* [PATCH v2 0/1] tests/qtest/fuzz: Avoid QTest serialization
@ 2020-05-28 16:53 Philippe Mathieu-Daudé
2020-05-28 16:53 ` [PATCH v2 1/1] tests/qtest/fuzz: Add faster virtio tests Philippe Mathieu-Daudé
0 siblings, 1 reply; 3+ messages in thread
From: Philippe Mathieu-Daudé @ 2020-05-28 16:53 UTC (permalink / raw)
To: qemu-devel
Cc: Laurent Vivier, Thomas Huth, Philippe Mathieu-Daudé,
Alexander Bulekov, Bandan Das, Stefan Hajnoczi, Paolo Bonzini
Since v1:
- update virtio tests after talking with Alex & Stefan.
Alex, from here you can test the getenv("QTEST_LOG") trick.
Regards,
Phil.
Philippe Mathieu-Daudé (1):
tests/qtest/fuzz: Add faster virtio tests
tests/qtest/fuzz/virtio_net_fuzz.c | 42 ++++++++++++++++++++---
tests/qtest/fuzz/virtio_scsi_fuzz.c | 53 +++++++++++++++++++++++++----
2 files changed, 84 insertions(+), 11 deletions(-)
--
2.21.3
^ permalink raw reply [flat|nested] 3+ messages in thread
* [PATCH v2 1/1] tests/qtest/fuzz: Add faster virtio tests
2020-05-28 16:53 [PATCH v2 0/1] tests/qtest/fuzz: Avoid QTest serialization Philippe Mathieu-Daudé
@ 2020-05-28 16:53 ` Philippe Mathieu-Daudé
2020-05-29 5:19 ` Alexander Bulekov
0 siblings, 1 reply; 3+ messages in thread
From: Philippe Mathieu-Daudé @ 2020-05-28 16:53 UTC (permalink / raw)
To: qemu-devel
Cc: Laurent Vivier, Thomas Huth, Philippe Mathieu-Daudé,
Alexander Bulekov, Bandan Das, Stefan Hajnoczi, Paolo Bonzini
We don't need to serialize over QTest chardev when we can
directly access the MMIO address space via the first
registered CPU view.
Rename the currents tests as $TEST-qtest, add add faster
tests that don't use the qtest chardev.
virtio-net-socket gets ~50% performance improvement.
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
---
tests/qtest/fuzz/virtio_net_fuzz.c | 42 ++++++++++++++++++++---
tests/qtest/fuzz/virtio_scsi_fuzz.c | 53 +++++++++++++++++++++++++----
2 files changed, 84 insertions(+), 11 deletions(-)
diff --git a/tests/qtest/fuzz/virtio_net_fuzz.c b/tests/qtest/fuzz/virtio_net_fuzz.c
index d08a47e278..7a39cfbb75 100644
--- a/tests/qtest/fuzz/virtio_net_fuzz.c
+++ b/tests/qtest/fuzz/virtio_net_fuzz.c
@@ -19,6 +19,8 @@
#include "fork_fuzz.h"
#include "qos_fuzz.h"
+#include "exec/address-spaces.h"
+#include "hw/core/cpu.h"
#define QVIRTIO_NET_TIMEOUT_US (30 * 1000 * 1000)
#define QVIRTIO_RX_VQ 0
@@ -29,7 +31,9 @@ static int sockfds[2];
static bool sockfds_initialized;
static void virtio_net_fuzz_multi(QTestState *s,
- const unsigned char *Data, size_t Size, bool check_used)
+ const unsigned char *Data, size_t Size,
+ bool check_used, bool use_qtest_chardev)
+
{
typedef struct vq_action {
uint8_t queue;
@@ -69,8 +73,13 @@ static void virtio_net_fuzz_multi(QTestState *s,
* If checking used ring, ensure that the fuzzer doesn't trigger
* trivial asserion failure on zero-zied buffer
*/
- qtest_memwrite(s, req_addr, Data, vqa.length);
-
+ if (use_qtest_chardev) {
+ qtest_memwrite(s, req_addr, Data, vqa.length);
+ } else {
+ address_space_write(first_cpu->as, req_addr,
+ MEMTXATTRS_UNSPECIFIED,
+ &Data, vqa.length);
+ }
free_head = qvirtqueue_add(s, q, req_addr, vqa.length,
vqa.write, vqa.next);
@@ -118,7 +127,20 @@ static void virtio_net_fork_fuzz(QTestState *s,
const unsigned char *Data, size_t Size)
{
if (fork() == 0) {
- virtio_net_fuzz_multi(s, Data, Size, false);
+ virtio_net_fuzz_multi(s, Data, Size, false, false);
+ flush_events(s);
+ _Exit(0);
+ } else {
+ wait(NULL);
+ }
+}
+
+static void virtio_net_fork_fuzz_qtest(QTestState *s,
+ const unsigned char *Data,
+ size_t Size)
+{
+ if (fork() == 0) {
+ virtio_net_fuzz_multi(s, Data, Size, false, true);
flush_events(s);
_Exit(0);
} else {
@@ -130,7 +152,7 @@ static void virtio_net_fork_fuzz_check_used(QTestState *s,
const unsigned char *Data, size_t Size)
{
if (fork() == 0) {
- virtio_net_fuzz_multi(s, Data, Size, true);
+ virtio_net_fuzz_multi(s, Data, Size, true, false);
flush_events(s);
_Exit(0);
} else {
@@ -173,6 +195,16 @@ static void register_virtio_net_fuzz_targets(void)
&(QOSGraphTestOptions){.before = virtio_net_test_setup_socket}
);
+ fuzz_add_qos_target(&(FuzzTarget){
+ .name = "virtio-net-socket-qtest",
+ .description = "Fuzz the virtio-net virtual queues. Fuzz incoming "
+ "traffic using the socket backend (over a qtest chardev)",
+ .pre_fuzz = &virtio_net_pre_fuzz,
+ .fuzz = virtio_net_fork_fuzz_qtest,},
+ "virtio-net",
+ &(QOSGraphTestOptions){.before = virtio_net_test_setup_socket}
+ );
+
fuzz_add_qos_target(&(FuzzTarget){
.name = "virtio-net-socket-check-used",
.description = "Fuzz the virtio-net virtual queues. Wait for the "
diff --git a/tests/qtest/fuzz/virtio_scsi_fuzz.c b/tests/qtest/fuzz/virtio_scsi_fuzz.c
index 3b95247f12..27b63b2e32 100644
--- a/tests/qtest/fuzz/virtio_scsi_fuzz.c
+++ b/tests/qtest/fuzz/virtio_scsi_fuzz.c
@@ -23,6 +23,9 @@
#include "fork_fuzz.h"
#include "qos_fuzz.h"
+#include "exec/address-spaces.h"
+#include "hw/core/cpu.h"
+
#define PCI_SLOT 0x02
#define PCI_FN 0x00
#define QVIRTIO_SCSI_TIMEOUT_US (1 * 1000 * 1000)
@@ -63,7 +66,8 @@ static QVirtioSCSIQueues *qvirtio_scsi_init(QVirtioDevice *dev, uint64_t mask)
}
static void virtio_scsi_fuzz(QTestState *s, QVirtioSCSIQueues* queues,
- const unsigned char *Data, size_t Size)
+ const unsigned char *Data, size_t Size,
+ bool use_qtest_chardev)
{
/*
* Data is a sequence of random bytes. We split them up into "actions",
@@ -108,7 +112,13 @@ static void virtio_scsi_fuzz(QTestState *s, QVirtioSCSIQueues* queues,
/* Copy the data into ram, and place it on the virtqueue */
uint64_t req_addr = guest_alloc(t_alloc, vqa.length);
- qtest_memwrite(s, req_addr, Data, vqa.length);
+ if (use_qtest_chardev) {
+ qtest_memwrite(s, req_addr, Data, vqa.length);
+ } else {
+ address_space_write(first_cpu->as, req_addr,
+ MEMTXATTRS_UNSPECIFIED,
+ &Data, vqa.length);
+ }
if (vq_touched[vqa.queue] == 0) {
vq_touched[vqa.queue] = 1;
free_head[vqa.queue] = qvirtqueue_add(s, q, req_addr, vqa.length,
@@ -141,7 +151,25 @@ static void virtio_scsi_fork_fuzz(QTestState *s,
queues = qvirtio_scsi_init(scsi->vdev, 0);
}
if (fork() == 0) {
- virtio_scsi_fuzz(s, queues, Data, Size);
+ virtio_scsi_fuzz(s, queues, Data, Size, false);
+ flush_events(s);
+ _Exit(0);
+ } else {
+ wait(NULL);
+ }
+}
+
+static void virtio_scsi_fork_fuzz_qtest(QTestState *s,
+ const unsigned char *Data,
+ size_t Size)
+{
+ QVirtioSCSI *scsi = fuzz_qos_obj;
+ static QVirtioSCSIQueues *queues;
+ if (!queues) {
+ queues = qvirtio_scsi_init(scsi->vdev, 0);
+ }
+ if (fork() == 0) {
+ virtio_scsi_fuzz(s, queues, Data, Size, true);
flush_events(s);
_Exit(0);
} else {
@@ -159,7 +187,9 @@ static void virtio_scsi_with_flag_fuzz(QTestState *s,
if (Size >= sizeof(uint64_t)) {
queues = qvirtio_scsi_init(scsi->vdev, *(uint64_t *)Data);
virtio_scsi_fuzz(s, queues,
- Data + sizeof(uint64_t), Size - sizeof(uint64_t));
+ Data + sizeof(uint64_t),
+ Size - sizeof(uint64_t),
+ false);
flush_events(s);
}
_Exit(0);
@@ -189,7 +219,7 @@ static void register_virtio_scsi_fuzz_targets(void)
{
fuzz_add_qos_target(&(FuzzTarget){
.name = "virtio-scsi-fuzz",
- .description = "Fuzz the virtio-scsi virtual queues, forking"
+ .description = "Fuzz the virtio-scsi virtual queues, forking "
"for each fuzz run",
.pre_vm_init = &counter_shm_init,
.pre_fuzz = &virtio_scsi_pre_fuzz,
@@ -198,9 +228,20 @@ static void register_virtio_scsi_fuzz_targets(void)
&(QOSGraphTestOptions){.before = virtio_scsi_test_setup}
);
+ fuzz_add_qos_target(&(FuzzTarget){
+ .name = "virtio-scsi-fuzz-qtest",
+ .description = "Fuzz the virtio-scsi virtual queues, forking "
+ "for each fuzz run (over a qtest chardev)",
+ .pre_vm_init = &counter_shm_init,
+ .pre_fuzz = &virtio_scsi_pre_fuzz,
+ .fuzz = virtio_scsi_fork_fuzz_qtest,},
+ "virtio-scsi",
+ &(QOSGraphTestOptions){.before = virtio_scsi_test_setup}
+ );
+
fuzz_add_qos_target(&(FuzzTarget){
.name = "virtio-scsi-flags-fuzz",
- .description = "Fuzz the virtio-scsi virtual queues, forking"
+ .description = "Fuzz the virtio-scsi virtual queues, forking "
"for each fuzz run (also fuzzes the virtio flags)",
.pre_vm_init = &counter_shm_init,
.pre_fuzz = &virtio_scsi_pre_fuzz,
--
2.21.3
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH v2 1/1] tests/qtest/fuzz: Add faster virtio tests
2020-05-28 16:53 ` [PATCH v2 1/1] tests/qtest/fuzz: Add faster virtio tests Philippe Mathieu-Daudé
@ 2020-05-29 5:19 ` Alexander Bulekov
0 siblings, 0 replies; 3+ messages in thread
From: Alexander Bulekov @ 2020-05-29 5:19 UTC (permalink / raw)
To: Philippe Mathieu-Daudé
Cc: Laurent Vivier, Thomas Huth, qemu-devel, Bandan Das,
Stefan Hajnoczi, Paolo Bonzini
On 200528 1853, Philippe Mathieu-Daudé wrote:
> We don't need to serialize over QTest chardev when we can
> directly access the MMIO address space via the first
> registered CPU view.
> Rename the currents tests as $TEST-qtest, add add faster
> tests that don't use the qtest chardev.
>
> virtio-net-socket gets ~50% performance improvement.
>
> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Alexander Bulekov <alxndr@bu.edu>
Thanks for fixing the spaces in the descriptions, too.
> ---
> tests/qtest/fuzz/virtio_net_fuzz.c | 42 ++++++++++++++++++++---
> tests/qtest/fuzz/virtio_scsi_fuzz.c | 53 +++++++++++++++++++++++++----
> 2 files changed, 84 insertions(+), 11 deletions(-)
>
> diff --git a/tests/qtest/fuzz/virtio_net_fuzz.c b/tests/qtest/fuzz/virtio_net_fuzz.c
> index d08a47e278..7a39cfbb75 100644
> --- a/tests/qtest/fuzz/virtio_net_fuzz.c
> +++ b/tests/qtest/fuzz/virtio_net_fuzz.c
> @@ -19,6 +19,8 @@
> #include "fork_fuzz.h"
> #include "qos_fuzz.h"
>
> +#include "exec/address-spaces.h"
> +#include "hw/core/cpu.h"
>
> #define QVIRTIO_NET_TIMEOUT_US (30 * 1000 * 1000)
> #define QVIRTIO_RX_VQ 0
> @@ -29,7 +31,9 @@ static int sockfds[2];
> static bool sockfds_initialized;
>
> static void virtio_net_fuzz_multi(QTestState *s,
> - const unsigned char *Data, size_t Size, bool check_used)
> + const unsigned char *Data, size_t Size,
> + bool check_used, bool use_qtest_chardev)
> +
> {
> typedef struct vq_action {
> uint8_t queue;
> @@ -69,8 +73,13 @@ static void virtio_net_fuzz_multi(QTestState *s,
> * If checking used ring, ensure that the fuzzer doesn't trigger
> * trivial asserion failure on zero-zied buffer
> */
> - qtest_memwrite(s, req_addr, Data, vqa.length);
> -
> + if (use_qtest_chardev) {
> + qtest_memwrite(s, req_addr, Data, vqa.length);
> + } else {
> + address_space_write(first_cpu->as, req_addr,
> + MEMTXATTRS_UNSPECIFIED,
> + &Data, vqa.length);
> + }
>
> free_head = qvirtqueue_add(s, q, req_addr, vqa.length,
> vqa.write, vqa.next);
> @@ -118,7 +127,20 @@ static void virtio_net_fork_fuzz(QTestState *s,
> const unsigned char *Data, size_t Size)
> {
> if (fork() == 0) {
> - virtio_net_fuzz_multi(s, Data, Size, false);
> + virtio_net_fuzz_multi(s, Data, Size, false, false);
> + flush_events(s);
> + _Exit(0);
> + } else {
> + wait(NULL);
> + }
> +}
> +
> +static void virtio_net_fork_fuzz_qtest(QTestState *s,
> + const unsigned char *Data,
> + size_t Size)
> +{
> + if (fork() == 0) {
> + virtio_net_fuzz_multi(s, Data, Size, false, true);
> flush_events(s);
> _Exit(0);
> } else {
> @@ -130,7 +152,7 @@ static void virtio_net_fork_fuzz_check_used(QTestState *s,
> const unsigned char *Data, size_t Size)
> {
> if (fork() == 0) {
> - virtio_net_fuzz_multi(s, Data, Size, true);
> + virtio_net_fuzz_multi(s, Data, Size, true, false);
> flush_events(s);
> _Exit(0);
> } else {
> @@ -173,6 +195,16 @@ static void register_virtio_net_fuzz_targets(void)
> &(QOSGraphTestOptions){.before = virtio_net_test_setup_socket}
> );
>
> + fuzz_add_qos_target(&(FuzzTarget){
> + .name = "virtio-net-socket-qtest",
> + .description = "Fuzz the virtio-net virtual queues. Fuzz incoming "
> + "traffic using the socket backend (over a qtest chardev)",
> + .pre_fuzz = &virtio_net_pre_fuzz,
> + .fuzz = virtio_net_fork_fuzz_qtest,},
> + "virtio-net",
> + &(QOSGraphTestOptions){.before = virtio_net_test_setup_socket}
> + );
> +
> fuzz_add_qos_target(&(FuzzTarget){
> .name = "virtio-net-socket-check-used",
> .description = "Fuzz the virtio-net virtual queues. Wait for the "
> diff --git a/tests/qtest/fuzz/virtio_scsi_fuzz.c b/tests/qtest/fuzz/virtio_scsi_fuzz.c
> index 3b95247f12..27b63b2e32 100644
> --- a/tests/qtest/fuzz/virtio_scsi_fuzz.c
> +++ b/tests/qtest/fuzz/virtio_scsi_fuzz.c
> @@ -23,6 +23,9 @@
> #include "fork_fuzz.h"
> #include "qos_fuzz.h"
>
> +#include "exec/address-spaces.h"
> +#include "hw/core/cpu.h"
> +
> #define PCI_SLOT 0x02
> #define PCI_FN 0x00
> #define QVIRTIO_SCSI_TIMEOUT_US (1 * 1000 * 1000)
> @@ -63,7 +66,8 @@ static QVirtioSCSIQueues *qvirtio_scsi_init(QVirtioDevice *dev, uint64_t mask)
> }
>
> static void virtio_scsi_fuzz(QTestState *s, QVirtioSCSIQueues* queues,
> - const unsigned char *Data, size_t Size)
> + const unsigned char *Data, size_t Size,
> + bool use_qtest_chardev)
> {
> /*
> * Data is a sequence of random bytes. We split them up into "actions",
> @@ -108,7 +112,13 @@ static void virtio_scsi_fuzz(QTestState *s, QVirtioSCSIQueues* queues,
>
> /* Copy the data into ram, and place it on the virtqueue */
> uint64_t req_addr = guest_alloc(t_alloc, vqa.length);
> - qtest_memwrite(s, req_addr, Data, vqa.length);
> + if (use_qtest_chardev) {
> + qtest_memwrite(s, req_addr, Data, vqa.length);
> + } else {
> + address_space_write(first_cpu->as, req_addr,
> + MEMTXATTRS_UNSPECIFIED,
> + &Data, vqa.length);
> + }
> if (vq_touched[vqa.queue] == 0) {
> vq_touched[vqa.queue] = 1;
> free_head[vqa.queue] = qvirtqueue_add(s, q, req_addr, vqa.length,
> @@ -141,7 +151,25 @@ static void virtio_scsi_fork_fuzz(QTestState *s,
> queues = qvirtio_scsi_init(scsi->vdev, 0);
> }
> if (fork() == 0) {
> - virtio_scsi_fuzz(s, queues, Data, Size);
> + virtio_scsi_fuzz(s, queues, Data, Size, false);
> + flush_events(s);
> + _Exit(0);
> + } else {
> + wait(NULL);
> + }
> +}
> +
> +static void virtio_scsi_fork_fuzz_qtest(QTestState *s,
> + const unsigned char *Data,
> + size_t Size)
> +{
> + QVirtioSCSI *scsi = fuzz_qos_obj;
> + static QVirtioSCSIQueues *queues;
> + if (!queues) {
> + queues = qvirtio_scsi_init(scsi->vdev, 0);
> + }
> + if (fork() == 0) {
> + virtio_scsi_fuzz(s, queues, Data, Size, true);
> flush_events(s);
> _Exit(0);
> } else {
> @@ -159,7 +187,9 @@ static void virtio_scsi_with_flag_fuzz(QTestState *s,
> if (Size >= sizeof(uint64_t)) {
> queues = qvirtio_scsi_init(scsi->vdev, *(uint64_t *)Data);
> virtio_scsi_fuzz(s, queues,
> - Data + sizeof(uint64_t), Size - sizeof(uint64_t));
> + Data + sizeof(uint64_t),
> + Size - sizeof(uint64_t),
> + false);
> flush_events(s);
> }
> _Exit(0);
> @@ -189,7 +219,7 @@ static void register_virtio_scsi_fuzz_targets(void)
> {
> fuzz_add_qos_target(&(FuzzTarget){
> .name = "virtio-scsi-fuzz",
> - .description = "Fuzz the virtio-scsi virtual queues, forking"
> + .description = "Fuzz the virtio-scsi virtual queues, forking "
> "for each fuzz run",
> .pre_vm_init = &counter_shm_init,
> .pre_fuzz = &virtio_scsi_pre_fuzz,
> @@ -198,9 +228,20 @@ static void register_virtio_scsi_fuzz_targets(void)
> &(QOSGraphTestOptions){.before = virtio_scsi_test_setup}
> );
>
> + fuzz_add_qos_target(&(FuzzTarget){
> + .name = "virtio-scsi-fuzz-qtest",
> + .description = "Fuzz the virtio-scsi virtual queues, forking "
> + "for each fuzz run (over a qtest chardev)",
> + .pre_vm_init = &counter_shm_init,
> + .pre_fuzz = &virtio_scsi_pre_fuzz,
> + .fuzz = virtio_scsi_fork_fuzz_qtest,},
> + "virtio-scsi",
> + &(QOSGraphTestOptions){.before = virtio_scsi_test_setup}
> + );
> +
> fuzz_add_qos_target(&(FuzzTarget){
> .name = "virtio-scsi-flags-fuzz",
> - .description = "Fuzz the virtio-scsi virtual queues, forking"
> + .description = "Fuzz the virtio-scsi virtual queues, forking "
> "for each fuzz run (also fuzzes the virtio flags)",
> .pre_vm_init = &counter_shm_init,
> .pre_fuzz = &virtio_scsi_pre_fuzz,
> --
> 2.21.3
>
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2020-05-29 5:21 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-05-28 16:53 [PATCH v2 0/1] tests/qtest/fuzz: Avoid QTest serialization Philippe Mathieu-Daudé
2020-05-28 16:53 ` [PATCH v2 1/1] tests/qtest/fuzz: Add faster virtio tests Philippe Mathieu-Daudé
2020-05-29 5:19 ` Alexander Bulekov
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.