Re: [PATCH v1 for-xen-4.5] Fix list corruption in dpci_softirq.

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Andrew Cooper <andrew.cooper3@citrix.com>
To: Sander Eikelenboom <linux@eikelenboom.it>,
	Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Cc: xen-devel@lists.xenproject.org, JBeulich@suse.com
Subject: Re: [PATCH v1 for-xen-4.5] Fix list corruption in dpci_softirq.
Date: Wed, 19 Nov 2014 19:22:40 +0000	[thread overview]
Message-ID: <546CEE00.4010303@citrix.com> (raw)
In-Reply-To: <118231163.20141119195439@eikelenboom.it>

On 19/11/2014 18:54, Sander Eikelenboom wrote:
> Wednesday, November 19, 2014, 6:31:39 PM, you wrote:
>
>> Hey,
>> This patch should fix the issue that Sander had seen. The full details
>> are in the patch itself. Sander, if you could - please test origin/staging
>> with this patch to make sure it does fix the issue.
>
>>  xen/drivers/passthrough/io.c | 27 +++++++++++++++++----------
>> Konrad Rzeszutek Wilk (1):
>>       dpci: Fix list corruption if INTx device is used and an IRQ timeout is invoked.
>>  1 file changed, 17 insertions(+), 10 deletions(-)
>
> Hi Konrad,
>
> Hmm just tested with a freshly cloned tree .. unfortunately it blew up again.
> (i must admit i also re-enabled stuff i had disabled in debugging like, cpuidle, cpufreq). 
>
> (XEN) [2014-11-19 18:41:25.999] ----[ Xen-4.5.0-rc  x86_64  debug=y  Not tainted ]----
> (XEN) [2014-11-19 18:41:25.999] CPU:    5
> (XEN) [2014-11-19 18:41:25.999] RIP:    e008:[<ffff82d0801490ac>] dpci_softirq+0x9c/0x23d
> (XEN) [2014-11-19 18:41:25.999] RFLAGS: 0000000000010283   CONTEXT: hypervisor
> (XEN) [2014-11-19 18:41:25.999] rax: 0100100100100100   rbx: ffff8303bb688d90   rcx: 0000000000000001
> (XEN) [2014-11-19 18:41:25.999] rdx: ffff83054ef18000   rsi: 0000000000000002   rdi: ffff83050b29e0b8
> (XEN) [2014-11-19 18:41:25.999] rbp: ffff83054ef1feb0   rsp: ffff83054ef1fe50   r8:  ffff8303bb688d60
> (XEN) [2014-11-19 18:41:25.999] r9:  000001d5f62fff63   r10: 00000000deadbeef   r11: 0000000000000246
> (XEN) [2014-11-19 18:41:25.999] r12: ffff8303bb688d38   r13: ffff83050b29e000   r14: ffff8303bb688d28
> (XEN) [2014-11-19 18:41:25.999] r15: ffff8303bb688d28   cr0: 000000008005003b   cr4: 00000000000006f0
> (XEN) [2014-11-19 18:41:25.999] cr3: 000000050b2c7000   cr2: ffffffffff600400
> (XEN) [2014-11-19 18:41:25.999] ds: 002b   es: 002b   fs: 0000   gs: 0000   ss: e010   cs: e008
> (XEN) [2014-11-19 18:41:25.999] Xen stack trace from rsp=ffff83054ef1fe50:
> (XEN) [2014-11-19 18:41:25.999]    0000000000000c23 ffff83050b29e0b8 ffff8303bb688d38 ffff83054ef1fe70
> (XEN) [2014-11-19 18:41:25.999]    ffff8303bb688d90 ffff8303bb688d90 000000fb00000000 ffff82d080300200
> (XEN) [2014-11-19 18:41:25.999]    ffff82d0802fff80 ffffffffffffffff ffff83054ef18000 0000000000000002
> (XEN) [2014-11-19 18:41:25.999]    ffff83054ef1fee0 ffff82d08012be31 ffff83054ef18000 ffff83009fd2d000
> (XEN) [2014-11-19 18:41:25.999]    00000000ffffffff ffff83054ef28068 ffff83054ef1fef0 ffff82d08012be89
> (XEN) [2014-11-19 18:41:25.999]    ffff83054ef1ff10 ffff82d0801633e5 ffff82d08012be89 ffff83009ff8b000
> (XEN) [2014-11-19 18:41:25.999]    ffff83054ef1fde8 ffff880059bf8000 ffff880059bf8000 0000000000000000
> (XEN) [2014-11-19 18:41:25.999]    0000000000000000 ffff880059bfbeb0 ffffffff822f3ec0 0000000000000246
> (XEN) [2014-11-19 18:41:25.999]    0000000000000001 0000000000000000 0000000000000000 0000000000000000
> (XEN) [2014-11-19 18:41:25.999]    ffffffff810013aa ffff880059bde480 00000000deadbeef 00000000deadbeef
> (XEN) [2014-11-19 18:41:25.999]    0000010000000000 ffffffff810013aa 000000000000e033 0000000000000246
> (XEN) [2014-11-19 18:41:25.999]    ffff880059bfbe98 000000000000e02b 1862060042c8beef 224d41480704beef
> (XEN) [2014-11-19 18:41:25.999]    99171042639bbeef 74c88180108cbeef c0dc604c00000005 ffff83009ff8b000
> (XEN) [2014-11-19 18:41:26.000]    00000034cebff280 ca836183a4020303
> (XEN) [2014-11-19 18:41:26.000] Xen call trace:
> (XEN) [2014-11-19 18:41:26.000]    [<ffff82d0801490ac>] dpci_softirq+0x9c/0x23d
> (XEN) [2014-11-19 18:41:26.000]    [<ffff82d08012be31>] __do_softirq+0x81/0x8c
> (XEN) [2014-11-19 18:41:26.000]    [<ffff82d08012be89>] do_softirq+0x13/0x15
> (XEN) [2014-11-19 18:41:26.000]    [<ffff82d0801633e5>] idle_loop+0x5e/0x6e
> (XEN) [2014-11-19 18:41:26.000] 
> (XEN) [2014-11-19 18:41:26.778] 
> (XEN) [2014-11-19 18:41:26.787] ****************************************
> (XEN) [2014-11-19 18:41:26.806] Panic on CPU 5:
> (XEN) [2014-11-19 18:41:26.819] GENERAL PROTECTION FAULT
> (XEN) [2014-11-19 18:41:26.834] [error_code=0000]
> (XEN) [2014-11-19 18:41:26.847] ****************************************
> (XEN) [2014-11-19 18:41:26.867] 
> (XEN) [2014-11-19 18:41:26.876] Reboot in five seconds...
> (XEN) [2014-11-19 18:41:26.891] APIC error on CPU0: 00(08)
> (XEN) [2014-11-19 18:41:26.906] APIC error on CPU0: 08(08)

For the avoidance of any confusion, this is still LIST_POISON1 (see
%rax), but now a #GP fault following c/s 404227138 (now with 100% less
chance of dereferencing into guest-controlled virtual address space)

~Andrew

next prev parent reply	other threads:[~2014-11-19 19:22 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-11-19 17:31 [PATCH v1 for-xen-4.5] Fix list corruption in dpci_softirq Konrad Rzeszutek Wilk
2014-11-19 17:31 ` [for-xen-4.5 PATCH] dpci: Fix list corruption if INTx device is used and an IRQ timeout is invoked Konrad Rzeszutek Wilk
2014-11-19 18:54 ` [PATCH v1 for-xen-4.5] Fix list corruption in dpci_softirq Sander Eikelenboom
2014-11-19 19:22   ` Andrew Cooper [this message]
     [not found]   ` <20141119190131.GA15580@laptop.dumpdata.com>
     [not found]     ` <1173563549.20141119201735@eikelenboom.it>
2014-11-19 22:16       ` Konrad Rzeszutek Wilk

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=546CEE00.4010303@citrix.com \
    --to=andrew.cooper3@citrix.com \
    --cc=JBeulich@suse.com \
    --cc=konrad.wilk@oracle.com \
    --cc=linux@eikelenboom.it \
    --cc=xen-devel@lists.xenproject.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.