diff options
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/qtest/device-introspect-test.c | 10 | ||||
| -rw-r--r-- | tests/qtest/fuzz-test.c | 15 | ||||
| -rw-r--r-- | tests/qtest/fuzz/generic_fuzz.c | 44 | ||||
| -rw-r--r-- | tests/qtest/fuzz/qos_fuzz.c | 3 | ||||
| -rw-r--r-- | tests/qtest/ivshmem-test.c | 2 | ||||
| -rw-r--r-- | tests/qtest/libqos/ahci.c | 5 | ||||
| -rw-r--r-- | tests/qtest/libqtest.c | 9 |
7 files changed, 60 insertions, 28 deletions
diff --git a/tests/qtest/device-introspect-test.c b/tests/qtest/device-introspect-test.c index 9f22340ee5..bbec166dbc 100644 --- a/tests/qtest/device-introspect-test.c +++ b/tests/qtest/device-introspect-test.c @@ -104,7 +104,8 @@ static QList *device_type_list(QTestState *qts, bool abstract) static void test_one_device(QTestState *qts, const char *type) { QDict *resp; - char *help; + char *help, *escaped; + GRegex *comma; g_test_message("Testing device '%s'", type); @@ -113,8 +114,13 @@ static void test_one_device(QTestState *qts, const char *type) type); qobject_unref(resp); - help = qtest_hmp(qts, "device_add \"%s,help\"", type); + comma = g_regex_new(",", 0, 0, NULL); + escaped = g_regex_replace_literal(comma, type, -1, 0, ",,", 0, NULL); + g_regex_unref(comma); + + help = qtest_hmp(qts, "device_add \"%s,help\"", escaped); g_free(help); + g_free(escaped); } static void test_device_intro_list(void) diff --git a/tests/qtest/fuzz-test.c b/tests/qtest/fuzz-test.c index 2f38bb1ec2..9cb4c42bde 100644 --- a/tests/qtest/fuzz-test.c +++ b/tests/qtest/fuzz-test.c @@ -34,6 +34,19 @@ static void test_lp1878263_megasas_zero_iov_cnt(void) qtest_quit(s); } +static void test_lp1878642_pci_bus_get_irq_level_assert(void) +{ + QTestState *s; + + s = qtest_init("-M pc-q35-5.0 " + "-nographic -monitor none -serial none " + "-d guest_errors -trace pci*"); + + qtest_outl(s, 0xcf8, 0x8400f841); + qtest_outl(s, 0xcfc, 0xebed205d); + qtest_outl(s, 0x5d02, 0xebed205d); +} + int main(int argc, char **argv) { const char *arch = qtest_get_arch(); @@ -43,6 +56,8 @@ int main(int argc, char **argv) if (strcmp(arch, "i386") == 0 || strcmp(arch, "x86_64") == 0) { qtest_add_func("fuzz/test_lp1878263_megasas_zero_iov_cnt", test_lp1878263_megasas_zero_iov_cnt); + qtest_add_func("fuzz/test_lp1878642_pci_bus_get_irq_level_assert", + test_lp1878642_pci_bus_get_irq_level_assert); } return g_test_run(); diff --git a/tests/qtest/fuzz/generic_fuzz.c b/tests/qtest/fuzz/generic_fuzz.c index a8f5864883..262a963d2e 100644 --- a/tests/qtest/fuzz/generic_fuzz.c +++ b/tests/qtest/fuzz/generic_fuzz.c @@ -192,7 +192,7 @@ void fuzz_dma_read_cb(size_t addr, size_t len, MemoryRegion *mr, bool is_write) */ if (dma_patterns->len == 0 || len == 0 - /* || mr != MACHINE(qdev_get_machine())->ram */ + || mr != current_machine->ram || is_write || addr > current_machine->ram_size) { return; @@ -229,10 +229,10 @@ void fuzz_dma_read_cb(size_t addr, size_t len, MemoryRegion *mr, bool is_write) address_range ar = {addr, len}; g_array_append_val(dma_regions, ar); pattern p = g_array_index(dma_patterns, pattern, dma_pattern_index); - void *buf = pattern_alloc(p, ar.size); + void *buf_base = pattern_alloc(p, ar.size); + void *buf = buf_base; hwaddr l, addr1; MemoryRegion *mr1; - uint8_t *ram_ptr; while (len > 0) { l = len; mr1 = address_space_translate(first_cpu->as, @@ -244,30 +244,27 @@ void fuzz_dma_read_cb(size_t addr, size_t len, MemoryRegion *mr, bool is_write) l = memory_access_size(mr1, l, addr1); } else { /* ROM/RAM case */ - ram_ptr = qemu_map_ram_ptr(mr1->ram_block, addr1); - memcpy(ram_ptr, buf, l); - break; + if (qtest_log_enabled) { + /* + * With QTEST_LOG, use a normal, slow QTest memwrite. Prefix the log + * that will be written by qtest.c with a DMA tag, so we can reorder + * the resulting QTest trace so the DMA fills precede the last PIO/MMIO + * command. + */ + fprintf(stderr, "[DMA] "); + if (double_fetch) { + fprintf(stderr, "[DOUBLE-FETCH] "); + } + fflush(stderr); + } + qtest_memwrite(qts_global, addr, buf, l); } len -= l; buf += l; addr += l; } - if (qtest_log_enabled) { - /* - * With QTEST_LOG, use a normal, slow QTest memwrite. Prefix the log - * that will be written by qtest.c with a DMA tag, so we can reorder - * the resulting QTest trace so the DMA fills precede the last PIO/MMIO - * command. - */ - fprintf(stderr, "[DMA] "); - if (double_fetch) { - fprintf(stderr, "[DOUBLE-FETCH] "); - } - fflush(stderr); - } - qtest_memwrite(qts_global, ar.addr, buf, ar.size); - g_free(buf); + g_free(buf_base); /* Increment the index of the pattern for the next DMA access */ dma_pattern_index = (dma_pattern_index + 1) % dma_patterns->len; @@ -301,6 +298,11 @@ static bool get_io_address(address_range *result, AddressSpace *as, } while (cb_info.index != index && !cb_info.found); *result = cb_info.result; + if (result->size) { + offset = offset % result->size; + result->addr += offset; + result->size -= offset; + } return cb_info.found; } diff --git a/tests/qtest/fuzz/qos_fuzz.c b/tests/qtest/fuzz/qos_fuzz.c index b943577b8c..cee1a2a60f 100644 --- a/tests/qtest/fuzz/qos_fuzz.c +++ b/tests/qtest/fuzz/qos_fuzz.c @@ -70,7 +70,7 @@ static GString *qos_build_main_args(void) { char **path = fuzz_path_vec; QOSGraphNode *test_node; - GString *cmd_line = g_string_new(path[0]); + GString *cmd_line; void *test_arg; if (!path) { @@ -79,6 +79,7 @@ static GString *qos_build_main_args(void) } /* Before test */ + cmd_line = g_string_new(path[0]); current_path = path; test_node = qos_graph_get_node(path[(g_strv_length(path) - 1)]); test_arg = test_node->u.test.arg; diff --git a/tests/qtest/ivshmem-test.c b/tests/qtest/ivshmem-test.c index d5c8b9f128..dfa69424ed 100644 --- a/tests/qtest/ivshmem-test.c +++ b/tests/qtest/ivshmem-test.c @@ -135,7 +135,7 @@ static void setup_vm_cmd(IVState *s, const char *cmd, bool msix) static void setup_vm(IVState *s) { char *cmd = g_strdup_printf("-object memory-backend-file" - ",id=mb1,size=1M,share,mem-path=/dev/shm%s" + ",id=mb1,size=1M,share=on,mem-path=/dev/shm%s" " -device ivshmem-plain,memdev=mb1", tmpshm); setup_vm_cmd(s, cmd, false); diff --git a/tests/qtest/libqos/ahci.c b/tests/qtest/libqos/ahci.c index 2946abc15a..fba3e7a954 100644 --- a/tests/qtest/libqos/ahci.c +++ b/tests/qtest/libqos/ahci.c @@ -637,10 +637,13 @@ void ahci_exec(AHCIQState *ahci, uint8_t port, AHCICommand *cmd; int rc; AHCIOpts *opts; + uint64_t buffer_in; opts = g_memdup((opts_in == NULL ? &default_opts : opts_in), sizeof(AHCIOpts)); + buffer_in = opts->buffer; + /* No guest buffer provided, create one. */ if (opts->size && !opts->buffer) { opts->buffer = ahci_alloc(ahci, opts->size); @@ -686,7 +689,7 @@ void ahci_exec(AHCIQState *ahci, uint8_t port, g_assert_cmpint(rc, ==, 0); } ahci_command_free(cmd); - if (opts->buffer != opts_in->buffer) { + if (opts->buffer != buffer_in) { ahci_free(ahci, opts->buffer); } g_free(opts); diff --git a/tests/qtest/libqtest.c b/tests/qtest/libqtest.c index 99deff47ef..be0fb430dd 100644 --- a/tests/qtest/libqtest.c +++ b/tests/qtest/libqtest.c @@ -110,8 +110,13 @@ static int socket_accept(int sock) struct timeval timeout = { .tv_sec = SOCKET_TIMEOUT, .tv_usec = 0 }; - setsockopt(sock, SOL_SOCKET, SO_RCVTIMEO, (void *)&timeout, - sizeof(timeout)); + if (qemu_setsockopt(sock, SOL_SOCKET, SO_RCVTIMEO, + (void *)&timeout, sizeof(timeout))) { + fprintf(stderr, "%s failed to set SO_RCVTIMEO: %s\n", + __func__, strerror(errno)); + close(sock); + return -1; + } do { addrlen = sizeof(addr); |