[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [RFC 07/19] fuzz: Modify libqtest to directly invoke qt
|
From: |
Stefan Hajnoczi |
|
Subject: |
Re: [Qemu-devel] [RFC 07/19] fuzz: Modify libqtest to directly invoke qtest.c |
|
Date: |
Fri, 26 Jul 2019 13:56:33 +0100 |
|
User-agent: |
Mutt/1.12.0 (2019-05-25) |
On Thu, Jul 25, 2019 at 03:23:49AM +0000, Oleinik, Alexander wrote:
> @@ -379,9 +399,18 @@ static void socket_sendf(int fd, const char *fmt,
> va_list ap)
> {
> gchar *str = g_strdup_vprintf(fmt, ap);
> size_t size = strlen(str);
> +#ifdef CONFIG_FUZZ
> + // Directly call qtest_process_inbuf in the qtest server
> + GString *gstr = g_string_new_len(str, size);
> + /* printf(">>> %s",gstr->str); */
> + qtest_server_recv(gstr);
> + g_string_free(gstr, true);
> + g_free(str);
> +#else
>
> socket_send(fd, str, size);
> g_free(str);
> +#endif
> }
This should use indirection: a function pointer to dispatch to either
the socket or the internal qtest_process_inbuf() call.
With a bit of refactoring you can eliminate the #ifdefs and treat the
socket fd as one backend and direct invocation as another backend.
signature.asc
Description: PGP signature
- [Qemu-devel] [RFC 00/19] Add virtual device fuzzing support, Oleinik, Alexander, 2019/07/24
- [Qemu-devel] [RFC 01/19] fuzz: add configure option and linker objects, Oleinik, Alexander, 2019/07/24
- [Qemu-devel] [RFC 02/19] fuzz: add FUZZ_TARGET type to qemu module system, Oleinik, Alexander, 2019/07/24
- [Qemu-devel] [RFC 07/19] fuzz: Modify libqtest to directly invoke qtest.c, Oleinik, Alexander, 2019/07/24
- [Qemu-devel] [RFC 08/19] fuzz: add shims to intercept libfuzzer init, Oleinik, Alexander, 2019/07/24
- [Qemu-devel] [RFC 03/19] fuzz: add fuzz accelerator, Oleinik, Alexander, 2019/07/24
- [Qemu-devel] [RFC 05/19] fuzz: expose qemu_savevm_state & skip state header, Oleinik, Alexander, 2019/07/24
- [Qemu-devel] [RFC 06/19] fuzz: Add ramfile for fast vmstate/vmload, Oleinik, Alexander, 2019/07/24