The block, qcow, and zimage fuzzers all created a SharedMemory and then
converted it into a file; with the new base API changes, this is no
longer supported. Replace the SharedMemory uses with tempfile to fix
the build (this also simplifies the code).
BUG=chromium:1136895
TEST=`FEATURES=test USE='asan fuzz' emerge-amd64-generic crosvm`
Change-Id: I50d4e8c57ed41419c79a3fac440654224696f80c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2463895
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Tested-by: Daniel Verkamp <dverkamp@chromium.org>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
For now, this crate simply re-exports all of sys_util, but it will
be updated to provide new interfaces when needed. This is the
first step to making crosvm not directly depend on sys_util, so
that we can make the interface changes we need without fear of
negatively affecting (i.e. completely breaking) other usages
within chromeos.
BUG=b:162363783
TEST=./build_test
Change-Id: I7d0aa3d8a1f66af1c7fee8fd649723ef17027150
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2325168
Tested-by: Michael Hoyle <mikehoyle@google.com>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Michael Hoyle <mikehoyle@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
After vm_memory was added, the dependency wasn't added. So it
caused crosvm-fuzz fail to build. This patch adds the dependency.
BUG=chromium:1110970
TEST=USE="asan fuzzer" emerge-amd64-generic crosvm
Change-Id: Ic71243365ed8603928ba30bce7b7361ca368bf1c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2327870
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Tested-by: Daniel Verkamp <dverkamp@chromium.org>
Commit-Queue: Tiancong Wang <tcwang@google.com>
When compiling a new-enough crosvm for fuzzing (after
https://crrev.com/c/1749950), the build would fail with an error about
importing two different version of sys_util:
expected struct `sys_util::shm::SharedMemory`, found a different struct
`sys_util::shm::SharedMemory`
expected reference `sys_util::shm::SharedMemory (struct
`sys_util::shm::SharedMemory`)
found reference sys_util::shm::SharedMemory (struct
`sys_util::shm::SharedMemory`)
perhaps two different versions of crate `sys_util` are being used?
Fix this by patching the version of sys_util used by audio_streams
so that it also uses the path dependency instead of the sys_util from
the dev-rust/sys_util ebuild in the fuzz-specific Cargo.toml.
BUG=chromium:1057532
TEST=`USE='asan fuzzer' emerge-nami crosvm`
Change-Id: I38252465a1111a9a8f643a59e36733016c5db99d
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2086401
Reviewed-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Chirantan Ekbote <chirantan@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Manoj Gupta <manojgupta@chromium.org>
Move qcow from being its own crate into a module of the disk crate,
similar to the composite disk module.
This will allow use of qcow from disk and vice versa without introducing
a circular crate dependency.
BUG=None
TEST=./build_test.py
TEST=USE='asan fuzzer' emerge-nami crosvm
Change-Id: I77512bbe4b94faff1b5460f9796ee56505135580
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1972477
Reviewed-by: Cody Schuffelen <schuffelen@google.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Add a fuzzer for the virtio-fs server, which is responsible for decoding
a byte stream into FUSE messages.
BUG=none
TEST=run it with cros_fuzz
Change-Id: Ic7695f2106d3f81e6cf09b98ffedc51831238f1e
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1865272
Tested-by: Chirantan Ekbote <chirantan@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Chirantan Ekbote <chirantan@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
The new USB descriptor parsing code is a nice candidate for a fuzzer,
since it takes an arbitrary stream of bytes as input and parses it.
BUG=chromium:987833
TEST=`USE='asan fuzzer' emerge-nami crosvm`
Cq-Depend: chromium:1863465
Change-Id: I3bbdbf081e9a9dd590c781467f8bd44fa1dcab64
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1862117
Reviewed-by: Zach Reizner <zachr@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
This may help reduce cases of conflicts between independent CLs each
appending a dependency at the bottom of the list, of which I hit two
today rebasing some of my open CLs.
TEST=cargo check --all-features
Change-Id: Ief10bb004cc7b44b107dc3841ce36c6b23632aed
Reviewed-on: https://chromium-review.googlesource.com/1557172
Commit-Ready: David Tolnay <dtolnay@chromium.org>
Tested-by: David Tolnay <dtolnay@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Separated out of CL:1513058 to make it possible to land parts
individually while the affected crate has no other significant CLs
pending. This avoids repeatedly introducing non-textual conflicts with
new code that adds `use` statements.
TEST=cargo check
TEST=cargo check --all-features
TEST=cargo check --target aarch64-unknown-linux-gnu
Change-Id: I355014ebd08bc2a655e1a1bbff56ecc90aa99ece
Reviewed-on: https://chromium-review.googlesource.com/1519695
Commit-Ready: David Tolnay <dtolnay@chromium.org>
Tested-by: David Tolnay <dtolnay@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: David Tolnay <dtolnay@chromium.org>
Fuzz using the data as a qcow image with an offset and value to write to
the image.
Change-Id: Iff8f2971ba716c93d978e33338ad62b5d487c115
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/871132
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Chirantan Ekbote <chirantan@chromium.org>
There is now infrastructure for running fuzzers in cros, use it.
Change-Id: I53ec9e195b7062fdcc38b5186c1f3194031037f3
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1521667
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Chirantan Ekbote <chirantan@chromium.org>
Add a top level fuzz directory. Other fuzz tests will be added here in
subsequent commits.
For now fuzzing must be run manually. Soon there will be a way to
extract the fuzz artifacts and upload them to cluster fuzz.
Change-Id: Iddfb55af78af6f412927b2221f22acb882069d36
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/850851
Reviewed-by: Zach Reizner <zachr@chromium.org>
