docs/devel/testing/fuzzing: Note that you can get qtest to read from a file

It is possible to get qtest to read fuzzer reproducers from a file rather than directly from stdio; this is useful when you want to run QEMU under gdb to debug the failure. Document how to do this, which was previously only written down in the commit message for 5b18a6bf44 ("chardev: Allow setting file chardev input file on the command line"). Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Fabiano Rosas <farosas@suse.de> Reviewed-by: Manos Pitsidianakis <manos.pitsidianakis@linaro.org> Message-id: 20251028165236.3327658-1-peter.maydell@linaro.org
2026-03-26 18:22:55 -07:00 · 2025-10-28 16:52:35 +00:00
parent 74bc6caea9
commit 5848d2c3a6
1 changed files with 9 additions and 0 deletions
--- a/docs/devel/testing/fuzzing.rst
+++ b/docs/devel/testing/fuzzing.rst
@@ -263,6 +263,15 @@ generic-fuzz target.

 - Report the bug and send a patch with the C reproducer upstream

+QEMU can also read the reproducer directly from a file rather than
+from standard input::
+
+    $QEMU_PATH $QEMU_ARGS -qtest chardev:repro \
+      -chardev file,id=repro,path=/dev/null,input-path=/tmp/reproducer
+
+This is useful if you want to run QEMU under a debugger to investigate
+the failure.
+
 Implementation Details / Fuzzer Lifecycle
 -----------------------------------------