On 210823 2123, Qiuhao Li wrote: > Aha! Nice patch. > > My fault. I will search first next time :)
If you are interested in testing fuzzing code and you want to automatically be cc-ed when something changes, you can send a patch adding yourself to reviewers in the Fuzzing section of MAINTAINERS -Alex > > Thanks. > Qiuhao Li > > On Mon, 2021-08-23 at 08:41 -0400, Alexander Bulekov wrote: > > On 210823 2034, Qiuhao Li wrote: > > > I think the check in fuzz_dma_read_cb() is buggy because it doesn't > > > consider when the write address is not in the mmio region but can > > > overlap. For example, the mmio region is 0xe0000000 to 0xe0001000, > > > and > > > the write address is 0xdffff000 (not ram) and length is 0x2000. In > > > this > > > case, the address_space_translate() will return the sparse_mem_mr > > > we > > > created, thus bypassing the check and call qtest_memwrite(). > > > > > > Perhaps we need more detailed checks to ensure that the entire > > > write > > > operation occurs in the ram or won't overlap with mmio regions. > > > What do > > > you think? > > > > > > > > > > Good catch. I think this will fix that: > > https://lore.kernel.org/qemu-devel/[email protected]/ > > > > I mentioned that there were some fixes waiting for the 6.1 release, > > but > > didn't realize you were talking about what seems to be the same > > issue. > > -Alex > >
