fuzz: fuzz offsets within pio/mmio regions

The code did not add offsets to FlatRange bases, so we did not fuzz offsets within device MemoryRegions. Signed-off-by: Alexander Bulekov <alxndr@bu.edu> Reviewed-by: Darren Kenny <darren.kenny@oracle.com> Message-Id: <20201029172901.534442-4-alxndr@bu.edu> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-10-29 13:29:00 -04:00 · 2020-10-29 13:29:00 -04:00 · 953e6d7c0e
commit 953e6d7c0e
parent cc3d99c741
1 changed files with 5 additions and 0 deletions
--- a/tests/qtest/fuzz/generic_fuzz.c
+++ b/tests/qtest/fuzz/generic_fuzz.c
@ -298,6 +298,11 @@ static bool get_io_address(address_range *result, AddressSpace *as,
    } while (cb_info.index != index && !cb_info.found);

    *result = cb_info.result;
+    if (result->size) {
+        offset = offset % result->size;
+        result->addr += offset;
+        result->size -= offset;
+    }
    return cb_info.found;
 }