monitor: Fix tracepoint crash on JSON syntax error
[qemu/armbru.git] / tests / ide-test.c
blob2384c2c3e2c2c68942f8f86b0fa11b12d2de0d8d
1 /*
2 * IDE test cases
4 * Copyright (c) 2013 Kevin Wolf <kwolf@redhat.com>
6 * Permission is hereby granted, free of charge, to any person obtaining a copy
7 * of this software and associated documentation files (the "Software"), to deal
8 * in the Software without restriction, including without limitation the rights
9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10 * copies of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions:
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
22 * THE SOFTWARE.
25 #include "qemu/osdep.h"
28 #include "libqtest.h"
29 #include "libqos/libqos.h"
30 #include "libqos/pci-pc.h"
31 #include "libqos/malloc-pc.h"
33 #include "qemu-common.h"
34 #include "qemu/bswap.h"
35 #include "hw/pci/pci_ids.h"
36 #include "hw/pci/pci_regs.h"
38 #define TEST_IMAGE_SIZE 64 * 1024 * 1024
40 #define IDE_PCI_DEV 1
41 #define IDE_PCI_FUNC 1
43 #define IDE_BASE 0x1f0
44 #define IDE_PRIMARY_IRQ 14
46 #define ATAPI_BLOCK_SIZE 2048
48 /* How many bytes to receive via ATAPI PIO at one time.
49 * Must be less than 0xFFFF. */
50 #define BYTE_COUNT_LIMIT 5120
52 enum {
53 reg_data = 0x0,
54 reg_feature = 0x1,
55 reg_error = 0x1,
56 reg_nsectors = 0x2,
57 reg_lba_low = 0x3,
58 reg_lba_middle = 0x4,
59 reg_lba_high = 0x5,
60 reg_device = 0x6,
61 reg_status = 0x7,
62 reg_command = 0x7,
65 enum {
66 BSY = 0x80,
67 DRDY = 0x40,
68 DF = 0x20,
69 DRQ = 0x08,
70 ERR = 0x01,
73 /* Error field */
74 enum {
75 ABRT = 0x04,
78 enum {
79 DEV = 0x10,
80 LBA = 0x40,
83 enum {
84 bmreg_cmd = 0x0,
85 bmreg_status = 0x2,
86 bmreg_prdt = 0x4,
89 enum {
90 CMD_DSM = 0x06,
91 CMD_READ_DMA = 0xc8,
92 CMD_WRITE_DMA = 0xca,
93 CMD_FLUSH_CACHE = 0xe7,
94 CMD_IDENTIFY = 0xec,
95 CMD_PACKET = 0xa0,
97 CMDF_ABORT = 0x100,
98 CMDF_NO_BM = 0x200,
101 enum {
102 BM_CMD_START = 0x1,
103 BM_CMD_WRITE = 0x8, /* write = from device to memory */
106 enum {
107 BM_STS_ACTIVE = 0x1,
108 BM_STS_ERROR = 0x2,
109 BM_STS_INTR = 0x4,
112 enum {
113 PRDT_EOT = 0x80000000,
116 #define assert_bit_set(data, mask) g_assert_cmphex((data) & (mask), ==, (mask))
117 #define assert_bit_clear(data, mask) g_assert_cmphex((data) & (mask), ==, 0)
119 static QPCIBus *pcibus = NULL;
120 static QGuestAllocator *guest_malloc;
122 static char tmp_path[] = "/tmp/qtest.XXXXXX";
123 static char debug_path[] = "/tmp/qtest-blkdebug.XXXXXX";
125 static void ide_test_start(const char *cmdline_fmt, ...)
127 va_list ap;
128 char *cmdline;
130 va_start(ap, cmdline_fmt);
131 cmdline = g_strdup_vprintf(cmdline_fmt, ap);
132 va_end(ap);
134 qtest_start(cmdline);
135 guest_malloc = pc_alloc_init(global_qtest);
137 g_free(cmdline);
140 static void ide_test_quit(void)
142 pc_alloc_uninit(guest_malloc);
143 guest_malloc = NULL;
144 qtest_end();
147 static QPCIDevice *get_pci_device(QPCIBar *bmdma_bar, QPCIBar *ide_bar)
149 QPCIDevice *dev;
150 uint16_t vendor_id, device_id;
152 if (!pcibus) {
153 pcibus = qpci_init_pc(global_qtest, NULL);
156 /* Find PCI device and verify it's the right one */
157 dev = qpci_device_find(pcibus, QPCI_DEVFN(IDE_PCI_DEV, IDE_PCI_FUNC));
158 g_assert(dev != NULL);
160 vendor_id = qpci_config_readw(dev, PCI_VENDOR_ID);
161 device_id = qpci_config_readw(dev, PCI_DEVICE_ID);
162 g_assert(vendor_id == PCI_VENDOR_ID_INTEL);
163 g_assert(device_id == PCI_DEVICE_ID_INTEL_82371SB_1);
165 /* Map bmdma BAR */
166 *bmdma_bar = qpci_iomap(dev, 4, NULL);
168 *ide_bar = qpci_legacy_iomap(dev, IDE_BASE);
170 qpci_device_enable(dev);
172 return dev;
175 static void free_pci_device(QPCIDevice *dev)
177 /* libqos doesn't have a function for this, so free it manually */
178 g_free(dev);
181 typedef struct PrdtEntry {
182 uint32_t addr;
183 uint32_t size;
184 } QEMU_PACKED PrdtEntry;
186 #define assert_bit_set(data, mask) g_assert_cmphex((data) & (mask), ==, (mask))
187 #define assert_bit_clear(data, mask) g_assert_cmphex((data) & (mask), ==, 0)
189 static uint64_t trim_range_le(uint64_t sector, uint16_t count)
191 /* 2-byte range, 6-byte LBA */
192 return cpu_to_le64(((uint64_t)count << 48) + sector);
195 static int send_dma_request(int cmd, uint64_t sector, int nb_sectors,
196 PrdtEntry *prdt, int prdt_entries,
197 void(*post_exec)(QPCIDevice *dev, QPCIBar ide_bar,
198 uint64_t sector, int nb_sectors))
200 QPCIDevice *dev;
201 QPCIBar bmdma_bar, ide_bar;
202 uintptr_t guest_prdt;
203 size_t len;
204 bool from_dev;
205 uint8_t status;
206 int flags;
208 dev = get_pci_device(&bmdma_bar, &ide_bar);
210 flags = cmd & ~0xff;
211 cmd &= 0xff;
213 switch (cmd) {
214 case CMD_READ_DMA:
215 case CMD_PACKET:
216 /* Assuming we only test data reads w/ ATAPI, otherwise we need to know
217 * the SCSI command being sent in the packet, too. */
218 from_dev = true;
219 break;
220 case CMD_DSM:
221 case CMD_WRITE_DMA:
222 from_dev = false;
223 break;
224 default:
225 g_assert_not_reached();
228 if (flags & CMDF_NO_BM) {
229 qpci_config_writew(dev, PCI_COMMAND,
230 PCI_COMMAND_IO | PCI_COMMAND_MEMORY);
233 /* Select device 0 */
234 qpci_io_writeb(dev, ide_bar, reg_device, 0 | LBA);
236 /* Stop any running transfer, clear any pending interrupt */
237 qpci_io_writeb(dev, bmdma_bar, bmreg_cmd, 0);
238 qpci_io_writeb(dev, bmdma_bar, bmreg_status, BM_STS_INTR);
240 /* Setup PRDT */
241 len = sizeof(*prdt) * prdt_entries;
242 guest_prdt = guest_alloc(guest_malloc, len);
243 memwrite(guest_prdt, prdt, len);
244 qpci_io_writel(dev, bmdma_bar, bmreg_prdt, guest_prdt);
246 /* ATA DMA command */
247 if (cmd == CMD_PACKET) {
248 /* Enables ATAPI DMA; otherwise PIO is attempted */
249 qpci_io_writeb(dev, ide_bar, reg_feature, 0x01);
250 } else {
251 if (cmd == CMD_DSM) {
252 /* trim bit */
253 qpci_io_writeb(dev, ide_bar, reg_feature, 0x01);
255 qpci_io_writeb(dev, ide_bar, reg_nsectors, nb_sectors);
256 qpci_io_writeb(dev, ide_bar, reg_lba_low, sector & 0xff);
257 qpci_io_writeb(dev, ide_bar, reg_lba_middle, (sector >> 8) & 0xff);
258 qpci_io_writeb(dev, ide_bar, reg_lba_high, (sector >> 16) & 0xff);
261 qpci_io_writeb(dev, ide_bar, reg_command, cmd);
263 if (post_exec) {
264 post_exec(dev, ide_bar, sector, nb_sectors);
267 /* Start DMA transfer */
268 qpci_io_writeb(dev, bmdma_bar, bmreg_cmd,
269 BM_CMD_START | (from_dev ? BM_CMD_WRITE : 0));
271 if (flags & CMDF_ABORT) {
272 qpci_io_writeb(dev, bmdma_bar, bmreg_cmd, 0);
275 /* Wait for the DMA transfer to complete */
276 do {
277 status = qpci_io_readb(dev, bmdma_bar, bmreg_status);
278 } while ((status & (BM_STS_ACTIVE | BM_STS_INTR)) == BM_STS_ACTIVE);
280 g_assert_cmpint(get_irq(IDE_PRIMARY_IRQ), ==, !!(status & BM_STS_INTR));
282 /* Check IDE status code */
283 assert_bit_set(qpci_io_readb(dev, ide_bar, reg_status), DRDY);
284 assert_bit_clear(qpci_io_readb(dev, ide_bar, reg_status), BSY | DRQ);
286 /* Reading the status register clears the IRQ */
287 g_assert(!get_irq(IDE_PRIMARY_IRQ));
289 /* Stop DMA transfer if still active */
290 if (status & BM_STS_ACTIVE) {
291 qpci_io_writeb(dev, bmdma_bar, bmreg_cmd, 0);
294 free_pci_device(dev);
296 return status;
299 static void test_bmdma_simple_rw(void)
301 QPCIDevice *dev;
302 QPCIBar bmdma_bar, ide_bar;
303 uint8_t status;
304 uint8_t *buf;
305 uint8_t *cmpbuf;
306 size_t len = 512;
307 uintptr_t guest_buf = guest_alloc(guest_malloc, len);
309 PrdtEntry prdt[] = {
311 .addr = cpu_to_le32(guest_buf),
312 .size = cpu_to_le32(len | PRDT_EOT),
316 dev = get_pci_device(&bmdma_bar, &ide_bar);
318 buf = g_malloc(len);
319 cmpbuf = g_malloc(len);
321 /* Write 0x55 pattern to sector 0 */
322 memset(buf, 0x55, len);
323 memwrite(guest_buf, buf, len);
325 status = send_dma_request(CMD_WRITE_DMA, 0, 1, prdt,
326 ARRAY_SIZE(prdt), NULL);
327 g_assert_cmphex(status, ==, BM_STS_INTR);
328 assert_bit_clear(qpci_io_readb(dev, ide_bar, reg_status), DF | ERR);
330 /* Write 0xaa pattern to sector 1 */
331 memset(buf, 0xaa, len);
332 memwrite(guest_buf, buf, len);
334 status = send_dma_request(CMD_WRITE_DMA, 1, 1, prdt,
335 ARRAY_SIZE(prdt), NULL);
336 g_assert_cmphex(status, ==, BM_STS_INTR);
337 assert_bit_clear(qpci_io_readb(dev, ide_bar, reg_status), DF | ERR);
339 /* Read and verify 0x55 pattern in sector 0 */
340 memset(cmpbuf, 0x55, len);
342 status = send_dma_request(CMD_READ_DMA, 0, 1, prdt, ARRAY_SIZE(prdt), NULL);
343 g_assert_cmphex(status, ==, BM_STS_INTR);
344 assert_bit_clear(qpci_io_readb(dev, ide_bar, reg_status), DF | ERR);
346 memread(guest_buf, buf, len);
347 g_assert(memcmp(buf, cmpbuf, len) == 0);
349 /* Read and verify 0xaa pattern in sector 1 */
350 memset(cmpbuf, 0xaa, len);
352 status = send_dma_request(CMD_READ_DMA, 1, 1, prdt, ARRAY_SIZE(prdt), NULL);
353 g_assert_cmphex(status, ==, BM_STS_INTR);
354 assert_bit_clear(qpci_io_readb(dev, ide_bar, reg_status), DF | ERR);
356 memread(guest_buf, buf, len);
357 g_assert(memcmp(buf, cmpbuf, len) == 0);
360 free_pci_device(dev);
361 g_free(buf);
362 g_free(cmpbuf);
365 static void test_bmdma_trim(void)
367 QPCIDevice *dev;
368 QPCIBar bmdma_bar, ide_bar;
369 uint8_t status;
370 const uint64_t trim_range[] = { trim_range_le(0, 2),
371 trim_range_le(6, 8),
372 trim_range_le(10, 1),
374 const uint64_t bad_range = trim_range_le(TEST_IMAGE_SIZE / 512 - 1, 2);
375 size_t len = 512;
376 uint8_t *buf;
377 uintptr_t guest_buf = guest_alloc(guest_malloc, len);
379 PrdtEntry prdt[] = {
381 .addr = cpu_to_le32(guest_buf),
382 .size = cpu_to_le32(len | PRDT_EOT),
386 dev = get_pci_device(&bmdma_bar, &ide_bar);
388 buf = g_malloc(len);
390 /* Normal request */
391 *((uint64_t *)buf) = trim_range[0];
392 *((uint64_t *)buf + 1) = trim_range[1];
394 memwrite(guest_buf, buf, 2 * sizeof(uint64_t));
396 status = send_dma_request(CMD_DSM, 0, 1, prdt,
397 ARRAY_SIZE(prdt), NULL);
398 g_assert_cmphex(status, ==, BM_STS_INTR);
399 assert_bit_clear(qpci_io_readb(dev, ide_bar, reg_status), DF | ERR);
401 /* Request contains invalid range */
402 *((uint64_t *)buf) = trim_range[2];
403 *((uint64_t *)buf + 1) = bad_range;
405 memwrite(guest_buf, buf, 2 * sizeof(uint64_t));
407 status = send_dma_request(CMD_DSM, 0, 1, prdt,
408 ARRAY_SIZE(prdt), NULL);
409 g_assert_cmphex(status, ==, BM_STS_INTR);
410 assert_bit_set(qpci_io_readb(dev, ide_bar, reg_status), ERR);
411 assert_bit_set(qpci_io_readb(dev, ide_bar, reg_error), ABRT);
413 free_pci_device(dev);
414 g_free(buf);
417 static void test_bmdma_short_prdt(void)
419 QPCIDevice *dev;
420 QPCIBar bmdma_bar, ide_bar;
421 uint8_t status;
423 PrdtEntry prdt[] = {
425 .addr = 0,
426 .size = cpu_to_le32(0x10 | PRDT_EOT),
430 dev = get_pci_device(&bmdma_bar, &ide_bar);
432 /* Normal request */
433 status = send_dma_request(CMD_READ_DMA, 0, 1,
434 prdt, ARRAY_SIZE(prdt), NULL);
435 g_assert_cmphex(status, ==, 0);
436 assert_bit_clear(qpci_io_readb(dev, ide_bar, reg_status), DF | ERR);
438 /* Abort the request before it completes */
439 status = send_dma_request(CMD_READ_DMA | CMDF_ABORT, 0, 1,
440 prdt, ARRAY_SIZE(prdt), NULL);
441 g_assert_cmphex(status, ==, 0);
442 assert_bit_clear(qpci_io_readb(dev, ide_bar, reg_status), DF | ERR);
443 free_pci_device(dev);
446 static void test_bmdma_one_sector_short_prdt(void)
448 QPCIDevice *dev;
449 QPCIBar bmdma_bar, ide_bar;
450 uint8_t status;
452 /* Read 2 sectors but only give 1 sector in PRDT */
453 PrdtEntry prdt[] = {
455 .addr = 0,
456 .size = cpu_to_le32(0x200 | PRDT_EOT),
460 dev = get_pci_device(&bmdma_bar, &ide_bar);
462 /* Normal request */
463 status = send_dma_request(CMD_READ_DMA, 0, 2,
464 prdt, ARRAY_SIZE(prdt), NULL);
465 g_assert_cmphex(status, ==, 0);
466 assert_bit_clear(qpci_io_readb(dev, ide_bar, reg_status), DF | ERR);
468 /* Abort the request before it completes */
469 status = send_dma_request(CMD_READ_DMA | CMDF_ABORT, 0, 2,
470 prdt, ARRAY_SIZE(prdt), NULL);
471 g_assert_cmphex(status, ==, 0);
472 assert_bit_clear(qpci_io_readb(dev, ide_bar, reg_status), DF | ERR);
473 free_pci_device(dev);
476 static void test_bmdma_long_prdt(void)
478 QPCIDevice *dev;
479 QPCIBar bmdma_bar, ide_bar;
480 uint8_t status;
482 PrdtEntry prdt[] = {
484 .addr = 0,
485 .size = cpu_to_le32(0x1000 | PRDT_EOT),
489 dev = get_pci_device(&bmdma_bar, &ide_bar);
491 /* Normal request */
492 status = send_dma_request(CMD_READ_DMA, 0, 1,
493 prdt, ARRAY_SIZE(prdt), NULL);
494 g_assert_cmphex(status, ==, BM_STS_ACTIVE | BM_STS_INTR);
495 assert_bit_clear(qpci_io_readb(dev, ide_bar, reg_status), DF | ERR);
497 /* Abort the request before it completes */
498 status = send_dma_request(CMD_READ_DMA | CMDF_ABORT, 0, 1,
499 prdt, ARRAY_SIZE(prdt), NULL);
500 g_assert_cmphex(status, ==, BM_STS_INTR);
501 assert_bit_clear(qpci_io_readb(dev, ide_bar, reg_status), DF | ERR);
502 free_pci_device(dev);
505 static void test_bmdma_no_busmaster(void)
507 QPCIDevice *dev;
508 QPCIBar bmdma_bar, ide_bar;
509 uint8_t status;
511 dev = get_pci_device(&bmdma_bar, &ide_bar);
513 /* No PRDT_EOT, each entry addr 0/size 64k, and in theory qemu shouldn't be
514 * able to access it anyway because the Bus Master bit in the PCI command
515 * register isn't set. This is complete nonsense, but it used to be pretty
516 * good at confusing and occasionally crashing qemu. */
517 PrdtEntry prdt[4096] = { };
519 status = send_dma_request(CMD_READ_DMA | CMDF_NO_BM, 0, 512,
520 prdt, ARRAY_SIZE(prdt), NULL);
522 /* Not entirely clear what the expected result is, but this is what we get
523 * in practice. At least we want to be aware of any changes. */
524 g_assert_cmphex(status, ==, BM_STS_ACTIVE | BM_STS_INTR);
525 assert_bit_clear(qpci_io_readb(dev, ide_bar, reg_status), DF | ERR);
526 free_pci_device(dev);
529 static void test_bmdma_setup(void)
531 ide_test_start(
532 "-drive file=%s,if=ide,serial=%s,cache=writeback,format=raw "
533 "-global ide-hd.ver=%s",
534 tmp_path, "testdisk", "version");
535 qtest_irq_intercept_in(global_qtest, "ioapic");
538 static void test_bmdma_teardown(void)
540 ide_test_quit();
543 static void string_cpu_to_be16(uint16_t *s, size_t bytes)
545 g_assert((bytes & 1) == 0);
546 bytes /= 2;
548 while (bytes--) {
549 *s = cpu_to_be16(*s);
550 s++;
554 static void test_identify(void)
556 QPCIDevice *dev;
557 QPCIBar bmdma_bar, ide_bar;
558 uint8_t data;
559 uint16_t buf[256];
560 int i;
561 int ret;
563 ide_test_start(
564 "-drive file=%s,if=ide,serial=%s,cache=writeback,format=raw "
565 "-global ide-hd.ver=%s",
566 tmp_path, "testdisk", "version");
568 dev = get_pci_device(&bmdma_bar, &ide_bar);
570 /* IDENTIFY command on device 0*/
571 qpci_io_writeb(dev, ide_bar, reg_device, 0);
572 qpci_io_writeb(dev, ide_bar, reg_command, CMD_IDENTIFY);
574 /* Read in the IDENTIFY buffer and check registers */
575 data = qpci_io_readb(dev, ide_bar, reg_device);
576 g_assert_cmpint(data & DEV, ==, 0);
578 for (i = 0; i < 256; i++) {
579 data = qpci_io_readb(dev, ide_bar, reg_status);
580 assert_bit_set(data, DRDY | DRQ);
581 assert_bit_clear(data, BSY | DF | ERR);
583 buf[i] = qpci_io_readw(dev, ide_bar, reg_data);
586 data = qpci_io_readb(dev, ide_bar, reg_status);
587 assert_bit_set(data, DRDY);
588 assert_bit_clear(data, BSY | DF | ERR | DRQ);
590 /* Check serial number/version in the buffer */
591 string_cpu_to_be16(&buf[10], 20);
592 ret = memcmp(&buf[10], "testdisk ", 20);
593 g_assert(ret == 0);
595 string_cpu_to_be16(&buf[23], 8);
596 ret = memcmp(&buf[23], "version ", 8);
597 g_assert(ret == 0);
599 /* Write cache enabled bit */
600 assert_bit_set(buf[85], 0x20);
602 ide_test_quit();
603 free_pci_device(dev);
607 * Write sector 1 with random data to make IDE storage dirty
608 * Needed for flush tests so that flushes actually go though the block layer
610 static void make_dirty(uint8_t device)
612 QPCIDevice *dev;
613 QPCIBar bmdma_bar, ide_bar;
614 uint8_t status;
615 size_t len = 512;
616 uintptr_t guest_buf;
617 void* buf;
619 dev = get_pci_device(&bmdma_bar, &ide_bar);
621 guest_buf = guest_alloc(guest_malloc, len);
622 buf = g_malloc(len);
623 memset(buf, rand() % 255 + 1, len);
624 g_assert(guest_buf);
625 g_assert(buf);
627 memwrite(guest_buf, buf, len);
629 PrdtEntry prdt[] = {
631 .addr = cpu_to_le32(guest_buf),
632 .size = cpu_to_le32(len | PRDT_EOT),
636 status = send_dma_request(CMD_WRITE_DMA, 1, 1, prdt,
637 ARRAY_SIZE(prdt), NULL);
638 g_assert_cmphex(status, ==, BM_STS_INTR);
639 assert_bit_clear(qpci_io_readb(dev, ide_bar, reg_status), DF | ERR);
641 g_free(buf);
642 free_pci_device(dev);
645 static void test_flush(void)
647 QPCIDevice *dev;
648 QPCIBar bmdma_bar, ide_bar;
649 uint8_t data;
651 ide_test_start(
652 "-drive file=blkdebug::%s,if=ide,cache=writeback,format=raw",
653 tmp_path);
655 dev = get_pci_device(&bmdma_bar, &ide_bar);
657 qtest_irq_intercept_in(global_qtest, "ioapic");
659 /* Dirty media so that CMD_FLUSH_CACHE will actually go to disk */
660 make_dirty(0);
662 /* Delay the completion of the flush request until we explicitly do it */
663 g_free(hmp("qemu-io ide0-hd0 \"break flush_to_os A\""));
665 /* FLUSH CACHE command on device 0*/
666 qpci_io_writeb(dev, ide_bar, reg_device, 0);
667 qpci_io_writeb(dev, ide_bar, reg_command, CMD_FLUSH_CACHE);
669 /* Check status while request is in flight*/
670 data = qpci_io_readb(dev, ide_bar, reg_status);
671 assert_bit_set(data, BSY | DRDY);
672 assert_bit_clear(data, DF | ERR | DRQ);
674 /* Complete the command */
675 g_free(hmp("qemu-io ide0-hd0 \"resume A\""));
677 /* Check registers */
678 data = qpci_io_readb(dev, ide_bar, reg_device);
679 g_assert_cmpint(data & DEV, ==, 0);
681 do {
682 data = qpci_io_readb(dev, ide_bar, reg_status);
683 } while (data & BSY);
685 assert_bit_set(data, DRDY);
686 assert_bit_clear(data, BSY | DF | ERR | DRQ);
688 ide_test_quit();
689 free_pci_device(dev);
692 static void test_retry_flush(const char *machine)
694 QPCIDevice *dev;
695 QPCIBar bmdma_bar, ide_bar;
696 uint8_t data;
697 const char *s;
699 prepare_blkdebug_script(debug_path, "flush_to_disk");
701 ide_test_start(
702 "-drive file=blkdebug:%s:%s,if=ide,cache=writeback,format=raw,"
703 "rerror=stop,werror=stop",
704 debug_path, tmp_path);
706 dev = get_pci_device(&bmdma_bar, &ide_bar);
708 qtest_irq_intercept_in(global_qtest, "ioapic");
710 /* Dirty media so that CMD_FLUSH_CACHE will actually go to disk */
711 make_dirty(0);
713 /* FLUSH CACHE command on device 0*/
714 qpci_io_writeb(dev, ide_bar, reg_device, 0);
715 qpci_io_writeb(dev, ide_bar, reg_command, CMD_FLUSH_CACHE);
717 /* Check status while request is in flight*/
718 data = qpci_io_readb(dev, ide_bar, reg_status);
719 assert_bit_set(data, BSY | DRDY);
720 assert_bit_clear(data, DF | ERR | DRQ);
722 qmp_eventwait("STOP");
724 /* Complete the command */
725 s = "{'execute':'cont' }";
726 qmp_discard_response(s);
728 /* Check registers */
729 data = qpci_io_readb(dev, ide_bar, reg_device);
730 g_assert_cmpint(data & DEV, ==, 0);
732 do {
733 data = qpci_io_readb(dev, ide_bar, reg_status);
734 } while (data & BSY);
736 assert_bit_set(data, DRDY);
737 assert_bit_clear(data, BSY | DF | ERR | DRQ);
739 ide_test_quit();
740 free_pci_device(dev);
743 static void test_flush_nodev(void)
745 QPCIDevice *dev;
746 QPCIBar bmdma_bar, ide_bar;
748 ide_test_start("");
750 dev = get_pci_device(&bmdma_bar, &ide_bar);
752 /* FLUSH CACHE command on device 0*/
753 qpci_io_writeb(dev, ide_bar, reg_device, 0);
754 qpci_io_writeb(dev, ide_bar, reg_command, CMD_FLUSH_CACHE);
756 /* Just testing that qemu doesn't crash... */
758 free_pci_device(dev);
759 ide_test_quit();
762 static void test_flush_empty_drive(void)
764 QPCIDevice *dev;
765 QPCIBar bmdma_bar, ide_bar;
767 ide_test_start("-device ide-cd,bus=ide.0");
768 dev = get_pci_device(&bmdma_bar, &ide_bar);
770 /* FLUSH CACHE command on device 0 */
771 qpci_io_writeb(dev, ide_bar, reg_device, 0);
772 qpci_io_writeb(dev, ide_bar, reg_command, CMD_FLUSH_CACHE);
774 /* Just testing that qemu doesn't crash... */
776 free_pci_device(dev);
777 ide_test_quit();
780 static void test_pci_retry_flush(void)
782 test_retry_flush("pc");
785 static void test_isa_retry_flush(void)
787 test_retry_flush("isapc");
790 typedef struct Read10CDB {
791 uint8_t opcode;
792 uint8_t flags;
793 uint32_t lba;
794 uint8_t reserved;
795 uint16_t nblocks;
796 uint8_t control;
797 uint16_t padding;
798 } __attribute__((__packed__)) Read10CDB;
800 static void send_scsi_cdb_read10(QPCIDevice *dev, QPCIBar ide_bar,
801 uint64_t lba, int nblocks)
803 Read10CDB pkt = { .padding = 0 };
804 int i;
806 g_assert_cmpint(lba, <=, UINT32_MAX);
807 g_assert_cmpint(nblocks, <=, UINT16_MAX);
808 g_assert_cmpint(nblocks, >=, 0);
810 /* Construct SCSI CDB packet */
811 pkt.opcode = 0x28;
812 pkt.lba = cpu_to_be32(lba);
813 pkt.nblocks = cpu_to_be16(nblocks);
815 /* Send Packet */
816 for (i = 0; i < sizeof(Read10CDB)/2; i++) {
817 qpci_io_writew(dev, ide_bar, reg_data,
818 le16_to_cpu(((uint16_t *)&pkt)[i]));
822 static void nsleep(int64_t nsecs)
824 const struct timespec val = { .tv_nsec = nsecs };
825 nanosleep(&val, NULL);
826 clock_set(nsecs);
829 static uint8_t ide_wait_clear(uint8_t flag)
831 QPCIDevice *dev;
832 QPCIBar bmdma_bar, ide_bar;
833 uint8_t data;
834 time_t st;
836 dev = get_pci_device(&bmdma_bar, &ide_bar);
838 /* Wait with a 5 second timeout */
839 time(&st);
840 while (true) {
841 data = qpci_io_readb(dev, ide_bar, reg_status);
842 if (!(data & flag)) {
843 free_pci_device(dev);
844 return data;
846 if (difftime(time(NULL), st) > 5.0) {
847 break;
849 nsleep(400);
851 g_assert_not_reached();
854 static void ide_wait_intr(int irq)
856 time_t st;
857 bool intr;
859 time(&st);
860 while (true) {
861 intr = get_irq(irq);
862 if (intr) {
863 return;
865 if (difftime(time(NULL), st) > 5.0) {
866 break;
868 nsleep(400);
871 g_assert_not_reached();
874 static void cdrom_pio_impl(int nblocks)
876 QPCIDevice *dev;
877 QPCIBar bmdma_bar, ide_bar;
878 FILE *fh;
879 int patt_blocks = MAX(16, nblocks);
880 size_t patt_len = ATAPI_BLOCK_SIZE * patt_blocks;
881 char *pattern = g_malloc(patt_len);
882 size_t rxsize = ATAPI_BLOCK_SIZE * nblocks;
883 uint16_t *rx = g_malloc0(rxsize);
884 int i, j;
885 uint8_t data;
886 uint16_t limit;
887 size_t ret;
889 /* Prepopulate the CDROM with an interesting pattern */
890 generate_pattern(pattern, patt_len, ATAPI_BLOCK_SIZE);
891 fh = fopen(tmp_path, "w+");
892 ret = fwrite(pattern, ATAPI_BLOCK_SIZE, patt_blocks, fh);
893 g_assert_cmpint(ret, ==, patt_blocks);
894 fclose(fh);
896 ide_test_start("-drive if=none,file=%s,media=cdrom,format=raw,id=sr0,index=0 "
897 "-device ide-cd,drive=sr0,bus=ide.0", tmp_path);
898 dev = get_pci_device(&bmdma_bar, &ide_bar);
899 qtest_irq_intercept_in(global_qtest, "ioapic");
901 /* PACKET command on device 0 */
902 qpci_io_writeb(dev, ide_bar, reg_device, 0);
903 qpci_io_writeb(dev, ide_bar, reg_lba_middle, BYTE_COUNT_LIMIT & 0xFF);
904 qpci_io_writeb(dev, ide_bar, reg_lba_high, (BYTE_COUNT_LIMIT >> 8 & 0xFF));
905 qpci_io_writeb(dev, ide_bar, reg_command, CMD_PACKET);
906 /* HP0: Check_Status_A State */
907 nsleep(400);
908 data = ide_wait_clear(BSY);
909 /* HP1: Send_Packet State */
910 assert_bit_set(data, DRQ | DRDY);
911 assert_bit_clear(data, ERR | DF | BSY);
913 /* SCSI CDB (READ10) -- read n*2048 bytes from block 0 */
914 send_scsi_cdb_read10(dev, ide_bar, 0, nblocks);
916 /* Read data back: occurs in bursts of 'BYTE_COUNT_LIMIT' bytes.
917 * If BYTE_COUNT_LIMIT is odd, we transfer BYTE_COUNT_LIMIT - 1 bytes.
918 * We allow an odd limit only when the remaining transfer size is
919 * less than BYTE_COUNT_LIMIT. However, SCSI's read10 command can only
920 * request n blocks, so our request size is always even.
921 * For this reason, we assume there is never a hanging byte to fetch. */
922 g_assert(!(rxsize & 1));
923 limit = BYTE_COUNT_LIMIT & ~1;
924 for (i = 0; i < DIV_ROUND_UP(rxsize, limit); i++) {
925 size_t offset = i * (limit / 2);
926 size_t rem = (rxsize / 2) - offset;
928 /* HP3: INTRQ_Wait */
929 ide_wait_intr(IDE_PRIMARY_IRQ);
931 /* HP2: Check_Status_B (and clear IRQ) */
932 data = ide_wait_clear(BSY);
933 assert_bit_set(data, DRQ | DRDY);
934 assert_bit_clear(data, ERR | DF | BSY);
936 /* HP4: Transfer_Data */
937 for (j = 0; j < MIN((limit / 2), rem); j++) {
938 rx[offset + j] = cpu_to_le16(qpci_io_readw(dev, ide_bar,
939 reg_data));
943 /* Check for final completion IRQ */
944 ide_wait_intr(IDE_PRIMARY_IRQ);
946 /* Sanity check final state */
947 data = ide_wait_clear(DRQ);
948 assert_bit_set(data, DRDY);
949 assert_bit_clear(data, DRQ | ERR | DF | BSY);
951 g_assert_cmpint(memcmp(pattern, rx, rxsize), ==, 0);
952 g_free(pattern);
953 g_free(rx);
954 test_bmdma_teardown();
955 free_pci_device(dev);
958 static void test_cdrom_pio(void)
960 cdrom_pio_impl(1);
963 static void test_cdrom_pio_large(void)
965 /* Test a few loops of the PIO DRQ mechanism. */
966 cdrom_pio_impl(BYTE_COUNT_LIMIT * 4 / ATAPI_BLOCK_SIZE);
970 static void test_cdrom_dma(void)
972 static const size_t len = ATAPI_BLOCK_SIZE;
973 size_t ret;
974 char *pattern = g_malloc(ATAPI_BLOCK_SIZE * 16);
975 char *rx = g_malloc0(len);
976 uintptr_t guest_buf;
977 PrdtEntry prdt[1];
978 FILE *fh;
980 ide_test_start("-drive if=none,file=%s,media=cdrom,format=raw,id=sr0,index=0 "
981 "-device ide-cd,drive=sr0,bus=ide.0", tmp_path);
982 qtest_irq_intercept_in(global_qtest, "ioapic");
984 guest_buf = guest_alloc(guest_malloc, len);
985 prdt[0].addr = cpu_to_le32(guest_buf);
986 prdt[0].size = cpu_to_le32(len | PRDT_EOT);
988 generate_pattern(pattern, ATAPI_BLOCK_SIZE * 16, ATAPI_BLOCK_SIZE);
989 fh = fopen(tmp_path, "w+");
990 ret = fwrite(pattern, ATAPI_BLOCK_SIZE, 16, fh);
991 g_assert_cmpint(ret, ==, 16);
992 fclose(fh);
994 send_dma_request(CMD_PACKET, 0, 1, prdt, 1, send_scsi_cdb_read10);
996 /* Read back data from guest memory into local qtest memory */
997 memread(guest_buf, rx, len);
998 g_assert_cmpint(memcmp(pattern, rx, len), ==, 0);
1000 g_free(pattern);
1001 g_free(rx);
1002 test_bmdma_teardown();
1005 int main(int argc, char **argv)
1007 const char *arch = qtest_get_arch();
1008 int fd;
1009 int ret;
1011 /* Check architecture */
1012 if (strcmp(arch, "i386") && strcmp(arch, "x86_64")) {
1013 g_test_message("Skipping test for non-x86\n");
1014 return 0;
1017 /* Create temporary blkdebug instructions */
1018 fd = mkstemp(debug_path);
1019 g_assert(fd >= 0);
1020 close(fd);
1022 /* Create a temporary raw image */
1023 fd = mkstemp(tmp_path);
1024 g_assert(fd >= 0);
1025 ret = ftruncate(fd, TEST_IMAGE_SIZE);
1026 g_assert(ret == 0);
1027 close(fd);
1029 /* Run the tests */
1030 g_test_init(&argc, &argv, NULL);
1032 qtest_add_func("/ide/identify", test_identify);
1034 qtest_add_func("/ide/bmdma/setup", test_bmdma_setup);
1035 qtest_add_func("/ide/bmdma/simple_rw", test_bmdma_simple_rw);
1036 qtest_add_func("/ide/bmdma/trim", test_bmdma_trim);
1037 qtest_add_func("/ide/bmdma/short_prdt", test_bmdma_short_prdt);
1038 qtest_add_func("/ide/bmdma/one_sector_short_prdt",
1039 test_bmdma_one_sector_short_prdt);
1040 qtest_add_func("/ide/bmdma/long_prdt", test_bmdma_long_prdt);
1041 qtest_add_func("/ide/bmdma/no_busmaster", test_bmdma_no_busmaster);
1042 qtest_add_func("/ide/bmdma/teardown", test_bmdma_teardown);
1044 qtest_add_func("/ide/flush", test_flush);
1045 qtest_add_func("/ide/flush/nodev", test_flush_nodev);
1046 qtest_add_func("/ide/flush/empty_drive", test_flush_empty_drive);
1047 qtest_add_func("/ide/flush/retry_pci", test_pci_retry_flush);
1048 qtest_add_func("/ide/flush/retry_isa", test_isa_retry_flush);
1050 qtest_add_func("/ide/cdrom/pio", test_cdrom_pio);
1051 qtest_add_func("/ide/cdrom/pio_large", test_cdrom_pio_large);
1052 qtest_add_func("/ide/cdrom/dma", test_cdrom_dma);
1054 ret = g_test_run();
1056 /* Cleanup */
1057 unlink(tmp_path);
1058 unlink(debug_path);
1060 return ret;