Re: [PATCH 1/2] KVM: fix i8259 interrupt high to low transition logic

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Matthew Ogilvie <mmogilvi_qemu@miniinfo.net>
To: "Maciej W. Rozycki" <macro@linux-mips.org>
Cc: Paolo Bonzini <pbonzini@redhat.com>,
	Jan Kiszka <jan.kiszka@web.de>,
	qemu-devel@nongnu.org, kvm@vger.kernel.org
Subject: Re: [PATCH 1/2] KVM: fix i8259 interrupt high to low transition logic
Date: Mon, 10 Sep 2012 22:54:49 -0600	[thread overview]
Message-ID: <20120911045449.GB5194@comcast.net> (raw)
In-Reply-To: <alpine.LFD.2.00.1209110133120.8926@eddie.linux-mips.org>

On Tue, Sep 11, 2012 at 01:49:51AM +0100, Maciej W. Rozycki wrote:
> On Sun, 9 Sep 2012, Matthew Ogilvie wrote:
> 
> > This bug manifested itself when the guest was Microport UNIX
> > System V/386 v2.1 (ca. 1987), because it would sometimes mask
> > off IRQ14 in the slave IMR after it had already been asserted.
> > The master would still try to deliver an interrupt even though
> > IRQ2 had dropped again, resulting in a spurious interupt
> > (IRQ15) and a panicked UNIX kernel.
> 
>  That is quite weird actually -- from my experience the spurious vector is 
> never sent from a slave (quite understandably -- since the interrupt is 
> gone and no other is pending, the master has no reason to select a slave 
> to supply a vector and therefore supplies the spurious vector itself) and 
> therefore a spurious IRQ7 is always issued regardless of whether the 
> discarded request came from a slave or from the master.

Keep in mind that this paragraph is describing QEMU's 8259 device
model behavior (and also KVM's), not real hardware.  Reading the
unpatched code, the master clearly latches on to the momentary IRQ2,
does not cancel it when it is cleared again, and ultimately delivers
a spurious IRQ15.

As for what the OS is doing with the IRQ15 (or IRQ7), I only have a large
dissamebly listing (with only a vague idea of it's overall interrupt
handling strategy), and some printf logs of stuff happening in the
8259 model when the OS is running (more useful).

> 
>  Is there a bug elsewhere then too?  I would have expected a reasonable 
> (and especially an old-school) x86 OS to be able to cope with spurious 
> 8259A interrupts, but then obviously one would expect them on IRQ7 only.
> 
>   Maciej

WARNING: multiple messages have this Message-ID (diff)

From: Matthew Ogilvie <mmogilvi_qemu@miniinfo.net>
To: "Maciej W. Rozycki" <macro@linux-mips.org>
Cc: Paolo Bonzini <pbonzini@redhat.com>,
	Jan Kiszka <jan.kiszka@web.de>,
	qemu-devel@nongnu.org, kvm@vger.kernel.org
Subject: Re: [Qemu-devel] [PATCH 1/2] KVM: fix i8259 interrupt high to low transition logic
Date: Mon, 10 Sep 2012 22:54:49 -0600	[thread overview]
Message-ID: <20120911045449.GB5194@comcast.net> (raw)
In-Reply-To: <alpine.LFD.2.00.1209110133120.8926@eddie.linux-mips.org>

On Tue, Sep 11, 2012 at 01:49:51AM +0100, Maciej W. Rozycki wrote:
> On Sun, 9 Sep 2012, Matthew Ogilvie wrote:
> 
> > This bug manifested itself when the guest was Microport UNIX
> > System V/386 v2.1 (ca. 1987), because it would sometimes mask
> > off IRQ14 in the slave IMR after it had already been asserted.
> > The master would still try to deliver an interrupt even though
> > IRQ2 had dropped again, resulting in a spurious interupt
> > (IRQ15) and a panicked UNIX kernel.
> 
>  That is quite weird actually -- from my experience the spurious vector is 
> never sent from a slave (quite understandably -- since the interrupt is 
> gone and no other is pending, the master has no reason to select a slave 
> to supply a vector and therefore supplies the spurious vector itself) and 
> therefore a spurious IRQ7 is always issued regardless of whether the 
> discarded request came from a slave or from the master.

Keep in mind that this paragraph is describing QEMU's 8259 device
model behavior (and also KVM's), not real hardware.  Reading the
unpatched code, the master clearly latches on to the momentary IRQ2,
does not cancel it when it is cleared again, and ultimately delivers
a spurious IRQ15.

As for what the OS is doing with the IRQ15 (or IRQ7), I only have a large
dissamebly listing (with only a vague idea of it's overall interrupt
handling strategy), and some printf logs of stuff happening in the
8259 model when the OS is running (more useful).

> 
>  Is there a bug elsewhere then too?  I would have expected a reasonable 
> (and especially an old-school) x86 OS to be able to cope with spurious 
> 8259A interrupts, but then obviously one would expect them on IRQ7 only.
> 
>   Maciej

next prev parent reply	other threads:[~2012-09-11  4:54 UTC|newest]

Thread overview: 32+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2012-09-10  1:29 [PATCH 1/2] KVM: fix i8259 interrupt high to low transition logic Matthew Ogilvie
2012-09-10  1:29 ` [Qemu-devel] " Matthew Ogilvie
2012-09-10  1:29 ` [PATCH 2/2] KVM: i8259: refactor pic_set_irq level logic Matthew Ogilvie
2012-09-10  1:29   ` [Qemu-devel] " Matthew Ogilvie
2012-09-11  0:49 ` [PATCH 1/2] KVM: fix i8259 interrupt high to low transition logic Maciej W. Rozycki
2012-09-11  0:49   ` [Qemu-devel] " Maciej W. Rozycki
2012-09-11  4:54   ` Matthew Ogilvie [this message]
2012-09-11  4:54     ` Matthew Ogilvie
2012-09-11 11:53     ` Maciej W. Rozycki
2012-09-11 11:53       ` [Qemu-devel] " Maciej W. Rozycki
2012-09-11  9:04   ` Jan Kiszka
2012-09-11  9:04     ` [Qemu-devel] " Jan Kiszka
2012-09-12  8:01 ` Avi Kivity
2012-09-12  8:01   ` Avi Kivity
2012-09-12  8:48   ` Jan Kiszka
2012-09-12  8:48     ` [Qemu-devel] " Jan Kiszka
2012-09-12  8:51     ` Avi Kivity
2012-09-12  8:51       ` [Qemu-devel] " Avi Kivity
2012-09-12  8:57       ` Jan Kiszka
2012-09-12  8:57         ` Jan Kiszka
2012-09-12  9:02         ` Avi Kivity
2012-09-12  9:02           ` Avi Kivity
2012-09-13  5:49         ` Matthew Ogilvie
2012-09-13  5:49           ` [Qemu-devel] " Matthew Ogilvie
2012-09-13 13:41           ` Maciej W. Rozycki
2012-09-13 13:41             ` Maciej W. Rozycki
2012-09-13 13:49             ` Jan Kiszka
2012-09-13 13:49               ` Jan Kiszka
2012-09-13 13:55           ` Jan Kiszka
2012-09-13 13:55             ` Jan Kiszka
2012-09-13 15:48             ` Maciej W. Rozycki
2012-09-13 15:48               ` Maciej W. Rozycki

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20120911045449.GB5194@comcast.net \
    --to=mmogilvi_qemu@miniinfo.net \
    --cc=jan.kiszka@web.de \
    --cc=kvm@vger.kernel.org \
    --cc=macro@linux-mips.org \
    --cc=pbonzini@redhat.com \
    --cc=qemu-devel@nongnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.