tests/qtest/fuzz/fork_fuzz.c

   1 /*
   2  * Fork-based fuzzing helpers
   3  *
   4  * Copyright Red Hat Inc., 2019
   5  *
   6  * Authors:
   7  *  Alexander Bulekov   <alxndr@bu.edu>
   8  *
   9  * This work is licensed under the terms of the GNU GPL, version 2 or later.
  10  * See the COPYING file in the top-level directory.
  11  *
  12  */
  13
  14 #include "qemu/osdep.h"
  15 #include "fork_fuzz.h"
  16
  17
  18 void counter_shm_init(void)
  19 {
  20     char *shm_path = g_strdup_printf("/qemu-fuzz-cntrs.%d", getpid());
  21     int fd = shm_open(shm_path, O_CREAT | O_RDWR, S_IRUSR | S_IWUSR);
  22     g_free(shm_path);
  23
  24     if (fd == -1) {
  25         perror("Error: ");
  26         exit(1);
  27     }
  28     if (ftruncate(fd, &__FUZZ_COUNTERS_END - &__FUZZ_COUNTERS_START) == -1) {
  29         perror("Error: ");
  30         exit(1);
  31     }
  32     /* Copy what's in the counter region to the shm.. */
  33     void *rptr = mmap(NULL ,
  34             &__FUZZ_COUNTERS_END - &__FUZZ_COUNTERS_START,
  35             PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0);
  36     memcpy(rptr,
  37            &__FUZZ_COUNTERS_START,
  38            &__FUZZ_COUNTERS_END - &__FUZZ_COUNTERS_START);
  39
  40     munmap(rptr, &__FUZZ_COUNTERS_END - &__FUZZ_COUNTERS_START);
  41
  42     /* And map the shm over the counter region */
  43     rptr = mmap(&__FUZZ_COUNTERS_START,
  44             &__FUZZ_COUNTERS_END - &__FUZZ_COUNTERS_START,
  45             PROT_READ | PROT_WRITE, MAP_SHARED | MAP_FIXED, fd, 0);
  46
  47     close(fd);
  48
  49     if (!rptr) {
  50         perror("Error: ");
  51         exit(1);
  52     }
  53 }
  54
  55