diff options
| author | Alexander Bulekov <alxndr@bu.edu> | 2021-01-17 18:09:22 -0500 |
|---|---|---|
| committer | Paolo Bonzini <pbonzini@redhat.com> | 2021-02-08 14:43:54 +0100 |
| commit | 8630b43f115d9736cbe9782f453a300ac3ba5af5 (patch) | |
| tree | 93265c442419f1750ea7e44d41fe1355df17b875 /tests | |
| parent | 61f90e0461984438ddd5064d1c03133f561dc848 (diff) | |
| download | qemu-8630b43f115d9736cbe9782f453a300ac3ba5af5.zip qemu-8630b43f115d9736cbe9782f453a300ac3ba5af5.tar.gz qemu-8630b43f115d9736cbe9782f453a300ac3ba5af5.tar.bz2 | |
fuzz: enable dynamic args for generic-fuzz configs
For some device configurations, it is useful to configure some
resources, and adjust QEMU arguments at runtime, prior to fuzzing. This
patch adds an "argfunc" to generic the generic_fuzz_config. When
specified, it is responsible for configuring the resources and returning
a string containing the corresponding QEMU arguments. This can be useful
for targets that rely on e.g.:
* a temporary qcow2 image
* a temporary directory
* an unused TCP port used to bind the VNC server
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20210117230924.449676-2-alxndr@bu.edu>
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/qtest/fuzz/generic_fuzz.c | 10 | ||||
| -rw-r--r-- | tests/qtest/fuzz/generic_fuzz_configs.h | 1 |
2 files changed, 10 insertions, 1 deletions
diff --git a/tests/qtest/fuzz/generic_fuzz.c b/tests/qtest/fuzz/generic_fuzz.c index deb74f1..ee8c17a 100644 --- a/tests/qtest/fuzz/generic_fuzz.c +++ b/tests/qtest/fuzz/generic_fuzz.c @@ -933,12 +933,20 @@ static GString *generic_fuzz_cmdline(FuzzTarget *t) static GString *generic_fuzz_predefined_config_cmdline(FuzzTarget *t) { + gchar *args; const generic_fuzz_config *config; g_assert(t->opaque); config = t->opaque; setenv("QEMU_AVOID_DOUBLE_FETCH", "1", 1); - setenv("QEMU_FUZZ_ARGS", config->args, 1); + if (config->argfunc) { + args = config->argfunc(); + setenv("QEMU_FUZZ_ARGS", args, 1); + g_free(args); + } else { + g_assert_nonnull(config->args); + setenv("QEMU_FUZZ_ARGS", config->args, 1); + } setenv("QEMU_FUZZ_OBJECTS", config->objects, 1); return generic_fuzz_cmdline(t); } diff --git a/tests/qtest/fuzz/generic_fuzz_configs.h b/tests/qtest/fuzz/generic_fuzz_configs.h index aa4c03f..51e69c6 100644 --- a/tests/qtest/fuzz/generic_fuzz_configs.h +++ b/tests/qtest/fuzz/generic_fuzz_configs.h @@ -16,6 +16,7 @@ typedef struct generic_fuzz_config { const char *name, *args, *objects; + gchar* (*argfunc)(void); /* Result must be freeable by g_free() */ } generic_fuzz_config; const generic_fuzz_config predefined_configs[] = { |