From: Alexander Bulekov <alxndr@bu.edu>
To: qemu-devel@nongnu.org
Cc: Alexander Bulekov <alxndr@bu.edu>, Bandan Das <bsd@redhat.com>,
Thomas Huth <thuth@redhat.com>,
Stefan Hajnoczi <stefanha@redhat.com>,
Paolo Bonzini <pbonzini@redhat.com>
Subject: [PATCH v2 2/3] docs/fuzz: add some information about OSS-Fuzz
Date: Sun, 17 Jan 2021 18:09:23 -0500 [thread overview]
Message-ID: <20210117230924.449676-3-alxndr@bu.edu> (raw)
In-Reply-To: <20210117230924.449676-1-alxndr@bu.edu>
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
---
docs/devel/fuzzing.rst | 26 ++++++++++++++++++++++++++
1 file changed, 26 insertions(+)
diff --git a/docs/devel/fuzzing.rst b/docs/devel/fuzzing.rst
index 6096242d99..8792358854 100644
--- a/docs/devel/fuzzing.rst
+++ b/docs/devel/fuzzing.rst
@@ -181,6 +181,32 @@ To ensure that these env variables have been configured correctly, we can use::
The output should contain a complete list of matched MemoryRegions.
+OSS-Fuzz
+--------
+QEMU is continuously fuzzed on `OSS-Fuzz` __(https://github.com/google/oss-fuzz).
+By default, the OSS-Fuzz build will try to fuzz every fuzz-target. Since the
+generic-fuzz target requires additional information provided in environment
+variables, we pre-define some generic-fuzz configs in
+``tests/qtest/fuzz/generic_fuzz_configs.h``. Each config must specify:
+ * ``.name``: To identify the fuzzer config
+ * ``.args`` OR ``.argfunc``: A string or pointer to a function returning a
+ string. These strings are used to specify the ``QEMU_FUZZ_ARGS``
+ environment variable. ``argfunc`` is useful when the config relies on e.g.
+ a dynamically created temp directory, or a free tcp/udp port.
+ * ``.objects``: A string that specifies the ``QEMU_FUZZ_OBJECTS`` environment
+ variable.
+
+To fuzz additional devices/device configuration on OSS-Fuzz:
+ * Send patches for a new device-specific fuzzer
+ * Send patches for a new generic-fuzz config
+
+Build details:
+ * `The basic Dockerfile that sets up the environment for building QEMU's
+ fuzzers on OSS-Fuzz
+ <https://github.com/google/oss-fuzz/blob/master/projects/qemu/Dockerfile>`_
+ * The script responsible for building the fuzzers:
+ ``scripts/oss-fuzz/build.sh``
+
Implementation Details / Fuzzer Lifecycle
-----------------------------------------
--
2.28.0
next prev parent reply other threads:[~2021-01-17 23:12 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-01-17 23:09 [PATCH v2 0/3] fuzz: Add 9p generic-fuzz configs Alexander Bulekov
2021-01-17 23:09 ` [PATCH v2 1/3] fuzz: enable dynamic args for " Alexander Bulekov
2021-01-18 9:25 ` Thomas Huth
2021-01-17 23:09 ` Alexander Bulekov [this message]
2021-01-18 15:17 ` [PATCH v2 2/3] docs/fuzz: add some information about OSS-Fuzz Darren Kenny
2021-01-17 23:09 ` [PATCH v2 3/3] fuzz: add virtio-9p configurations for fuzzing Alexander Bulekov
2021-01-18 12:34 ` qemu_oss--- via
2021-01-18 15:30 ` Alexander Bulekov
2021-01-18 15:40 ` Darren Kenny
2021-01-19 15:12 ` Alexander Bulekov
2021-01-19 15:44 ` Darren Kenny
2021-01-19 16:15 ` qemu_oss--- via
2021-01-18 15:36 ` Darren Kenny
2021-01-18 15:44 ` Alexander Bulekov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210117230924.449676-3-alxndr@bu.edu \
--to=alxndr@bu.edu \
--cc=bsd@redhat.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=stefanha@redhat.com \
--cc=thuth@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.