On Thu, Jul 25, 2019 at 03:23:51AM +0000, Oleinik, Alexander wrote: > Locate mmio and port i/o addresses that are mapped to devices so we can > limit the fuzzer to only these addresses. This should be replaced with > a sane way of enumaring these memory regions. > > Signed-off-by: Alexander Oleinik <alx...@bu.edu> > --- > memory.c | 34 ++++++++++++++++++++++++++++++++++ > 1 file changed, 34 insertions(+) > > diff --git a/memory.c b/memory.c > index 5d8c9a9234..fa6cbe4f1d 100644 > --- a/memory.c > +++ b/memory.c > @@ -34,6 +34,11 @@ > #include "hw/qdev-properties.h" > #include "hw/boards.h" > #include "migration/vmstate.h" > +#ifdef CONFIG_FUZZ > +#include "tests/fuzz/fuzz.h" > +#include "tests/fuzz/qos_fuzz.h" > +#endif > + > > //#define DEBUG_UNASSIGNED > > @@ -3016,12 +3021,20 @@ static void mtree_print_flatview(gpointer key, > gpointer value, > int n = view->nr; > int i; > AddressSpace *as; > +#ifdef CONFIG_FUZZ > + bool io=false; > +#endif > + > > qemu_printf("FlatView #%d\n", fvi->counter); > ++fvi->counter; > > for (i = 0; i < fv_address_spaces->len; ++i) { > as = g_array_index(fv_address_spaces, AddressSpace*, i); > +#ifdef CONFIG_FUZZ > + if(strcmp("I/O",as->name) == 0) > + io = true; > +#endif > qemu_printf(" AS \"%s\", root: %s", > as->name, memory_region_name(as->root)); > if (as->root->alias) { > @@ -3062,6 +3075,27 @@ static void mtree_print_flatview(gpointer key, > gpointer value, > range->readonly ? "rom" : memory_region_type(mr), > memory_region_name(mr)); > } > +#ifdef CONFIG_FUZZ > + if(strcmp("i/o", memory_region_type(mr))==0 && strcmp("io", > memory_region_name(mr))){ > + fuzz_memory_region *fmr = g_new0(fuzz_memory_region, 1); > + if(!fuzz_memory_region_head) > + { > + fuzz_memory_region_head = fmr; > + fuzz_memory_region_tail = fmr; > + } > + fmr->io = io; > + fmr->start = int128_get64(range->addr.start); > + fmr->length = MR_SIZE(range->addr.size); > + fmr->next = fuzz_memory_region_head; > + fuzz_memory_region_tail->next = fmr; > + fuzz_memory_region_tail = fmr; > + if(io == true){ > + total_io_mem += MR_SIZE(range->addr.size)+1; > + } else { > + total_ram_mem += MR_SIZE(range->addr.size)+1; > + } > + } > +#endif
Why is this patch modifying a print function? I think the goal is to build the fuzz_memory_region list and calculate total_io_mem/total_ram_mem. This should be done by a separate function. Can you use memory_region_is_ram() instead of the string compares? Stefan
signature.asc
Description: PGP signature