Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add tests for new MCS fault cases #23

Draft
wants to merge 4 commits into
base: master
Choose a base branch
from

Conversation

xurtis
Copy link
Contributor

@xurtis xurtis commented Aug 7, 2020

This adds tests for the changes in seL4/seL4#216.

TIMEOUTFAULT0004: Fault on no donated SC

When a passive thread receives an IPC and the sender has not used seL4_Call, the sender's SC is not donated and the receiver faults to indicate that it is running without a SC.

TIMEOUTFAULT0005: Fault on client SC removed

When a passive thread receives an IPC and the sender's SC has been removed while it is blocked, receiver faults to indicate that it is running without a SC.

TIMEOUTFAULT0006: Fault on SC removed while running

When a thread with an SC is running and its SC is removed, that thread faults.

TIMEOUTFAULT0007: Fault on donated SC removed while running

When a passive thread is running on a donated SC and that SC is unbound, the passive thread faults as it no longer has an SC.

TIMEOUTFAULT0008: Fault on reply without SC return

When a client makes a call that results in a nested call and a monitor replies to the first call, the client is not returned its SC, as such it faults.

TIMEOUTFAULT0009: Fault on donation of unconfigured SC

When a passive thread receives an IPC and the sender's SC has been replaced with an unconfigured SC while it is blocked, receiver faults to indicate that it is running with an unconfigured SC.

@xurtis xurtis requested review from pingerino and nomadeel August 7, 2020 01:12
@xurtis xurtis self-assigned this Aug 7, 2020
@xurtis xurtis force-pushed the cmillar/no-sc-fault branch from 19aaea0 to 17e9e8c Compare August 7, 2020 01:12
@xurtis
Copy link
Contributor Author

xurtis commented Aug 7, 2020

Running tests on all platforms internally with the updated kernel, will need the associated kernel changes merged first.

@@ -1069,6 +1069,353 @@ static int test_timeout_fault_nested_servers(env_t env)
/* this test is disabled for the same reason as TIMEOUTFAULT0002 */
DEFINE_TEST(TIMEOUTFAULT0003, "Nested timeout fault", test_timeout_fault_nested_servers, config_set(CONFIG_KERNEL_MCS))

/* Test of invalid SC and no SC faults */
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Did you consider adding test cases for where each of these scenarios doesn't have a fault handler? we want to make sure the thread still becomes inactive and the kernel doesn't die for some reason.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't know of a way to effectively check that a thread isn't still running, but can certainly check that the kernel doesn't explode (or fail any asserts).

@xurtis xurtis force-pushed the cmillar/no-sc-fault branch from 17e9e8c to db738cf Compare August 7, 2020 01:36
This moves the code that creates and binds a timeout endpoint from the
function that creates a passive thread with a timeout endpoint into its
own function such that it can be applied to active threads.

Signed-off-by: Curtis Millar <[email protected]>
@xurtis xurtis force-pushed the cmillar/no-sc-fault branch from db738cf to c31b457 Compare August 7, 2020 01:40
xurtis added 2 commits August 7, 2020 14:05
TIMEOUTFAULT0004: Fault on no donated SC

When a passive thread receives an IPC and the sender has not used
seL4_Call, the sender's SC is not donated and the receiver faults to
indicate that it is running without a SC.

TIMEOUTFAULT0005: Fault on client SC removed

When a passive thread receives an IPC and the sender's SC has been
removed while it is blocked, receiver faults to indicate that it is
running without a SC.

TIMEOUTFAULT0006: Fault on SC removed while running

When a thread with an SC is running and its SC is removed, that thread
faults.

TIMEOUTFAULT0007: Fault on donated SC removed while running

When a passive thread is running on a donated SC and that SC is unbound,
the passive thread faults as it no longer has an SC.

TIMEOUTFAULT0008: Fault on reply without SC return

When a client makes a call that results in a nested call and a monitor
replies to the first call, the client is not returned its SC, as such it
faults.

TIMEOUTFAULT0009: Fault on donation of unconfigured SC

When a passive thread receives an IPC and the sender's SC has been
replaced with an unconfigured SC while it is blocked, receiver faults to
indicate that it is running with an unconfigured SC.

Signed-off-by: Curtis Millar <[email protected]>
@kent-mcleod kent-mcleod marked this pull request as draft August 30, 2023 10:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants