Re: [PATCH] fuzz: Add virtio-9p configurations for fuzzing

[Darren Kenny]

Hi Alex,

On Thursday, 2021-01-14 at 17:17:48 -05, Alexander Bulekov wrote:
> Signed-off-by: Alexander Bulekov <alxndr@bu.edu>

In general this look good, so:

Reviewed-by: Darren Kenny <darren.kenny@oracle.com>

but I do have a question below...

> ---
>  tests/qtest/fuzz/generic_fuzz_configs.h | 12 ++++++++++++
>  1 file changed, 12 insertions(+)
>
> diff --git a/tests/qtest/fuzz/generic_fuzz_configs.h 
> b/tests/qtest/fuzz/generic_fuzz_configs.h
> index 7fed035345..ffdb590c58 100644
> --- a/tests/qtest/fuzz/generic_fuzz_configs.h
> +++ b/tests/qtest/fuzz/generic_fuzz_configs.h
> @@ -59,6 +59,18 @@ const generic_fuzz_config predefined_configs[] = {
>          .name = "virtio-mouse",
>          .args = "-machine q35 -nodefaults -device virtio-mouse",
>          .objects = "virtio*",
> +    },{
> +        .name = "virtio-9p",
> +        .args = "-machine q35 -nodefaults "
> +        "-device virtio-9p,fsdev=hshare,mount_tag=hshare "
> +        "-fsdev local,id=hshare,path=/tmp/,security_model=none",
> +        .objects = "virtio*",

I wonder about the use of "/tmp" rather than maybe some generated name
using mkdtemp() - I also realise that the ability to generate this and
plug it in here probably doesn't exist either, hence not holding you to
it for this patch. Also the fact that in OSS-Fuzz this is run in limited
containers.

Have you observed any changes to "/tmp" while this is running? My
concerns may be unfounded since I don't really know what state things
are in while this is executed with no running OS.

Thanks,

Darren.