[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [RFC PATCH 3/3] fuzz: Add callbacks for dma-access functions
|
From: |
Stefan Hajnoczi |
|
Subject: |
Re: [RFC PATCH 3/3] fuzz: Add callbacks for dma-access functions |
|
Date: |
Mon, 13 Jul 2020 12:41:10 +0100 |
On Thu, Jul 09, 2020 at 07:48:55PM -0400, Alexander Bulekov wrote:
> On 200623 1514, Stefan Hajnoczi wrote:
> > On Thu, Jun 11, 2020 at 01:56:51AM -0400, Alexander Bulekov wrote:
> > > Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
> > > ---
> > > exec.c | 17 ++++++++++++++++-
> > > include/exec/memory.h | 8 ++++++++
> > > include/exec/memory_ldst_cached.inc.h | 9 +++++++++
> > > include/sysemu/dma.h | 5 ++++-
> > > memory_ldst.inc.c | 12 ++++++++++++
> > > 5 files changed, 49 insertions(+), 2 deletions(-)
> >
> > Please rename dma_read_cb() to fuzz_dma_read_cb() so the purpose of the
> > function is clear.
> >
> > The ifdefs can be avoided by defining an empty function when CONFIG_FUZZ
> > is undefined. In a header file:
> >
> > #ifdef CONFIG_FUZZ
> > void fuzz_dma_read_cb(size_t addr, size_t len);
> > #else
> > static inline void fuzz_dma_read_cb(size_t addr, size_t len)
> > {
> > /* Do nothing */
> > }
> > #endif
> >
>
> If I understand correctly, this still has the problem that normal
> qemu-system builds under --enable-fuzzing are broken. I'm not sure if
> there is some nice solution for this. For example, a sort-of ugly
> solution could add this to softmmu/main.c (ie something that is linked
> for the qemu-system build, but not for qemu-fuzz).
>
> #ifdef CONFIG_FUZZ
> #include "something.h"
> static void fuzz_dma_read_cb(size_t addr, size_t len)
> {
> /* Do nothing */
> }
> #endif
Another ugly solution is using weak symbols in the main code and a
strong symbol in the fuzzer target:
https://en.wikipedia.org/wiki/Weak_symbol
Stefan
signature.asc
Description: PGP signature