk@ispras.ru>
Message-Id: <161537170060.6654.9430112746749476215.stgit@pasha-ThinkPad-X280>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: 8b858f9998a9d59a9a7188f2c5c6ffb99eff6115
https://github.com/qemu/qemu/commit/8b858f9998a9d59a9a7188f2c5c6ffb99eff6115
Author: Paolo Bonzini <pbonzini@redhat.com>
Date: 2021-03-16 (Tue, 16 Mar 2021)
Changed paths:
M include/qemu/timer.h
Log Message:
-----------
qemu-timer: allow freeing a NULL timer
Since 5f8e93c3e2 ("util/qemu-timer: Make timer_free() imply timer_del()",
2021-01-08)
it is not possible anymore to pass a NULL pointer to timer_free(). Previously
it would do nothing as it would simply pass NULL down to g_free().
Rectify this, which also fixes "-chardev braille" when there is no device.
Reported-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit: 56b89f455894e4628ad7994fe5dd348145d1a9c5
https://github.com/qemu/qemu/commit/56b89f455894e4628ad7994fe5dd348145d1a9c5
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2021-03-17 (Wed, 17 Mar 2021)
Changed paths:
M MAINTAINERS
M accel/kvm/kvm-all.c
M configure
M docs/devel/fuzzing.rst
M hw/mem/meson.build
A hw/mem/sparse-mem.c
M hw/timer/i8254.c
A include/hw/mem/sparse-mem.h
M include/qemu/timer.h
A scripts/oss-fuzz/output_reproducer.py
M scsi/utils.c
M softmmu/memory.c
M softmmu/physmem.c
A tests/qtest/fuzz-megasas-test.c
M tests/qtest/fuzz-test.c
A tests/qtest/fuzz-virtio-scsi-test.c
M tests/qtest/fuzz/generic_fuzz.c
M tests/qtest/fuzz/generic_fuzz_configs.h
M tests/qtest/meson.build
Log Message:
-----------
Merge remote-tracking branch 'remotes/bonzini-gitlab/tags/for-upstream' into
staging
* add --enable/--disable-libgio to configure (Denis)
* small fixes (Pavel, myself)
* fuzzing update (Alexander)
# gpg: Signature made Tue 16 Mar 2021 18:30:38 GMT
# gpg: using RSA key F13338574B662389866C7682BFFBD25F78C7AE83
# gpg: issuer "pbonzini@redhat.com"
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full]
# gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" [full]
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1
# Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83
* remotes/bonzini-gitlab/tags/for-upstream:
qemu-timer: allow freeing a NULL timer
hw/i8254: fix vmstate load
scsi: fix sense code for EREMOTEIO
Revert "accel: kvm: Add aligment assert for kvm_log_clear_one_slot"
configure: add option to explicitly enable/disable libgio
fuzz: move some DMA hooks
fuzz: configure a sparse-mem device, by default
memory: add a sparse memory device for fuzzing
fuzz: add a am53c974 generic-fuzzer config
fuzz: add instructions for building reproducers
fuzz: add a script to build reproducers
fuzz: don't leave orphan llvm-symbolizers around
fuzz: fix the pro100 generic-fuzzer config
MAINTAINERS: Cover fuzzer reproducer tests within 'Device Fuzzing'
tests/qtest: Only run fuzz-virtio-scsi when virtio-scsi is available
tests/qtest: Only run fuzz-megasas-test if megasas device is available
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Compare: https://github.com/qemu/qemu/compare/571d413b5da6...56b89f455894
- [Qemu-commits] [qemu/qemu] c887d3: tests/qtest: Only run fuzz-megasas-test if megasas...,
Peter Maydell <=