From nobody Mon Nov 17 16:03:49 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1604502522; cv=none; d=zohomail.com; s=zohoarc; b=HK0CIy2Hel82XTwZcHt8hsB8YUmKuJ9HBMGVpXmGBEvGwIvcWh3I2GtsNuEQAY8aAYrB4J0Et38YJUCS0lNRZGDA5ePwOjqeMj4iS31rfRChXlCmS91PQAfFhFuIV9rw8sanvpk8eiP7LUgQV+DbrPZx2vMXnWulSTFu8iu+QzA= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1604502522; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=xl5aU7elg70wSOGi8/A71+anEuiZ5iSwym34BqN+em8=; b=kkTlCfL6AfwCv9234dw4ys8BhDKON88j6iVPXznN762O5mF8wWFP1y8WawmRTEpiIvgKK1m7xN7iMupeq84hQ1Tc17tSzLULtCENwqjKvWBheg9pUuUQOB/fSpkUSmfIQIK7geTBcUQL012xnzwbKjIY2LjxPWpDhmsCG7qpifw= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1604502522381659.4677037995483; Wed, 4 Nov 2020 07:08:42 -0800 (PST) Received: from localhost ([::1]:39788 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kaKOv-0004BK-56 for importer@patchew.org; Wed, 04 Nov 2020 10:08:41 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:55558) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kaKIm-0003Ee-Ch for qemu-devel@nongnu.org; Wed, 04 Nov 2020 10:02:20 -0500 Received: from us-smtp-delivery-124.mimecast.com ([216.205.24.124]:55537) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.90_1) (envelope-from ) id 1kaKIa-000644-91 for qemu-devel@nongnu.org; Wed, 04 Nov 2020 10:02:19 -0500 Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-525-NX7h985GM72-ZTY6UDZzWQ-1; Wed, 04 Nov 2020 10:02:03 -0500 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 50AB664165; Wed, 4 Nov 2020 15:02:02 +0000 (UTC) Received: from virtlab701.virt.lab.eng.bos.redhat.com (virtlab701.virt.lab.eng.bos.redhat.com [10.19.152.228]) by smtp.corp.redhat.com (Postfix) with ESMTP id E288F6EF6A; Wed, 4 Nov 2020 15:02:01 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1604502127; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=xl5aU7elg70wSOGi8/A71+anEuiZ5iSwym34BqN+em8=; b=SEO6i4lnENBjGRmZtB0vXdr9UUNmNhyQPSnyzli7jnr9iNHvhszTj9Ov4yxfwSlszkc/pt FtHk3TzxwRxbUlfPKdKSK2d1KTW+GElC1S6kPtmakRHdMXbQ9e8hRdos4VhEgSt/xCG8KT 4E+aR2NTIfIg7j/DS+C2gs0Uce//+oU= X-MC-Unique: NX7h985GM72-ZTY6UDZzWQ-1 From: Paolo Bonzini To: qemu-devel@nongnu.org Subject: [PULL 15/20] fuzz: check the MR in the DMA callback Date: Wed, 4 Nov 2020 10:01:48 -0500 Message-Id: <20201104150153.541326-16-pbonzini@redhat.com> In-Reply-To: <20201104150153.541326-1-pbonzini@redhat.com> References: <20201104150153.541326-1-pbonzini@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=pbonzini@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=216.205.24.124; envelope-from=pbonzini@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-detected-operating-system: by eggs.gnu.org: First seen = 2020/11/03 00:03:41 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Alexander Bulekov , Darren Kenny Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" From: Alexander Bulekov We should be checking that the device is trying to read from RAM, before filling the region with data. Otherwise, we will try to populate nonsensical addresses in RAM for callbacks on PIO/MMIO reads. We did this originally, however the final version I sent had the line commented out.. Signed-off-by: Alexander Bulekov Reviewed-by: Darren Kenny Message-Id: <20201029172901.534442-3-alxndr@bu.edu> Signed-off-by: Paolo Bonzini --- tests/qtest/fuzz/generic_fuzz.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/qtest/fuzz/generic_fuzz.c b/tests/qtest/fuzz/generic_fuz= z.c index 3e2d50feaa..3a5dbc3ce2 100644 --- a/tests/qtest/fuzz/generic_fuzz.c +++ b/tests/qtest/fuzz/generic_fuzz.c @@ -192,7 +192,7 @@ void fuzz_dma_read_cb(size_t addr, size_t len, MemoryRe= gion *mr, bool is_write) */ if (dma_patterns->len =3D=3D 0 || len =3D=3D 0 - /* || mr !=3D MACHINE(qdev_get_machine())->ram */ + || mr !=3D current_machine->ram || is_write || addr > current_machine->ram_size) { return; --=20 2.26.2