From: Alexander Bulekov <alxndr@bu.edu>
To: qemu-devel@nongnu.org
Cc: Laurent Vivier <lvivier@redhat.com>,
Thomas Huth <thuth@redhat.com>, Alexander Bulekov <alxndr@bu.edu>,
Bandan Das <bsd@redhat.com>,
Stefan Hajnoczi <stefanha@redhat.com>,
Paolo Bonzini <pbonzini@redhat.com>,
philmd@redhat.com
Subject: [PATCH] fuzz: map all BARs and enable PCI devices
Date: Wed, 9 Dec 2020 15:10:54 -0500 [thread overview]
Message-ID: <20201209201054.391408-1-alxndr@bu.edu> (raw)
Prior to this patch, the fuzzer found inputs to map PCI device BARs and
enable the device. While it is nice that the fuzzer can do this, it
added significant overhead, since the fuzzer needs to map all the
BARs (regenerating the memory topology), at the start of each input.
With this patch, we do this once, before fuzzing, mitigating some of
this overhead.
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
---
tests/qtest/fuzz/generic_fuzz.c | 23 +++++++++++++++++++++++
1 file changed, 23 insertions(+)
diff --git a/tests/qtest/fuzz/generic_fuzz.c b/tests/qtest/fuzz/generic_fuzz.c
index 07ad690683..d95093ee53 100644
--- a/tests/qtest/fuzz/generic_fuzz.c
+++ b/tests/qtest/fuzz/generic_fuzz.c
@@ -16,6 +16,7 @@
#include "hw/core/cpu.h"
#include "tests/qtest/libqos/libqtest.h"
+#include "tests/qtest/libqos/pci-pc.h"
#include "fuzz.h"
#include "fork_fuzz.h"
#include "exec/address-spaces.h"
@@ -762,6 +763,22 @@ static int locate_fuzz_objects(Object *child, void *opaque)
return 0;
}
+
+static void pci_enum(gpointer pcidev, gpointer bus)
+{
+ PCIDevice *dev = pcidev;
+ QPCIDevice *qdev;
+
+ qdev = qpci_device_find(bus, dev->devfn);
+ g_assert(qdev != NULL);
+ for (int i = 0; i < 6; i++) {
+ if (dev->io_regions[i].size) {
+ qpci_iomap(qdev, i, NULL);
+ }
+ }
+ qpci_device_enable(qdev);
+}
+
static void generic_pre_fuzz(QTestState *s)
{
GHashTableIter iter;
@@ -810,6 +827,12 @@ static void generic_pre_fuzz(QTestState *s)
exit(1);
}
+ QPCIBus *pcibus;
+
+ pcibus = qpci_new_pc(s, NULL);
+ g_ptr_array_foreach(fuzzable_pci_devices, pci_enum, pcibus);
+ qpci_free_pc(pcibus);
+
counter_shm_init();
}
--
2.28.0
next reply other threads:[~2020-12-09 20:28 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-12-09 20:10 Alexander Bulekov [this message]
2020-12-10 11:36 ` [PATCH] fuzz: map all BARs and enable PCI devices Darren Kenny
2020-12-10 13:11 ` Philippe Mathieu-Daudé
2020-12-10 13:54 ` Alexander Bulekov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201209201054.391408-1-alxndr@bu.edu \
--to=alxndr@bu.edu \
--cc=bsd@redhat.com \
--cc=lvivier@redhat.com \
--cc=pbonzini@redhat.com \
--cc=philmd@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=stefanha@redhat.com \
--cc=thuth@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.