OpenE2K
/
qemu-e2k
13
4
Fork 0
Code Issues 4 Pull Requests Projects 2 Releases Activity

* Leak fixes 

* One fix for running with --enable-werror on macOS
 * Add fuzzer test to the Gitlab-CI
 -----BEGIN PGP SIGNATURE-----
 
 iQJFBAABCAAvFiEEJ7iIR+7gJQEY8+q5LtnXdP5wLbUFAl8RdQMRHHRodXRoQHJl
 ZGhhdC5jb20ACgkQLtnXdP5wLbU7zg//S4nRm6tatTzkOX3ceg8T+2Qm/VV7Li9u
 JKJMkYtralSoY66McSsMezXzEJB2d5pFkxuKIfR8SrJOjvo0qUUlkimgg2EatXcG
 nryuz6gQhUfLXm7jegsi8KkFDd8K3YT1t6AtMF146GMuJCB/kCasCMMakU4K+/Bx
 4qxYKNRNXHlxke5Ik17W6bFDaJ1PWL/aKbc10g7KZwnYkmpZOkHKxJrxAI56Rzte
 5M1GHpJ1EzqN+x4iRpG2kYh7wsN13Jiq6aTY3HqUZnS9ZUBg7zbDjJhTaPMxd7FJ
 OXEvGBBnEW1tQyk2c/Qe7o4jL1feto3TUGGtTaacAhaxNDB8MBF6lgXAN7MOS1zo
 U819K+1A72FL+6m9+LG/bmaJ1LOkYkG53L0qU3ReooMGNBKBwzSADHlxETJ9bqlm
 UHrgo61zeQ5mNYUWzQrTzwFQ5Eg9FfNADWhPITBALH/5CMu63bVpNudo7m5hlwvW
 O+h+upit9Jd6zK8vvprNJ8h4KbfQskKWjWLQ1gXrfXWohfkoqKFmOrN6X3cOfTzl
 2tsiKT9hH6ut4vIVeNgFVaOLaaLdYlP+34Xh/ooCJ+mGUD8TxsaIYP19/LHL8vdu
 fO8w1qWILOLQ78h82H+q5TVyH210ODQUPRUDBaLzqIaxch43sV+sFkq4b76dFIRV
 UQVccfhQRJE=
 =YG6q
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/huth-gitlab/tags/pull-request-2020-07-17' into staging

* Leak fixes
* One fix for running with --enable-werror on macOS
* Add fuzzer test to the Gitlab-CI

# gpg: Signature made Fri 17 Jul 2020 10:53:07 BST
# gpg:                using RSA key 27B88847EEE0250118F3EAB92ED9D774FE702DB5
# gpg:                issuer "thuth@redhat.com"
# gpg: Good signature from "Thomas Huth <th.huth@gmx.de>" [full]
# gpg:                 aka "Thomas Huth <thuth@redhat.com>" [full]
# gpg:                 aka "Thomas Huth <huth@tuxfamily.org>" [full]
# gpg:                 aka "Thomas Huth <th.huth@posteo.de>" [unknown]
# Primary key fingerprint: 27B8 8847 EEE0 2501 18F3  EAB9 2ED9 D774 FE70 2DB5

* remotes/huth-gitlab/tags/pull-request-2020-07-17:
  gitlab-ci.yml: Add fuzzer tests
  qom: Plug memory leak in "info qom-tree"
  configure: Fix for running with --enable-werror on macOS
  fuzz: Expect the cmdline in a freeable GString
  tests: qmp-cmd-test: fix memory leak
  qtest: bios-tables-test: fix a memory leak

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This commit is contained in:
Peter Maydell 2020-07-17 12:06:02 +01:00
parent 151f76c689 b610eba335
commit b7bda69c4e
9 changed files with 52 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
.gitlab-ci.yml
View File

@ -161,9 +161,27 @@ build-clang:
IMAGE: fedora
CONFIGURE_ARGS: --cc=clang --cxx=clang++
TARGETS: alpha-softmmu arm-softmmu m68k-softmmu mips64-softmmu
ppc-softmmu s390x-softmmu x86_64-softmmu arm-linux-user
ppc-softmmu s390x-softmmu arm-linux-user
MAKE_CHECK_ARGS: check
build-fuzzer:
<<: *native_build_job_definition
variables:
IMAGE: fedora
script:
- mkdir build
- cd build
- ../configure --cc=clang --cxx=clang++ --enable-fuzzing
--enable-sanitizers --target-list=x86_64-softmmu
- make -j"$JOBS" all check-build x86_64-softmmu/fuzz
- make check
- for fuzzer in i440fx-qos-fork-fuzz i440fx-qos-noreset-fuzz
i440fx-qtest-reboot-fuzz virtio-scsi-flags-fuzz virtio-scsi-fuzz ; do
echo Testing ${fuzzer} ... ;
x86_64-softmmu/qemu-fuzz-x86_64 --fuzz-target=${fuzzer} -runs=1000
|| exit 1 ;
done
build-tci:
<<: *native_build_job_definition
variables:

2
configure vendored
View File

@ -4198,7 +4198,7 @@ pthread_setname_np_wo_tid=no
cat > $TMPC << EOF
#include <pthread.h>
static void *f(void *p) { pthread_setname_np("QEMU"); }
static void *f(void *p) { pthread_setname_np("QEMU"); return NULL; }
int main(void)
{
pthread_t thread;

6
qom/qom-hmp-cmds.c
View File

@ -96,8 +96,10 @@ static void print_qom_composition(Monitor *mon, Object *obj, int indent);
static int qom_composition_compare(const void *a, const void *b, void *ignore)
{
return g_strcmp0(a ? object_get_canonical_path_component(a) : NULL,
b ? object_get_canonical_path_component(b) : NULL);
g_autofree char *ac = object_get_canonical_path_component(a);
g_autofree char *bc = object_get_canonical_path_component(b);
return g_strcmp0(ac, bc);
}
static int insert_qom_composition_child(Object *obj, void *opaque)

1
tests/qtest/bios-tables-test.c
View File

@ -924,6 +924,7 @@ static void test_acpi_tcg_tpm(const char *machine, const char *tpm_if,
g_free(variant);
g_free(tmp_path);
g_free(tmp_dir_name);
g_free(args);
free_test_data(&data);
#else
g_test_skip("TPM disabled");

13
tests/qtest/fuzz/fuzz.c
View File

@ -199,16 +199,15 @@ int LLVMFuzzerInitialize(int *argc, char ***argv, char ***envp)
}
/* Run QEMU's softmmu main with the fuzz-target dependent arguments */
const char *init_cmdline = fuzz_target->get_init_cmdline(fuzz_target);
init_cmdline = g_strdup_printf("%s -qtest /dev/null -qtest-log %s",
init_cmdline,
getenv("QTEST_LOG") ? "/dev/fd/2"
: "/dev/null");
GString *cmd_line = fuzz_target->get_init_cmdline(fuzz_target);
g_string_append_printf(cmd_line,
" -qtest /dev/null -qtest-log %s",
getenv("QTEST_LOG") ? "/dev/fd/2" : "/dev/null");
/* Split the runcmd into an argv and argc */
wordexp_t result;
wordexp(init_cmdline, &result, 0);
wordexp(cmd_line->str, &result, 0);
g_string_free(cmd_line, true);
qemu_init(result.we_wordc, result.we_wordv, NULL);

6
tests/qtest/fuzz/fuzz.h
View File

@ -50,10 +50,10 @@ typedef struct FuzzTarget {
/*
* returns the arg-list that is passed to qemu/softmmu init()
* Cannot be NULL
* Returns the arguments that are passed to qemu/softmmu init(). Freed by
* the caller.
*/
const char* (*get_init_cmdline)(struct FuzzTarget *);
GString *(*get_init_cmdline)(struct FuzzTarget *);
/*
* will run once, prior to running qemu/softmmu init.

4
tests/qtest/fuzz/i440fx_fuzz.c
View File

@ -158,9 +158,9 @@ static void i440fx_fuzz_qos_fork(QTestState *s,
static const char *i440fx_qtest_argv = TARGET_NAME " -machine accel=qtest"
" -m 0 -display none";
static const char *i440fx_argv(FuzzTarget *t)
static GString *i440fx_argv(FuzzTarget *t)
{
return i440fx_qtest_argv;
return g_string_new(i440fx_qtest_argv);
}
static void fork_init(void)

6
tests/qtest/fuzz/qos_fuzz.c
View File

@ -66,7 +66,7 @@ void *qos_allocate_objects(QTestState *qts, QGuestAllocator **p_alloc)
return allocate_objects(qts, current_path + 1, p_alloc);
}
static const char *qos_build_main_args(void)
static GString *qos_build_main_args(void)
{
char **path = fuzz_path_vec;
QOSGraphNode *test_node;
@ -88,7 +88,7 @@ static const char *qos_build_main_args(void)
/* Prepend the arguments that we need */
g_string_prepend(cmd_line,
TARGET_NAME " -display none -machine accel=qtest -m 64 ");
return cmd_line->str;
return cmd_line;
}
/*
@ -189,7 +189,7 @@ static void walk_path(QOSGraphNode *orig_path, int len)
g_free(path_str);
}
static const char *qos_get_cmdline(FuzzTarget *t)
static GString *qos_get_cmdline(FuzzTarget *t)
{
/*
* Set a global variable that we use to identify the qos_path for our

13
tests/qtest/qmp-cmd-test.c
View File

@ -230,6 +230,8 @@ static void test_object_add_failure_modes(void)
" 'props': {'size': 1048576 } } }");
g_assert_nonnull(resp);
g_assert(qdict_haskey(resp, "return"));
qobject_unref(resp);
resp = qtest_qmp(qts, "{'execute': 'object-add', 'arguments':"
" {'qom-type': 'memory-backend-ram', 'id': 'ram1',"
" 'props': {'size': 1048576 } } }");
@ -241,6 +243,7 @@ static void test_object_add_failure_modes(void)
" {'id': 'ram1' } }");
g_assert_nonnull(resp);
g_assert(qdict_haskey(resp, "return"));
qobject_unref(resp);
/* attempt to create an object with a property of a wrong type */
resp = qtest_qmp(qts, "{'execute': 'object-add', 'arguments':"
@ -249,17 +252,20 @@ static void test_object_add_failure_modes(void)
g_assert_nonnull(resp);
/* now do it right */
qmp_assert_error_class(resp, "GenericError");
resp = qtest_qmp(qts, "{'execute': 'object-add', 'arguments':"
" {'qom-type': 'memory-backend-ram', 'id': 'ram1',"
" 'props': {'size': 1048576 } } }");
g_assert_nonnull(resp);
g_assert(qdict_haskey(resp, "return"));
qobject_unref(resp);
/* delete ram1 object */
resp = qtest_qmp(qts, "{'execute': 'object-del', 'arguments':"
" {'id': 'ram1' } }");
g_assert_nonnull(resp);
g_assert(qdict_haskey(resp, "return"));
qobject_unref(resp);
/* attempt to create an object without the id */
resp = qtest_qmp(qts, "{'execute': 'object-add', 'arguments':"
@ -267,18 +273,21 @@ static void test_object_add_failure_modes(void)
" 'props': {'size': 1048576 } } }");
g_assert_nonnull(resp);
qmp_assert_error_class(resp, "GenericError");
/* now do it right */
resp = qtest_qmp(qts, "{'execute': 'object-add', 'arguments':"
" {'qom-type': 'memory-backend-ram', 'id': 'ram1',"
" 'props': {'size': 1048576 } } }");
g_assert_nonnull(resp);
g_assert(qdict_haskey(resp, "return"));
qobject_unref(resp);
/* delete ram1 object */
resp = qtest_qmp(qts, "{'execute': 'object-del', 'arguments':"
" {'id': 'ram1' } }");
g_assert_nonnull(resp);
g_assert(qdict_haskey(resp, "return"));
qobject_unref(resp);
/* attempt to set a non existing property */
resp = qtest_qmp(qts, "{'execute': 'object-add', 'arguments':"
@ -286,23 +295,27 @@ static void test_object_add_failure_modes(void)
" 'props': {'sized': 1048576 } } }");
g_assert_nonnull(resp);
qmp_assert_error_class(resp, "GenericError");
/* now do it right */
resp = qtest_qmp(qts, "{'execute': 'object-add', 'arguments':"
" {'qom-type': 'memory-backend-ram', 'id': 'ram1',"
" 'props': {'size': 1048576 } } }");
g_assert_nonnull(resp);
g_assert(qdict_haskey(resp, "return"));
qobject_unref(resp);
/* delete ram1 object without id */
resp = qtest_qmp(qts, "{'execute': 'object-del', 'arguments':"
" {'ida': 'ram1' } }");
g_assert_nonnull(resp);
qobject_unref(resp);
/* delete ram1 object */
resp = qtest_qmp(qts, "{'execute': 'object-del', 'arguments':"
" {'id': 'ram1' } }");
g_assert_nonnull(resp);
g_assert(qdict_haskey(resp, "return"));
qobject_unref(resp);
/* delete ram1 object that does not exist anymore*/
resp = qtest_qmp(qts, "{'execute': 'object-del', 'arguments':"