From: "Roger Pau Monné" <roger.pau@citrix.com>
To: Paul Durrant <Paul.Durrant@citrix.com>,
xen-devel <xen-devel@lists.xenproject.org>,
Andrew Cooper <Andrew.Cooper3@citrix.com>
Subject: Re: [BUG] Emulation issues
Date: Thu, 30 Jul 2015 15:06:06 +0200 [thread overview]
Message-ID: <55BA213E.2080605@citrix.com> (raw)
In-Reply-To: <9AAE0902D5BC7E449B7C8E4E778ABCD02F55FCB3@AMSPEX01CL02.citrite.net>
El 30/07/15 a les 12.59, Paul Durrant ha escrit:
>> -----Original Message-----
> [big snip]
>> Sorry, missed that in the noise. So, the problem is that there is no in-flight I/O
>> even though pio completion is being attempted. Something has got out of
>> sync.
>>
>
> I think I understand what may be happening... The code in hvmemul_do_io() basically expects to be called either to issue an I/O or to extract info from a completed one. However it is being called unconditionally (in the PIO case) out of hvm_do_resume, rather than only if the in-flight I/O state has been updated to STATE_IORESP_READY.
>
> Can you try this patch (also containing my previous debug patch)?
>
> diff --git a/xen/arch/x86/hvm/emulate.c b/xen/arch/x86/hvm/emulate.c
> index 30acb78..1bc3cc9 100644
> --- a/xen/arch/x86/hvm/emulate.c
> +++ b/xen/arch/x86/hvm/emulate.c
> @@ -145,6 +145,8 @@ static int hvmemul_do_io(
> return X86EMUL_UNHANDLEABLE;
> goto finish_access;
> default:
> + gprintk(XENLOG_ERR, "weird emulation state %u\n",
> + vio->io_req.state);
> return X86EMUL_UNHANDLEABLE;
> }
>
> diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
> index ec1d797..a476271 100644
> --- a/xen/arch/x86/hvm/hvm.c
> +++ b/xen/arch/x86/hvm/hvm.c
> @@ -472,7 +472,6 @@ void hvm_do_resume(struct vcpu *v)
> struct hvm_vcpu_io *vio = &v->arch.hvm_vcpu.hvm_io;
> struct domain *d = v->domain;
> struct hvm_ioreq_server *s;
> - enum hvm_io_completion io_completion;
>
> check_wakeup_from_wait();
>
> @@ -499,33 +498,38 @@ void hvm_do_resume(struct vcpu *v)
> }
> }
>
> - io_completion = vio->io_completion;
> - vio->io_completion = HVMIO_no_completion;
> -
> - switch ( io_completion )
> - {
> - case HVMIO_no_completion:
> - break;
> - case HVMIO_mmio_completion:
> - handle_mmio();
> - break;
> - case HVMIO_pio_completion:
> - (void)handle_pio(vio->io_req.addr, vio->io_req.size,
> - vio->io_req.dir);
> - break;
> - case HVMIO_realmode_completion:
> + if ( vio->io_req.state == STATE_IORESP_READY )
> {
> - struct hvm_emulate_ctxt ctxt;
> + enum hvm_io_completion io_completion;
>
> - hvm_emulate_prepare(&ctxt, guest_cpu_user_regs());
> - vmx_realmode_emulate_one(&ctxt);
> - hvm_emulate_writeback(&ctxt);
> + io_completion = vio->io_completion;
> + vio->io_completion = HVMIO_no_completion;
>
> - break;
> - }
> - default:
> - ASSERT_UNREACHABLE();
> - break;
> + switch ( io_completion )
> + {
> + case HVMIO_no_completion:
> + break;
> + case HVMIO_mmio_completion:
> + handle_mmio();
> + break;
> + case HVMIO_pio_completion:
> + (void)handle_pio(vio->io_req.addr, vio->io_req.size,
> + vio->io_req.dir);
> + break;
> + case HVMIO_realmode_completion:meet
> + {
> + struct hvm_emulate_ctxt ctxt;
> +
> + hvm_emulate_prepare(&ctxt, guest_cpu_user_regs());
> + vmx_realmode_emulate_one(&ctxt);
> + hvm_emulate_writeback(&ctxt);
> +
> + break;
> + }
> + default:
> + ASSERT_UNREACHABLE();
> + break;
> + }
> }
>
> if ( unlikely(d->arch.event_write_data) )
> @@ -2747,6 +2751,7 @@ int hvm_send_ioreq(struct hvm_ioreq_server *s, ioreq_t *proto_p,
> }
> }
>
> + gprintk(XENLOG_ERR, "unable to contact device model\n");
> return X86EMUL_UNHANDLEABLE;
> }
With this (and only this) patch applied I get the following output:
(XEN) irq.c:276: Dom18 PCI link 2 changed 11 -> 0
(XEN) irq.c:276: Dom18 PCI link 3 changed 5 -> 0
(XEN) irq.c:276: Dom19 PCI link 0 changed 5 -> 0
(XEN) irq.c:276: Dom19 PCI link 1 changed 10 -> 0
(XEN) irq.c:276: Dom19 PCI link 2 changed 11 -> 0
(XEN) irq.c:276: Dom19 PCI link 3 changed 5 -> 0
(XEN) d19v0 weird emulation state 1
(XEN) io.c:165:d19v0 Weird HVM ioemulation status 1.
(XEN) domain_crash called from io.c:166
(XEN) d19v0 weird emulation state 1
(XEN) io.c:165:d19v0 Weird HVM ioemulation status 1.
(XEN) domain_crash called from io.c:166
(XEN) d19v0 weird emulation state 1
(XEN) io.c:165:d19v0 Weird HVM ioemulation status 1.
(XEN) domain_crash called from io.c:166
(XEN) d19v0 weird emulation state 1
(XEN) io.c:165:d19v0 Weird HVM ioemulation status 1.
(XEN) domain_crash called from io.c:166
(XEN) d19v0 weird emulation state 1
(XEN) io.c:165:d19v0 Weird HVM ioemulation status 1.
(XEN) domain_crash called from io.c:166
(XEN) d19v0 weird emulation state 1
(XEN) io.c:165:d19v0 Weird HVM ioemulation status 1.
(XEN) domain_crash called from io.c:166
(XEN) d19v0 weird emulation state 1
(XEN) io.c:165:d19v0 Weird HVM ioemulation status 1.
(XEN) domain_crash called from io.c:166
(XEN) d19v0 weird emulation state 1
(XEN) io.c:165:d19v0 Weird HVM ioemulation status 1.
(XEN) domain_crash called from io.c:166
(XEN) d19v0 weird emulation state 1
(XEN) io.c:165:d19v0 Weird HVM ioemulation status 1.
(XEN) domain_crash called from io.c:166
(XEN) d19v0 weird emulation state 1
(XEN) io.c:165:d19v0 Weird HVM ioemulation status 1.
(XEN) domain_crash called from io.c:166
(XEN) d19v0 weird emulation state 1
(XEN) io.c:165:d19v0 Weird HVM ioemulation status 1.
(XEN) domain_crash called from io.c:166
(XEN) d19v0 weird emulation state 1
(XEN) io.c:165:d19v0 Weird HVM ioemulation status 1.
(XEN) domain_crash called from io.c:166
(XEN) d19v0 weird emulation state 1
(XEN) io.c:165:d19v0 Weird HVM ioemulation status 1.
(XEN) domain_crash called from io.c:166
(XEN) d19v0 weird emulation state 1
(XEN) io.c:165:d19v0 Weird HVM ioemulation status 1.
(XEN) domain_crash called from io.c:166
(XEN) d19v0 weird emulation state 1
(XEN) io.c:165:d19v0 Weird HVM ioemulation status 1.
(XEN) domain_crash called from io.c:166
Roger.
next prev parent reply other threads:[~2015-07-30 13:06 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-07-29 10:17 [BUG] Emulation issues Roger Pau Monné
2015-07-29 10:27 ` Paul Durrant
2015-07-29 10:36 ` Roger Pau Monné
2015-07-29 10:37 ` Paul Durrant
2015-07-29 12:08 ` Andrew Cooper
2015-07-29 12:41 ` Paul Durrant
2015-07-29 13:54 ` Roger Pau Monné
2015-07-30 10:12 ` Paul Durrant
2015-07-30 10:16 ` Roger Pau Monné
2015-07-30 10:21 ` Paul Durrant
2015-07-30 10:59 ` Paul Durrant
2015-07-30 13:06 ` Roger Pau Monné [this message]
2015-07-30 13:12 ` Paul Durrant
2015-07-30 13:19 ` Andrew Cooper
2015-07-30 13:20 ` Paul Durrant
2015-07-31 10:22 ` Paul Durrant
2015-07-31 11:11 ` Sander Eikelenboom
2015-07-31 11:39 ` Roger Pau Monné
2015-07-31 11:39 ` Paul Durrant
2015-07-31 11:41 ` Roger Pau Monné
2015-07-31 11:42 ` Paul Durrant
2015-07-31 12:21 ` Paul Durrant
2015-07-31 14:19 ` Paul Durrant
2015-07-31 15:15 ` Roger Pau Monné
2015-07-30 10:24 ` Andrew Cooper
2015-07-30 10:27 ` Andrew Cooper
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=55BA213E.2080605@citrix.com \
--to=roger.pau@citrix.com \
--cc=Andrew.Cooper3@citrix.com \
--cc=Paul.Durrant@citrix.com \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.