On Wed, 3 Mar 2021 at 01:16, Sean Christopherson <seanjc@xxxxxxxxxx> wrote:
>
> On Tue, Mar 02, 2021, Wanpeng Li wrote:
> > From: Wanpeng Li <wanpengli@xxxxxxxxxxx>
> >
> > Advancing the timer expiration should only be necessary on guest initiated
> > writes. Now, we cancel the timer, clear .pending and clear expired_tscdeadline
> > at the same time during state restore.
>
> That last sentence is confusing. kvm_apic_set_state() already clears .pending,
> by way of __start_apic_timer(). I think what you mean is:
>
> When we cancel the timer and clear .pending during state restore, clear
> expired_tscdeadline as well.
Good statement. :)
>
> With that,
>
> Reviewed-by: Sean Christopherson <seanjc@xxxxxxxxxx>
>
>
> Side topic, I think there's a theoretical bug where KVM could inject a spurious
> timer interrupt. If KVM is using hrtimer, the hrtimer expires early due to an
> overzealous timer_advance_ns, and the guest writes MSR_TSCDEADLINE after the
> hrtimer expires but before the vCPU is kicked, then KVM will inject a spurious
> timer IRQ since the premature expiration should have been canceled by the guest's
> WRMSR.
>
> It could also cause KVM to soft hang the guest if the new lapic_timer.tscdeadline
> is written before apic_timer_expired() captures it in expired_tscdeadline. In
> that case, KVM will wait for the new deadline, which could be far in the future.
The hrtimer_cancel() before setting new lapic_timer.tscdeadline in
kvm_set_lapic_tscdeadline_msr() will wait for the hrtimer callback
function to finish. Could it solve this issue?
Wanpeng
