[Xen-devel] Re: Changeset 15943 broke Linux 2.6.23-rc4?

[Tim Deegan <Tim.Deegan@xxxxxxxxxxxxx>]

Hi,

At 18:53 +0800 on 17 Oct (1192647209), Cui, Dexuan wrote:
> What's the meaning of "division by zero" in the change log of changeset
> 15943 : c0d1825f5189 (Don't count "missed ticks" on one-shot timers.)?

An OS that set up a one-shot ACPI timer could cause the timer to fire with
pt->period set to zero, which crashes Xen in the missed_ticks calculation.
(vpt.c:56  missed_ticks = missed_ticks / (s_time_t) pt->period + 1;)
Also, it's surely wrong to calculate "missed" ticks on a non-repeating
timer.

> I found the c/s breaks Linux 2.6.23-rc4 when ACPI=1 in HVM config file.
> 
> I don't think the 2 lines below are correct for one_shot vpt:
>          pt->enabled = 0;
>          list_del(&pt->list);
> because i.e., it may drop one-shot local timer interrupt wrongly (this
> breaks ACPI Linux 2.6.23-rc4...):
> 1)    an one-shot timer interrupt is triggered in pt_timer_fn(), then
> c/s 15943 
> sets pt->enabled to 0, and removes the vpt from the tm_list;
> 2)    in vmx_intr_assit() - > pt_update_irq(), we can't find the pt in
> the tm_list, so the timer 
> interrupt is dropped...

Ah, I see.  Yes, those lines need to move to after the interrupt is
delivered. :)

> Actually we don't need to remove an one_shot vpt from tm_list, since 
> pt_update_irq() ignores a vpt if pt->pending_intr_nr == 0.

We should do it, though, because otherwise we're just making
pt_update_irq's list walk more expensive for no benefit.

Cheers,

Tim.

-- 
Tim Deegan <Tim.Deegan@xxxxxxxxxxxxx>, XenSource UK Limited
Registered office c/o EC2Y 5EB, UK; company number 05334508

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel