test: Add windows_equally_evictable
Tests for the condition where the minimum age is less than any window's
current age, in which case we can get a NULL dereference if the
windows_reset_all() implementation is broken.
windows.c:409:23: runtime error: member access within null pointer of type 'struct window_context'
ASAN:DEADLYSIGNAL
=================================================================
==31400==ERROR: AddressSanitizer: SEGV on unknown address 0x00000004 (pc 0x0002b658 bp 0x74c00270 sp 0x7eb7c678 T0)
==31400==The signal is caused by a WRITE memory access.
==31400==Hint: address points to the zero page.
#0 0x2b657 in window_reset windows.c:410
#1 0x2cc9b in windows_create_map windows.c:572
#2 0x1f3f3 in protocol_v1_create_window protocol.c:167
#3 0x2121b in protocol_v2_create_window protocol.c:417
#4 0x24cd7f in generic_vpnor_create_window vpnor/protocol.cpp:51
#5 0x24d053 in protocol_v2_vpnor_create_window vpnor/protocol.cpp:63
#6 0x2663b in mbox_handle_create_window transport_mbox.c:282
#7 0x276db in handle_mbox_req transport_mbox.c:568
#8 0x276db in transport_mbox_dispatch transport_mbox.c:649
#9 0x17fcb in poll_loop mboxd.c:185
#10 0x17fcb in main mboxd.c:423
#11 0x46b68517 in __libc_start_main (/lib/libc.so.6+0x46b68517)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV windows.c:410 in window_reset
==31400==ABORTING
Change-Id: I8161e2ea17953e196d4bb3ca90d19e44ec10c86d
Signed-off-by: Andrew Jeffery <andrew@aj.id.au>
diff --git a/test/windows_equally_evictable.c b/test/windows_equally_evictable.c
new file mode 100644
index 0000000..e54343b
--- /dev/null
+++ b/test/windows_equally_evictable.c
@@ -0,0 +1,85 @@
+// SPDX-License-Identifier: Apache-2.0
+// Copyright (C) 2018 IBM Corp.
+
+#include <assert.h>
+#include <string.h>
+
+#include "config.h"
+#include "transport_mbox.h"
+#include "windows.h"
+
+#include "test/mbox.h"
+#include "test/system.h"
+
+struct test_context
+{
+ uint8_t seq;
+ struct mbox_context *ctx;
+};
+
+// Configure the system and the paritions such that we eventually request a
+// window that covers the last section of flash, but the remaining flash is
+// smaller than the window size
+#define BLOCK_SIZE 4096
+#define ERASE_SIZE BLOCK_SIZE
+#define N_WINDOWS 3
+#define WINDOW_SIZE BLOCK_SIZE
+#define MEM_SIZE (N_WINDOWS * WINDOW_SIZE)
+#define PNOR_SIZE ((N_WINDOWS + 1) * WINDOW_SIZE)
+
+static const uint8_t get_info[] = {0x02, 0x00, 0x02, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00};
+
+#define MBOX_CREATE_READ_WINDOW 4
+
+static int mbox_create_read_window(struct test_context *tctx, size_t offset,
+ size_t len)
+{
+ union mbox_regs regs;
+
+ memset(®s, 0, sizeof(regs));
+ regs.msg.command = MBOX_CREATE_READ_WINDOW;
+ regs.msg.seq = ++tctx->seq;
+ put_u16(®s.msg.args[0], offset);
+ put_u16(®s.msg.args[2], len);
+
+ return mbox_command_dispatch(tctx->ctx, regs.raw, sizeof(regs.raw));
+}
+
+int main()
+{
+ struct test_context _tctx = {0}, *tctx = &_tctx;
+ size_t len;
+ size_t pos;
+ int rc;
+
+ system_set_reserved_size(MEM_SIZE);
+ system_set_mtd_sizes(PNOR_SIZE, ERASE_SIZE);
+
+ tctx->ctx = mbox_create_test_context(N_WINDOWS, WINDOW_SIZE);
+
+ rc = mbox_command_dispatch(tctx->ctx, get_info, sizeof(get_info));
+ assert(rc == 1);
+
+ pos = 0;
+ while (pos < ((PNOR_SIZE - BLOCK_SIZE) / BLOCK_SIZE))
+ {
+ struct mbox_msg _msg, *msg = &_msg;
+
+ rc = mbox_create_read_window(tctx, pos, (WINDOW_SIZE / BLOCK_SIZE));
+ assert(rc == 1);
+
+ mbox_rspcpy(tctx->ctx, msg);
+
+ len = get_u16(&msg->args[2]);
+ pos = get_u16(&msg->args[4]) + len;
+ }
+
+ windows_reset_all(tctx->ctx);
+
+ rc = mbox_create_read_window(tctx, pos, (WINDOW_SIZE / BLOCK_SIZE));
+ assert(rc == 1);
+
+ return 0;
+}