[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] possible I/O emulation state machine issue

>>> On 22.03.18 at 16:29, <andrew.cooper3@xxxxxxxxxx> wrote:
> On 22/03/18 15:12, Jan Beulich wrote:
>> Paul,
>>
>> our PV driver person has found a reproducible crash with ws2k8,
>> triggered by one of the WHQL tests. The guest get crashed because
>> the re-issue check of an ioreq close to the top of hvmemul_do_io()
>> fails. I've handed him a first debugging patch, output of which
>> suggests that we're dealing with a completely new request, which
>> in turn would mean that we've run into stale STATE_IORESP_READY
>> state:
>>
>> (XEN) d2v3: t=0/1 a=3c4/fed000f0 s=2/4 c=1/1 d=0/1 f=0/0 p=0/0 
> v=100/ffff831873f27a30
>> (XEN) ----[ Xen-4.10.0_15-0  x86_64  debug=n   Tainted:  C   ]----
> 
> Irrespective of the issue at hand, can testing be tried with a debug
> build to see if any of the assertions are hit?

Nothing, unfortunately. But at least the stack trace can be relied
upon this way.

Jan

(XEN) d2v3: t=0/1 a=3ce/fed000f0 s=2/4 c=1/1 d=0/1 f=0/0 p=0/0 
v=406/ffff83387d21fa30
(XEN) ----[ Xen-4.10.0_15-0  x86_64  debug=y   Tainted:  C   ]----
(XEN) CPU:    62
(XEN) RIP:    e008:[<ffff82d0802e58fc>] emulate.c#hvmemul_do_io+0x169/0x445
(XEN) RFLAGS: 0000000000010292   CONTEXT: hypervisor (d2v3)
(XEN) rax: ffff8308796f602c   rbx: ffff830007d26000   rcx: 0000000000000000
(XEN) rdx: ffff83387d21ffff   rsi: 000000000000000a   rdi: ffff82d0804823b8
(XEN) rbp: ffff83387d21f788   rsp: ffff83387d21f6a8   r8:  ffff830879d00000
(XEN) r9:  0000000000000030   r10: 000000000000000f   r11: 00000000ffffffee
(XEN) r12: 0000000000000004   r13: 0000000000000000   r14: ffff83387d21f850
(XEN) r15: 0000000000000001   cr0: 0000000080050033   cr4: 00000000000026e0
(XEN) cr3: 00000037d2026000   cr2: fffff880051d17ac
(XEN) fsb: 0000000000000000   gsb: 0000000000000000   gss: 000007fffff98000
(XEN) ds: 0000   es: 0000   fs: 0000   gs: 0000   ss: 0000   cs: e008
(XEN) Xen code around <ffff82d0802e58fc> (emulate.c#hvmemul_do_io+0x169/0x445):
(XEN)  00 00 00 e8 f5 e2 f6 ff <0f> 0b 48 83 c4 60 ba ab 00 00 00 48 8d 35 89 cd
(XEN) Xen stack trace from rsp=ffff83387d21f6a8:
(XEN)    0000000000000002 0000000000000004 0000000000000001 0000000000000001
(XEN)    0000000000000000 0000000000000001 0000000000000000 0000000000000000
(XEN)    0000000000000000 0000000000000000 0000000000000406 ffff83387d21fa30
(XEN)    ffff83387d21f798 00000000fed000f0 ffff831187beb000 000000017d21f914
(XEN)    0000000000000000 000000000000014c 00000000000003ce 0000000000000406
(XEN)    0000000200000001 0000000000000000 000000000000014c 0000000000000004
(XEN)    0000000000000001 ffff83387d21fa30 00000000fed000f0 ffff830007d269c8
(XEN)    ffff83387d21f7c8 ffff82d0802e5c06 0000000000000000 ffff83387d21fa30
(XEN)    0000000000000004 0000000000000004 0000000000000000 00000000fed000f0
(XEN)    ffff83387d21f898 ffff82d0802e6264 ffff83387d21fa30 0000000000000003
(XEN)    ffff83387d21f860 ffff83387d21f858 0000000000000004 ffffffffffd070f0
(XEN)    0000000000000003 ffff83387d21fc58 0000000400000001 ffff83387d21f850
(XEN)    0000000000000000 ffff83387d21fa30 01ff833800000004 ffff83387d21fa30
(XEN)    0000000000001b41 0000000000000001 0000000000000001 00000000fed000f0
(XEN)    ffff8318ad778380 0000000000000004 ffff83387d21fc58 0000000000000001
(XEN)    0000000000000002 ffff830007d26000 ffff83387d21f918 ffff82d0802e725f
(XEN)    0000000000000001 0000000000000000 ffff82d0803e6da0 ffff83387d21fa30
(XEN)    0000000000000001 ffffffffffd070f0 0000000000861efd 0000000000000004
(XEN)    000000000000008b ffff83387d21f9c0 ffff83387d21fc58 ffff82d0803e6da0
(XEN)    ffff83387d21fef8 000000000000008b ffff83387d21f928 ffff82d0802e73c3
(XEN) Xen call trace:
(XEN)    [<ffff82d0802e58fc>] emulate.c#hvmemul_do_io+0x169/0x445
(XEN)    [<ffff82d0802e5c06>] emulate.c#hvmemul_do_io_buffer+0x2e/0x68
(XEN)    [<ffff82d0802e6264>] emulate.c#hvmemul_linear_mmio_access+0x2b9/0x3fc
(XEN)    [<ffff82d0802e725f>] emulate.c#__hvmemul_read+0x163/0x1fa
(XEN)    [<ffff82d0802e73c3>] emulate.c#hvmemul_read+0x1c/0x2a
(XEN)    [<ffff82d0802ab5e2>] x86_emulate.c#read_ulong+0x13/0x15
(XEN)    [<ffff82d0802aeeb1>] x86_emulate+0x47d/0x1efa3
(XEN)    [<ffff82d0802cd9fd>] x86_emulate_wrapper+0x26/0x5f
(XEN)    [<ffff82d0802e6cf0>] emulate.c#_hvm_emulate_one+0x54/0x173
(XEN)    [<ffff82d0802e6e1f>] hvm_emulate_one+0x10/0x12
(XEN)    [<ffff82d0802f4cc3>] hvm_emulate_one_insn+0x42/0x130
(XEN)    [<ffff82d0802f4e00>] handle_mmio_with_translation+0x4f/0x51
(XEN)    [<ffff82d0802ec25e>] hvm_hap_nested_page_fault+0x1e4/0x6b6
(XEN)    [<ffff82d0803191ea>] vmx_vmexit_handler+0x1796/0x1d3d
(XEN)    [<ffff82d08031e6e8>] vmx_asm_vmexit_handler+0xe8/0x250
(XEN) 
(XEN) domain_crash called from emulate.c:171
(XEN) Domain 2 (vcpu#3) crashed on cpu#62:
(XEN) ----[ Xen-4.10.0_15-0  x86_64  debug=y   Tainted:  C   ]----
(XEN) CPU:    62
(XEN) RIP:    0010:[<fffff80001b4111e>]
(XEN) RFLAGS: 0000000000010046   CONTEXT: hvm guest (d2v3)
(XEN) rax: ffffffffffd07000   rbx: 0000000000000000   rcx: 0000000c800022a5
(XEN) rdx: fffffffffffffd5b   rsi: fffffa60019dba00   rdi: fffffa80049bf3e0
(XEN) rbp: fffffa80049da440   rsp: fffffa60019ffcd8   r8:  0000000000000000
(XEN) r9:  0000000000000001   r10: 0000000000000000   r11: 0000000000000000
(XEN) r12: 0000000000000000   r13: 0000000000000912   r14: fffffa8003c20950
(XEN) r15: 0000000000019274   cr0: 0000000080050031   cr4: 00000000000006f8
(XEN) cr3: 0000000000124000   cr2: fffff880051d17ac
(XEN) fsb: 00000000fff9a000   gsb: fffffa60019d8000   gss: 000007fffffa2000
(XEN) ds: 002b   es: 002b   fs: 0053   gs: 002b   ss: 0018   cs: 0010


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.