On Tue, Aug 27, 2024 at 11:07 AM Martin Kletzander <mkletzan@xxxxxxxxxx> wrote: > > That was unfortunate, but since Rayhan had the first implementation done > in a very short time we rather spent the rest of the time enhancing the > fuzzing and it definitely bore fruit -- some of the found things are > fixed, some are still waiting for a patch or two. > > The crucial part of this is the existing libprotobuf-mutator which is > already in C++ and does provide very specific C++ APIs. > > Another approach (except writing our own mutator) would be to keep the > code in a separate repository. I'm not completely sure whether we would > still need the code modifications, I don't remember our discussions > about whether the fuzzing compilation could work with all current > libvirt code compiled as C and only the fuzzing parts compiled in C++. > All the existing code is indeed still compiled as C. Only the fuzzing executables (under tests/fuzz/) are compiled in C++ and linked to those C objects. We still do need some of the minor code modifications (in PATCH 1) because existing C headers are sometimes interpreted a bit differently from the fuzzer's PoV, even with C linkage. There are still some other code modifications in tests/ and src/ for a few other fuzzers (mostly hotplug and CH) to make fuzzing easier. I agree that we could keep it as a separate repo, perhaps a subproject. I have seen some projects keep their fuzzing code separate (mostly on oss-fuzz). -- Rayhan Faizel
