The CPU timer interrupt stays pending as long as the CPU timer value is
negative. This can lead to interruption loops when the ext_new_psw mask
has external interrupts enabled and the CPU timer subclass in CR0 is
enabled.
QEMU is able to detect this situation and panic the guest, so add a test
for it.
Signed-off-by: Nico Boehr <nrb@xxxxxxxxxxxxx>
Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx>
Reviewed-by: Janosch Frank <frankja@xxxxxxxxxxxxx>
---
s390x/Makefile | 1 +
s390x/panic-loop-extint.c | 59 +++++++++++++++++++++++++++++++++++++++
s390x/unittests.cfg | 6 ++++
3 files changed, 66 insertions(+)
create mode 100644 s390x/panic-loop-extint.c
diff --git a/s390x/Makefile b/s390x/Makefile
index efd5e0c13102..e4649da50d9d 100644
--- a/s390x/Makefile
+++ b/s390x/Makefile
@@ -34,6 +34,7 @@ tests += $(TEST_DIR)/migration.elf
tests += $(TEST_DIR)/pv-attest.elf
tests += $(TEST_DIR)/migration-cmm.elf
tests += $(TEST_DIR)/migration-skey.elf
+tests += $(TEST_DIR)/panic-loop-extint.elf
pv-tests += $(TEST_DIR)/pv-diags.elf
diff --git a/s390x/panic-loop-extint.c b/s390x/panic-loop-extint.c
new file mode 100644
index 000000000000..07325147dc17
--- /dev/null
+++ b/s390x/panic-loop-extint.c
@@ -0,0 +1,59 @@
+/* SPDX-License-Identifier: GPL-2.0-only */
+/*
+ * External interrupt loop test
+ *
+ * Copyright IBM Corp. 2022
+ *
+ * Authors:
+ * Nico Boehr <nrb@xxxxxxxxxxxxx>
+ */
+#include <libcflat.h>
+#include <asm/interrupt.h>
+#include <asm/barrier.h>
+#include <asm/time.h>
+#include <hardware.h>
+#include <bitops.h>
+
+static void ext_int_cleanup(struct stack_frame_int *stack)
+{
+ /*
+ * Since we form a loop of ext interrupts, this code should never be
+ * executed. In case it is executed, something went wrong and we want to
+ * print a failure.
+ *
+ * Because the CPU timer subclass mask is still enabled, the CPU timer
+ * interrupt will fire every time we enable external interrupts,
+ * preventing us from printing the failure on the console. To avoid
+ * this, clear the CPU timer subclass mask here.
+ */
+ stack->crs[0] &= ~BIT(CTL0_CPU_TIMER);
+}
+
+int main(void)
+{
+ report_prefix_push("panic-loop-extint");
+
+ if (!host_is_qemu() || host_is_tcg()) {
+ report_skip("QEMU-KVM-only test");
+ goto out;
+ }
+
+ expect_ext_int();
+ lowcore.ext_new_psw.mask |= PSW_MASK_EXT;
+
+ psw_mask_set_bits(PSW_MASK_EXT);
+
+ register_ext_cleanup_func(ext_int_cleanup);
+
+ cpu_timer_set_ms(10);
+ ctl_set_bit(0, CTL0_CPU_TIMER);
+ mdelay(2000);
+
+ register_ext_cleanup_func(NULL);
+
+ report_fail("survived extint loop");
+
+out:
+ report_prefix_pop();
+ return report_summary();
+}
diff --git a/s390x/unittests.cfg b/s390x/unittests.cfg
index f7b1fc3dbca1..b1b25f118ff6 100644
--- a/s390x/unittests.cfg
+++ b/s390x/unittests.cfg
@@ -185,3 +185,9 @@ groups = migration
[migration-skey]
file = migration-skey.elf
groups = migration
+
+[panic-loop-extint]
+file = panic-loop-extint.elf
+groups = panic
+accel = kvm
+timeout = 5
--
2.36.1
