Branch: refs/heads/master
Home: https://github.com/qemu/qemu
Commit: 7cee363bc2eff06068db0dc3e59cbc5f1906067e
https://github.com/qemu/qemu/commit/7cee363bc2eff06068db0dc3e59cbc5f1906067e
Author: Thomas Huth <th...@redhat.com>
Date: 2020-07-21 (Tue, 21 Jul 2020)
Changed paths:
M scripts/oss-fuzz/build.sh
Log Message:
-----------
scripts/oss-fuzz: Limit target list to i386-softmmu
The build.sh script only copies qemu-fuzz-i386 to the destination folder,
so we can speed up the compilation step quite a bit by not compiling the
other targets here.
Signed-off-by: Thomas Huth <th...@redhat.com>
Commit: bcbad8b05c7f9072cadd3d3ebef2992196b73801
https://github.com/qemu/qemu/commit/bcbad8b05c7f9072cadd3d3ebef2992196b73801
Author: Alexander Bulekov <alx...@bu.edu>
Date: 2020-07-21 (Tue, 21 Jul 2020)
Changed paths:
M tests/qtest/fuzz/fuzz.c
Log Message:
-----------
fuzz: Fix leak when assembling datadir path string
We freed the string containing the final datadir path, but did not free
the path to the executable's directory that we get from
g_path_get_dirname(). Fix that.
Reported-by: Thomas Huth <th...@redhat.com>
Signed-off-by: Alexander Bulekov <alx...@bu.edu>
Message-Id: <20200717163523.1591-1-alx...@bu.edu>
Signed-off-by: Thomas Huth <th...@redhat.com>
Commit: 48eac1019769ebc4647ba380a828c25d8014be37
https://github.com/qemu/qemu/commit/48eac1019769ebc4647ba380a828c25d8014be37
Author: Alexander Bulekov <alx...@bu.edu>
Date: 2020-07-21 (Tue, 21 Jul 2020)
Changed paths:
M .gitlab-ci.yml
Log Message:
-----------
gitlab-ci.yml: Add oss-fuzz build tests
This tries to build and run the fuzzers with the same build-script used
by oss-fuzz. This doesn't guarantee that the builds on oss-fuzz will
also succeed, since oss-fuzz provides its own compiler and fuzzer vars,
but it can catch changes that are not compatible with the the
./scripts/oss-fuzz/build.sh script.
The strange way of finding fuzzer binaries stems from the method used by
oss-fuzz:
https://github.com/google/oss-fuzz/blob/master/infra/base-images/base-runner/targets_list
Signed-off-by: Alexander Bulekov <alx...@bu.edu>
Message-Id: <20200720073223.22945-1-th...@redhat.com>
[thuth: Tweak the "script" to make it work, exclude slirp test, etc.]
Signed-off-by: Thomas Huth <th...@redhat.com>
Commit: dd0162653c11de58331506beb8b3d85c8923149c
https://github.com/qemu/qemu/commit/dd0162653c11de58331506beb8b3d85c8923149c
Author: Alexander Bulekov <alx...@bu.edu>
Date: 2020-07-21 (Tue, 21 Jul 2020)
Changed paths:
M configure
Log Message:
-----------
fuzz: build without AddressSanitizer, by default
We already have a nice --enable-sanitizers option to enable
AddressSanitizer. There is no reason to duplicate and force this
functionality in --enable-fuzzing. In the future, if more sanitizers are
added to --enable-sanitizers, it might be impossible to build with both
--enable-sanitizers and --enable-fuzzing, since not all sanitizers are
compatible with libFuzzer. In that case, we could enable ASAN with
--extra-cflags="-fsanitize=address"
Signed-off-by: Alexander Bulekov <alx...@bu.edu>
Message-Id: <20200706195534.14962-2-alx...@bu.edu>
Reviewed-by: Philippe Mathieu-Daudé <phi...@redhat.com>
Reviewed-by: Thomas Huth <th...@redhat.com>
[thuth: Added missing $CFLAGS]
Signed-off-by: Thomas Huth <th...@redhat.com>
Commit: ee16da12d7035bffb1c990c794de8fb1a96815d7
https://github.com/qemu/qemu/commit/ee16da12d7035bffb1c990c794de8fb1a96815d7
Author: Alexander Bulekov <alx...@bu.edu>
Date: 2020-07-21 (Tue, 21 Jul 2020)
Changed paths:
M docs/devel/fuzzing.txt
Log Message:
-----------
docs/fuzz: describe building fuzzers with enable-sanitizers
Signed-off-by: Alexander Bulekov <alx...@bu.edu>
Message-Id: <20200706195534.14962-3-alx...@bu.edu>
Reviewed-by: Philippe Mathieu-Daudé <phi...@redhat.com>
Reviewed-by: Thomas Huth <th...@redhat.com>
Signed-off-by: Thomas Huth <th...@redhat.com>
Commit: 19a91e4af86c578420e9fdfe2efdc3b3b3826222
https://github.com/qemu/qemu/commit/19a91e4af86c578420e9fdfe2efdc3b3b3826222
Author: Alexander Bulekov <alx...@bu.edu>
Date: 2020-07-21 (Tue, 21 Jul 2020)
Changed paths:
M docs/devel/fuzzing.txt
Log Message:
-----------
docs/fuzz: add information about useful libFuzzer flags
Signed-off-by: Alexander Bulekov <alx...@bu.edu>
Message-Id: <20200706195534.14962-4-alx...@bu.edu>
Signed-off-by: Thomas Huth <th...@redhat.com>
Commit: 09a14f586c315b01411dc1ef1bfe99b034b302de
https://github.com/qemu/qemu/commit/09a14f586c315b01411dc1ef1bfe99b034b302de
Author: Alexander Bulekov <alx...@bu.edu>
Date: 2020-07-21 (Tue, 21 Jul 2020)
Changed paths:
M docs/devel/fuzzing.txt
Log Message:
-----------
docs/fuzz: add instructions for generating a coverage report
Signed-off-by: Alexander Bulekov <alx...@bu.edu>
Message-Id: <20200706195534.14962-5-alx...@bu.edu>
[thuth: Replaced --enable-sanitizers with --enable-fuzzing]
Signed-off-by: Thomas Huth <th...@redhat.com>
Commit: 6184e5fb4221ec5dd6f0c27d05a8e575b81eb89b
https://github.com/qemu/qemu/commit/6184e5fb4221ec5dd6f0c27d05a8e575b81eb89b
Author: Thomas Huth <th...@redhat.com>
Date: 2020-07-21 (Tue, 21 Jul 2020)
Changed paths:
M MAINTAINERS
Log Message:
-----------
MAINTAINERS: Extend the device fuzzing section
The file docs/devel/fuzzing.txt should be in this section, too, and add
myself as a reviewer (since I often take the fuzzer patches through the
qtest-next tree, I should be notified on patches, too).
Message-Id: <20200721053926.17197-1-th...@redhat.com>
Signed-off-by: Thomas Huth <th...@redhat.com>
Commit: 2b0650205b71c2aa8bf6f877a8333ef25bf288b2
https://github.com/qemu/qemu/commit/2b0650205b71c2aa8bf6f877a8333ef25bf288b2
Author: Markus Armbruster <arm...@redhat.com>
Date: 2020-07-21 (Tue, 21 Jul 2020)
Changed paths:
M hw/arm/msf2-soc.c
Log Message:
-----------
msf2: Unbreak device-list-properties for "msf-soc"
Watch this:
$ qemu-system-aarch64 -M ast2600-evb -S -display none -qmp stdio
{"QMP": {"version": {"qemu": {"micro": 50, "minor": 0, "major": 5},
"package": "v5.0.0-2464-g3a9163af4e"}, "capabilities": ["oob"]}}
{"execute": "qmp_capabilities"}
{"return": {}}
{"execute": "device-list-properties", "arguments": {"typename": "msf2-soc"}}
Unsupported NIC model: ftgmac100
armbru@dusky:~/work/images$ echo $?
1
This is what breaks "make check SPEED=slow".
Root cause is m2sxxx_soc_initfn()'s messing with nd_table[] via
qemu_check_nic_model(). That's wrong.
We fixed the exact same bug for device "allwinner-a10" in commit
8aabc5437b "hw/arm/allwinner-a10: Do not use nd_table in instance_init
function". Fix this instance the same way: move the offending code to
m2sxxx_soc_realize(), where it's less wrong, and add a FIXME comment.
Fixes: 05b7374a58 ("msf2: Add EMAC block to SmartFusion2 SoC")
Signed-off-by: Markus Armbruster <arm...@redhat.com>
Message-Id: <20200715140440.3540942-2-arm...@redhat.com>
Reviewed-by: Alistair Francis <alistair.fran...@wdc.com>
Reviewed-by: Thomas Huth <th...@redhat.com>
Signed-off-by: Thomas Huth <th...@redhat.com>
Commit: 7ad36e2e241bd924f774a1f9fb208c102da58e50
https://github.com/qemu/qemu/commit/7ad36e2e241bd924f774a1f9fb208c102da58e50
Author: Markus Armbruster <arm...@redhat.com>
Date: 2020-07-21 (Tue, 21 Jul 2020)
Changed paths:
M hw/arm/allwinner-h3.c
M hw/arm/xlnx-versal.c
M hw/arm/xlnx-zynqmp.c
M hw/dma/sparc32_dma.c
M hw/riscv/sifive_u.c
Log Message:
-----------
hw: Mark nd_table[] misuse in realize methods FIXME
nd_table[] contains NIC configuration for boards to pick up. Device
code has no business looking there. Several devices do it anyway.
Two of them already have a suitable FIXME comment: "allwinner-a10" and
"msf2-soc". Copy it to the others: "allwinner-h3", "xlnx-versal",
"xlnx,zynqmp", "sparc32-ledma", "riscv.sifive.u.soc".
Signed-off-by: Markus Armbruster <arm...@redhat.com>
Message-Id: <20200715140440.3540942-3-arm...@redhat.com>
Reviewed-by: Alistair Francis <alistair.fran...@wdc.com>
Reviewed-by: Niek Linnenbank <nieklinnenb...@gmail.com>
Reviewed-by: Thomas Huth <th...@redhat.com>
Signed-off-by: Thomas Huth <th...@redhat.com>
Commit: 90218a9a393c7925f330e7dcc08658e2a01d3bd4
https://github.com/qemu/qemu/commit/90218a9a393c7925f330e7dcc08658e2a01d3bd4
Author: Peter Maydell <peter.mayd...@linaro.org>
Date: 2020-07-21 (Tue, 21 Jul 2020)
Changed paths:
M .gitlab-ci.yml
M MAINTAINERS
M configure
M docs/devel/fuzzing.txt
M hw/arm/allwinner-h3.c
M hw/arm/msf2-soc.c
M hw/arm/xlnx-versal.c
M hw/arm/xlnx-zynqmp.c
M hw/dma/sparc32_dma.c
M hw/riscv/sifive_u.c
M scripts/oss-fuzz/build.sh
M tests/qtest/fuzz/fuzz.c
Log Message:
-----------
Merge remote-tracking branch
'remotes/huth-gitlab/tags/pull-request-2020-07-21' into staging
* Fix memory leak in fuzzer
* Fuzzer documentation updates
* Some other minor fuzzer updates
* Fix "make check-qtest SPEED=slow" (bug in msf2 instance_init)
# gpg: Signature made Tue 21 Jul 2020 07:48:10 BST
# gpg: using RSA key 27B88847EEE0250118F3EAB92ED9D774FE702DB5
# gpg: issuer "th...@redhat.com"
# gpg: Good signature from "Thomas Huth <th.h...@gmx.de>" [full]
# gpg: aka "Thomas Huth <th...@redhat.com>" [full]
# gpg: aka "Thomas Huth <h...@tuxfamily.org>" [full]
# gpg: aka "Thomas Huth <th.h...@posteo.de>" [unknown]
# Primary key fingerprint: 27B8 8847 EEE0 2501 18F3 EAB9 2ED9 D774 FE70 2DB5
* remotes/huth-gitlab/tags/pull-request-2020-07-21:
hw: Mark nd_table[] misuse in realize methods FIXME
msf2: Unbreak device-list-properties for "msf-soc"
MAINTAINERS: Extend the device fuzzing section
docs/fuzz: add instructions for generating a coverage report
docs/fuzz: add information about useful libFuzzer flags
docs/fuzz: describe building fuzzers with enable-sanitizers
fuzz: build without AddressSanitizer, by default
gitlab-ci.yml: Add oss-fuzz build tests
fuzz: Fix leak when assembling datadir path string
scripts/oss-fuzz: Limit target list to i386-softmmu
Signed-off-by: Peter Maydell <peter.mayd...@linaro.org>
Compare: https://github.com/qemu/qemu/compare/af3d69058e09...90218a9a393c
