[PATCH] docs/devel/testing/fuzzing: Note that you can get qtest to read from a file

[PATCH] docs/devel/testing/fuzzing: Note that you can get qtest to read from a file

[Peter Maydell]

It is possible to get qtest to read fuzzer reproducers from a file
rather than directly from stdio; this is useful when you want to run
QEMU under gdb to debug the failure.  Document how to do this, which
was previously only written down in the commit message for
5b18a6bf44b9 ("chardev: Allow setting file chardev input file on the
command line").

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
I got bored of looking up the commit message in the git log
every time :-)
---
 docs/devel/testing/fuzzing.rst | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/docs/devel/testing/fuzzing.rst b/docs/devel/testing/fuzzing.rst
index c3ac084311b..c43f815f320 100644
--- a/docs/devel/testing/fuzzing.rst
+++ b/docs/devel/testing/fuzzing.rst
@@ -263,6 +263,15 @@ generic-fuzz target.
 
 - Report the bug and send a patch with the C reproducer upstream
 
+QEMU can also read the reproducer directly from a file rather than
+from standard input::
+
+    $QEMU_PATH $QEMU_ARGS -qtest chardev:repro \
+      -chardev file,id=repro,path=/dev/null,input-path=/tmp/reproducer
+
+This is useful if you want to run QEMU under a debugger to investigate
+the failure.
+
 Implementation Details / Fuzzer Lifecycle
 -----------------------------------------
 
-- 
2.43.0

Re: [PATCH] docs/devel/testing/fuzzing: Note that you can get qtest to read from a file

[Fabiano Rosas]

Peter Maydell <peter.maydell@linaro.org> writes:

> It is possible to get qtest to read fuzzer reproducers from a file
> rather than directly from stdio; this is useful when you want to run
> QEMU under gdb to debug the failure.  Document how to do this, which
> was previously only written down in the commit message for
> 5b18a6bf44b9 ("chardev: Allow setting file chardev input file on the
> command line").
>
> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
> ---
> I got bored of looking up the commit message in the git log
> every time :-)
> ---
>  docs/devel/testing/fuzzing.rst | 9 +++++++++
>  1 file changed, 9 insertions(+)
>
> diff --git a/docs/devel/testing/fuzzing.rst b/docs/devel/testing/fuzzing.rst
> index c3ac084311b..c43f815f320 100644
> --- a/docs/devel/testing/fuzzing.rst
> +++ b/docs/devel/testing/fuzzing.rst
> @@ -263,6 +263,15 @@ generic-fuzz target.
>  
>  - Report the bug and send a patch with the C reproducer upstream
>  
> +QEMU can also read the reproducer directly from a file rather than
> +from standard input::
> +
> +    $QEMU_PATH $QEMU_ARGS -qtest chardev:repro \
> +      -chardev file,id=repro,path=/dev/null,input-path=/tmp/reproducer
> +
> +This is useful if you want to run QEMU under a debugger to investigate
> +the failure.
> +
>  Implementation Details / Fuzzer Lifecycle
>  -----------------------------------------

Reviewed-by: Fabiano Rosas <farosas@suse.de>

Re: [PATCH] docs/devel/testing/fuzzing: Note that you can get qtest to read from a file

[Manos Pitsidianakis]

On Tue, Oct 28, 2025 at 6:53 PM Peter Maydell <peter.maydell@linaro.org> wrote:
>
> It is possible to get qtest to read fuzzer reproducers from a file
> rather than directly from stdio; this is useful when you want to run
> QEMU under gdb to debug the failure.  Document how to do this, which
> was previously only written down in the commit message for
> 5b18a6bf44b9 ("chardev: Allow setting file chardev input file on the
> command line").
>
> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
> ---
> I got bored of looking up the commit message in the git log
> every time :-)
> ---

Reviewed-by: Manos Pitsidianakis <manos.pitsidianakis@linaro.org>

>  docs/devel/testing/fuzzing.rst | 9 +++++++++
>  1 file changed, 9 insertions(+)
>
> diff --git a/docs/devel/testing/fuzzing.rst b/docs/devel/testing/fuzzing.rst
> index c3ac084311b..c43f815f320 100644
> --- a/docs/devel/testing/fuzzing.rst
> +++ b/docs/devel/testing/fuzzing.rst
> @@ -263,6 +263,15 @@ generic-fuzz target.
>
>  - Report the bug and send a patch with the C reproducer upstream
>
> +QEMU can also read the reproducer directly from a file rather than
> +from standard input::
> +
> +    $QEMU_PATH $QEMU_ARGS -qtest chardev:repro \
> +      -chardev file,id=repro,path=/dev/null,input-path=/tmp/reproducer
> +
> +This is useful if you want to run QEMU under a debugger to investigate
> +the failure.
> +
>  Implementation Details / Fuzzer Lifecycle
>  -----------------------------------------
>
> --
> 2.43.0
>
>