From mboxrd@z Thu Jan 1 00:00:00 1970 From: Avi Kivity Subject: Re: KVM: IOAPIC: don't clear remote_irr if IRQ is reinjected from EOI Date: Thu, 05 Jun 2008 10:55:18 +0300 Message-ID: <48479BE6.4090201@qumranet.com> References: <20080605030811.GA10631@dmt.cnet> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: Gerd von Egidy , kvm-devel To: Marcelo Tosatti Return-path: Received: from bzq-179-150-194.static.bezeqint.net ([212.179.150.194]:19880 "EHLO il.qumranet.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752087AbYFEHzU (ORCPT ); Thu, 5 Jun 2008 03:55:20 -0400 In-Reply-To: <20080605030811.GA10631@dmt.cnet> Sender: kvm-owner@vger.kernel.org List-ID: Marcelo Tosatti wrote: > There's a bug in the IOAPIC code for level-triggered interrupts. Its > relatively easy to trigger by sharing (virtio-blk + usbtablet was the > testcase, initially reported by Gerd von Egidy). > > The "remote_irr" variable is used to indicate accepted but not yet acked > interrupts. Its cleared from the EOI handler. > > Problem is that the EOI handler clears remote_irr unconditionally, even > if it reinjected another pending interrupt. > > In that case, kvm_ioapic_set_irq() proceeds to ioapic_service() which > sets remote_irr even if it failed to inject (since the IRR was high due > to EOI reinjection). > > Since the TMR bit has been cleared by the first EOI, the second one > fails to clear remote_irr. > > End result is interrupt line dead. > > Fix it by setting remote_irr only if a new pending interrupt has been > generated (and the TMR bit for vector in question set). > Applied, thanks. -- error compiling committee.c: too many arguments to function