From: Sergey Dyasli <sergey.dyasli@citrix.com>
To: "JBeulich@suse.com" <JBeulich@suse.com>,
"raistlin@linux.it" <raistlin@linux.it>
Cc: Igor Druzhinin <igor.druzhinin@citrix.com>,
Kevin Tian <kevin.tian@intel.com>,
Sergey Dyasli <sergey.dyasli@citrix.com>,
Andrew Cooper <Andrew.Cooper3@citrix.com>,
"anshul.makkar@citrix.com" <anshul.makkar@citrix.com>,
"jun.nakajima@intel.com" <jun.nakajima@intel.com>,
"xen-devel@lists.xenproject.org" <xen-devel@lists.xenproject.org>
Subject: Re: [PATCH v2 1/2] VMX: fix VMCS race on context-switch paths
Date: Thu, 9 Nov 2017 10:36:21 +0000 [thread overview]
Message-ID: <1510223780.3654.1.camel@citrix.com> (raw)
In-Reply-To: <5A043944020000780018D7B6@prv-mh.provo.novell.com>
On Thu, 2017-11-09 at 03:17 -0700, Jan Beulich wrote:
> > > > On 09.11.17 at 10:54, <raistlin@linux.it> wrote:
> >
> > On Tue, 2017-11-07 at 14:24 +0000, Igor Druzhinin wrote:
> > > Perhaps I should improve my diagram:
> > >
> > > pCPU1: vCPUx of domain X -> migrate to pCPU2 -> switch to idle
> > > context
> > > -> RCU callbacks -> vcpu_destroy(vCPUy of domain Y) ->
> > > vmx_vcpu_disable_pml() -> vmx_vmcs_clear() (VMCS is trashed at this
> > > point on pCPU1)
> > >
> > > pCPU2: context switch into vCPUx -> vCPUx.is_running = 1 -> TLB flush
> > > from context switch to clean TLB on pCPU1
> > >
> >
> > Sorry, there must be something I'm missing (or misunderstanding).
> >
> > What is this code that checks is_running and triggers the TLB flush?
>
> I don't see where Igor said is_running is being checked around a
> TLB flush. The TLB flush itself is what happens first thing in
> context_switch() (and it's really using the TLB flush interface to
> mainly effect the state flush, with the TLB flush being an implied
> side effect; I've already got a series of further patches to make
> this less implicit).
>
> > But, more important, how come you are context switching to something
> > that has is_running == 1 ? That should not be possible.
>
> That's not what Igor's diagram says - it's indicating the fact that
> is_running is being set to 1 in the process of context switching
> into vCPUx.
Jan, Dario,
Igor was referring to the following situation:
pCPU1 pCPU2
===== =====
current == vCPU1
context_switch(next == idle)
!! __context_switch() is skipped
vcpu_migrate(vCPU1)
RCU callbacks
vmx_vcpu_destroy()
vmx_vcpu_disable_pml()
current_vmcs = 0
schedule(next == vCPU1)
vCPU1->is_running = 1;
context_switch(next == vCPU1)
flush_tlb_mask(&dirty_mask);
<--- IPI
__sync_local_execstate()
__context_switch(prev == vCPU1)
vmx_ctxt_switch_from(vCPU1)
vCPU1->is_running == 1
!! vmx_vmcs_reload() is skipped
I hope that this better illustrates the root cause.
--
Thanks,
Sergey
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
next prev parent reply other threads:[~2017-11-09 10:36 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-02-16 11:10 [PATCH v2 0/2] x86: context switch handling adjustments Jan Beulich
2017-02-16 11:15 ` [PATCH v2 1/2] VMX: fix VMCS race on context-switch paths Jan Beulich
2017-02-16 12:27 ` Andrew Cooper
2017-02-16 12:35 ` Jan Beulich
2017-02-17 3:48 ` Tian, Kevin
2017-02-17 8:40 ` Sergey Dyasli
2017-02-17 9:01 ` Jan Beulich
2017-10-27 17:42 ` Igor Druzhinin
2017-11-02 19:46 ` Igor Druzhinin
2017-11-07 8:07 ` Jan Beulich
2017-11-07 14:24 ` Igor Druzhinin
2017-11-07 14:55 ` Jan Beulich
2017-11-07 15:52 ` Igor Druzhinin
2017-11-07 16:31 ` Jan Beulich
2017-11-09 10:05 ` Jan Beulich
2017-11-09 10:36 ` Dario Faggioli
2017-11-09 12:58 ` Jan Beulich
2017-11-09 9:54 ` Dario Faggioli
2017-11-09 10:17 ` Jan Beulich
2017-11-09 10:36 ` Sergey Dyasli [this message]
2017-11-09 11:01 ` Dario Faggioli
2017-11-09 13:08 ` Jan Beulich
2017-11-09 14:16 ` Dario Faggioli
2017-11-09 14:39 ` Jan Beulich
2017-11-09 16:38 ` Jan Beulich
2017-11-09 10:39 ` Dario Faggioli
2017-11-07 15:16 ` Jan Beulich
2017-02-16 11:16 ` [PATCH v2 2/2] x86: package up context switch hook pointers Jan Beulich
2017-02-16 11:23 ` Andrew Cooper
2017-02-17 3:49 ` Tian, Kevin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1510223780.3654.1.camel@citrix.com \
--to=sergey.dyasli@citrix.com \
--cc=Andrew.Cooper3@citrix.com \
--cc=JBeulich@suse.com \
--cc=anshul.makkar@citrix.com \
--cc=igor.druzhinin@citrix.com \
--cc=jun.nakajima@intel.com \
--cc=kevin.tian@intel.com \
--cc=raistlin@linux.it \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.