Predefine some general-fuzz configs. For each of these, we will create a separate FuzzTarget that can be selected through argv0 and, therefore, fuzzed on oss-fuzz.
Signed-off-by: Alexander Bulekov <[email protected]> --- Maybe this isn't the best way to specify a list string-triples. I saw that some files use QLIT_QDICT for purposes that seem similar, however I don't think that plays well with multi-line strings. Does anyone have a better suggestion? tests/qtest/fuzz/general_fuzz_configs.c | 140 ++++++++++++++++++++++++ tests/qtest/fuzz/general_fuzz_configs.h | 24 ++++ tests/qtest/fuzz/meson.build | 2 +- 3 files changed, 165 insertions(+), 1 deletion(-) create mode 100644 tests/qtest/fuzz/general_fuzz_configs.c create mode 100644 tests/qtest/fuzz/general_fuzz_configs.h diff --git a/tests/qtest/fuzz/general_fuzz_configs.c b/tests/qtest/fuzz/general_fuzz_configs.c new file mode 100644 index 0000000000..5364976517 --- /dev/null +++ b/tests/qtest/fuzz/general_fuzz_configs.c @@ -0,0 +1,140 @@ +/* + * General Virtual-Device Fuzzing Target Configs + * + * Copyright Red Hat Inc., 2020 + * + * Authors: + * Alexander Bulekov <[email protected]> + * + * This work is licensed under the terms of the GNU GPL, version 2 or later. + * See the COPYING file in the top-level directory. + */ + +#include "qemu/osdep.h" + +#include "general_fuzz_configs.h" + +/* + * Specify pre-defined general-fuzz configs here. + */ +GArray *get_general_fuzz_configs(void){ + + struct general_fuzz_config config; + GArray *configs = g_array_new(false, false, sizeof(general_fuzz_config)); + + config.name = "virtio-net-pci-slirp"; + config.args = "-M q35 -nodefaults " + "-device virtio-net,netdev=net0 -netdev user,id=net0"; + config.objects = "virtio*"; + g_array_append_val(configs, config); + + config.name = "virtio-blk"; + config.args = "-machine q35 -device virtio-blk,drive=disk0 " + "-drive file=null-co://,id=disk0,if=none,format=raw"; + config.objects = "virtio*"; + g_array_append_val(configs, config); + + config.name = "virtio-scsi"; + config.args = "-machine q35 -device virtio-scsi,num_queues=8 " + "-device scsi-hd,drive=disk0 " + "-drive file=null-co://,id=disk0,if=none,format=raw"; + config.objects = "scsi* virtio*"; + g_array_append_val(configs, config); + + config.name = "virtio-gpu"; + config.args = "-machine q35 -nodefaults -device virtio-gpu"; + config.objects = "virtio*"; + g_array_append_val(configs, config); + + config.name = "virtio-vga"; + config.args = "-machine q35 -nodefaults -device virtio-vga"; + config.objects = "virtio*"; + g_array_append_val(configs, config); + + config.name = "virtio-rng"; + config.args = "-machine q35 -nodefaults -device virtio-rng"; + config.objects = "virtio*"; + g_array_append_val(configs, config); + + config.name = "virtio-balloon"; + config.args = "-machine q35 -nodefaults -device virtio-balloon"; + config.objects = "virtio*"; + g_array_append_val(configs, config); + + config.name = "virtio-serial"; + config.args = "-machine q35 -nodefaults -device virtio-serial"; + config.objects = "virtio*"; + g_array_append_val(configs, config); + + config.name = "virtio-mouse"; + config.args = "-machine q35 -nodefaults -device virtio-mouse"; + config.objects = "virtio*"; + g_array_append_val(configs, config); + + config.name = "e1000"; + config.args = "-M q35 -nodefaults " + "-device e1000,netdev=net0 -netdev user,id=net0"; + config.objects = "e1000"; + g_array_append_val(configs, config); + + config.name = "e1000e"; + config.args = "-M q35 -nodefaults " + "-device e1000e,netdev=net0 -netdev user,id=net0"; + config.objects = "e1000e"; + g_array_append_val(configs, config); + + config.name = "cirrus-vga"; + config.args = "-machine q35 -nodefaults -device cirrus-vga"; + config.objects = "cirrus*"; + g_array_append_val(configs, config); + + config.name = "bochs-display"; + config.args = "-machine q35 -nodefaults -device bochs-display"; + config.objects = "bochs*"; + g_array_append_val(configs, config); + + config.name = "intel-hda"; + config.args = "-machine q35 -nodefaults -device intel-hda,id=hda0 " + "-device hda-output,bus=hda0.0 -device hda-micro,bus=hda0.0 " + "-device hda-duplex,bus=hda0.0"; + config.objects = "intel-hda"; + g_array_append_val(configs, config); + + config.name = "ide-hd"; + config.args = "-machine q35 -nodefaults " + "-drive file=null-co://,if=none,format=raw,id=disk0 " + "-device ide-hd,drive=disk0"; + config.objects = "ahci*"; + g_array_append_val(configs, config); + + config.name = "floppy"; + config.args = "-machine pc -nodefaults -device floppy,id=floppy0 " + "-drive id=disk0,file=null-co://,file.read-zeroes=on,if=none " + "-device floppy,drive=disk0,drive-type=288"; + config.objects = "fd* floppy*"; + g_array_append_val(configs, config); + + config.name = "xhci"; + config.args = "-machine q35 -nodefaults" + "-drive file=null-co://,if=none,format=raw,id=disk0 " + "-device qemu-xhci,id=xhci -device usb-tablet,bus=xhci.0 " + "-device usb-bot -device usb-storage,drive=disk0 " + "-chardev null,id=cd0 -chardev null,id=cd1 " + "-device usb-braille,chardev=cd0 -device usb-ccid -device usb-ccid " + "-device usb-kbd -device usb-mouse -device usb-serial,chardev=cd1 " + "-device usb-tablet -device usb-wacom-tablet -device usb-audio"; + config.objects = "*usb* *uhci* *xhci*"; + g_array_append_val(configs, config); + + config.name = "pc-i440fx"; + config.args = "-machine pc"; + config.objects = "*"; + g_array_append_val(configs, config); + + config.name = "pc-q35"; + config.args = "-machine q35"; + config.objects = "*"; + g_array_append_val(configs, config); + + return configs; +} diff --git a/tests/qtest/fuzz/general_fuzz_configs.h b/tests/qtest/fuzz/general_fuzz_configs.h new file mode 100644 index 0000000000..afea8dee92 --- /dev/null +++ b/tests/qtest/fuzz/general_fuzz_configs.h @@ -0,0 +1,24 @@ +/* + * General Virtual-Device Fuzzing Target Configs + * + * Copyright Red Hat Inc., 2020 + * + * Authors: + * Alexander Bulekov <[email protected]> + * + * This work is licensed under the terms of the GNU GPL, version 2 or later. + * See the COPYING file in the top-level directory. + */ + +#ifndef GENERAL_FUZZ_CONFIGS_H +#define GENERAL_FUZZ_CONFIGS_H + +#include "qemu/osdep.h" + +typedef struct general_fuzz_config { + const char *name, *args, *objects; +} general_fuzz_config; + +GArray *get_general_fuzz_configs(void); + +#endif diff --git a/tests/qtest/fuzz/meson.build b/tests/qtest/fuzz/meson.build index a59de6aa8c..42f97555bf 100644 --- a/tests/qtest/fuzz/meson.build +++ b/tests/qtest/fuzz/meson.build @@ -5,7 +5,7 @@ specific_fuzz_ss.add(files('fuzz.c', 'fork_fuzz.c', 'qos_fuzz.c', specific_fuzz_ss.add(when: 'CONFIG_I440FX', if_true: files('i440fx_fuzz.c')) specific_fuzz_ss.add(when: 'CONFIG_VIRTIO_NET', if_true: files('virtio_net_fuzz.c')) specific_fuzz_ss.add(when: 'CONFIG_VIRTIO_SCSI', if_true: files('virtio_scsi_fuzz.c')) -specific_fuzz_ss.add(files('general_fuzz.c')) +specific_fuzz_ss.add(files('general_fuzz.c', 'general_fuzz_configs.c')) fork_fuzz = declare_dependency( link_args: config_host['FUZZ_EXE_LDFLAGS'].split() + -- 2.28.0
