tests/qtest/fuzz/fork_fuzz.c

   1 /*
   2  * Fork-based fuzzing helpers
   3  *
   4  * Copyright Red Hat Inc., 2019
   5  *
   6  * Authors:
   7  *  Alexander Bulekov   <alxndr@bu.edu>
   8  *
   9  * This work is licensed under the terms of the GNU GPL, version 2 or later.
  10  * See the COPYING file in the top-level directory.
  11  *
  12  */
  13
  14 #include "qemu/osdep.h"
  15 #include "fork_fuzz.h"
  16
  17
  18 void counter_shm_init(void)
  19 {
  20     /* Copy what's in the counter region to a temporary buffer.. */
  21     void *copy = malloc(&__FUZZ_COUNTERS_END - &__FUZZ_COUNTERS_START);
  22     memcpy(copy,
  23            &__FUZZ_COUNTERS_START,
  24            &__FUZZ_COUNTERS_END - &__FUZZ_COUNTERS_START);
  25
  26     /* Map a shared region over the counter region */
  27     if (mmap(&__FUZZ_COUNTERS_START,
  28              &__FUZZ_COUNTERS_END - &__FUZZ_COUNTERS_START,
  29              PROT_READ | PROT_WRITE, MAP_SHARED | MAP_FIXED | MAP_ANONYMOUS,
  30              0, 0) == MAP_FAILED) {
  31         perror("Error: ");
  32         exit(1);
  33     }
  34
  35     /* Copy the original data back to the counter-region */
  36     memcpy(&__FUZZ_COUNTERS_START, copy,
  37            &__FUZZ_COUNTERS_END - &__FUZZ_COUNTERS_START);
  38     free(copy);
  39 }
  40
  41