Re: intel_iommu unit test is also failing (was: Re: [PATCH kvm-unit-tests] realmode: load above stack)

Kernel KVM virtualization development
 help / color / mirror / Atom feed

From: "Clément MATHIEU--DRIF" <clement.mathieu--drif@bull.com>
To: Peter Xu <peterx@redhat.com>, Thomas Huth <thuth@redhat.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>,
	"kvm@vger.kernel.org" <kvm@vger.kernel.org>,
	Yi Liu <yi.l.liu@intel.com>,
	"Michael S. Tsirkin" <mst@redhat.com>
Subject: Re: intel_iommu unit test is also failing (was: Re: [PATCH kvm-unit-tests] realmode: load above stack)
Date: Tue, 5 May 2026 09:27:45 +0000	[thread overview]
Message-ID: <d4ae6782e30a05ea9d56c38f0c5d296fb6a5c7b1.camel@bull.com> (raw)
In-Reply-To: <13002aef21dec62205c252f3d12bb42ea59cf287.camel@bull.com>

I had a bit more time to hook into qemu to check the root cause.

It seems that testb issues a single byte read (out of the valid size range), as we can see on the following breakpoint:

```
Thread 6 "CPU 0/TCG" hit Breakpoint 2, memory_region_dispatch_read (mr=0x55d72883cb30, addr=152, pval=0x7f62d25f4590, op=MO_BSWAP, attrs=...) at ../system/memory.c:1473
1473       unsigned size = memop_size(op);
(gdb) n
1474       MemTxResult r;
(gdb) p size
$1 = 1
(gdb)
```

cmd

On Tue, 2026-05-05 at 09:36 +0200, Clement Mathieu--Drif wrote:
> Back with some answers:
>
> This is the incriminated hunk:
>
> ```diff
> --- <unnamed>
> +++ <unnamed>
> @@ -1,17 +1,16 @@
> -  404395:       8b 80 98 00 00 00       mov    0x98(%eax),%eax
> +  40441d:       8b 43 38                mov    0x38(%ebx),%eax
>          edu_reg_writeq(dev, EDU_REG_DMA_DST, to);
>          edu_reg_writeq(dev, EDU_REG_DMA_COUNT, size);
>          edu_reg_writel(dev, EDU_REG_DMA_CMD, cmd);
>
>          /* Wait until DMA finished */
>          while (edu_reg_readl(dev, EDU_REG_DMA_CMD) & EDU_CMD_DMA_START)
> -  40439b:       a8 01                   test   $0x1,%al
> -  40439d:       74 10                   je     4043af <edu_dma+0x121>
> -  40439f:       f3 90                   pause
> -  4043a1:       48                      dec    %eax
> -  4043a2:       8b 43 38                mov    0x38(%ebx),%eax
> -  4043a5:       8b 80 98 00 00 00       mov    0x98(%eax),%eax
> -  4043ab:       a8 01                   test   $0x1,%al
> -  4043ad:       75 f0                   jne    40439f <edu_dma+0x111>
> +  404420:       f6 80 98 00 00 00 01    testb  $0x1,0x98(%eax)
> +  404427:       74 0f                   je     404438 <edu_dma+0x11f>
> +  404429:       f3 90                   pause
> +  40442b:       48                      dec    %eax
> +  40442c:       8b 43 38                mov    0x38(%ebx),%eax
> +  40442f:       f6 80 98 00 00 00 01    testb  $0x1,0x98(%eax)
> +  404436:       75 f1                   jne    404429 <edu_dma+0x110>
>                  cpu_relax();
>  }
>
> + is gcc 16
> - is gcc 15
>
> The instructions generated by gcc 16 always skip the following condition:
>
> ```
>       /* Wait until DMA finished */
>       while (edu_reg_readl(dev, EDU_REG_DMA_CMD) & EDU_CMD_DMA_START)
>               cpu_relax();
> ```
>
> As a consequence, the test performs the second dma operation too early and reads a wrong value.
>
> Regards,
> cmd
>
> On Tue, 2026-05-05 at 08:37 +0200, Clement Mathieu--Drif wrote:
>
> > I will try to investigate today, it seems that the host does not wait for the dma operation to complete before reading back.
> >
> > keep you posted
> >
> > cmd
> >
> > On Tue, 2026-05-05 at 07:49 +0200, Clement Mathieu--Drif wrote:
> >
> >
> > > Hi,
> > >
> > > Indeed, it seems to start failing when switching to gcc 16.1.
> > >
> > > gcc 15.2.1 - Qemu 11 => pass
> > > gcc 16.1 - Qemu 11 => fail
> > >
> > > On Mon, 2026-05-04 at 11:45 -0400, Peter Xu wrote:
> > >
> > >
> > >
> > > > Caution: External email. Do not open attachments or click links, unless this email comes from a known sender and you know the content is safe.
> > > >
> > > >
> > > > On Mon, May 04, 2026 at 10:07:25AM +0200, Thomas Huth wrote:
> > > >
> > > >
> > > >
> > > >
> > > > > On 04/05/2026 09.58, Thomas Huth wrote:
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > > On 04/06/2024 16.35, Paolo Bonzini wrote:
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > > > The bottom 32K of memory are generally reserved for use by the BIOS;
> > > > > > > for example, traditionally the boot loader is placed at 0x7C00 and
> > > > > > > the stack grows below that address.
> > > > > > >
> > > > > > > It turns out that with some versions of clang, realmode.flat has
> > > > > > > become big enough that it overlaps the stack used by the multiboot
> > > > > > > option ROM loader.  The result is that a couple instructions are
> > > > > > > overwritten.  Typically one or two tests fail and that's it...
> > > > > > >
> > > > > > > Move the code above the forbidden region, in real 90s style.
> > > > > > >
> > > > > > > Reported-by: Thomas Huth <[[[[thuth@redhat.com](mailto:thuth@redhat.com)](mailto:[thuth@redhat.com](mailto:thuth@redhat.com))](mailto:[[thuth@redhat.com](mailto:thuth@redhat.com)](mailto:[thuth@redhat.com](mailto:thuth@redhat.com)))](mailto:[[[thuth@redhat.com](mailto:thuth@redhat.com)](mailto:[thuth@redhat.com](mailto:thuth@redhat.com))](mailto:[[thuth@redhat.com](mailto:thuth@redhat.com)](mailto:[thuth@redhat.com](mailto:thuth@redhat.com))))>
> > > > > > > Signed-off-by: Paolo Bonzini <[[[[pbonzini@redhat.com](mailto:pbonzini@redhat.com)](mailto:[pbonzini@redhat.com](mailto:pbonzini@redhat.com))](mailto:[[pbonzini@redhat.com](mailto:pbonzini@redhat.com)](mailto:[pbonzini@redhat.com](mailto:pbonzini@redhat.com)))](mailto:[[[pbonzini@redhat.com](mailto:pbonzini@redhat.com)](mailto:[pbonzini@redhat.com](mailto:pbonzini@redhat.com))](mailto:[[pbonzini@redhat.com](mailto:pbonzini@redhat.com)](mailto:[pbonzini@redhat.com](mailto:pbonzini@redhat.com))))>
> > > > > > > ---
> > > > > > >   x86/realmode.lds | 2 +-
> > > > > > >   1 file changed, 1 insertion(+), 1 deletion(-)
> > > > > > >
> > > > > > > diff --git a/x86/realmode.lds b/x86/realmode.lds
> > > > > > > index 0ed3063b..e4782a98 100644
> > > > > > > --- a/x86/realmode.lds
> > > > > > > +++ b/x86/realmode.lds
> > > > > > > @@ -1,6 +1,6 @@
> > > > > > >   SECTIONS
> > > > > > >   {
> > > > > > > -    . = 16K;
> > > > > > > +    . = 32K;
> > > > > > >       stext = .;
> > > > > > >       .text : { *(.init) *(.text) }
> > > > > > >       . = ALIGN(4K);
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >   Hi Paolo!
> > > > > >
> > > > > > FYI, the realmode kvm-unit-test now also fails with the recent version
> > > > > > of GCC 16 for the i386 target:
> > > > > >
> > > > > >   [[[[https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/14195195727](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/14195195727)](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/14195195727](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/14195195727))](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/14195195727](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/14195195727)](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/14195195727](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/14195195727)))](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/14195195727](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/14195195727)](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/14195195727](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/14195195727))](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/14195195727](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/14195195727)](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/14195195727](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/14195195727))))
> > > > > >
> > > > > > It was working fine some weeks ago with GCC 15.1:
> > > > > >
> > > > > >   [[[[https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/13977260961](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/13977260961)](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/13977260961](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/13977260961))](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/13977260961](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/13977260961)](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/13977260961](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/13977260961)))](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/13977260961](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/13977260961)](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/13977260961](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/13977260961))](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/13977260961](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/13977260961)](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/13977260961](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/13977260961))))
> > > > > >
> > > > > > When I apply your patch, the problem seems to be gone again in this
> > > > > > case, but since there were some other issues with this (with older
> > > > > > versions of GCC, I think):
> > > > > >
> > > > > > [[[[https://lore.kernel.org/kvm/49f8aadf-6e3f-4d2b-a32a-8ba941a3a2a1@redhat.com/](https://lore.kernel.org/kvm/49f8aadf-6e3f-4d2b-a32a-8ba941a3a2a1@redhat.com/)](https://lore.kernel.org/kvm/49f8aadf-6e3f-4d2b-a32a-8ba941a3a2a1@redhat.com/](https://lore.kernel.org/kvm/49f8aadf-6e3f-4d2b-a32a-8ba941a3a2a1@redhat.com/))](https://lore.kernel.org/kvm/49f8aadf-6e3f-4d2b-a32a-8ba941a3a2a1@redhat.com/](https://lore.kernel.org/kvm/49f8aadf-6e3f-4d2b-a32a-8ba941a3a2a1@redhat.com/)](https://lore.kernel.org/kvm/49f8aadf-6e3f-4d2b-a32a-8ba941a3a2a1@redhat.com/](https://lore.kernel.org/kvm/49f8aadf-6e3f-4d2b-a32a-8ba941a3a2a1@redhat.com/)))](https://lore.kernel.org/kvm/49f8aadf-6e3f-4d2b-a32a-8ba941a3a2a1@redhat.com/](https://lore.kernel.org/kvm/49f8aadf-6e3f-4d2b-a32a-8ba941a3a2a1@redhat.com/)](https://lore.kernel.org/kvm/49f8aadf-6e3f-4d2b-a32a-8ba941a3a2a1@redhat.com/](https://lore.kernel.org/kvm/49f8aadf-6e3f-4d2b-a32a-8ba941a3a2a1@redhat.com/))](https://lore.kernel.org/kvm/49f8aadf-6e3f-4d2b-a32a-8ba941a3a2a1@redhat.com/](https://lore.kernel.org/kvm/49f8aadf-6e3f-4d2b-a32a-8ba941a3a2a1@redhat.com/)](https://lore.kernel.org/kvm/49f8aadf-6e3f-4d2b-a32a-8ba941a3a2a1@redhat.com/](https://lore.kernel.org/kvm/49f8aadf-6e3f-4d2b-a32a-8ba941a3a2a1@redhat.com/))))
> > > > > >
> > > > > > ... there must be a better way to fix it?
> > > > > >
> > > > > > Could you please have a look?
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > By the way, the intel_iommu test now also suddenly started failing (for the
> > > > > x86_64 target), either due to update of GCC or due to the update from QEMU
> > > > > v10.2 to 11.0 :
> > > > >
> > > > >  [[[[https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/14195195728](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/14195195728)](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/14195195728](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/14195195728))](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/14195195728](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/14195195728)](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/14195195728](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/14195195728)))](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/14195195728](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/14195195728)](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/14195195728](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/14195195728))](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/14195195728](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/14195195728)](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/14195195728](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/14195195728))))
> > > > >
> > > > > Two weeks ago, it was still working fine:
> > > > >
> > > > >  [[[[https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/13977260962](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/13977260962)](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/13977260962](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/13977260962))](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/13977260962](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/13977260962)](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/13977260962](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/13977260962)))](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/13977260962](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/13977260962)](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/13977260962](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/13977260962))](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/13977260962](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/13977260962)](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/13977260962](https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/13977260962))))
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > Looping in those who take care of qemu's VT-D now (Yi, Clément)..
> > > >
> > > > --
> > > > Peter Xu
> > > >
> > >
> > >
> > >
> >
> >
>

next prev parent reply	other threads:[~2026-05-05  9:33 UTC|newest]

Thread overview: 17+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <20240604143507.1041901-1-pbonzini@redhat.com>
2026-05-04  7:58 ` [PATCH kvm-unit-tests] realmode: load above stack Thomas Huth
2026-05-04  8:07   ` intel_iommu unit test is also failing (was: Re: [PATCH kvm-unit-tests] realmode: load above stack) Thomas Huth
2026-05-04 15:45     ` Peter Xu
2026-05-05  5:49       ` Clément MATHIEU--DRIF
2026-05-05  6:37         ` Clément MATHIEU--DRIF
2026-05-05  7:36           ` Clément MATHIEU--DRIF
2026-05-05  9:27             ` Clément MATHIEU--DRIF [this message]
2026-05-05  9:45               ` intel_iommu unit test is also failing Thomas Huth
2026-05-05  9:53                 ` Clément MATHIEU--DRIF
2026-05-05 10:15                   ` Thomas Huth
2026-05-05 10:23                 ` Michael S. Tsirkin
2026-05-05 10:34                   ` Thomas Huth
2026-05-05 10:53                     ` Michael S. Tsirkin
2026-05-05 11:38                       ` Thomas Huth
2026-05-05 12:33                         ` Michael S. Tsirkin
2026-05-05 17:08                           ` Thomas Huth
2026-05-05 11:39                       ` Clément MATHIEU--DRIF

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=d4ae6782e30a05ea9d56c38f0c5d296fb6a5c7b1.camel@bull.com \
    --to=clement.mathieu--drif@bull.com \
    --cc=kvm@vger.kernel.org \
    --cc=mst@redhat.com \
    --cc=pbonzini@redhat.com \
    --cc=peterx@redhat.com \
    --cc=thuth@redhat.com \
    --cc=yi.l.liu@intel.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox