xref: /qemu/tests/qtest/megasas-test.c (revision 469bb49b3e131b5f641939d4fa6a4b09e6da47f8) 
1660174fcSPaolo Bonzini /*
2660174fcSPaolo Bonzini  * QTest testcase for LSI MegaRAID
3660174fcSPaolo Bonzini  *
4660174fcSPaolo Bonzini  * Copyright (c) 2017 Red Hat Inc.
5660174fcSPaolo Bonzini  *
6660174fcSPaolo Bonzini  * This work is licensed under the terms of the GNU GPL, version 2 or later.
7660174fcSPaolo Bonzini  * See the COPYING file in the top-level directory.
8660174fcSPaolo Bonzini  */
9660174fcSPaolo Bonzini 
10660174fcSPaolo Bonzini #include "qemu/osdep.h"
11660174fcSPaolo Bonzini #include "libqtest.h"
12660174fcSPaolo Bonzini #include "qemu/bswap.h"
13*469bb49bSPaolo Bonzini #include "libqos/qgraph.h"
14*469bb49bSPaolo Bonzini #include "libqos/pci.h"
15660174fcSPaolo Bonzini 
16*469bb49bSPaolo Bonzini typedef struct QMegasas QMegasas;
17*469bb49bSPaolo Bonzini 
18*469bb49bSPaolo Bonzini struct QMegasas {
19*469bb49bSPaolo Bonzini     QOSGraphObject obj;
20*469bb49bSPaolo Bonzini     QPCIDevice dev;
21*469bb49bSPaolo Bonzini };
22*469bb49bSPaolo Bonzini 
23*469bb49bSPaolo Bonzini static void *megasas_get_driver(void *obj, const char *interface)
24660174fcSPaolo Bonzini {
25*469bb49bSPaolo Bonzini     QMegasas *megasas = obj;
26660174fcSPaolo Bonzini 
27*469bb49bSPaolo Bonzini     if (!g_strcmp0(interface, "pci-device")) {
28*469bb49bSPaolo Bonzini         return &megasas->dev;
29660174fcSPaolo Bonzini     }
30660174fcSPaolo Bonzini 
31*469bb49bSPaolo Bonzini     fprintf(stderr, "%s not present in megasas\n", interface);
32*469bb49bSPaolo Bonzini     g_assert_not_reached();
33660174fcSPaolo Bonzini }
34660174fcSPaolo Bonzini 
35*469bb49bSPaolo Bonzini static void *megasas_create(void *pci_bus, QGuestAllocator *alloc, void *addr)
36660174fcSPaolo Bonzini {
37*469bb49bSPaolo Bonzini     QMegasas *megasas = g_new0(QMegasas, 1);
38*469bb49bSPaolo Bonzini     QPCIBus *bus = pci_bus;
39660174fcSPaolo Bonzini 
40*469bb49bSPaolo Bonzini     qpci_device_init(&megasas->dev, bus, addr);
41*469bb49bSPaolo Bonzini     megasas->obj.get_driver = megasas_get_driver;
42660174fcSPaolo Bonzini 
43*469bb49bSPaolo Bonzini     return &megasas->obj;
44660174fcSPaolo Bonzini }
45660174fcSPaolo Bonzini 
4687e459a8SPaolo Bonzini /* This used to cause a NULL pointer dereference.  */
47*469bb49bSPaolo Bonzini static void megasas_pd_get_info_fuzz(void *obj, void *data, QGuestAllocator *alloc)
4887e459a8SPaolo Bonzini {
49*469bb49bSPaolo Bonzini     QMegasas *megasas = obj;
50*469bb49bSPaolo Bonzini     QPCIDevice *dev = &megasas->dev;
5187e459a8SPaolo Bonzini     QPCIBar bar;
5287e459a8SPaolo Bonzini     uint32_t context[256];
5387e459a8SPaolo Bonzini     uint64_t context_pa;
5487e459a8SPaolo Bonzini     int i;
5587e459a8SPaolo Bonzini 
5687e459a8SPaolo Bonzini     qpci_device_enable(dev);
5787e459a8SPaolo Bonzini     bar = qpci_iomap(dev, 0, NULL);
5887e459a8SPaolo Bonzini 
5987e459a8SPaolo Bonzini     memset(context, 0, sizeof(context));
6087e459a8SPaolo Bonzini     context[0] = cpu_to_le32(0x05050505);
6187e459a8SPaolo Bonzini     context[1] = cpu_to_le32(0x01010101);
6287e459a8SPaolo Bonzini     for (i = 2; i < ARRAY_SIZE(context); i++) {
6387e459a8SPaolo Bonzini         context[i] = cpu_to_le32(0x41414141);
6487e459a8SPaolo Bonzini     }
6587e459a8SPaolo Bonzini     context[6] = cpu_to_le32(0x02020000);
6687e459a8SPaolo Bonzini     context[7] = cpu_to_le32(0);
6787e459a8SPaolo Bonzini 
68*469bb49bSPaolo Bonzini     context_pa = guest_alloc(alloc, sizeof(context));
6987e459a8SPaolo Bonzini     memwrite(context_pa, context, sizeof(context));
7087e459a8SPaolo Bonzini     qpci_io_writel(dev, bar, 0x40, context_pa);
7187e459a8SPaolo Bonzini }
7287e459a8SPaolo Bonzini 
73*469bb49bSPaolo Bonzini static void megasas_register_nodes(void)
74660174fcSPaolo Bonzini {
75*469bb49bSPaolo Bonzini     QOSGraphEdgeOptions opts = {
76*469bb49bSPaolo Bonzini         .extra_device_opts = "addr=04.0,id=scsi0",
77*469bb49bSPaolo Bonzini         .before_cmd_line = "-drive id=drv0,if=none,file=null-co://,format=raw",
78*469bb49bSPaolo Bonzini         .after_cmd_line = "-device scsi-hd,bus=scsi0.0,drive=drv0",
79*469bb49bSPaolo Bonzini     };
80660174fcSPaolo Bonzini 
81*469bb49bSPaolo Bonzini     add_qpci_address(&opts, &(QPCIAddress) { .devfn = QPCI_DEVFN(4, 0) });
82*469bb49bSPaolo Bonzini 
83*469bb49bSPaolo Bonzini     qos_node_create_driver("megasas", megasas_create);
84*469bb49bSPaolo Bonzini     qos_node_consumes("megasas", "pci-bus", &opts);
85*469bb49bSPaolo Bonzini     qos_node_produces("megasas", "pci-device");
86*469bb49bSPaolo Bonzini 
87*469bb49bSPaolo Bonzini     qos_add_test("dcmd/pd-get-info/fuzz", "megasas", megasas_pd_get_info_fuzz, NULL);
88660174fcSPaolo Bonzini }
89*469bb49bSPaolo Bonzini libqos_init(megasas_register_nodes);
90