all: convert Fuchsia to use "host fuzzing" mode

Go support is not a priority for Fuchsia at the moment, so it's
preferable to use host fuzzing mode for Fuchsia like currently done
for Akaros.

This commit basically looks for all the places where there was special
logic for OS=="akaros" and extends the same logic for OS=="fuchsia".

8 files changed, 23 insertions, 16 deletions

diff --git a/Makefile b/Makefile
index 2453a3765..6525745d8 100644
--- a/Makefile
+++ b/Makefile
@@ -44,12 +44,6 @@ export CGO_ENABLED=0
 TARGETGOOS := $(TARGETOS)
 TARGETGOARCH := $(TARGETVMARCH)
 
-ifeq ("$(TARGETOS)", "fuchsia")
-# SOURCEDIR should point to fuchsia checkout.
-export FX_SRC_PATH=$(SOURCEDIR)
-	GO = "tools/fuchsia/go"
-endif
-
 GITREV=$(shell git rev-parse HEAD)
 ifeq ("$(shell git diff --shortstat)", "")
 	REV=$(GITREV)
@@ -81,6 +75,11 @@ ifeq ("$(TARGETOS)", "akaros")
 	TARGETGOARCH := $(HOSTARCH)
 endif
 
+ifeq ("$(TARGETOS)", "fuchsia")
+	TARGETGOOS := $(HOSTOS)
+	TARGETGOARCH := $(HOSTARCH)
+endif
+
 ifeq ("$(TARGETOS)", "trusty")
 	TARGETGOOS := $(HOSTOS)
 	TARGETGOARCH := $(HOSTARCH)
diff --git a/executor/common.h b/executor/common.h
index 378dca0f7..1d0616d70 100644
--- a/executor/common.h
+++ b/executor/common.h
@@ -167,6 +167,8 @@ static void use_temporary_dir(void)
 {
 #if SYZ_SANDBOX_ANDROID_UNTRUSTED_APP
 	char tmpdir_template[] = "/data/data/syzkaller/syzkaller.XXXXXX";
+#elif GOOS_fuchsia
+	char tmpdir_template[] = "/tmp/syzkaller.XXXXXX";
 #else
 	char tmpdir_template[] = "./syzkaller.XXXXXX";
 #endif
diff --git a/pkg/csource/generated.go b/pkg/csource/generated.go
index 3206918dd..7fc831392 100644
--- a/pkg/csource/generated.go
+++ b/pkg/csource/generated.go
@@ -152,6 +152,8 @@ static void use_temporary_dir(void)
 {
 #if SYZ_SANDBOX_ANDROID_UNTRUSTED_APP
 	char tmpdir_template[] = "/data/data/syzkaller/syzkaller.XXXXXX";
+#elif GOOS_fuchsia
+	char tmpdir_template[] = "/tmp/syzkaller.XXXXXX";
 #else
 	char tmpdir_template[] = "./syzkaller.XXXXXX";
 #endif
diff --git a/pkg/host/host.go b/pkg/host/host.go
index 25f762608..c7454d12b 100644
--- a/pkg/host/host.go
+++ b/pkg/host/host.go
@@ -20,7 +20,8 @@ func DetectSupportedSyscalls(target *prog.Target, sandbox string) (
 	supported := make(map[*prog.Syscall]bool)
 	unsupported := make(map[*prog.Syscall]string)
 	// Akaros does not have own host and parasitizes on some other OS.
-	if target.OS == "akaros" || target.OS == "test" {
+	switch target.OS {
+	case "akaros", "fuchsia", "test":
 		for _, c := range target.Syscalls {
 			supported[c] = true
 		}
@@ -106,7 +107,8 @@ func Check(target *prog.Target) (*Features, error) {
 		FeatureNetworkInjection:           {Name: "net packet injection", Reason: unsupported},
 		FeatureNetworkDevices:             {Name: "net device setup", Reason: unsupported},
 	}
-	if target.OS == "akaros" || target.OS == "test" {
+	switch target.OS {
+	case "akaros", "fuchsia", "test":
 		return res, nil
 	}
 	for n, check := range checkFeature {
@@ -126,7 +128,8 @@ func Check(target *prog.Target) (*Features, error) {
 // Setup enables and does any one-time setup for the requested features on the host.
 // Note: this can be called multiple times and must be idempotent.
 func Setup(target *prog.Target, features *Features, featureFlags csource.Features, executor string) error {
-	if target.OS == "akaros" {
+	switch target.OS {
+	case "akaros", "fuchsia":
 		return nil
 	}
 	args := []string{"setup"}
diff --git a/pkg/instance/instance.go b/pkg/instance/instance.go
index f46673d47..cc1b147f1 100644
--- a/pkg/instance/instance.go
+++ b/pkg/instance/instance.go
@@ -394,7 +394,8 @@ func (inst *inst) testProgram(command string, testTime time.Duration) error {
 func FuzzerCmd(fuzzer, executor, name, OS, arch, fwdAddr, sandbox string, procs, verbosity int,
 	cover, debug, test, runtest bool) string {
 	osArg := ""
-	if OS == "akaros" {
+	switch OS {
+	case "akaros", "fuchsia":
 		// Only akaros needs OS, because the rest assume host OS.
 		// But speciying OS for all OSes breaks patch testing on syzbot
 		// because old execprog does not have os flag.
@@ -425,7 +426,8 @@ func ExecprogCmd(execprog, executor, OS, arch, sandbox string, repeat, threaded,
 		repeatCount = 0
 	}
 	osArg := ""
-	if OS == "akaros" {
+	switch OS {
+	case "akaros", "fuchsia":
 		osArg = " -os=" + OS
 	}
 	return fmt.Sprintf("%v -executor=%v -arch=%v%v -sandbox=%v"+
diff --git a/pkg/instance/instance_test.go b/pkg/instance/instance_test.go
index f4ab3a588..5b9a28404 100644
--- a/pkg/instance/instance_test.go
+++ b/pkg/instance/instance_test.go
@@ -91,7 +91,7 @@ func TestExecprogCmd(t *testing.T) {
 	flagCollide := flags.Bool("collide", true, "collide syscalls to provoke data races")
 	flagSignal := flags.Bool("cover", false, "collect feedback signals (coverage)")
 	flagSandbox := flags.String("sandbox", "none", "sandbox for fuzzing (none/setuid/namespace)")
-	cmdLine := ExecprogCmd(os.Args[0], "/myexecutor", "fuchsia", "386", "namespace", true, false, false, 7, 2, 3, "myprog")
+	cmdLine := ExecprogCmd(os.Args[0], "/myexecutor", "freebsd", "386", "namespace", true, false, false, 7, 2, 3, "myprog")
 	args := strings.Split(cmdLine, " ")[1:]
 	if err := flags.Parse(args); err != nil {
 		t.Fatal(err)
diff --git a/pkg/ipc/ipc.go b/pkg/ipc/ipc.go
index 89799b45a..978fcb7be 100644
--- a/pkg/ipc/ipc.go
+++ b/pkg/ipc/ipc.go
@@ -263,15 +263,13 @@ func (env *Env) Exec(opts *ExecOpts, p *prog.Prog) (output []byte, info *ProgInf
 
 	atomic.AddUint64(&env.StatExecs, 1)
 	if env.cmd == nil {
-		if p.Target.OS == "akaros" {
+		switch p.Target.OS {
+		case "akaros", "fuchsia":
 			// On akaros executor is actually ssh,
 			// starting them too frequently leads to timeouts.
 			<-rateLimit.C
 		}
 		tmpDirPath := "./"
-		if p.Target.OS == "fuchsia" {
-			tmpDirPath = "/data/"
-		}
 		atomic.AddUint64(&env.StatRestarts, 1)
 		env.cmd, err0 = makeCommand(env.pid, env.bin, env.config, env.inFile, env.outFile, env.out, tmpDirPath)
 		if err0 != nil {
diff --git a/vm/qemu/qemu.go b/vm/qemu/qemu.go
index 80a2b822b..babf48f4d 100644
--- a/vm/qemu/qemu.go
+++ b/vm/qemu/qemu.go
@@ -164,6 +164,7 @@ var archConfigs = map[string]*archConfig{
 			"kernel.serial=legacy",
 			"kernel.halt-on-panic=true",
 		},
+		HostFuzzer: true,
 	},
 	"akaros/amd64": {
 		Qemu:       "qemu-system-x86_64",