[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] arm/acpi: Fix the deadlock in function vgic_lock_rank()

To: Shanker Donthineni <shankerd@xxxxxxxxxxxxxx>, xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxx>
From: Julien Grall <julien.grall@xxxxxxx>
Date: Fri, 27 May 2016 14:56:19 +0100
Cc: Philip Elcan <pelcan@xxxxxxxxxxxxxx>, Vikram Sethi <vikrams@xxxxxxxxxxxxxx>, Wei Chen <Wei.Chen@xxxxxxx>, Steve Capper <Steve.Capper@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Shannon Zhao <shannon.zhao@xxxxxxxxxx>
Delivery-date: Fri, 27 May 2016 13:56:37 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

Hello Shanker,

On 27/05/16 01:39, Shanker Donthineni wrote:

Commit 9d77b3c01d1261c (Configure SPI interrupt type and route to
Dom0 dynamically) causing dead loop inside the spinlock function.
Note that spinlocks in XEN are not recursive. Re-acquiring a spinlock
that has already held by calling CPU leads to deadlock. This happens
whenever dom0 does writes to GICD regs ISENABLER/ICENABLER.

Thank you for spotting it, I have not noticed it while I was reviewing,only tested on a model without any SPIs.

The following call trace explains the problem.

DOM0 writes GICD_ISENABLER/GICD_ICENABLER
   vgic_v3_distr_common_mmio_write()
     vgic_lock_rank()  -->  acquiring first time
       vgic_enable_irqs()
         route_irq_to_guest()
           gic_route_irq_to_guest()
             vgic_get_target_vcpu()
               vgic_lock_rank()  -->  attemping acquired lock

The simple fix release spinlock before calling vgic_enable_irqs()
and vgic_disable_irqs().


You should explain why you think it is valid to release the lock earlier.

In this case, I think the fix is not correct because the lock isprotecting both the register value and the internal state in Xen(modified by vgic_enable_irqs). By releasing the lock earlier, they maybecome inconsistent if another vCPU is disabling the IRQs at the same time.

I cannot find an easy fix which does not involve release the lock. WhenI was reviewing this patch, I suggested to split the IRQ configurationfrom the routing.

The routing (call to route_irq_to_guest) will be done before DOM0 isbooting. The IRQ configuration will be done in the ICFGR register.

This will also help for PCI-passthrough as the guest will have toconfigure the SPIs (we can't expect DOM0 doing it for it). But therouting will be done ahead.

This would resolve the locking issue, however it is a big task. Feelfree to suggest a simpler one.


Regards,

--
Julien Grall

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH] arm/acpi: Fix the deadlock in function vgic_lock_rank()
  - From: Stefano Stabellini

References:
- [Xen-devel] [PATCH] arm/acpi: Fix the deadlock in function vgic_lock_rank()
  - From: Shanker Donthineni

Prev by Date: Re: [Xen-devel] [PATCH v2 2/4] VMX: Cleanup PI per-cpu blocking list when vcpu is destroyed
Next by Date: Re: [Xen-devel] [PATCH v2 3/4] VMX: Assign the right value to 'NDST' field in a concern case
Previous by thread: [Xen-devel] [PATCH] arm/acpi: Fix the deadlock in function vgic_lock_rank()
Next by thread: Re: [Xen-devel] [PATCH] arm/acpi: Fix the deadlock in function vgic_lock_rank()
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.