From nobody Fri Apr 26 01:02:06 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
 170.10.133.124 as permitted sender) client-ip=170.10.133.124;
 envelope-from=philmd@redhat.com; helo=us-smtp-delivery-124.mimecast.com;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as
 permitted sender)  smtp.mailfrom=philmd@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1637666266; cv=none;
	d=zohomail.com; s=zohoarc;
	b=EN1/7rW150z8B/WUhdvQKqlBnfiAfsWAO1xcq7c85iKUdproECZBTvRHxFq0e237cp2oeHBWGpsqw/nx1SXwlQGzmKFh2SarWavhqTWiRTe1URcYZhCMvNSFRO6V+yfSeU1JOXSgWMAZNb+logMhR9X2TeOAo6Xyt1AldIv5Qak=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1637666266;
 h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:To;
	bh=CmF7pERoUHdQNjiJjd8DIe6rsND4MdyLbzeeUwaESKE=;
	b=ipmZpx4vXG8Ad8iLyOLCJeflzJyMonxaeuKgRF+P4DJp0h6MY7kwihknSFWF7mSwAocRM3OvPpgxFdLu6f+EcE4sMo5B8dnK/lU5z2iHlWUlhTqEsdpbVLSniB2G7InKYxEpiAkAlmK9zeMv1/WfUfbh0o9mNtmdgkJp5cXh9A0=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as
 permitted sender)  smtp.mailfrom=philmd@redhat.com;
	dmarc=pass header.from=<philmd@redhat.com> (p=none dis=none)
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com
	with SMTPS id 1637666266147298.45177767684856;
 Tue, 23 Nov 2021 03:17:46 -0800 (PST)
Received: from mail-wm1-f72.google.com (mail-wm1-f72.google.com
 [209.85.128.72]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 us-mta-604-gANmJzKiO6KjpDhxOW7MEA-1; Tue, 23 Nov 2021 06:17:41 -0500
Received: by mail-wm1-f72.google.com with SMTP id
 n16-20020a05600c3b9000b003331973fdbbso1369303wms.0
        for <importer@patchew.org>; Tue, 23 Nov 2021 03:17:40 -0800 (PST)
Return-Path: <philmd@redhat.com>
Return-Path: <philmd@redhat.com>
Received: from x1w.. (62.red-83-57-168.dynamicip.rima-tde.net. [83.57.168.62])
        by smtp.gmail.com with ESMTPSA id
 x13sm11697079wrr.47.2021.11.23.03.17.38
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 23 Nov 2021 03:17:39 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1637666265;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=CmF7pERoUHdQNjiJjd8DIe6rsND4MdyLbzeeUwaESKE=;
	b=RTEI0qQf1yjgOVuezrMxOGuzSpAERHom36/j/UEjwX0T6dpvBdy0txNSC7ULoi2b8Q+G3u
	EdZyLJJmjtWdXXjUQdwMFir67MwG98YRnfT4wIqz48DgLccgoW8pS1nYmIJBB6INnxphR0
	LZlTMa9mZ+lhxOfQwAjNRFG/0P0hloU=
X-MC-Unique: gANmJzKiO6KjpDhxOW7MEA-1
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=CmF7pERoUHdQNjiJjd8DIe6rsND4MdyLbzeeUwaESKE=;
        b=Yl4/p1NBbsQoRarWMwZdyFotWtCxo8+8q8WFqMEltncDIhjwnKZqA2BytTaP8QOfIO
         gY/T3AUmWFlaVsgwaD0qhAsO4B4gfvdHILwa1JVFOvUjQs9BsrrOW22IUefDNJg0NEN8
         qpKaXSDvvp9wwDgmUr689fR4r/ib1MeF0V2sDPIstLPCTfq8bvP8fvfNQEWpe8gEIIsn
         hM1Nc+SNEa1fW5EpEUuxj9mHd+vZSY38PRsFrcj+TKtHAcH1T0opiHvHT2m3xdfCtfng
         SY4a0sBMkx7pJFK0LJejuC8Weo6Gtbb+bSrbvZFHC8pRliRGWOGReWeQpIE7+gPdffLg
         5VVA==
X-Gm-Message-State: AOAM5331IZevXkr4/FLmgvjmyqrmpgKML2+kVlKWVepwRpdSwbRfdGnS
	W6/DV/7GYmzxxMZWM/g7RIHgXp5sHz6rjBDsYzF+JgI6tTzOTD8SVgc37wMy8xrgksKoZ3RpieF
	nW8hrXQMAi13GNg==
X-Received: by 2002:a05:600c:198f:: with SMTP id
 t15mr2126036wmq.94.1637666259919;
        Tue, 23 Nov 2021 03:17:39 -0800 (PST)
X-Google-Smtp-Source: 
 ABdhPJwUINcvIuFZJWEuvqzv+i574MexMIsYW+lEyAx2n0McCuT4X36eXXjNO0lg7MgjArOTn/Ro6A==
X-Received: by 2002:a05:600c:198f:: with SMTP id
 t15mr2125996wmq.94.1637666259708;
        Tue, 23 Nov 2021 03:17:39 -0800 (PST)
From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
To: qemu-devel@nongnu.org
Cc: Darren Kenny <darren.kenny@oracle.com>,
	Paolo Bonzini <pbonzini@redhat.com>,
	Gerd Hoffmann <kraxel@redhat.com>,
	Thomas Huth <thuth@redhat.com>,
	Vadim Rozenfeld <vrozenfe@redhat.com>,
	Bandan Das <bsd@redhat.com>,
	Alexander Bulekov <alxndr@bu.edu>,
	Qiuhao Li <Qiuhao.Li@outlook.com>,
	Stefan Hajnoczi <stefanha@redhat.com>,
	Laurent Vivier <lvivier@redhat.com>,
	Fam Zheng <fam@euphon.net>,
	=?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>,
	qemu-stable@nongnu.org,
	=?UTF-8?q?J=C3=A9r=C3=B4me=20Poulin?= <jeromepoulin@gmail.com>,
	Ruhr-University <bugs-syssec@rub.de>,
	Gaoning Pan <pgn@zju.edu.cn>,
	Cheolwoo Myung <cwmyung@snu.ac.kr>
Subject: [PATCH-for-6.2 1/2] hw/scsi/lsi53c895a: Do not abort when DMA
 requested and no data queued
Date: Tue, 23 Nov 2021 12:17:31 +0100
Message-Id: <20211123111732.83137-2-philmd@redhat.com>
X-Mailer: git-send-email 2.33.1
In-Reply-To: <20211123111732.83137-1-philmd@redhat.com>
References: <20211123111732.83137-1-philmd@redhat.com>
MIME-Version: 1.0
Authentication-Results: relay.mimecast.com;
	auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=philmd@redhat.com
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1637666268903100001

If asked for DMA request and no data is available, simply wait
for data to be queued, do not abort. This fixes:

  $ cat << EOF | \
    qemu-system-i386 -nographic -M q35,accel=3Dqtest -serial none \
      -monitor none -qtest stdio -trace lsi* \
      -drive if=3Dnone,id=3Ddrive0,file=3Dnull-co://,file.read-zeroes=3Don,=
format=3Draw \
      -device lsi53c895a,id=3Dscsi0 -device scsi-hd,drive=3Ddrive0,bus=3Dsc=
si0.0,channel=3D0,scsi-id=3D0,lun=3D0
  lsi_reset Reset
  lsi_reg_write Write reg DSP2 0x2e =3D 0xff
  lsi_reg_write Write reg DSP3 0x2f =3D 0xff
  lsi_execute_script SCRIPTS dsp=3D0xffff0000 opcode 0x184a3900 arg 0x4a8b2=
d75
  qemu-system-i386: hw/scsi/lsi53c895a.c:624: lsi_do_dma: Assertion `s->cur=
rent' failed.

  (gdb) bt
  #5  0x00007ffff4e8a3a6 in __GI___assert_fail
      (assertion=3D0x5555560accbc "s->current", file=3D0x5555560acc28 "hw/s=
csi/lsi53c895a.c", line=3D624, function=3D0x5555560adb18 "lsi_do_dma") at a=
ssert.c:101
  #6  0x0000555555aa33b9 in lsi_do_dma (s=3D0x555557805ac0, out=3D1) at hw/=
scsi/lsi53c895a.c:624
  #7  0x0000555555aa5042 in lsi_execute_script (s=3D0x555557805ac0) at hw/s=
csi/lsi53c895a.c:1250
  #8  0x0000555555aa757a in lsi_reg_writeb (s=3D0x555557805ac0, offset=3D47=
, val=3D255 '\377') at hw/scsi/lsi53c895a.c:1984
  #9  0x0000555555aa875b in lsi_mmio_write (opaque=3D0x555557805ac0, addr=
=3D47, val=3D255, size=3D1) at hw/scsi/lsi53c895a.c:2095

Cc: qemu-stable@nongnu.org
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Vadim Rozenfeld <vrozenfe@redhat.com>
Cc: Stefan Hajnoczi <stefanha@redhat.com>
Reported-by: J=C3=A9r=C3=B4me Poulin <jeromepoulin@gmail.com>
Reported-by: Ruhr-University <bugs-syssec@rub.de>
Reported-by: Gaoning Pan <pgn@zju.edu.cn>
Reported-by: Cheolwoo Myung <cwmyung@snu.ac.kr>
Fixes: b96a0da06bd ("lsi: move dma_len+dma_buf into lsi_request")
BugLink: https://bugs.launchpad.net/qemu/+bug/697510
BugLink: https://bugs.launchpad.net/qemu/+bug/1905521
BugLink: https://bugs.launchpad.net/qemu/+bug/1908515
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/84
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/305
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/552
Signed-off-by: Philippe Mathieu-Daud=C3=A9 <philmd@redhat.com>
Reviewed-by: Laurent Vivier <lvivier@redhat.com>
---
 hw/scsi/lsi53c895a.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/hw/scsi/lsi53c895a.c b/hw/scsi/lsi53c895a.c
index 85e907a7854..4c431adb774 100644
--- a/hw/scsi/lsi53c895a.c
+++ b/hw/scsi/lsi53c895a.c
@@ -621,8 +621,7 @@ static void lsi_do_dma(LSIState *s, int out)
     dma_addr_t addr;
     SCSIDevice *dev;
=20
-    assert(s->current);
-    if (!s->current->dma_len) {
+    if (!s->current || !s->current->dma_len) {
         /* Wait until data is available.  */
         trace_lsi_do_dma_unavailable();
         return;
--=20
2.33.1

From nobody Fri Apr 26 01:02:06 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
 170.10.129.124 as permitted sender) client-ip=170.10.129.124;
 envelope-from=philmd@redhat.com; helo=us-smtp-delivery-124.mimecast.com;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as
 permitted sender)  smtp.mailfrom=philmd@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1637666270; cv=none;
	d=zohomail.com; s=zohoarc;
	b=N0OkWTzQLZq8ZarLS/AfdAAE3hUEwNXJ1aSdsMigIAwZueYvJWjJrbf8ZSp4obiC6iEAKVsP/5m3q5eJZ6+hQ7bLgL48lpHAGrdPc4J8mGcsL0pN4dP1WDsth24+6z8itUAIbQkgLFFAcqFKuBAz9NyyjrYcVvWd105yave634c=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1637666270;
 h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:To;
	bh=+P+E+4M8XxcWiJ1o+hf6VWyneP3fRquGoiWlNIpqhoc=;
	b=ncVmooqgpgf8lhWcuRN3CdO5r0dVZ+OUd78XkTO2Zj0Pcpa7H+2NwJkQsk6wIKzdvF2QRTzhsTIRodvGqBYOqAMfriYUu0Rc3ZJtoQGApSmRAgjsakb7cYHtsksc+TTiwXbWjyarkEUO0XLKHEeVwPMy4pXLDmh5fdm4CXqp5as=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as
 permitted sender)  smtp.mailfrom=philmd@redhat.com;
	dmarc=pass header.from=<philmd@redhat.com> (p=none dis=none)
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com
	with SMTPS id 1637666270255686.6709457117618;
 Tue, 23 Nov 2021 03:17:50 -0800 (PST)
Received: from mail-wm1-f69.google.com (mail-wm1-f69.google.com
 [209.85.128.69]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 us-mta-555-EpxrZYKbMeeSf32Hl9cAkg-1; Tue, 23 Nov 2021 06:17:45 -0500
Received: by mail-wm1-f69.google.com with SMTP id
 i131-20020a1c3b89000000b00337f92384e0so1052854wma.5
        for <importer@patchew.org>; Tue, 23 Nov 2021 03:17:45 -0800 (PST)
Return-Path: <philmd@redhat.com>
Return-Path: <philmd@redhat.com>
Received: from x1w.. (62.red-83-57-168.dynamicip.rima-tde.net. [83.57.168.62])
        by smtp.gmail.com with ESMTPSA id
 o10sm14469746wri.15.2021.11.23.03.17.43
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 23 Nov 2021 03:17:43 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1637666268;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=+P+E+4M8XxcWiJ1o+hf6VWyneP3fRquGoiWlNIpqhoc=;
	b=gHVopW9fCx/86sVOQWC2dMnYaGxPssnRIlwUqHlcDYzbPxKrot6JatxB6jOevZy7TVpCkE
	PqX4+q01fuYhnkd4Osl2J/C0qAUqS511P1L+M6QJHwBtbz8mgRBCbkfcTLZDZAXIUgMNuv
	EZRQOwTGRKKUw/5p1r3nkjKHVQbFTIw=
X-MC-Unique: EpxrZYKbMeeSf32Hl9cAkg-1
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=+P+E+4M8XxcWiJ1o+hf6VWyneP3fRquGoiWlNIpqhoc=;
        b=Xt3dc8ItJj5Hk7Q3RBoMh59mD4vCtWDx2KmeMuOwWzCUUXfo8951rUustO9x6IVKGx
         fiEC9AYKknkPOmBrKzW9oUK/du68FyHi61g9muvPmChBdRPuzAQAus78m+I3RS++cD4U
         O034K8KV56p+kshWRd2YUq3p5LsiDfKC1gvKY2Z4Au6wYhLTb6cYTS10Od/AL28AtPEf
         U67NG0O1tSYPh0nOqsIWWpmFg+6shl37w5rTrhSQNIjQqjJsmnNDsZ9faW4EegI8f2SL
         q0FG3HcByMX7NLN+T9GiHrQHyOBOe5ICYiYbUOSQ0d4G3OKfc9XhTMC19TP89jWsoZ32
         ffvQ==
X-Gm-Message-State: AOAM530sLjGlvCjv+2B49/1jfGhD4gOkTY0Hwn8G8MiqRLXhm0VnLodm
	9siDROdLEQzHRLSttiKXjMCVzocsK/hJ05vnHkYO7Y38alriX3H/lDRt0MjuVJXxM/6IAkpIxJI
	gTkvpm3NKNSwEsg==
X-Received: by 2002:adf:e387:: with SMTP id e7mr6348100wrm.412.1637666264447;
        Tue, 23 Nov 2021 03:17:44 -0800 (PST)
X-Google-Smtp-Source: 
 ABdhPJyM35XcZMVkpEum36QHi87x3IRVYPw66WxhSw4/TEmkTj/UxvIVh5RO/QolSzROKMGWshLACg==
X-Received: by 2002:adf:e387:: with SMTP id e7mr6348076wrm.412.1637666264288;
        Tue, 23 Nov 2021 03:17:44 -0800 (PST)
From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
To: qemu-devel@nongnu.org
Cc: Darren Kenny <darren.kenny@oracle.com>,
	Paolo Bonzini <pbonzini@redhat.com>,
	Gerd Hoffmann <kraxel@redhat.com>,
	Thomas Huth <thuth@redhat.com>,
	Vadim Rozenfeld <vrozenfe@redhat.com>,
	Bandan Das <bsd@redhat.com>,
	Alexander Bulekov <alxndr@bu.edu>,
	Qiuhao Li <Qiuhao.Li@outlook.com>,
	Stefan Hajnoczi <stefanha@redhat.com>,
	Laurent Vivier <lvivier@redhat.com>,
	Fam Zheng <fam@euphon.net>,
	=?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
Subject: [PATCH-for-6.2 2/2] tests/qtest: Add fuzz-lsi53c895a-test
Date: Tue, 23 Nov 2021 12:17:32 +0100
Message-Id: <20211123111732.83137-3-philmd@redhat.com>
X-Mailer: git-send-email 2.33.1
In-Reply-To: <20211123111732.83137-1-philmd@redhat.com>
References: <20211123111732.83137-1-philmd@redhat.com>
MIME-Version: 1.0
Authentication-Results: relay.mimecast.com;
	auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=philmd@redhat.com
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1637666271806100001

Without the previous commit, this test triggers:

  $ make check-qtest-x86_64
  [...]
  Running test qtest-x86_64/fuzz-lsi53c895a-test
  qemu-system-x86_64: hw/scsi/lsi53c895a.c:624: lsi_do_dma: Assertion `s->c=
urrent' failed.
  ERROR qtest-x86_64/fuzz-lsi53c895a-test - too few tests run (expected 1, =
got 0)

Suggested-by: Alexander Bulekov <alxndr@bu.edu>
Signed-off-by: Philippe Mathieu-Daud=C3=A9 <philmd@redhat.com>
Reviewed-by: Laurent Vivier <lvivier@redhat.com>
---
 tests/qtest/fuzz-lsi53c895a-test.c | 52 ++++++++++++++++++++++++++++++
 MAINTAINERS                        |  1 +
 tests/qtest/meson.build            |  1 +
 3 files changed, 54 insertions(+)
 create mode 100644 tests/qtest/fuzz-lsi53c895a-test.c

diff --git a/tests/qtest/fuzz-lsi53c895a-test.c b/tests/qtest/fuzz-lsi53c89=
5a-test.c
new file mode 100644
index 00000000000..ba5d468970c
--- /dev/null
+++ b/tests/qtest/fuzz-lsi53c895a-test.c
@@ -0,0 +1,52 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+/*
+ * QTest fuzzer-generated testcase for LSI53C895A device
+ *
+ * Copyright (c) Red Hat
+ */
+
+#include "qemu/osdep.h"
+#include "libqos/libqtest.h"
+
+/*
+ * This used to trigger the assert in lsi_do_dma()
+ * https://bugs.launchpad.net/qemu/+bug/697510
+ * https://bugs.launchpad.net/qemu/+bug/1905521
+ * https://bugs.launchpad.net/qemu/+bug/1908515
+ */
+static void test_lsi_do_dma_empty_queue(void)
+{
+    QTestState *s;
+
+    s =3D qtest_init("-M q35 -nographic -monitor none -serial none "
+                   "-drive if=3Dnone,id=3Ddrive0,"
+                            "file=3Dnull-co://,file.read-zeroes=3Don,forma=
t=3Draw "
+                   "-device lsi53c895a,id=3Dscsi0 "
+                   "-device scsi-hd,drive=3Ddrive0,"
+                            "bus=3Dscsi0.0,channel=3D0,scsi-id=3D0,lun=3D0=
");
+    qtest_outl(s, 0xcf8, 0x80001814);
+    qtest_outl(s, 0xcfc, 0xe1068000);
+    qtest_outl(s, 0xcf8, 0x80001818);
+    qtest_outl(s, 0xcf8, 0x80001804);
+    qtest_outw(s, 0xcfc, 0x7);
+    qtest_outl(s, 0xcf8, 0x80002010);
+
+    qtest_writeb(s, 0xe106802e, 0xff); /* Fill DSP bits 16-23 */
+    qtest_writeb(s, 0xe106802f, 0xff); /* Fill DSP bits 24-31: trigger SCR=
IPT */
+
+    qtest_quit(s);
+}
+
+int main(int argc, char **argv)
+{
+    const char *arch =3D qtest_get_arch();
+
+    g_test_init(&argc, &argv, NULL);
+
+    if (strcmp(arch, "i386") =3D=3D 0 || strcmp(arch, "x86_64") =3D=3D 0) {
+        qtest_add_func("fuzz/lsi53c895a/lsi_do_dma_empty_queue",
+                       test_lsi_do_dma_empty_queue);
+    }
+
+    return g_test_run();
+}
diff --git a/MAINTAINERS b/MAINTAINERS
index d3879aa3c12..3c0f76b7801 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -1825,6 +1825,7 @@ F: hw/scsi/*
 F: tests/qtest/virtio-scsi-test.c
 F: tests/qtest/fuzz-virtio-scsi-test.c
 F: tests/qtest/am53c974-test.c
+F: tests/qtest/fuzz-lsi53c895a-test.c
 T: git https://github.com/bonzini/qemu.git scsi-next
=20
 SSI
diff --git a/tests/qtest/meson.build b/tests/qtest/meson.build
index c9d8458062f..d2ce20d3047 100644
--- a/tests/qtest/meson.build
+++ b/tests/qtest/meson.build
@@ -19,6 +19,7 @@
=20
 qtests_generic =3D \
   (config_all_devices.has_key('CONFIG_MEGASAS_SCSI_PCI') ? ['fuzz-megasas-=
test'] : []) + \
+  (config_all_devices.has_key('CONFIG_LSI_SCSI_PCI') ? ['fuzz-lsi53c895a-t=
est'] : []) + \
   (config_all_devices.has_key('CONFIG_VIRTIO_SCSI') ? ['fuzz-virtio-scsi-t=
est'] : []) + \
   (config_all_devices.has_key('CONFIG_SB16') ? ['fuzz-sb16-test'] : []) + \
   (config_all_devices.has_key('CONFIG_SDHCI_PCI') ? ['fuzz-sdcard-test'] :=
 []) + \
--=20
2.33.1