Give the fuzzer a few more points to experiment with added branching by explicitly using opt mode. ---
I'm not quite sure whether the fuzzer is able to synthesize specific API calls from the client side; but if it can, letting the client specifically enter the NEGOTIATING state may allow the fuzzer to spot other nbd_opt_* API call chains that could provoke odd interactions, which would be completely missed when sticking with the default of skipping opt mode. fuzzing/libnbd-fuzz-wrapper.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/fuzzing/libnbd-fuzz-wrapper.c b/fuzzing/libnbd-fuzz-wrapper.c index 7e390558..e7cf7fe9 100644 --- a/fuzzing/libnbd-fuzz-wrapper.c +++ b/fuzzing/libnbd-fuzz-wrapper.c @@ -200,7 +200,10 @@ client (int sock) nbd_add_meta_context (nbd, LIBNBD_CONTEXT_BASE_ALLOCATION); /* This tests the handshake phase. */ + nbd_set_opt_mode (nbd, true); nbd_connect_socket (nbd, sock); + nbd_opt_info (nbd); + nbd_opt_go (nbd); length = nbd_get_size (nbd); -- 2.37.3 _______________________________________________ Libguestfs mailing list Libguestfs@redhat.com https://listman.redhat.com/mailman/listinfo/libguestfs
