Message ID | 20220630113059.229221-3-nrb@linux.ibm.com (mailing list archive) |
---|---|
State | Superseded, archived |
Headers | show |
Series | Add panic test support | expand |
On 30/06/2022 13.30, Nico Boehr wrote: > The CPU timer interrupt stays pending as long as the CPU timer value is > negative. This can lead to interruption loops when the ext_new_psw mask > has external interrupts enabled. > > QEMU is able to detect this situation and panic the guest, so add a test > for it. > > Signed-off-by: Nico Boehr <nrb@linux.ibm.com> > --- > s390x/Makefile | 1 + > s390x/extint-loop.c | 64 +++++++++++++++++++++++++++++++++++++++++++++ > s390x/unittests.cfg | 4 +++ > 3 files changed, 69 insertions(+) > create mode 100644 s390x/extint-loop.c Reviewed-by: Thomas Huth <thuth@redhat.com>
On 6/30/22 13:30, Nico Boehr wrote: > The CPU timer interrupt stays pending as long as the CPU timer value is > negative. This can lead to interruption loops when the ext_new_psw mask > has external interrupts enabled. > > QEMU is able to detect this situation and panic the guest, so add a test > for it. > > Signed-off-by: Nico Boehr <nrb@linux.ibm.com> > --- > s390x/Makefile | 1 + > s390x/extint-loop.c | 64 +++++++++++++++++++++++++++++++++++++++++++++ > s390x/unittests.cfg | 4 +++ > 3 files changed, 69 insertions(+) > create mode 100644 s390x/extint-loop.c > > diff --git a/s390x/Makefile b/s390x/Makefile > index efd5e0c13102..92a020234c9f 100644 > --- a/s390x/Makefile > +++ b/s390x/Makefile > @@ -34,6 +34,7 @@ tests += $(TEST_DIR)/migration.elf > tests += $(TEST_DIR)/pv-attest.elf > tests += $(TEST_DIR)/migration-cmm.elf > tests += $(TEST_DIR)/migration-skey.elf > +tests += $(TEST_DIR)/extint-loop.elf I'd suggest giving these tests a "panic" prefix. panic-loop-extint.c panic-loop-pgm.c > > pv-tests += $(TEST_DIR)/pv-diags.elf > > diff --git a/s390x/extint-loop.c b/s390x/extint-loop.c > new file mode 100644 > index 000000000000..5276d86a156f > --- /dev/null > +++ b/s390x/extint-loop.c > @@ -0,0 +1,64 @@ > +/* SPDX-License-Identifier: GPL-2.0-only */ > +/* > + * External interrupt loop test > + * > + * Copyright IBM Corp. 2022 > + * > + * Authors: > + * Nico Boehr <nrb@linux.ibm.com> > + */ > +#include <libcflat.h> > +#include <asm/interrupt.h> > +#include <asm/barrier.h> > +#include <asm/time.h> > + > +static void ext_int_handler(void) > +{ > + /* > + * return to ext_old_psw. This gives us the chance to print the return_fail > + * in case something goes wrong. > + */ > + asm volatile ( > + "lpswe %[ext_old_psw]\n" > + : > + : [ext_old_psw] "Q"(lowcore.ext_old_psw) > + : "memory" > + ); > +} > + > +static void start_cpu_timer(int64_t timeout_ms) cpu_timer_set > +{ > +#define CPU_TIMER_US_SHIFT 12 The clock and the timer use the same shift so maybe we can rename or reuse time.h constants? We could rename STCK_SHIFT_US to TIMING_S390_SHIFT_US since we need that for the TOD, todcmp and cputimer. > + int64_t timer_value = (timeout_ms * 1000) << CPU_TIMER_US_SHIFT; > + asm volatile ( > + "spt %[timer_value]\n" > + : > + : [timer_value] "Q" (timer_value) > + ); > +} > + > +int main(void) > +{ > + struct psw ext_new_psw_orig; > + > + report_prefix_push("extint-loop"); This is a QEMU only test so I think we should fence other hypervisors. > + > + ext_new_psw_orig = lowcore.ext_new_psw; > + lowcore.ext_new_psw.addr = (uint64_t)ext_int_handler; > + lowcore.ext_new_psw.mask |= PSW_MASK_EXT; > + > + load_psw_mask(extract_psw_mask() | PSW_MASK_EXT); > + ctl_set_bit(0, CTL0_CLOCK_COMPARATOR); > + > + start_cpu_timer(1); > + > + mdelay(2000); > + > + /* restore previous ext_new_psw so QEMU can properly terminate */ > + lowcore.ext_new_psw = ext_new_psw_orig; > + > + report_fail("survived extint loop"); > + > + report_prefix_pop(); > + return report_summary(); > +} > diff --git a/s390x/unittests.cfg b/s390x/unittests.cfg > index 8e52f560bb1e..7d408f2d5310 100644 > --- a/s390x/unittests.cfg > +++ b/s390x/unittests.cfg > @@ -184,3 +184,7 @@ groups = migration > [migration-skey] > file = migration-skey.elf > groups = migration > + > +[extint-loop] > +file = extint-loop.elf > +groups = panic
diff --git a/s390x/Makefile b/s390x/Makefile index efd5e0c13102..92a020234c9f 100644 --- a/s390x/Makefile +++ b/s390x/Makefile @@ -34,6 +34,7 @@ tests += $(TEST_DIR)/migration.elf tests += $(TEST_DIR)/pv-attest.elf tests += $(TEST_DIR)/migration-cmm.elf tests += $(TEST_DIR)/migration-skey.elf +tests += $(TEST_DIR)/extint-loop.elf pv-tests += $(TEST_DIR)/pv-diags.elf diff --git a/s390x/extint-loop.c b/s390x/extint-loop.c new file mode 100644 index 000000000000..5276d86a156f --- /dev/null +++ b/s390x/extint-loop.c @@ -0,0 +1,64 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +/* + * External interrupt loop test + * + * Copyright IBM Corp. 2022 + * + * Authors: + * Nico Boehr <nrb@linux.ibm.com> + */ +#include <libcflat.h> +#include <asm/interrupt.h> +#include <asm/barrier.h> +#include <asm/time.h> + +static void ext_int_handler(void) +{ + /* + * return to ext_old_psw. This gives us the chance to print the return_fail + * in case something goes wrong. + */ + asm volatile ( + "lpswe %[ext_old_psw]\n" + : + : [ext_old_psw] "Q"(lowcore.ext_old_psw) + : "memory" + ); +} + +static void start_cpu_timer(int64_t timeout_ms) +{ +#define CPU_TIMER_US_SHIFT 12 + int64_t timer_value = (timeout_ms * 1000) << CPU_TIMER_US_SHIFT; + asm volatile ( + "spt %[timer_value]\n" + : + : [timer_value] "Q" (timer_value) + ); +} + +int main(void) +{ + struct psw ext_new_psw_orig; + + report_prefix_push("extint-loop"); + + ext_new_psw_orig = lowcore.ext_new_psw; + lowcore.ext_new_psw.addr = (uint64_t)ext_int_handler; + lowcore.ext_new_psw.mask |= PSW_MASK_EXT; + + load_psw_mask(extract_psw_mask() | PSW_MASK_EXT); + ctl_set_bit(0, CTL0_CLOCK_COMPARATOR); + + start_cpu_timer(1); + + mdelay(2000); + + /* restore previous ext_new_psw so QEMU can properly terminate */ + lowcore.ext_new_psw = ext_new_psw_orig; + + report_fail("survived extint loop"); + + report_prefix_pop(); + return report_summary(); +} diff --git a/s390x/unittests.cfg b/s390x/unittests.cfg index 8e52f560bb1e..7d408f2d5310 100644 --- a/s390x/unittests.cfg +++ b/s390x/unittests.cfg @@ -184,3 +184,7 @@ groups = migration [migration-skey] file = migration-skey.elf groups = migration + +[extint-loop] +file = extint-loop.elf +groups = panic
The CPU timer interrupt stays pending as long as the CPU timer value is negative. This can lead to interruption loops when the ext_new_psw mask has external interrupts enabled. QEMU is able to detect this situation and panic the guest, so add a test for it. Signed-off-by: Nico Boehr <nrb@linux.ibm.com> --- s390x/Makefile | 1 + s390x/extint-loop.c | 64 +++++++++++++++++++++++++++++++++++++++++++++ s390x/unittests.cfg | 4 +++ 3 files changed, 69 insertions(+) create mode 100644 s390x/extint-loop.c