1*cce85725SThomas Huth#!/usr/bin/env python3 2*cce85725SThomas Huth# 30034d039SAni Sinha# Check for crash when using memory beyond the available guest processor 40034d039SAni Sinha# address space. 50034d039SAni Sinha# 60034d039SAni Sinha# Copyright (c) 2023 Red Hat, Inc. 70034d039SAni Sinha# 80034d039SAni Sinha# Author: 90034d039SAni Sinha# Ani Sinha <anisinha@redhat.com> 100034d039SAni Sinha# 110034d039SAni Sinha# SPDX-License-Identifier: GPL-2.0-or-later 120034d039SAni Sinha 13*cce85725SThomas Huthfrom qemu_test import QemuSystemTest 140034d039SAni Sinhaimport time 150034d039SAni Sinha 160034d039SAni Sinhaclass MemAddrCheck(QemuSystemTest): 170034d039SAni Sinha # after launch, in order to generate the logs from QEMU we need to 180034d039SAni Sinha # wait for some time. Launching and then immediately shutting down 190034d039SAni Sinha # the VM generates empty logs. A delay of 1 second is added for 200034d039SAni Sinha # this reason. 210034d039SAni Sinha DELAY_Q35_BOOT_SEQUENCE = 1 220034d039SAni Sinha 230034d039SAni Sinha # first, lets test some 32-bit processors. 240034d039SAni Sinha # for all 32-bit cases, pci64_hole_size is 0. 250034d039SAni Sinha def test_phybits_low_pse36(self): 260034d039SAni Sinha """ 270034d039SAni Sinha With pse36 feature ON, a processor has 36 bits of addressing. So it can 280034d039SAni Sinha access up to a maximum of 64GiB of memory. Memory hotplug region begins 290034d039SAni Sinha at 4 GiB boundary when "above_4g_mem_size" is 0 (this would be true when 300034d039SAni Sinha we have 0.5 GiB of VM memory, see pc_q35_init()). This means total 310034d039SAni Sinha hotpluggable memory size is 60 GiB. Per slot, we reserve 1 GiB of memory 32516871f0SPhilippe Mathieu-Daudé for dimm alignment for all machines. That leaves total hotpluggable 33516871f0SPhilippe Mathieu-Daudé actual memory size of 59 GiB. If the VM is started with 0.5 GiB of 34516871f0SPhilippe Mathieu-Daudé memory, maxmem should be set to a maximum value of 59.5 GiB to ensure 35516871f0SPhilippe Mathieu-Daudé that the processor can address all memory directly. 360034d039SAni Sinha Note that 64-bit pci hole size is 0 in this case. If maxmem is set to 370034d039SAni Sinha 59.6G, QEMU should fail to start with a message "phy-bits are too low". 380034d039SAni Sinha If maxmem is set to 59.5G with all other QEMU parameters identical, QEMU 390034d039SAni Sinha should start fine. 400034d039SAni Sinha """ 410034d039SAni Sinha self.vm.add_args('-S', '-machine', 'q35', '-m', 420034d039SAni Sinha '512,slots=1,maxmem=59.6G', 430034d039SAni Sinha '-cpu', 'pentium,pse36=on', '-display', 'none', 440034d039SAni Sinha '-object', 'memory-backend-ram,id=mem1,size=1G', 450034d039SAni Sinha '-device', 'pc-dimm,id=vm0,memdev=mem1') 460034d039SAni Sinha self.vm.set_qmp_monitor(enabled=False) 470034d039SAni Sinha self.vm.launch() 480034d039SAni Sinha self.vm.wait() 49572960cbSThomas Huth self.assertEqual(self.vm.exitcode(), 1, "QEMU exit code should be 1") 500034d039SAni Sinha self.assertRegex(self.vm.get_log(), r'phys-bits too low') 510034d039SAni Sinha 520034d039SAni Sinha def test_phybits_low_pae(self): 530034d039SAni Sinha """ 540034d039SAni Sinha With pae feature ON, a processor has 36 bits of addressing. So it can 550034d039SAni Sinha access up to a maximum of 64GiB of memory. Rest is the same as the case 560034d039SAni Sinha with pse36 above. 570034d039SAni Sinha """ 580034d039SAni Sinha self.vm.add_args('-S', '-machine', 'q35', '-m', 590034d039SAni Sinha '512,slots=1,maxmem=59.6G', 600034d039SAni Sinha '-cpu', 'pentium,pae=on', '-display', 'none', 610034d039SAni Sinha '-object', 'memory-backend-ram,id=mem1,size=1G', 620034d039SAni Sinha '-device', 'pc-dimm,id=vm0,memdev=mem1') 630034d039SAni Sinha self.vm.set_qmp_monitor(enabled=False) 640034d039SAni Sinha self.vm.launch() 650034d039SAni Sinha self.vm.wait() 66572960cbSThomas Huth self.assertEqual(self.vm.exitcode(), 1, "QEMU exit code should be 1") 670034d039SAni Sinha self.assertRegex(self.vm.get_log(), r'phys-bits too low') 680034d039SAni Sinha 690034d039SAni Sinha def test_phybits_ok_pentium_pse36(self): 700034d039SAni Sinha """ 710034d039SAni Sinha Setting maxmem to 59.5G and making sure that QEMU can start with the 720034d039SAni Sinha same options as the failing case above with pse36 cpu feature. 730034d039SAni Sinha """ 740034d039SAni Sinha self.vm.add_args('-machine', 'q35', '-m', 750034d039SAni Sinha '512,slots=1,maxmem=59.5G', 760034d039SAni Sinha '-cpu', 'pentium,pse36=on', '-display', 'none', 770034d039SAni Sinha '-object', 'memory-backend-ram,id=mem1,size=1G', 780034d039SAni Sinha '-device', 'pc-dimm,id=vm0,memdev=mem1') 790034d039SAni Sinha self.vm.set_qmp_monitor(enabled=False) 800034d039SAni Sinha self.vm.launch() 810034d039SAni Sinha time.sleep(self.DELAY_Q35_BOOT_SEQUENCE) 820034d039SAni Sinha self.vm.shutdown() 830034d039SAni Sinha self.assertNotRegex(self.vm.get_log(), r'phys-bits too low') 840034d039SAni Sinha 850034d039SAni Sinha def test_phybits_ok_pentium_pae(self): 860034d039SAni Sinha """ 870034d039SAni Sinha Test is same as above but now with pae cpu feature turned on. 880034d039SAni Sinha Setting maxmem to 59.5G and making sure that QEMU can start fine 890034d039SAni Sinha with the same options as the case above. 900034d039SAni Sinha """ 910034d039SAni Sinha self.vm.add_args('-machine', 'q35', '-m', 920034d039SAni Sinha '512,slots=1,maxmem=59.5G', 930034d039SAni Sinha '-cpu', 'pentium,pae=on', '-display', 'none', 940034d039SAni Sinha '-object', 'memory-backend-ram,id=mem1,size=1G', 950034d039SAni Sinha '-device', 'pc-dimm,id=vm0,memdev=mem1') 960034d039SAni Sinha self.vm.set_qmp_monitor(enabled=False) 970034d039SAni Sinha self.vm.launch() 980034d039SAni Sinha time.sleep(self.DELAY_Q35_BOOT_SEQUENCE) 990034d039SAni Sinha self.vm.shutdown() 1000034d039SAni Sinha self.assertNotRegex(self.vm.get_log(), r'phys-bits too low') 1010034d039SAni Sinha 1020034d039SAni Sinha def test_phybits_ok_pentium2(self): 1030034d039SAni Sinha """ 1040034d039SAni Sinha Pentium2 has 36 bits of addressing, so its same as pentium 1050034d039SAni Sinha with pse36 ON. 1060034d039SAni Sinha """ 1070034d039SAni Sinha self.vm.add_args('-machine', 'q35', '-m', 1080034d039SAni Sinha '512,slots=1,maxmem=59.5G', 1090034d039SAni Sinha '-cpu', 'pentium2', '-display', 'none', 1100034d039SAni Sinha '-object', 'memory-backend-ram,id=mem1,size=1G', 1110034d039SAni Sinha '-device', 'pc-dimm,id=vm0,memdev=mem1') 1120034d039SAni Sinha self.vm.set_qmp_monitor(enabled=False) 1130034d039SAni Sinha self.vm.launch() 1140034d039SAni Sinha time.sleep(self.DELAY_Q35_BOOT_SEQUENCE) 1150034d039SAni Sinha self.vm.shutdown() 1160034d039SAni Sinha self.assertNotRegex(self.vm.get_log(), r'phys-bits too low') 1170034d039SAni Sinha 1180034d039SAni Sinha def test_phybits_low_nonpse36(self): 1190034d039SAni Sinha """ 1200034d039SAni Sinha Pentium processor has 32 bits of addressing without pse36 or pae 1210034d039SAni Sinha so it can access physical address up to 4 GiB. Setting maxmem to 1220034d039SAni Sinha 4 GiB should make QEMU fail to start with "phys-bits too low" 1230034d039SAni Sinha message because the region for memory hotplug is always placed 1240034d039SAni Sinha above 4 GiB due to the PCI hole and simplicity. 1250034d039SAni Sinha """ 1260034d039SAni Sinha self.vm.add_args('-S', '-machine', 'q35', '-m', 1270034d039SAni Sinha '512,slots=1,maxmem=4G', 1280034d039SAni Sinha '-cpu', 'pentium', '-display', 'none', 1290034d039SAni Sinha '-object', 'memory-backend-ram,id=mem1,size=1G', 1300034d039SAni Sinha '-device', 'pc-dimm,id=vm0,memdev=mem1') 1310034d039SAni Sinha self.vm.set_qmp_monitor(enabled=False) 1320034d039SAni Sinha self.vm.launch() 1330034d039SAni Sinha self.vm.wait() 134572960cbSThomas Huth self.assertEqual(self.vm.exitcode(), 1, "QEMU exit code should be 1") 1350034d039SAni Sinha self.assertRegex(self.vm.get_log(), r'phys-bits too low') 1360034d039SAni Sinha 1370034d039SAni Sinha # now lets test some 64-bit CPU cases. 1380034d039SAni Sinha def test_phybits_low_tcg_q35_70_amd(self): 1390034d039SAni Sinha """ 1400034d039SAni Sinha For q35 7.1 machines and above, there is a HT window that starts at 1410034d039SAni Sinha 1024 GiB and ends at 1 TiB - 1. If the max GPA falls in this range, 1420034d039SAni Sinha "above_4G" memory is adjusted to start at 1 TiB boundary for AMD cpus 1430034d039SAni Sinha in the default case. Lets test without that case for machines 7.0. 1440034d039SAni Sinha For q35-7.0 machines, "above 4G" memory starts are 4G. 1450034d039SAni Sinha pci64_hole size is 32 GiB. Since TCG_PHYS_ADDR_BITS is defined to 1460034d039SAni Sinha be 40, TCG emulated CPUs have maximum of 1 TiB (1024 GiB) of 14735a5a331SManos Pitsidianakis directly addressable memory. 1480034d039SAni Sinha Hence, maxmem value at most can be 1490034d039SAni Sinha 1024 GiB - 4 GiB - 1 GiB per slot for alignment - 32 GiB + 0.5 GiB 1500034d039SAni Sinha which is equal to 987.5 GiB. Setting the value to 988 GiB should 1510034d039SAni Sinha make QEMU fail with the error message. 1520034d039SAni Sinha """ 1530034d039SAni Sinha self.vm.add_args('-S', '-machine', 'pc-q35-7.0', '-m', 1540034d039SAni Sinha '512,slots=1,maxmem=988G', 1550034d039SAni Sinha '-display', 'none', 1560034d039SAni Sinha '-object', 'memory-backend-ram,id=mem1,size=1G', 1570034d039SAni Sinha '-device', 'pc-dimm,id=vm0,memdev=mem1') 1580034d039SAni Sinha self.vm.set_qmp_monitor(enabled=False) 1590034d039SAni Sinha self.vm.launch() 1600034d039SAni Sinha self.vm.wait() 161572960cbSThomas Huth self.assertEqual(self.vm.exitcode(), 1, "QEMU exit code should be 1") 1620034d039SAni Sinha self.assertRegex(self.vm.get_log(), r'phys-bits too low') 1630034d039SAni Sinha 1640034d039SAni Sinha def test_phybits_low_tcg_q35_71_amd(self): 1650034d039SAni Sinha """ 1660034d039SAni Sinha AMD_HT_START is defined to be at 1012 GiB. So for q35 machines 1670034d039SAni Sinha version > 7.0 and AMD cpus, instead of 1024 GiB limit for 40 bit 1680034d039SAni Sinha processor address space, it has to be 1012 GiB , that is 12 GiB 16935a5a331SManos Pitsidianakis less than the case above in order to accommodate HT hole. 1700034d039SAni Sinha Make sure QEMU fails when maxmem size is 976 GiB (12 GiB less 1710034d039SAni Sinha than 988 GiB). 1720034d039SAni Sinha """ 1730034d039SAni Sinha self.vm.add_args('-S', '-machine', 'pc-q35-7.1', '-m', 1740034d039SAni Sinha '512,slots=1,maxmem=976G', 1750034d039SAni Sinha '-display', 'none', 1760034d039SAni Sinha '-object', 'memory-backend-ram,id=mem1,size=1G', 1770034d039SAni Sinha '-device', 'pc-dimm,id=vm0,memdev=mem1') 1780034d039SAni Sinha self.vm.set_qmp_monitor(enabled=False) 1790034d039SAni Sinha self.vm.launch() 1800034d039SAni Sinha self.vm.wait() 181572960cbSThomas Huth self.assertEqual(self.vm.exitcode(), 1, "QEMU exit code should be 1") 1820034d039SAni Sinha self.assertRegex(self.vm.get_log(), r'phys-bits too low') 1830034d039SAni Sinha 1840034d039SAni Sinha def test_phybits_ok_tcg_q35_70_amd(self): 1850034d039SAni Sinha """ 1860034d039SAni Sinha Same as q35-7.0 AMD case except that here we check that QEMU can 1870034d039SAni Sinha successfully start when maxmem is < 988G. 1880034d039SAni Sinha """ 1890034d039SAni Sinha self.vm.add_args('-S', '-machine', 'pc-q35-7.0', '-m', 1900034d039SAni Sinha '512,slots=1,maxmem=987.5G', 1910034d039SAni Sinha '-display', 'none', 1920034d039SAni Sinha '-object', 'memory-backend-ram,id=mem1,size=1G', 1930034d039SAni Sinha '-device', 'pc-dimm,id=vm0,memdev=mem1') 1940034d039SAni Sinha self.vm.set_qmp_monitor(enabled=False) 1950034d039SAni Sinha self.vm.launch() 1960034d039SAni Sinha time.sleep(self.DELAY_Q35_BOOT_SEQUENCE) 1970034d039SAni Sinha self.vm.shutdown() 1980034d039SAni Sinha self.assertNotRegex(self.vm.get_log(), r'phys-bits too low') 1990034d039SAni Sinha 2000034d039SAni Sinha def test_phybits_ok_tcg_q35_71_amd(self): 2010034d039SAni Sinha """ 2020034d039SAni Sinha Same as q35-7.1 AMD case except that here we check that QEMU can 2030034d039SAni Sinha successfully start when maxmem is < 976G. 2040034d039SAni Sinha """ 2050034d039SAni Sinha self.vm.add_args('-S', '-machine', 'pc-q35-7.1', '-m', 2060034d039SAni Sinha '512,slots=1,maxmem=975.5G', 2070034d039SAni Sinha '-display', 'none', 2080034d039SAni Sinha '-object', 'memory-backend-ram,id=mem1,size=1G', 2090034d039SAni Sinha '-device', 'pc-dimm,id=vm0,memdev=mem1') 2100034d039SAni Sinha self.vm.set_qmp_monitor(enabled=False) 2110034d039SAni Sinha self.vm.launch() 2120034d039SAni Sinha time.sleep(self.DELAY_Q35_BOOT_SEQUENCE) 2130034d039SAni Sinha self.vm.shutdown() 2140034d039SAni Sinha self.assertNotRegex(self.vm.get_log(), r'phys-bits too low') 2150034d039SAni Sinha 2160034d039SAni Sinha def test_phybits_ok_tcg_q35_71_intel(self): 2170034d039SAni Sinha """ 2180034d039SAni Sinha Same parameters as test_phybits_low_tcg_q35_71_amd() but use 2190034d039SAni Sinha Intel cpu instead. QEMU should start fine in this case as 2200034d039SAni Sinha "above_4G" memory starts at 4G. 2210034d039SAni Sinha """ 2220034d039SAni Sinha self.vm.add_args('-S', '-cpu', 'Skylake-Server', 2230034d039SAni Sinha '-machine', 'pc-q35-7.1', '-m', 2240034d039SAni Sinha '512,slots=1,maxmem=976G', 2250034d039SAni Sinha '-display', 'none', 2260034d039SAni Sinha '-object', 'memory-backend-ram,id=mem1,size=1G', 2270034d039SAni Sinha '-device', 'pc-dimm,id=vm0,memdev=mem1') 2280034d039SAni Sinha self.vm.set_qmp_monitor(enabled=False) 2290034d039SAni Sinha self.vm.launch() 2300034d039SAni Sinha time.sleep(self.DELAY_Q35_BOOT_SEQUENCE) 2310034d039SAni Sinha self.vm.shutdown() 2320034d039SAni Sinha self.assertNotRegex(self.vm.get_log(), r'phys-bits too low') 2330034d039SAni Sinha 2340034d039SAni Sinha def test_phybits_low_tcg_q35_71_amd_41bits(self): 2350034d039SAni Sinha """ 2360034d039SAni Sinha AMD processor with 41 bits. Max cpu hw address = 2 TiB. 2370034d039SAni Sinha By setting maxram above 1012 GiB - 32 GiB - 4 GiB = 976 GiB, we can 2380034d039SAni Sinha force "above_4G" memory to start at 1 TiB for q35-7.1 machines 2390034d039SAni Sinha (max GPA will be above AMD_HT_START which is defined as 1012 GiB). 2400034d039SAni Sinha 2410034d039SAni Sinha With pci_64_hole size at 32 GiB, in this case, maxmem should be 991.5 2420034d039SAni Sinha GiB with 1 GiB per slot for alignment and 0.5 GiB as non-hotplug 2430034d039SAni Sinha memory for the VM (1024 - 32 - 1 + 0.5). With 992 GiB, QEMU should 2440034d039SAni Sinha fail to start. 2450034d039SAni Sinha """ 2460034d039SAni Sinha self.vm.add_args('-S', '-cpu', 'EPYC-v4,phys-bits=41', 2470034d039SAni Sinha '-machine', 'pc-q35-7.1', '-m', 2480034d039SAni Sinha '512,slots=1,maxmem=992G', 2490034d039SAni Sinha '-display', 'none', 2500034d039SAni Sinha '-object', 'memory-backend-ram,id=mem1,size=1G', 2510034d039SAni Sinha '-device', 'pc-dimm,id=vm0,memdev=mem1') 2520034d039SAni Sinha self.vm.set_qmp_monitor(enabled=False) 2530034d039SAni Sinha self.vm.launch() 2540034d039SAni Sinha self.vm.wait() 255572960cbSThomas Huth self.assertEqual(self.vm.exitcode(), 1, "QEMU exit code should be 1") 2560034d039SAni Sinha self.assertRegex(self.vm.get_log(), r'phys-bits too low') 2570034d039SAni Sinha 2580034d039SAni Sinha def test_phybits_ok_tcg_q35_71_amd_41bits(self): 2590034d039SAni Sinha """ 2600034d039SAni Sinha AMD processor with 41 bits. Max cpu hw address = 2 TiB. 26135a5a331SManos Pitsidianakis Same as above but by setting maxram between 976 GiB and 992 Gib, 2620034d039SAni Sinha QEMU should start fine. 2630034d039SAni Sinha """ 2640034d039SAni Sinha self.vm.add_args('-S', '-cpu', 'EPYC-v4,phys-bits=41', 2650034d039SAni Sinha '-machine', 'pc-q35-7.1', '-m', 2660034d039SAni Sinha '512,slots=1,maxmem=990G', 2670034d039SAni Sinha '-display', 'none', 2680034d039SAni Sinha '-object', 'memory-backend-ram,id=mem1,size=1G', 2690034d039SAni Sinha '-device', 'pc-dimm,id=vm0,memdev=mem1') 2700034d039SAni Sinha self.vm.set_qmp_monitor(enabled=False) 2710034d039SAni Sinha self.vm.launch() 2720034d039SAni Sinha time.sleep(self.DELAY_Q35_BOOT_SEQUENCE) 2730034d039SAni Sinha self.vm.shutdown() 2740034d039SAni Sinha self.assertNotRegex(self.vm.get_log(), r'phys-bits too low') 2750034d039SAni Sinha 2760034d039SAni Sinha def test_phybits_low_tcg_q35_intel_cxl(self): 2770034d039SAni Sinha """ 2780034d039SAni Sinha cxl memory window starts after memory device range. Here, we use 1 GiB 2790034d039SAni Sinha of cxl window memory. 4G_mem end aligns at 4G. pci64_hole is 32 GiB and 2800034d039SAni Sinha starts after the cxl memory window. 2810034d039SAni Sinha So maxmem here should be at most 986 GiB considering all memory boundary 2820034d039SAni Sinha alignment constraints with 40 bits (1 TiB) of processor physical bits. 2830034d039SAni Sinha """ 2840034d039SAni Sinha self.vm.add_args('-S', '-cpu', 'Skylake-Server,phys-bits=40', 2850034d039SAni Sinha '-machine', 'q35,cxl=on', '-m', 2860034d039SAni Sinha '512,slots=1,maxmem=987G', 2870034d039SAni Sinha '-display', 'none', 2880034d039SAni Sinha '-device', 'pxb-cxl,bus_nr=12,bus=pcie.0,id=cxl.1', 2890034d039SAni Sinha '-M', 'cxl-fmw.0.targets.0=cxl.1,cxl-fmw.0.size=1G') 2900034d039SAni Sinha self.vm.set_qmp_monitor(enabled=False) 2910034d039SAni Sinha self.vm.launch() 2920034d039SAni Sinha self.vm.wait() 293572960cbSThomas Huth self.assertEqual(self.vm.exitcode(), 1, "QEMU exit code should be 1") 2940034d039SAni Sinha self.assertRegex(self.vm.get_log(), r'phys-bits too low') 2950034d039SAni Sinha 2960034d039SAni Sinha def test_phybits_ok_tcg_q35_intel_cxl(self): 2970034d039SAni Sinha """ 2980034d039SAni Sinha Same as above but here we do not reserve any cxl memory window. Hence, 2990034d039SAni Sinha with the exact same parameters as above, QEMU should start fine even 3000034d039SAni Sinha with cxl enabled. 3010034d039SAni Sinha """ 3020034d039SAni Sinha self.vm.add_args('-S', '-cpu', 'Skylake-Server,phys-bits=40', 3030034d039SAni Sinha '-machine', 'q35,cxl=on', '-m', 3040034d039SAni Sinha '512,slots=1,maxmem=987G', 3050034d039SAni Sinha '-display', 'none', 3060034d039SAni Sinha '-device', 'pxb-cxl,bus_nr=12,bus=pcie.0,id=cxl.1') 3070034d039SAni Sinha self.vm.set_qmp_monitor(enabled=False) 3080034d039SAni Sinha self.vm.launch() 3090034d039SAni Sinha time.sleep(self.DELAY_Q35_BOOT_SEQUENCE) 3100034d039SAni Sinha self.vm.shutdown() 3110034d039SAni Sinha self.assertNotRegex(self.vm.get_log(), r'phys-bits too low') 312*cce85725SThomas Huth 313*cce85725SThomas Huthif __name__ == '__main__': 314*cce85725SThomas Huth QemuSystemTest.main() 315