From: Sean Christopherson via iommu <iommu@lists.linux-foundation.org>
To: Maxim Levitsky <mlevitsk@redhat.com>
Cc: Wanpeng Li <wanpengli@tencent.com>,
kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
iommu@lists.linux-foundation.org,
Paolo Bonzini <pbonzini@redhat.com>,
Vitaly Kuznetsov <vkuznets@redhat.com>,
Jim Mattson <jmattson@google.com>
Subject: Re: [PATCH v3 00/26] KVM: x86: Halt and APICv overhaul
Date: Thu, 9 Dec 2021 00:02:57 +0000 [thread overview]
Message-ID: <YbFHsYJ5ua3J286o@google.com> (raw)
In-Reply-To: <8c6c38f3cc201e42629c3b8e5cf8cdb251c9ea8d.camel@redhat.com>
On Thu, Dec 09, 2021, Maxim Levitsky wrote:
> Also got this while trying a VM with passed through device:
>
> [mlevitsk@amdlaptop ~]$[ 34.926140] usb 5-3: reset full-speed USB device number 3 using xhci_hcd
> [ 42.583661] FAT-fs (mmcblk0p1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
> [ 363.562173] VFIO - User Level meta-driver version: 0.3
> [ 365.160357] vfio-pci 0000:03:00.0: vfio_ecap_init: hiding ecap 0x1e@0x154
> [ 384.138110] BUG: kernel NULL pointer dereference, address: 0000000000000021
> [ 384.154039] #PF: supervisor read access in kernel mode
> [ 384.165645] #PF: error_code(0x0000) - not-present page
> [ 384.177254] PGD 16da9d067 P4D 16da9d067 PUD 13ad1a067 PMD 0
> [ 384.190036] Oops: 0000 [#1] SMP
> [ 384.197117] CPU: 3 PID: 14403 Comm: CPU 3/KVM Tainted: G O 5.16.0-rc4.unstable #6
> [ 384.216978] Hardware name: LENOVO 20UF001CUS/20UF001CUS, BIOS R1CET65W(1.34 ) 06/17/2021
> [ 384.235258] RIP: 0010:amd_iommu_update_ga+0x32/0x160
> [ 384.246469] Code: <4c> 8b 62 20 48 8b 4a 18 4d 85 e4 0f 84 ca 00 00 00 48 85 c9 0f 84
> [ 384.288932] RSP: 0018:ffffc9000036fca0 EFLAGS: 00010046
> [ 384.300727] RAX: 0000000000000000 RBX: ffff88810b68ab60 RCX: ffff8881667a6018
> [ 384.316850] RDX: 0000000000000001 RSI: ffff888107476b00 RDI: 0000000000000003
RDX, a.k.a. ir_data is NULL. This check in svm_ir_list_add()
if (pi->ir_data && (pi->prev_ga_tag != 0)) {
implies pi->ir_data can be NULL, but neither avic_update_iommu_vcpu_affinity()
nor amd_iommu_update_ga() check ir->data for NULL.
amd_ir_set_vcpu_affinity() returns "success" without clearing pi.is_guest_mode
/* Note:
* This device has never been set up for guest mode.
* we should not modify the IRTE
*/
if (!dev_data || !dev_data->use_vapic)
return 0;
so it's plausible svm_ir_list_add() could add to the list with a NULL pi->ir_data.
But none of the relevant code has seen any meaningful changes since 5.15, so odds
are good I broke something :-/
_______________________________________________
iommu mailing list
iommu@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/iommu
WARNING: multiple messages have this Message-ID (diff)
From: Sean Christopherson <seanjc@google.com>
To: Maxim Levitsky <mlevitsk@redhat.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>,
Joerg Roedel <joro@8bytes.org>,
Vitaly Kuznetsov <vkuznets@redhat.com>,
Wanpeng Li <wanpengli@tencent.com>,
Jim Mattson <jmattson@google.com>,
Suravee Suthikulpanit <suravee.suthikulpanit@amd.com>,
kvm@vger.kernel.org, iommu@lists.linux-foundation.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH v3 00/26] KVM: x86: Halt and APICv overhaul
Date: Thu, 9 Dec 2021 00:02:57 +0000 [thread overview]
Message-ID: <YbFHsYJ5ua3J286o@google.com> (raw)
In-Reply-To: <8c6c38f3cc201e42629c3b8e5cf8cdb251c9ea8d.camel@redhat.com>
On Thu, Dec 09, 2021, Maxim Levitsky wrote:
> Also got this while trying a VM with passed through device:
>
> [mlevitsk@amdlaptop ~]$[ 34.926140] usb 5-3: reset full-speed USB device number 3 using xhci_hcd
> [ 42.583661] FAT-fs (mmcblk0p1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
> [ 363.562173] VFIO - User Level meta-driver version: 0.3
> [ 365.160357] vfio-pci 0000:03:00.0: vfio_ecap_init: hiding ecap 0x1e@0x154
> [ 384.138110] BUG: kernel NULL pointer dereference, address: 0000000000000021
> [ 384.154039] #PF: supervisor read access in kernel mode
> [ 384.165645] #PF: error_code(0x0000) - not-present page
> [ 384.177254] PGD 16da9d067 P4D 16da9d067 PUD 13ad1a067 PMD 0
> [ 384.190036] Oops: 0000 [#1] SMP
> [ 384.197117] CPU: 3 PID: 14403 Comm: CPU 3/KVM Tainted: G O 5.16.0-rc4.unstable #6
> [ 384.216978] Hardware name: LENOVO 20UF001CUS/20UF001CUS, BIOS R1CET65W(1.34 ) 06/17/2021
> [ 384.235258] RIP: 0010:amd_iommu_update_ga+0x32/0x160
> [ 384.246469] Code: <4c> 8b 62 20 48 8b 4a 18 4d 85 e4 0f 84 ca 00 00 00 48 85 c9 0f 84
> [ 384.288932] RSP: 0018:ffffc9000036fca0 EFLAGS: 00010046
> [ 384.300727] RAX: 0000000000000000 RBX: ffff88810b68ab60 RCX: ffff8881667a6018
> [ 384.316850] RDX: 0000000000000001 RSI: ffff888107476b00 RDI: 0000000000000003
RDX, a.k.a. ir_data is NULL. This check in svm_ir_list_add()
if (pi->ir_data && (pi->prev_ga_tag != 0)) {
implies pi->ir_data can be NULL, but neither avic_update_iommu_vcpu_affinity()
nor amd_iommu_update_ga() check ir->data for NULL.
amd_ir_set_vcpu_affinity() returns "success" without clearing pi.is_guest_mode
/* Note:
* This device has never been set up for guest mode.
* we should not modify the IRTE
*/
if (!dev_data || !dev_data->use_vapic)
return 0;
so it's plausible svm_ir_list_add() could add to the list with a NULL pi->ir_data.
But none of the relevant code has seen any meaningful changes since 5.15, so odds
are good I broke something :-/
next prev parent reply other threads:[~2021-12-09 0:03 UTC|newest]
Thread overview: 96+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-12-08 1:52 [PATCH v3 00/26] KVM: x86: Halt and APICv overhaul Sean Christopherson via iommu
2021-12-08 1:52 ` Sean Christopherson
2021-12-08 1:52 ` [PATCH v3 01/26] KVM: fix avic_set_running for preemptable kernels Sean Christopherson via iommu
2021-12-08 1:52 ` Sean Christopherson
2021-12-08 1:52 ` [PATCH v3 02/26] KVM: nVMX: Ensure vCPU honors event request if posting nested IRQ fails Sean Christopherson via iommu
2021-12-08 1:52 ` Sean Christopherson
2021-12-08 1:52 ` [PATCH v3 03/26] KVM: VMX: Clean up PI pre/post-block WARNs Sean Christopherson via iommu
2021-12-08 1:52 ` Sean Christopherson
2021-12-08 1:52 ` [PATCH v3 04/26] KVM: VMX: Handle PI wakeup shenanigans during vcpu_put/load Sean Christopherson via iommu
2021-12-08 1:52 ` Sean Christopherson
2021-12-08 1:52 ` [PATCH v3 05/26] KVM: Drop unused kvm_vcpu.pre_pcpu field Sean Christopherson via iommu
2021-12-08 1:52 ` Sean Christopherson
2021-12-08 1:52 ` [PATCH v3 06/26] KVM: Move x86 VMX's posted interrupt list_head to vcpu_vmx Sean Christopherson via iommu
2021-12-08 1:52 ` Sean Christopherson
2021-12-08 1:52 ` [PATCH v3 07/26] KVM: VMX: Move preemption timer <=> hrtimer dance to common x86 Sean Christopherson via iommu
2021-12-08 1:52 ` Sean Christopherson
2023-03-29 12:34 ` Tudor Ambarus
2023-03-29 13:47 ` Paolo Bonzini
2023-03-29 15:22 ` Tudor Ambarus
2023-03-30 7:12 ` Tudor Ambarus
2021-12-08 1:52 ` [PATCH v3 08/26] KVM: x86: Unexport LAPIC's switch_to_{hv, sw}_timer() helpers Sean Christopherson via iommu
2021-12-08 1:52 ` [PATCH v3 08/26] KVM: x86: Unexport LAPIC's switch_to_{hv,sw}_timer() helpers Sean Christopherson
2021-12-08 1:52 ` [PATCH v3 09/26] KVM: x86: Remove defunct pre_block/post_block kvm_x86_ops hooks Sean Christopherson via iommu
2021-12-08 1:52 ` Sean Christopherson
2021-12-08 1:52 ` [PATCH v3 10/26] KVM: SVM: Signal AVIC doorbell iff vCPU is in guest mode Sean Christopherson via iommu
2021-12-08 1:52 ` Sean Christopherson
2021-12-08 1:52 ` [PATCH v3 11/26] KVM: SVM: Don't bother checking for "running" AVIC when kicking for IPIs Sean Christopherson via iommu
2021-12-08 1:52 ` Sean Christopherson
2021-12-08 1:52 ` [PATCH v3 12/26] KVM: SVM: Remove unnecessary APICv/AVIC update in vCPU unblocking path Sean Christopherson via iommu
2021-12-08 1:52 ` Sean Christopherson
2021-12-08 1:52 ` [PATCH v3 13/26] KVM: SVM: Use kvm_vcpu_is_blocking() in AVIC load to handle preemption Sean Christopherson via iommu
2021-12-08 1:52 ` Sean Christopherson
2021-12-08 1:52 ` [PATCH v3 14/26] KVM: SVM: Skip AVIC and IRTE updates when loading blocking vCPU Sean Christopherson via iommu
2021-12-08 1:52 ` Sean Christopherson
2021-12-08 1:52 ` [PATCH v3 15/26] iommu/amd: KVM: SVM: Use pCPU to infer IsRun state for IRTE Sean Christopherson via iommu
2021-12-08 1:52 ` Sean Christopherson
2021-12-08 1:52 ` [PATCH v3 16/26] KVM: VMX: Don't do full kick when triggering posted interrupt "fails" Sean Christopherson via iommu
2021-12-08 1:52 ` Sean Christopherson
2021-12-08 1:52 ` [PATCH v3 17/26] KVM: VMX: Wake vCPU when delivering posted IRQ even if vCPU == this vCPU Sean Christopherson via iommu
2021-12-08 1:52 ` Sean Christopherson
2021-12-08 1:52 ` [PATCH v3 18/26] KVM: VMX: Pass desired vector instead of bool for triggering posted IRQ Sean Christopherson via iommu
2021-12-08 1:52 ` Sean Christopherson
2021-12-08 1:52 ` [PATCH v3 19/26] KVM: VMX: Fold fallback path into triggering posted IRQ helper Sean Christopherson via iommu
2021-12-08 1:52 ` Sean Christopherson
2021-12-08 1:52 ` [PATCH v3 20/26] KVM: VMX: Don't do full kick when handling posted interrupt wakeup Sean Christopherson via iommu
2021-12-08 1:52 ` Sean Christopherson
2021-12-08 1:52 ` [PATCH v3 21/26] KVM: SVM: Drop AVIC's intermediate avic_set_running() helper Sean Christopherson via iommu
2021-12-08 1:52 ` Sean Christopherson
2021-12-08 14:43 ` Paolo Bonzini
2021-12-08 14:43 ` Paolo Bonzini
2021-12-08 15:03 ` Maxim Levitsky
2021-12-08 15:03 ` Maxim Levitsky
2021-12-08 15:43 ` Sean Christopherson via iommu
2021-12-08 15:43 ` Sean Christopherson
2021-12-08 1:52 ` [PATCH v3 22/26] KVM: SVM: Move svm_hardware_setup() and its helpers below svm_x86_ops Sean Christopherson via iommu
2021-12-08 1:52 ` Sean Christopherson
2021-12-08 1:52 ` [PATCH v3 23/26] KVM: SVM: Nullify vcpu_(un)blocking() hooks if AVIC is disabled Sean Christopherson via iommu
2021-12-08 1:52 ` Sean Christopherson
2021-12-08 1:52 ` [PATCH v3 24/26] KVM: x86: Skip APICv update if APICv is disable at the module level Sean Christopherson via iommu
2021-12-08 1:52 ` Sean Christopherson
2021-12-08 1:52 ` [PATCH v3 25/26] KVM: x86: Drop NULL check on kvm_x86_ops.check_apicv_inhibit_reasons Sean Christopherson via iommu
2021-12-08 1:52 ` Sean Christopherson
2021-12-08 1:52 ` [PATCH v3 26/26] KVM: x86: Unexport __kvm_request_apicv_update() Sean Christopherson via iommu
2021-12-08 1:52 ` Sean Christopherson
2021-12-08 9:04 ` [PATCH v3 00/26] KVM: x86: Halt and APICv overhaul Paolo Bonzini
2021-12-08 9:04 ` Paolo Bonzini
2021-12-08 14:51 ` Paolo Bonzini
2021-12-08 14:51 ` Paolo Bonzini
2021-12-08 23:00 ` Maxim Levitsky
2021-12-08 23:00 ` Maxim Levitsky
2021-12-08 23:16 ` Maxim Levitsky
2021-12-08 23:16 ` Maxim Levitsky
2021-12-08 23:34 ` Maxim Levitsky
2021-12-08 23:34 ` Maxim Levitsky
2021-12-09 0:04 ` Sean Christopherson via iommu
2021-12-09 0:04 ` Sean Christopherson
2021-12-09 6:36 ` Maxim Levitsky
2021-12-09 6:36 ` Maxim Levitsky
2021-12-09 0:02 ` Sean Christopherson via iommu [this message]
2021-12-09 0:02 ` Sean Christopherson
2021-12-09 14:29 ` Paolo Bonzini
2021-12-09 14:29 ` Paolo Bonzini
2021-12-09 14:48 ` Maxim Levitsky
2021-12-09 14:48 ` Maxim Levitsky
2021-12-09 15:45 ` Sean Christopherson via iommu
2021-12-09 15:45 ` Sean Christopherson
2021-12-09 16:03 ` Maxim Levitsky
2021-12-09 16:03 ` Maxim Levitsky
2021-12-09 1:37 ` Sean Christopherson via iommu
2021-12-09 1:37 ` Sean Christopherson
2021-12-09 6:31 ` Maxim Levitsky
2021-12-09 6:31 ` Maxim Levitsky
2021-12-08 23:43 ` Sean Christopherson via iommu
2021-12-08 23:43 ` Sean Christopherson
2021-12-09 6:34 ` Maxim Levitsky
2021-12-09 6:34 ` Maxim Levitsky
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YbFHsYJ5ua3J286o@google.com \
--to=iommu@lists.linux-foundation.org \
--cc=jmattson@google.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mlevitsk@redhat.com \
--cc=pbonzini@redhat.com \
--cc=seanjc@google.com \
--cc=vkuznets@redhat.com \
--cc=wanpengli@tencent.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.