From mboxrd@z Thu Jan 1 00:00:00 1970 From: Ian Campbell Subject: Re: [PATCH] xen/arm: Handle platforms with edge-triggered virtual timer Date: Tue, 2 Dec 2014 14:36:10 +0000 Message-ID: <1417530970.24320.53.camel@citrix.com> References: <1417187826-5491-1-git-send-email-julien.grall@linaro.org> <1417528456.24320.37.camel@citrix.com> <547DC7DB.5040305@linaro.org> <1417530117.24320.50.camel@citrix.com> <547DCD73.9050202@linaro.org> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1XvoaE-0005Lk-RJ for xen-devel@lists.xenproject.org; Tue, 02 Dec 2014 14:37:42 +0000 In-Reply-To: <547DCD73.9050202@linaro.org> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xen.org Errors-To: xen-devel-bounces@lists.xen.org To: Julien Grall Cc: xen-devel@lists.xenproject.org, tim@xen.org, stefano.stabellini@citrix.com List-Id: xen-devel@lists.xenproject.org On Tue, 2014-12-02 at 14:32 +0000, Julien Grall wrote: > On 02/12/14 14:21, Ian Campbell wrote: > > On Tue, 2014-12-02 at 14:08 +0000, Julien Grall wrote: > >> Hi Ian, > >> > >> On 02/12/14 13:54, Ian Campbell wrote: > >>> On Fri, 2014-11-28 at 15:17 +0000, Julien Grall wrote: > >>>> Some platforms (such as Xgene and ARMv8 models) use an edge-triggered interrupt > >>>> for the virtual timer. Even if the timer output signal is masked in the > >>>> context switch, the GIC will keep track that of any interrupts raised > >>>> while IRQs are disabled. As soon as IRQs are re-enabled, the virtual > >>>> interrupt timer will be injected to Xen. > >>>> > >>>> If an idle vVCPU was scheduled next then the interrupt handler doesn't > >>>> expect to the receive the IRQ and will crash: > >>>> > >>>> (XEN) [<0000000000228388>] _spin_lock_irqsave+0x28/0x94 (PC) > >>>> (XEN) [<0000000000228380>] _spin_lock_irqsave+0x20/0x94 (LR) > >>>> (XEN) [<0000000000250510>] vgic_vcpu_inject_irq+0x40/0x1b0 > >>>> (XEN) [<000000000024bcd0>] vtimer_interrupt+0x4c/0x54 > >>>> (XEN) [<0000000000247010>] do_IRQ+0x1a4/0x220 > >>>> (XEN) [<0000000000244864>] gic_interrupt+0x50/0xec > >>>> (XEN) [<000000000024fbac>] do_trap_irq+0x20/0x2c > >>>> (XEN) [<0000000000255240>] hyp_irq+0x5c/0x60 > >>>> (XEN) [<0000000000241084>] context_switch+0xb8/0xc4 > >>>> (XEN) [<000000000022482c>] schedule+0x684/0x6d0 > >>>> (XEN) [<000000000022785c>] __do_softirq+0xcc/0xe8 > >>>> (XEN) [<00000000002278d4>] do_softirq+0x14/0x1c > >>>> (XEN) [<0000000000240fac>] idle_loop+0x134/0x154 > >>>> (XEN) [<000000000024c160>] start_secondary+0x14c/0x15c > >>>> (XEN) [<0000000000000001>] 0000000000000001 > >>>> > >>>> The proper solution is to context switch the virtual interrupt state at > >>>> the GIC level. This would also avoid masking the output signal which > >>>> requires specific handling in the guest OS and more complex code in Xen > >>>> to deal with EOIs, and so is desirable for that reason too. > >>>> > >>>> Sadly, this solution requires some refactoring which would not be > >>>> suitable for a freeze exception for the Xen 4.5 release. > >>>> > >>>> For now implement a temporary solution which ignores the virtual timer > >>>> interrupt when the idle VCPU is running. > >>>> > >>> > >>> When we reschedule the vcpu which caused the spurious interrupt, the IRQ > >>> will definitely trigger again for real, right? > >> > >> Xen arms a timer when the domain is saved. As we received an unexpected > >> interrupt that means the timer expires which will make Xen injected the > >> virtual timer interrupt (see virt_timer_expired). > > > > Are we sure there is no race here where the software timer doesn't fire > > because it appears to be in the past or something? > > > > That would correspond to the sequence: > > disable interrupts > > h/w timer expires, interrupt raised but masked > > calculate timeout for s/w timeout => -ve. > > The s/w timers contains the absolute value of the deadline that will be > compared to NOW(). > > > Perhaps Xen s/w timers in the past fire immediately? > > The s/w timer is added in the heap and a SOFTIRQ is raised. > > When executed, the softirq will notice that the timer has to be fired > and therefore an interrupt will be injected to the guest. Perfect, thanks. > > Regards, >