On 1/16/24 20:00, David Woodhouse wrote:
> ...
> Astute reviewers may note that kvm_xen_inject_vcpu_vector() function has
> a WARN_ON_ONCE() in the case where kvm_irq_delivery_to_apic_fast() fails
> and returns false. In the case where the MSI is not delivered due to the
> local APIC being disabled, kvm_irq_delivery_to_apic_fast() still returns
> true but the value in *r is zero. So the WARN_ON_ONCE() remains correct,
> as that case should still never happen.
I'm curious about that WARN_ON_ONCE(). It seems that a small modification
to xen_shinfo_test is enough to trigger it.
--- a/tools/testing/selftests/kvm/x86_64/xen_shinfo_test.c
+++ b/tools/testing/selftests/kvm/x86_64/xen_shinfo_test.c
@@ -87,6 +87,8 @@ enum {
#define EVTCHNSTAT_interdomain 2
+#define MAX_XAPIC_ID 0xff
+
struct evtchn_send {
u32 port;
};
@@ -425,6 +427,7 @@ static void *juggle_shinfo_state(void *arg)
int main(int argc, char *argv[])
{
+ struct kvm_vcpu *vcpus[MAX_XAPIC_ID + 3];
struct timespec min_ts, max_ts, vm_ts;
struct kvm_xen_hvm_attr evt_reset;
struct kvm_vm *vm;
@@ -445,7 +448,8 @@ int main(int argc, char *argv[])
clock_gettime(CLOCK_REALTIME, &min_ts);
- vm = vm_create_with_one_vcpu(&vcpu, guest_code);
+ vm = vm_create_with_vcpus(ARRAY_SIZE(vcpus), guest_code, vcpus);
+ vcpu = vcpus[0];
/* Map a region for the shared_info page */
vm_userspace_mem_region_add(vm, VM_MEM_SRC_ANONYMOUS,
@@ -516,6 +520,12 @@ int main(int argc, char *argv[])
};
vcpu_ioctl(vcpu, KVM_XEN_VCPU_SET_ATTR, &pvclock);
+ struct kvm_xen_hvm_attr ua = {
+ .type = KVM_XEN_VCPU_ATTR_TYPE_UPCALL_VECTOR,
+ .u.vector = EVTCHN_VECTOR,
+ };
+ vcpu_ioctl(vcpu, KVM_XEN_VCPU_SET_ATTR, &ua);
+
struct kvm_xen_hvm_attr vec = {
.type = KVM_XEN_ATTR_TYPE_UPCALL_VECTOR,
.u.vector = EVTCHN_VECTOR,
[ 28.669825] ------------[ cut here ]------------
[ 28.669831] WARNING: CPU: 5 PID: 1050 at arch/x86/kvm/xen.c:509 kvm_xen_inject_vcpu_vector.isra.0+0x50/0x60 [kvm]
[ 28.669867] Modules linked in: 9p netfs qrtr sunrpc intel_rapl_msr intel_rapl_common kvm_intel kvm 9pnet_virtio 9pnet rapl pcspkr i2c_piix4 drm zram crct10dif_pclmul crc32_pclmul crc32c_intel ata_generic virtio_blk pata_acpi ghash_clmulni_intel serio_raw fuse qemu_fw_cfg virtio_console
[ 28.669882] CPU: 5 PID: 1050 Comm: xen_shinfo_test Not tainted 6.8.0-rc2+ #6
[ 28.669884] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Arch Linux 1.16.3-1-1 04/01/2014
[ 28.669885] RIP: 0010:kvm_xen_inject_vcpu_vector.isra.0+0x50/0x60 [kvm]
[ 28.669911] Code: 08 48 8d 54 24 08 48 c7 44 24 0c 00 00 00 00 c7 44 24 1c 00 00 00 00 c6 44 24 10 01 e8 99 6d fd ff 84 c0 74 05 48 83 c4 20 c3 <0f> 0b 48 83 c4 20 c3 66 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 55
[ 28.669912] RSP: 0018:ffffc90001323cb0 EFLAGS: 00010046
[ 28.669914] RAX: 0000000000000000 RBX: ffffc900036c1000 RCX: ffffc90001323c2c
[ 28.669915] RDX: 0000000000000004 RSI: ffffffff82630bb0 RDI: ffffffff82667eb6
[ 28.669916] RBP: 0000000000000001 R08: ffffc90001323c70 R09: ffffc90001323c68
[ 28.669916] R10: 0000000000000001 R11: 0000000000000000 R12: ffff888107b43870
[ 28.669917] R13: ffffc900036cb278 R14: 0000000000000000 R15: ffff888107b427c0
[ 28.669918] FS: 00007f2033afc740(0000) GS:ffff88842fc80000(0000) knlGS:0000000000000000
[ 28.669919] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 28.669920] CR2: 0000000000000000 CR3: 00000001203d1000 CR4: 0000000000752ef0
[ 28.669922] PKRU: 55555554
[ 28.669923] Call Trace:
[ 28.669924] <TASK>
[ 28.669925] ? kvm_xen_inject_vcpu_vector.isra.0+0x50/0x60 [kvm]
[ 28.669949] ? __warn+0x81/0x170
[ 28.669952] ? kvm_xen_inject_vcpu_vector.isra.0+0x50/0x60 [kvm]
[ 28.669976] ? report_bug+0x189/0x1c0
[ 28.669979] ? handle_bug+0x38/0x70
[ 28.669981] ? exc_invalid_op+0x13/0x60
[ 28.669983] ? asm_exc_invalid_op+0x16/0x20
[ 28.669987] ? kvm_xen_inject_vcpu_vector.isra.0+0x50/0x60 [kvm]
[ 28.670011] kvm_xen_set_evtchn_fast+0x40f/0x430 [kvm]
[ 28.670037] irqfd_wakeup+0x160/0x270 [kvm]
[ 28.670057] ? kvm_xen_vcpu_get_attr+0x210/0x210 [kvm]
[ 28.670082] __wake_up_common+0x7f/0xb0
[ 28.670085] eventfd_write+0x9d/0x1e0
[ 28.670087] ? security_file_permission+0x2c/0x40
[ 28.670090] vfs_write+0xc1/0x500
[ 28.670092] ? do_syscall_64+0xa2/0x180
[ 28.670094] ? lockdep_hardirqs_on+0x7d/0x100
[ 28.670097] ksys_write+0x59/0xd0
[ 28.670099] do_syscall_64+0x95/0x180
[ 28.670101] ? do_syscall_64+0xa2/0x180
[ 28.670104] entry_SYSCALL_64_after_hwframe+0x46/0x4e
[ 28.670106] RIP: 0033:0x7f2033c07c74
[ 28.670110] Code: c7 00 16 00 00 00 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 f3 0f 1e fa 80 3d f5 76 0d 00 00 74 13 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 54 c3 0f 1f 00 55 48 89 e5 48 83 ec 20 48 89
[ 28.670111] RSP: 002b:00007ffe79281ad8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[ 28.670113] RAX: ffffffffffffffda RBX: 00007f2033069ff1 RCX: 00007f2033c07c74
[ 28.670113] RDX: 0000000000000008 RSI: 00007ffe79281ae8 RDI: 0000000000000109
[ 28.670114] RBP: 00007ffe79281af0 R08: 000000000041d22c R09: 00000000ffffffff
[ 28.670115] R10: 00007f2033b09b78 R11: 0000000000000202 R12: 0000000000000002
[ 28.670116] R13: 00000000007e52a0 R14: 00007f2033068000 R15: 0000000000000000
[ 28.670120] </TASK>
[ 28.670121] irq event stamp: 305006
[ 28.670122] hardirqs last enabled at (305005): [<ffffffff81eb9cf4>] do_syscall_64+0x54/0x180
[ 28.670124] hardirqs last disabled at (305006): [<ffffffff81eda4a2>] _raw_spin_lock_irq+0x52/0x60
[ 28.670125] softirqs last enabled at (305000): [<ffffffff81039cce>] fpu_swap_kvm_fpstate+0x7e/0x120
[ 28.670127] softirqs last disabled at (304998): [<ffffffff81039c7d>] fpu_swap_kvm_fpstate+0x2d/0x120
[ 28.670129] ---[ end trace 0000000000000000 ]---
As I understand, splat here is due to APIC map being gone (because of physical
APIC ID aliasing?), but I'm not sure what is the expected behaviour.
Thanks,
Michal
