[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] 4.11.0 RC1 panic

>>> On 25.06.18 at 10:33, <bouyer@xxxxxxxxxxxxxxx> wrote:
> the dom0 has been running for a week now, running the daily NetBSD tests.
> Attached is the console log.
> I didn't notice anything suspect, exept a few domU crashes (crashing in
> Xen, the problem is not reported back to the domU). But as this is
> running NetBSD-HEAD tests it can also be a bug in the domU, that has
> been fixed since then.
> 
> It's possible that the printk changed timings in a way that prevents the
> race condition from happening ...

So instead of the debugging patch, could you give the one below
a try?

Jan

x86: further avoid setting TLB flush time stamp

NetBSD's use of linear page tables in 32-bit mode exposes an issue with
us still storing TLB flush time stamps too early, corrupting the
linear_pt_count field living in the same union. Since we go that path
(for page tables) only when neither PGT_validated nor PGT_partial are
set on a page, we don't really require a flush to happen (see also the
code comment), yet we're also no concerned if one happens which isn't
needed (which might occur when we never write the time stamp).

Reported-by: Manuel Bouyer <bouyer@xxxxxxxxxxxxxxx>
Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>

--- unstable.orig/xen/arch/x86/mm.c
+++ unstable/xen/arch/x86/mm.c
@@ -2541,8 +2541,17 @@ static int _put_page_type(struct page_in
         switch ( nx & (PGT_locked | PGT_count_mask) )
         {
         case 0:
-            if ( unlikely((nx & PGT_type_mask) <= PGT_l4_page_table) &&
-                 likely(nx & (PGT_validated|PGT_partial)) )
+            /*
+             * set_tlbflush_timestamp() accesses the same union linear_pt_count
+             * lives in. Pages (including page table ones), however, don't need
+             * their flush time stamp set except when the last reference is
+             * dropped. For PT pages this happens in _put_final_page_type(). PT
+             * pages which don't have PGT_validated set do not require 
flushing,
+             * as they would never have been installed into a PT hierarchy.
+             */
+            if ( likely((nx & PGT_type_mask) > PGT_l4_page_table) )
+                set_tlbflush_timestamp(page);
+            else if ( likely(nx & (PGT_validated|PGT_partial)) )
             {
                 int rc;
 
@@ -2563,19 +2572,8 @@ static int _put_page_type(struct page_in
                 return rc;
             }
 
-            if ( !ptpg || !PGT_type_equal(x, ptpg->u.inuse.type_info) )
-            {
-                /*
-                 * set_tlbflush_timestamp() accesses the same union
-                 * linear_pt_count lives in. Pages (including page table ones),
-                 * however, don't need their flush time stamp set except when
-                 * the last reference is being dropped. For page table pages
-                 * this happens in _put_final_page_type().
-                 */
-                set_tlbflush_timestamp(page);
-            }
-            else
-                BUG_ON(!IS_ENABLED(CONFIG_PV_LINEAR_PT));
+            BUG_ON(!IS_ENABLED(CONFIG_PV_LINEAR_PT) && ptpg &&
+                   PGT_type_equal(x, ptpg->u.inuse.type_info));
 
             /* fall through */
         default:






_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.