1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3  * This test is intended to reproduce a crash that happens when
4  * kvm_arch_hardware_disable is called and it attempts to unregister the user
5  * return notifiers.
6  */
7 
8 #define _GNU_SOURCE
9 
10 #include <fcntl.h>
11 #include <pthread.h>
12 #include <semaphore.h>
13 #include <stdint.h>
14 #include <stdlib.h>
15 #include <unistd.h>
16 #include <sys/wait.h>
17 
18 #include <test_util.h>
19 
20 #include "kvm_util.h"
21 
22 #define VCPU_NUM 4
23 #define SLEEPING_THREAD_NUM (1 << 4)
24 #define FORK_NUM (1ULL << 9)
25 #define DELAY_US_MAX 2000
26 #define GUEST_CODE_PIO_PORT 4
27 
28 sem_t *sem;
29 
30 static void guest_code(void)
31 {
32 	for (;;)
33 		;  /* Some busy work */
34 	printf("Should not be reached.\n");
35 }
36 
37 static void *run_vcpu(void *arg)
38 {
39 	struct kvm_vcpu *vcpu = arg;
40 	struct kvm_run *run = vcpu->run;
41 
42 	vcpu_run(vcpu);
43 
44 	TEST_ASSERT(false, "%s: exited with reason %d: %s",
45 		    __func__, run->exit_reason,
46 		    exit_reason_str(run->exit_reason));
47 	pthread_exit(NULL);
48 }
49 
50 static void *sleeping_thread(void *arg)
51 {
52 	int fd;
53 
54 	while (true) {
55 		fd = open("/dev/null", O_RDWR);
56 		close(fd);
57 	}
58 	TEST_ASSERT(false, "%s: exited", __func__);
59 	pthread_exit(NULL);
60 }
61 
62 static inline void check_create_thread(pthread_t *thread, pthread_attr_t *attr,
63 				       void *(*f)(void *), void *arg)
64 {
65 	int r;
66 
67 	r = pthread_create(thread, attr, f, arg);
68 	TEST_ASSERT(r == 0, "%s: failed to create thread", __func__);
69 }
70 
71 static inline void check_set_affinity(pthread_t thread, cpu_set_t *cpu_set)
72 {
73 	int r;
74 
75 	r = pthread_setaffinity_np(thread, sizeof(cpu_set_t), cpu_set);
76 	TEST_ASSERT(r == 0, "%s: failed set affinity", __func__);
77 }
78 
79 static inline void check_join(pthread_t thread, void **retval)
80 {
81 	int r;
82 
83 	r = pthread_join(thread, retval);
84 	TEST_ASSERT(r == 0, "%s: failed to join thread", __func__);
85 }
86 
87 static void run_test(uint32_t run)
88 {
89 	struct kvm_vcpu *vcpu;
90 	struct kvm_vm *vm;
91 	cpu_set_t cpu_set;
92 	pthread_t threads[VCPU_NUM];
93 	pthread_t throw_away;
94 	void *b;
95 	uint32_t i, j;
96 
97 	CPU_ZERO(&cpu_set);
98 	for (i = 0; i < VCPU_NUM; i++)
99 		CPU_SET(i, &cpu_set);
100 
101 	vm = vm_create(VCPU_NUM);
102 
103 	pr_debug("%s: [%d] start vcpus\n", __func__, run);
104 	for (i = 0; i < VCPU_NUM; ++i) {
105 		vcpu = vm_vcpu_add(vm, i, guest_code);
106 
107 		check_create_thread(&threads[i], NULL, run_vcpu, vcpu);
108 		check_set_affinity(threads[i], &cpu_set);
109 
110 		for (j = 0; j < SLEEPING_THREAD_NUM; ++j) {
111 			check_create_thread(&throw_away, NULL, sleeping_thread,
112 					    (void *)NULL);
113 			check_set_affinity(throw_away, &cpu_set);
114 		}
115 	}
116 	pr_debug("%s: [%d] all threads launched\n", __func__, run);
117 	sem_post(sem);
118 	for (i = 0; i < VCPU_NUM; ++i)
119 		check_join(threads[i], &b);
120 	/* Should not be reached */
121 	TEST_ASSERT(false, "%s: [%d] child escaped the ninja", __func__, run);
122 }
123 
124 void wait_for_child_setup(pid_t pid)
125 {
126 	/*
127 	 * Wait for the child to post to the semaphore, but wake up periodically
128 	 * to check if the child exited prematurely.
129 	 */
130 	for (;;) {
131 		const struct timespec wait_period = { .tv_sec = 1 };
132 		int status;
133 
134 		if (!sem_timedwait(sem, &wait_period))
135 			return;
136 
137 		/* Child is still running, keep waiting. */
138 		if (pid != waitpid(pid, &status, WNOHANG))
139 			continue;
140 
141 		/*
142 		 * Child is no longer running, which is not expected.
143 		 *
144 		 * If it exited with a non-zero status, we explicitly forward
145 		 * the child's status in case it exited with KSFT_SKIP.
146 		 */
147 		if (WIFEXITED(status))
148 			exit(WEXITSTATUS(status));
149 		else
150 			TEST_ASSERT(false, "Child exited unexpectedly");
151 	}
152 }
153 
154 int main(int argc, char **argv)
155 {
156 	uint32_t i;
157 	int s, r;
158 	pid_t pid;
159 
160 	sem = sem_open("vm_sem", O_CREAT | O_EXCL, 0644, 0);
161 	sem_unlink("vm_sem");
162 
163 	for (i = 0; i < FORK_NUM; ++i) {
164 		pid = fork();
165 		TEST_ASSERT(pid >= 0, "%s: unable to fork", __func__);
166 		if (pid == 0)
167 			run_test(i); /* This function always exits */
168 
169 		pr_debug("%s: [%d] waiting semaphore\n", __func__, i);
170 		wait_for_child_setup(pid);
171 		r = (rand() % DELAY_US_MAX) + 1;
172 		pr_debug("%s: [%d] waiting %dus\n", __func__, i, r);
173 		usleep(r);
174 		r = waitpid(pid, &s, WNOHANG);
175 		TEST_ASSERT(r != pid,
176 			    "%s: [%d] child exited unexpectedly status: [%d]",
177 			    __func__, i, s);
178 		pr_debug("%s: [%d] killing child\n", __func__, i);
179 		kill(pid, SIGKILL);
180 	}
181 
182 	sem_destroy(sem);
183 	exit(0);
184 }
185