[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [BUG] Emulation issues

On 30/07/15 11:16, Roger Pau Monnà wrote:
> El 30/07/15 a les 12.12, Paul Durrant ha escrit:
>>> -----Original Message-----
>>> From: Roger Pau Monnà [mailto:roger.pau@xxxxxxxxxx]
>>> Sent: 29 July 2015 14:54
>>> To: Paul Durrant; xen-devel; Andrew Cooper
>>> Subject: Re: [BUG] Emulation issues
>>> I've applied your patch and the one from Andrew, so my current diff is:
>>>
>>> diff --git a/xen/arch/x86/hvm/emulate.c b/xen/arch/x86/hvm/emulate.c
>>> index 30acb78..1bc3cc9 100644
>>> --- a/xen/arch/x86/hvm/emulate.c
>>> +++ b/xen/arch/x86/hvm/emulate.c
>>> @@ -145,6 +145,8 @@ static int hvmemul_do_io(
>>>              return X86EMUL_UNHANDLEABLE;
>>>          goto finish_access;
>>>      default:
>>> +        gprintk(XENLOG_ERR, "weird emulation state %u\n",
>>> +                vio->io_req.state);
>>>          return X86EMUL_UNHANDLEABLE;
>>>      }
>>>
>>> diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
>>> index ec1d797..38d6d99 100644
>>> --- a/xen/arch/x86/hvm/hvm.c
>>> +++ b/xen/arch/x86/hvm/hvm.c
>>> @@ -2747,6 +2747,7 @@ int hvm_send_ioreq(struct hvm_ioreq_server *s,
>>> ioreq_t *proto_p,
>>>          }
>>>      }
>>>
>>> +    gprintk(XENLOG_ERR, "unable to contact device model\n");
>>>      return X86EMUL_UNHANDLEABLE;
>>>  }
>>>
>>> diff --git a/xen/arch/x86/hvm/io.c b/xen/arch/x86/hvm/io.c
>>> index d3b9cae..12d50c2 100644
>>> --- a/xen/arch/x86/hvm/io.c
>>> +++ b/xen/arch/x86/hvm/io.c
>>> @@ -163,7 +163,9 @@ int handle_pio(uint16_t port, unsigned int size, int 
>>> dir)
>>>          break;
>>>      default:
>>>          gdprintk(XENLOG_ERR, "Weird HVM ioemulation status %d.\n", rc);
>>> -        domain_crash(curr->domain);
>>> +        show_execution_state(&curr->arch.user_regs);
>>> +        dump_execution_state();
>>> +        domain_crash_synchronous();
>>>          break;
>>>      }
>>>
>>> And got the following panic while doing a `xl shutdown -w -a` of 20 HVM
>>> guests:
>>>
>>> (XEN) irq.c:386: Dom19 callback via changed to Direct Vector 0x93
>>> (XEN) irq.c:276: Dom19 PCI link 0 changed 5 -> 0
>>> (XEN) irq.c:276: Dom19 PCI link 1 changed 10 -> 0
>>> (XEN) irq.c:276: Dom19 PCI link 2 changed 11 -> 0
>>> (XEN) irq.c:276: Dom19 PCI link 3 changed 5 -> 0
>>> (XEN) d10v0 weird emulation state 1
>>> (XEN) io.c:165:d10v0 Weird HVM ioemulation status 1.
>>> (XEN) Assertion 'diff < STACK_SIZE' failed at traps.c:91
>>> (XEN) ----[ Xen-4.6-unstable  x86_64  debug=y  Tainted:    C ]----
>>> (XEN) CPU:    0
>>> (XEN) RIP:    e008:[<ffff82d080234b83>] show_registers+0x60/0x32f
>>> (XEN) RFLAGS: 0000000000010212   CONTEXT: hypervisor (d10v0)
>>> (XEN) rax: 000000001348fc88   rbx: ffff8300cc668290   rcx: 0000000000000000
>>> (XEN) rdx: ffff8300dfaf0000   rsi: ffff8300cc668358   rdi: ffff8300dfaf7bb8
>>> (XEN) rbp: ffff8300dfaf7bd8   rsp: ffff8300dfaf7a98   r8:  ffff83019d270000
>>> (XEN) r9:  0000000000000004   r10: 0000000000000004   r11: 0000000000000001
>>> (XEN) r12: ffff8300cc668000   r13: 0000000000000000   r14: ffff82c00026c000
>>> (XEN) r15: ffff830198bf9000   cr0: 000000008005003b   cr4: 00000000000026e0
>>> (XEN) cr3: 00000000cc77b000   cr2: ffff880002762df8
>>> (XEN) ds: 0000   es: 0000   fs: 0000   gs: 0000   ss: e010   cs: e008
>>> (XEN) Xen stack trace from rsp=ffff8300dfaf7a98:
>>> (XEN)    ffff8300dfaf7ac8 ffff82d080144b11 0000000000000046
>>> ffff8300dfaf7ac8
>>> (XEN)    0000000000000046 0000000000000092 ffff8300dfaf7ae0
>>> ffff82d08012cfd3
>>> (XEN)    ffff82d0802a1bc0 ffff8300dfaf7af8 0000000000000046
>>> 0000000000002001
>>> (XEN)    0000000000002001 fffff80002089e28 0000000000000001
>>> fffffe00003829c0
>>> (XEN)    000000000000b004 0000000000000000 0000000000000014
>>> 0000000000000002
>>> (XEN)    000000000000b004 0000000000002001 000000000000b005
>>> 000000000000b004
>>> (XEN)    0000000000002001 000000000000b004
>>> 0000beef0000beef<G><0>d15v0 weird emulation state 1
>>> (XEN)  ffffffff8036fa45<G><0>io.c:165:d15v0 Weird HVM ioemulation status
>>> 1.
>>> (XEN)
>>> (XEN)   Assertion 'diff < STACK_SIZE' failed at traps.c:91
>>> (XEN)  000000bf0000beef----[ Xen-4.6-unstable  x86_64  debug=y  Tainted:
>>> C ]----
>>> (XEN)  0000000000000046CPU:    6
>>> (XEN)  fffffe00003829c0RIP:    e008:[<ffff82d080234b83>] 000000000000beef
>>> show_registers+0x60/0x32f
>>> (XEN)
>>> (XEN) RFLAGS: 0000000000010212    0000000000000000CONTEXT: hypervisor
>>> 0000000000000000 (d15v0) 0000000000000000
>>> (XEN) rax: 0000000121dd3c88   rbx: ffff83007b4c4290   rcx: 0000000000000000
>>> (XEN)  0000000000000000rdx: ffff83019d290000   rsi: ffff83007b4c4358   rdi:
>>> ffff83019d297bb8
>>> (XEN)
>>> (XEN)   rbp: ffff83019d297bd8   rsp: ffff83019d297a98   r8:  
>>> ffff83019d270000
>>> (XEN)  ffff8300cc668290r9:  0000000000000001   r10: 0000000000000001   r11:
>>> 0000000000000001
>>> (XEN)  ffff8300cc668000r12: ffff83007b4c4000   r13: 0000000000000000   r14:
>>> ffff82c000299000
>>> (XEN)  0000000000000000r15: ffff830198bf9000   cr0: 000000008005003b   cr4:
>>> 00000000000026e0
>>> (XEN)  ffff82c00026c000cr3: 000000007b5d7000   cr2: ffff8800026b14d8
>>> (XEN)
>>> (XEN)   ds: 002b   es: 002b   fs: 0000   gs: 0000   ss: e010   cs: e008
>>> (XEN)  ffff8300dfaf7bf8Xen stack trace from rsp=ffff83019d297a98:
>>> (XEN)    ffff82d08018dd4d ffff82d0802685bf 0000000000000001
>>> ffff830198bf9000 0000000000000002 00007cfe62d68527
>>> (XEN)    ffff82d08023b132 ffff8300dfaf7c38
>>> (XEN)    ffff82d0801caff0 ffff830198bf9000 ffff8300dfaf7c38 ffff82d0802685bf
>>> 0000000000002001 ffff83019d297b70
>>> (XEN)    0000000000000200 ffff8300cc7da000
>>> (XEN)    ffff83019d29ecc0 ffff83019d297b98 ffff8300cc668000
>>> 0000000000000000 ffff8300cc7da250 0000000000000001
>>> (XEN)    0000000000002001 ffff8300dfaf7db8
>>> (XEN)    ffff82d0801c5934 0000000000002001 8000000000000000
>>> fffff80002089e28 ffff8300cc7da000 0000000000000001
>>> (XEN)    fffffe00003829c0 ffff8300dfaf0000
>>> (XEN)    ffff8300cc7da250 000000000000b004 ffff8300dfaf7cf8
>>> 0000000000000000 00000000000cc277 0000000000000014
>>> (XEN)    0000000000000002 0000000000000000
>>> (XEN)    0000000000000001 000000000000b004 00000000000feff0
>>> 0000000000002001 ffff8300ccfec820 000000000000b005
>>> (XEN)    000000000000b004 ffff8300dfaf7d08
>>> (XEN)    ffff82d0801f2009 0000000000002001 ffffffffffffffff 000000000000b004
>>> ffffffffffffffff 0000beef0000beef
>>> (XEN)    ffffffff8036fa45 00000000000001f0
>>> (XEN)    000000004003b000 000000bf0000beef ffff8300cc7da000
>>> 0000000000000046 0000000000000000 fffffe00003829c0
>>> (XEN)    000000000000beef ffff8300ccfec820
>>> (XEN)    00000000000cc278 0000000000000000 ffff8300ccfec820
>>> 0000000000000000 ffff8300cc7da000 0000000000000000
>>> (XEN)    0000000000000000 ffff8300dfaf7da8
>>> (XEN)    ffff82d080122c5a ffff83007b4c4290 ffff8300dfaf7db8
>>> ffff83007b4c4000 ffff8300dfaf7d28 0000000000000000
>>> (XEN)  ffff82c000299000Xen call trace:
>>> (XEN)
>>> (XEN)      [<ffff82d080234b83>] show_registers+0x60/0x32f
>>> (XEN)  ffff83019d297bf8   [<ffff82d08018dd4d>]
>>> show_execution_state+0x11/0x20
>>> (XEN)  ffff82d08018dd4d   [<ffff82d0801caff0>] handle_pio+0x129/0x158
>>> (XEN)  0000000000000001   [<ffff82d0801c5934>]
>>> hvm_do_resume+0x258/0x33e
>>> (XEN)  0000000000000002   [<ffff82d0801e3166>]
>>> vmx_do_resume+0x12b/0x142
>> Ok, so this is a handle_pio() that's being called to pick up the results of 
>> an I/O that was sent to an external emulator. Did you manage to apply my 
>> patch too? I'd really like to know what part of the emulation handling is 
>> actually returning X86EMUL_UNHANDLEABLE.
> Yes, I've applied both patches at the same time and this is the output I
> got. You can see my diff above the trace. Do you want me to apply only
> your patch?

This patch is in my queue for 4.7, and should prevent the interleaving
of the messages.

diff --git a/xen/arch/x86/traps.c b/xen/arch/x86/traps.c
index 58ba4ea..c384d4d 100644
--- a/xen/arch/x86/traps.c
+++ b/xen/arch/x86/traps.c
@@ -417,12 +417,30 @@ void show_stack_overflow(unsigned int cpu, const
struct cpu_user_regs *regs)
 
 void show_execution_state(const struct cpu_user_regs *regs)
 {
+    /*
+     * Avoid interleaving the concurrent results from two cpus, but fault
+     * handlers need to take priority.
+     */
+    static DEFINE_SPINLOCK(lock);
+
+    spin_lock_recursive(&lock);
+
     show_registers(regs);
     show_stack(regs);
+
+    spin_unlock_recursive(&lock);
 }
 
 void vcpu_show_execution_state(struct vcpu *v)
 {
+    /*
+     * Avoid interleaving the concurrent results from two cpus, but fault
+     * handlers need to take priority.
+     */
+    static DEFINE_SPINLOCK(lock);
+
+    spin_lock_recursive(&lock);
+
     printk("*** Dumping Dom%d vcpu#%d state: ***\n",
            v->domain->domain_id, v->vcpu_id);
 
@@ -439,6 +457,8 @@ void vcpu_show_execution_state(struct vcpu *v)
         show_guest_stack(v, &v->arch.user_regs);
 
     vcpu_unpause(v);
+
+    spin_unlock_recursive(&lock);
 }
 
 static const char *trapstr(unsigned int trapnr)


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.