From mboxrd@z Thu Jan  1 00:00:00 1970
From: Andrew Cooper <andrew.cooper3@citrix.com>
Subject: Re: [BUG] Assertion '(sp == 0) || (peoi[sp-1].vector <
 vector)' failed at irq.c:1163
Date: Sun, 17 Jan 2016 15:25:44 +0000
Message-ID: <569BB278.8080603@citrix.com>
References: <5698D0C1.6000808@alstadheim.priv.no>
	<5698D297.8030700@citrix.com> <569BAA4A.8010501@alstadheim.priv.no>
	<569BB05B.1000801@citrix.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xen.org>
In-Reply-To: <569BB05B.1000801@citrix.com>
List-Unsubscribe: <http://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <http://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Sender: xen-devel-bounces@lists.xen.org
Errors-To: xen-devel-bounces@lists.xen.org
To: xen-devel@lists.xen.org
List-Id: xen-devel@lists.xenproject.org

On 17/01/16 15:16, Andrew Cooper wrote:
>
>>> This isn't the first time we have seen this on Haswell processors. Do
>>> you have microcode loading set up?
>>>
>>> ~Andrew
>>>
>> Still happening with kernel-genkernel-x86_64-4.1.15-gentoo and updated
>> cpu microcode, using microcode from 20151106.
> Ok - I previously investigated this issue, but my repro evaporated from
> under my feet with a firmware update, and I never got to the bottom of it.
>
> Please can you start with the following patch which will dump some more
> information on crash.
>
> ---8<---
> diff --git a/xen/arch/x86/irq.c b/xen/arch/x86/irq.c
> index 1228568..588b562 100644
> --- a/xen/arch/x86/irq.c
> +++ b/xen/arch/x86/irq.c
> @@ -1165,6 +1165,13 @@ static void __do_IRQ_guest(int irq)
>      if ( action->ack_type == ACKTYPE_EOI )
>      {
>          sp = pending_eoi_sp(peoi);
> +        if ( unlikely(!((sp == 0) || (peoi[sp-1].vector < vector))) )
> +        {
> +            int p;
> +            for ( p = sp; p > 0; --p )
> +                printk("**peoi[%d] = {%d, 0x%u, %d}\n",
> +                       p-1, peoi[p-1].irq, peoi[p-1].vector,
> peoi[p-1].ready);
> +        }
>          ASSERT((sp == 0) || (peoi[sp-1].vector < vector));
>          ASSERT(sp < (NR_DYNAMIC_VECTORS-1));
>          peoi[sp].irq = irq;

Actually, this will be more useful:

diff --git a/xen/arch/x86/irq.c b/xen/arch/x86/irq.c
index 1228568..4e75b03 100644
--- a/xen/arch/x86/irq.c
+++ b/xen/arch/x86/irq.c
@@ -1165,6 +1165,15 @@ static void __do_IRQ_guest(int irq)
     if ( action->ack_type == ACKTYPE_EOI )
     {
         sp = pending_eoi_sp(peoi);
+        if ( unlikely(!((sp == 0) || (peoi[sp-1].vector < vector))) )
+        {
+            int p;
+
+            printk("** sp %d, irq %d, vec %#x\n", sp, irq, vector);
+            for ( p = sp; p > 0; --p )
+                printk("**peoi[%d] = {%d, %#x, %d}\n",
+                       p-1, peoi[p-1].irq, peoi[p-1].vector,
peoi[p-1].ready);
+        }
         ASSERT((sp == 0) || (peoi[sp-1].vector < vector));
         ASSERT(sp < (NR_DYNAMIC_VECTORS-1));
         peoi[sp].irq = irq;