[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PULL 11/16] fuzz: move some DMA hooks
From: |
Paolo Bonzini |
Subject: |
[PULL 11/16] fuzz: move some DMA hooks |
Date: |
Tue, 16 Mar 2021 17:15:26 -0400 |
From: Alexander Bulekov <alxndr@bu.edu>
For the sparse-mem device, we want the fuzzer to populate entire DMA
reads from sparse-mem, rather than hooking into the individual MMIO
memory_region_dispatch_read operations. Otherwise, the fuzzer will treat
each sequential read separately (and populate it with a separate
pattern). Work around this by rearranging some DMA hooks. Since the
fuzzer has it's own logic to skip accidentally writing to MMIO regions,
we can call the DMA cb, outside the flatview_translate loop.
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
softmmu/memory.c | 1 -
softmmu/physmem.c | 2 +-
2 files changed, 1 insertion(+), 2 deletions(-)
diff --git a/softmmu/memory.c b/softmmu/memory.c
index 9db47b7db6..c4730ec47a 100644
--- a/softmmu/memory.c
+++ b/softmmu/memory.c
@@ -1440,7 +1440,6 @@ MemTxResult memory_region_dispatch_read(MemoryRegion *mr,
unsigned size = memop_size(op);
MemTxResult r;
- fuzz_dma_read_cb(addr, size, mr);
if (!memory_region_access_valid(mr, addr, size, false, attrs)) {
*pval = unassigned_mem_read(mr, addr, size);
return MEMTX_DECODE_ERROR;
diff --git a/softmmu/physmem.c b/softmmu/physmem.c
index 7e8b0fab89..6a58c86750 100644
--- a/softmmu/physmem.c
+++ b/softmmu/physmem.c
@@ -2831,6 +2831,7 @@ MemTxResult flatview_read_continue(FlatView *fv, hwaddr
addr,
bool release_lock = false;
uint8_t *buf = ptr;
+ fuzz_dma_read_cb(addr, len, mr);
for (;;) {
if (!memory_access_is_direct(mr, false)) {
/* I/O case */
@@ -2841,7 +2842,6 @@ MemTxResult flatview_read_continue(FlatView *fv, hwaddr
addr,
stn_he_p(buf, l, val);
} else {
/* RAM case */
- fuzz_dma_read_cb(addr, len, mr);
ram_ptr = qemu_ram_ptr_length(mr->ram_block, addr1, &l, false);
memcpy(buf, ram_ptr, l);
}
--
2.26.2
- [PULL 07/16] fuzz: add instructions for building reproducers, (continued)
- [PULL 07/16] fuzz: add instructions for building reproducers, Paolo Bonzini, 2021/03/16
- [PULL 03/16] MAINTAINERS: Cover fuzzer reproducer tests within 'Device Fuzzing', Paolo Bonzini, 2021/03/16
- [PULL 04/16] fuzz: fix the pro100 generic-fuzzer config, Paolo Bonzini, 2021/03/16
- [PULL 06/16] fuzz: add a script to build reproducers, Paolo Bonzini, 2021/03/16
- [PULL 05/16] fuzz: don't leave orphan llvm-symbolizers around, Paolo Bonzini, 2021/03/16
- [PULL 09/16] memory: add a sparse memory device for fuzzing, Paolo Bonzini, 2021/03/16
- [PULL 08/16] fuzz: add a am53c974 generic-fuzzer config, Paolo Bonzini, 2021/03/16
- [PULL 10/16] fuzz: configure a sparse-mem device, by default, Paolo Bonzini, 2021/03/16
- [PULL 13/16] Revert "accel: kvm: Add aligment assert for kvm_log_clear_one_slot", Paolo Bonzini, 2021/03/16
- [PULL 12/16] configure: add option to explicitly enable/disable libgio, Paolo Bonzini, 2021/03/16
- [PULL 11/16] fuzz: move some DMA hooks,
Paolo Bonzini <=
- [PULL 14/16] scsi: fix sense code for EREMOTEIO, Paolo Bonzini, 2021/03/16
- [PULL 15/16] hw/i8254: fix vmstate load, Paolo Bonzini, 2021/03/16
- [PULL 16/16] qemu-timer: allow freeing a NULL timer, Paolo Bonzini, 2021/03/16
- Re: [PULL 00/16] Fuzzing + bugfix patches for QEMU 6.0 soft freeze, Peter Maydell, 2021/03/18