Re: [xen-unstable bisection] complete test-amd64-amd64-qemuu-nested-amd

xen-devel.lists.xenproject.org archive mirror
 help / color / mirror / Atom feed

From: Andrew Cooper <andrew.cooper3@citrix.com>
To: osstest service owner <osstest-admin@xenproject.org>,
	xen-devel@lists.xensource.com, Jan Beulich <JBeulich@suse.com>
Subject: Re: [xen-unstable bisection] complete test-amd64-amd64-qemuu-nested-amd
Date: Thu, 23 Feb 2017 23:40:12 +0000	[thread overview]
Message-ID: <2012045a-e70b-e4ed-4b9c-1601eda161b5@citrix.com> (raw)
In-Reply-To: <E1ch2H4-0007f9-06@osstest.test-lab.xenproject.org>

On 23/02/2017 22:54, osstest service owner wrote:
> *** Found and reproduced problem changeset ***
>
>   Bug is in tree:  xen git://xenbits.xen.org/xen.git
>   Bug introduced:  49de10f3c1718bb952f4b075d07f37eb9f605b2b
>   Bug not present: 38b48605f3693e950bb4155ea8dac6614d796c2b
>   Last fail repro: http://logs.test-lab.xenproject.org/osstest/logs/106036/
>
>
>   commit 49de10f3c1718bb952f4b075d07f37eb9f605b2b
>   Author: Andrew Cooper <andrew.cooper3@citrix.com>
>   Date:   Wed Nov 2 14:36:49 2016 +0000
>   
>       x86/hvm: Don't raise #GP behind the emulators back for MSR accesses
>

Jan: your gut feel was spot on.

This time,

Feb 23 22:30:29.269782 (XEN) d3v0: Invalid EFER update: 0x1d01 -> 0x3901
- LMSLE without support
Feb 23 22:30:52.069589 (XEN) hvm.c:1616:d3v0 All CPUs offline --
powering off.

From the L1 serial log
(http://logs.test-lab.xenproject.org/osstest/logs/106036/test-amd64-amd64-qemuu-nested-amd/nocera1---var-log-xen-osstest-serial-l1.guest.osstest.log)

(XEN) mwait-idle: does not run on family 16 model 8
(XEN) HVM: ASIDs enabled.
(XEN) *** DOUBLE FAULT ***
(XEN) ----[ Xen-4.9-unstable  x86_64  debug=y   Not tainted ]----
(XEN) CPU:    0
(XEN) RIP:    e008:[<ffff82d0801ed997>] svm.c#svm_cpu_up+0x1ba/0x21f
(XEN) RFLAGS: 0000000000010256   CONTEXT: hypervisor
(XEN) rax: 0000000000003d01   rbx: ffff82d080336080   rcx: 00000000c0000080
(XEN) rdx: 0000000000000000   rsi: 0000000000001d01   rdi: 0000000000000000
(XEN) rbp: ffff82d080317d98   rsp: ffff82d080317d88   r8:  ffff8300bf55c000
(XEN) r9:  0000000000000000   r10: ffff82d080317d28   r11: 00000000ffffffff
(XEN) r12: ffff82d0802d9cc0   r13: ffff82d080317fff   r14: 0000000000000000
(XEN) r15: ffff82d08034ba80   cr0: 000000008005003b   cr4: 00000000000006e0
(XEN) cr3: 00000000bf505000   cr2: 0000000000000000
(XEN) ds: 0000   es: 0000   fs: 0000   gs: 0000   ss: 0000   cs: e008
(XEN) Valid stack range: ffff82d080316000-ffff82d080318000,
sp=ffff82d080317d88, tss.esp0=ffff82d080317fc0
(XEN) No stack overflow detected. Skipping stack trace.
(XEN)
(XEN) ****************************************
(XEN) Panic on CPU 0:
(XEN) DOUBLE FAULT -- system shutdown
(XEN) ****************************************
(XEN)
(XEN) Manual reset required ('noreboot' specified)

The problem is that hvm_msr_write_intercept() calls hvm_set_efer() and
has an escape path which skipped the previous gp_fault path which I
edited.  hvm_set_efer() raises #GP itself, returns X86EMUL_EXCEPTION,
which causes svm_do_msr_access() to raise #GP a second time.  (It also
means that across a XenServer extended test, not a single VM ever make a
write to EFER which faulted...)

I already have a task on my TODO list to modify hvm_set_cr$N() & friends
to avoid raising exceptions behind the emulators back, which I believe
is the final task to fixing:

    /*
     * TODO: Make this true:
     *
    ASSERT(ctxt->event_pending == (rc == X86EMUL_EXCEPTION));
     *
     * Some codepaths still raise exceptions behind the back of the ...


Looks like this has just jumped to the top of my priority list.

~Andrew

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel

next prev parent reply	other threads:[~2017-02-23 23:40 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-02-23 22:54 [xen-unstable bisection] complete test-amd64-amd64-qemuu-nested-amd osstest service owner
2017-02-23 23:40 ` Andrew Cooper [this message]
  -- strict thread matches above, loose matches on Subject: below --
2021-07-10 21:53 osstest service owner

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=2012045a-e70b-e4ed-4b9c-1601eda161b5@citrix.com \
    --to=andrew.cooper3@citrix.com \
    --cc=JBeulich@suse.com \
    --cc=osstest-admin@xenproject.org \
    --cc=xen-devel@lists.xensource.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).