fork_fuzz.c (1089B)
1 /* 2 * Fork-based fuzzing helpers 3 * 4 * Copyright Red Hat Inc., 2019 5 * 6 * Authors: 7 * Alexander Bulekov <alxndr@bu.edu> 8 * 9 * This work is licensed under the terms of the GNU GPL, version 2 or later. 10 * See the COPYING file in the top-level directory. 11 * 12 */ 13 14 #include "qemu/osdep.h" 15 #include "fork_fuzz.h" 16 17 18 void counter_shm_init(void) 19 { 20 /* Copy what's in the counter region to a temporary buffer.. */ 21 void *copy = malloc(&__FUZZ_COUNTERS_END - &__FUZZ_COUNTERS_START); 22 memcpy(copy, 23 &__FUZZ_COUNTERS_START, 24 &__FUZZ_COUNTERS_END - &__FUZZ_COUNTERS_START); 25 26 /* Map a shared region over the counter region */ 27 if (mmap(&__FUZZ_COUNTERS_START, 28 &__FUZZ_COUNTERS_END - &__FUZZ_COUNTERS_START, 29 PROT_READ | PROT_WRITE, MAP_SHARED | MAP_FIXED | MAP_ANONYMOUS, 30 0, 0) == MAP_FAILED) { 31 perror("Error: "); 32 exit(1); 33 } 34 35 /* Copy the original data back to the counter-region */ 36 memcpy(&__FUZZ_COUNTERS_START, copy, 37 &__FUZZ_COUNTERS_END - &__FUZZ_COUNTERS_START); 38 free(copy); 39 } 40 41