[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH v4 14/16] fuzz: add general-fuzz configs for oss-fuzz
From: |
Alexander Bulekov |
Subject: |
[PATCH v4 14/16] fuzz: add general-fuzz configs for oss-fuzz |
Date: |
Thu, 15 Oct 2020 09:41:34 -0400 |
Predefine some general-fuzz configs. For each of these, we will create a
separate FuzzTarget that can be selected through argv0 and, therefore,
fuzzed on oss-fuzz.
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
---
Maybe this isn't the best way to specify a list string-triples. I saw
that some files use QLIT_QDICT for purposes that seem similar, however I
don't think that plays well with multi-line strings. Does anyone have a
better suggestion?
tests/qtest/fuzz/general_fuzz_configs.c | 140 ++++++++++++++++++++++++
tests/qtest/fuzz/general_fuzz_configs.h | 24 ++++
tests/qtest/fuzz/meson.build | 2 +-
3 files changed, 165 insertions(+), 1 deletion(-)
create mode 100644 tests/qtest/fuzz/general_fuzz_configs.c
create mode 100644 tests/qtest/fuzz/general_fuzz_configs.h
diff --git a/tests/qtest/fuzz/general_fuzz_configs.c
b/tests/qtest/fuzz/general_fuzz_configs.c
new file mode 100644
index 0000000000..5364976517
--- /dev/null
+++ b/tests/qtest/fuzz/general_fuzz_configs.c
@@ -0,0 +1,140 @@
+/*
+ * General Virtual-Device Fuzzing Target Configs
+ *
+ * Copyright Red Hat Inc., 2020
+ *
+ * Authors:
+ * Alexander Bulekov <alxndr@bu.edu>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#include "qemu/osdep.h"
+
+#include "general_fuzz_configs.h"
+
+/*
+ * Specify pre-defined general-fuzz configs here.
+ */
+GArray *get_general_fuzz_configs(void){
+
+ struct general_fuzz_config config;
+ GArray *configs = g_array_new(false, false, sizeof(general_fuzz_config));
+
+ config.name = "virtio-net-pci-slirp";
+ config.args = "-M q35 -nodefaults "
+ "-device virtio-net,netdev=net0 -netdev user,id=net0";
+ config.objects = "virtio*";
+ g_array_append_val(configs, config);
+
+ config.name = "virtio-blk";
+ config.args = "-machine q35 -device virtio-blk,drive=disk0 "
+ "-drive file=null-co://,id=disk0,if=none,format=raw";
+ config.objects = "virtio*";
+ g_array_append_val(configs, config);
+
+ config.name = "virtio-scsi";
+ config.args = "-machine q35 -device virtio-scsi,num_queues=8 "
+ "-device scsi-hd,drive=disk0 "
+ "-drive file=null-co://,id=disk0,if=none,format=raw";
+ config.objects = "scsi* virtio*";
+ g_array_append_val(configs, config);
+
+ config.name = "virtio-gpu";
+ config.args = "-machine q35 -nodefaults -device virtio-gpu";
+ config.objects = "virtio*";
+ g_array_append_val(configs, config);
+
+ config.name = "virtio-vga";
+ config.args = "-machine q35 -nodefaults -device virtio-vga";
+ config.objects = "virtio*";
+ g_array_append_val(configs, config);
+
+ config.name = "virtio-rng";
+ config.args = "-machine q35 -nodefaults -device virtio-rng";
+ config.objects = "virtio*";
+ g_array_append_val(configs, config);
+
+ config.name = "virtio-balloon";
+ config.args = "-machine q35 -nodefaults -device virtio-balloon";
+ config.objects = "virtio*";
+ g_array_append_val(configs, config);
+
+ config.name = "virtio-serial";
+ config.args = "-machine q35 -nodefaults -device virtio-serial";
+ config.objects = "virtio*";
+ g_array_append_val(configs, config);
+
+ config.name = "virtio-mouse";
+ config.args = "-machine q35 -nodefaults -device virtio-mouse";
+ config.objects = "virtio*";
+ g_array_append_val(configs, config);
+
+ config.name = "e1000";
+ config.args = "-M q35 -nodefaults "
+ "-device e1000,netdev=net0 -netdev user,id=net0";
+ config.objects = "e1000";
+ g_array_append_val(configs, config);
+
+ config.name = "e1000e";
+ config.args = "-M q35 -nodefaults "
+ "-device e1000e,netdev=net0 -netdev user,id=net0";
+ config.objects = "e1000e";
+ g_array_append_val(configs, config);
+
+ config.name = "cirrus-vga";
+ config.args = "-machine q35 -nodefaults -device cirrus-vga";
+ config.objects = "cirrus*";
+ g_array_append_val(configs, config);
+
+ config.name = "bochs-display";
+ config.args = "-machine q35 -nodefaults -device bochs-display";
+ config.objects = "bochs*";
+ g_array_append_val(configs, config);
+
+ config.name = "intel-hda";
+ config.args = "-machine q35 -nodefaults -device intel-hda,id=hda0 "
+ "-device hda-output,bus=hda0.0 -device hda-micro,bus=hda0.0 "
+ "-device hda-duplex,bus=hda0.0";
+ config.objects = "intel-hda";
+ g_array_append_val(configs, config);
+
+ config.name = "ide-hd";
+ config.args = "-machine q35 -nodefaults "
+ "-drive file=null-co://,if=none,format=raw,id=disk0 "
+ "-device ide-hd,drive=disk0";
+ config.objects = "ahci*";
+ g_array_append_val(configs, config);
+
+ config.name = "floppy";
+ config.args = "-machine pc -nodefaults -device floppy,id=floppy0 "
+ "-drive id=disk0,file=null-co://,file.read-zeroes=on,if=none "
+ "-device floppy,drive=disk0,drive-type=288";
+ config.objects = "fd* floppy*";
+ g_array_append_val(configs, config);
+
+ config.name = "xhci";
+ config.args = "-machine q35 -nodefaults"
+ "-drive file=null-co://,if=none,format=raw,id=disk0 "
+ "-device qemu-xhci,id=xhci -device usb-tablet,bus=xhci.0 "
+ "-device usb-bot -device usb-storage,drive=disk0 "
+ "-chardev null,id=cd0 -chardev null,id=cd1 "
+ "-device usb-braille,chardev=cd0 -device usb-ccid -device usb-ccid "
+ "-device usb-kbd -device usb-mouse -device usb-serial,chardev=cd1 "
+ "-device usb-tablet -device usb-wacom-tablet -device usb-audio";
+ config.objects = "*usb* *uhci* *xhci*";
+ g_array_append_val(configs, config);
+
+ config.name = "pc-i440fx";
+ config.args = "-machine pc";
+ config.objects = "*";
+ g_array_append_val(configs, config);
+
+ config.name = "pc-q35";
+ config.args = "-machine q35";
+ config.objects = "*";
+ g_array_append_val(configs, config);
+
+ return configs;
+}
diff --git a/tests/qtest/fuzz/general_fuzz_configs.h
b/tests/qtest/fuzz/general_fuzz_configs.h
new file mode 100644
index 0000000000..afea8dee92
--- /dev/null
+++ b/tests/qtest/fuzz/general_fuzz_configs.h
@@ -0,0 +1,24 @@
+/*
+ * General Virtual-Device Fuzzing Target Configs
+ *
+ * Copyright Red Hat Inc., 2020
+ *
+ * Authors:
+ * Alexander Bulekov <alxndr@bu.edu>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#ifndef GENERAL_FUZZ_CONFIGS_H
+#define GENERAL_FUZZ_CONFIGS_H
+
+#include "qemu/osdep.h"
+
+typedef struct general_fuzz_config {
+ const char *name, *args, *objects;
+} general_fuzz_config;
+
+GArray *get_general_fuzz_configs(void);
+
+#endif
diff --git a/tests/qtest/fuzz/meson.build b/tests/qtest/fuzz/meson.build
index a59de6aa8c..42f97555bf 100644
--- a/tests/qtest/fuzz/meson.build
+++ b/tests/qtest/fuzz/meson.build
@@ -5,7 +5,7 @@ specific_fuzz_ss.add(files('fuzz.c', 'fork_fuzz.c',
'qos_fuzz.c',
specific_fuzz_ss.add(when: 'CONFIG_I440FX', if_true: files('i440fx_fuzz.c'))
specific_fuzz_ss.add(when: 'CONFIG_VIRTIO_NET', if_true:
files('virtio_net_fuzz.c'))
specific_fuzz_ss.add(when: 'CONFIG_VIRTIO_SCSI', if_true:
files('virtio_scsi_fuzz.c'))
-specific_fuzz_ss.add(files('general_fuzz.c'))
+specific_fuzz_ss.add(files('general_fuzz.c', 'general_fuzz_configs.c'))
fork_fuzz = declare_dependency(
link_args: config_host['FUZZ_EXE_LDFLAGS'].split() +
--
2.28.0
- [PATCH v4 00/16] Add a General Virtual Device Fuzzer, Alexander Bulekov, 2020/10/15
- [PATCH v4 01/16] memory: Add FlatView foreach function, Alexander Bulekov, 2020/10/15
- [PATCH v4 02/16] fuzz: Add general virtual-device fuzzer, Alexander Bulekov, 2020/10/15
- [PATCH v4 03/16] fuzz: Add PCI features to the general fuzzer, Alexander Bulekov, 2020/10/15
- [PATCH v4 05/16] fuzz: Declare DMA Read callback function, Alexander Bulekov, 2020/10/15
- [PATCH v4 04/16] fuzz: Add DMA support to the generic-fuzzer, Alexander Bulekov, 2020/10/15
- [PATCH v4 06/16] fuzz: Add fuzzer callbacks to DMA-read functions, Alexander Bulekov, 2020/10/15
- [PATCH v4 07/16] fuzz: Add support for custom crossover functions, Alexander Bulekov, 2020/10/15
- [PATCH v4 14/16] fuzz: add general-fuzz configs for oss-fuzz,
Alexander Bulekov <=
- [PATCH v4 15/16] fuzz: register predefined general-fuzz configs, Alexander Bulekov, 2020/10/15
- [PATCH v4 16/16] scripts/oss-fuzz: remove the general-fuzz target, Alexander Bulekov, 2020/10/15
- [PATCH v4 09/16] fuzz: add a crossover function to generic-fuzzer, Alexander Bulekov, 2020/10/15
- [PATCH v4 08/16] fuzz: add a DISABLE_PCI op to general-fuzzer, Alexander Bulekov, 2020/10/15
- [PATCH v4 12/16] fuzz: Add instructions for using general-fuzz, Alexander Bulekov, 2020/10/15
- [PATCH v4 11/16] scripts/oss-fuzz: Add crash trace minimization script, Alexander Bulekov, 2020/10/15
- [PATCH v4 10/16] scripts/oss-fuzz: Add script to reorder a general-fuzzer trace, Alexander Bulekov, 2020/10/15
- [PATCH v4 13/16] fuzz: add an "opaque" to the FuzzTarget struct, Alexander Bulekov, 2020/10/15