This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


[Xen-devel] [PATCH] clear cpu_eoi_map bit on flush

To: xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxx>
Subject: [Xen-devel] [PATCH] clear cpu_eoi_map bit on flush
From: Steven Rostedt <srostedt@xxxxxxxxxx>
Date: Tue, 22 Aug 2006 23:31:49 -0400
Delivery-date: Tue, 22 Aug 2006 20:31:16 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Thunderbird (X11/20060614)
Hi, I don't know if anyone else has seen this, but I kept hitting the following bug:

(XEN) BUG at irq.c:596
(XEN) (file=extable.c, line=77) Pre-exception: ff11c58a -> 00000000
(XEN) ----[ Xen-3.0-unstable    Not tainted ]----
(XEN) CPU:    0
(XEN) EIP:    e008:[<ff11c58a>] __bug+0x2a/0x30
(XEN) EFLAGS: 00010092   CONTEXT: hypervisor
(XEN) eax: 00000000   ebx: ffbe3c80   ecx: 0000000a   edx: ff1de591
(XEN) esi: ff1e8880   edi: ff1b6080   ebp: ff1d3eac   esp: ff1d3e94
(XEN) cr0: 8005003b   cr3: 3ecfe000
(XEN) ds: e010   es: e010   fs: 0000   gs: 0000   ss: e010   cs: e008
(XEN) Xen stack trace from esp=ff1d3e94:
(XEN) ff1947cd ff195b79 00000254 0000000f ffbe3c80 ff1e8880 ff1d3edc ff1293d5(XEN) ff195b79 00000254 00000000 00000001 00000001 00000058 00000246 00000015(XEN) ff215afc 000000fc ff1d3f1c ff1061ca ff1b6080 00000009 ff1d3fb4 ff1d3f30(XEN) ff1225fc ffbe7080 ffbe70d4 0000002c 000000fc ff1b6080 00000000 ffffffda(XEN) 00000020 ff1d3fac ff1d3f8c ff106c98 ff1d3f74 c1873e9c 00000004 ff10dc6f(XEN) c1873cf8 ff1d3f60 00000020 00000000 ff11e39b ff1af080 c1873d18 ff1d3f60(XEN) ff1af024 ff1af020 00000001 aaaaaaaa aaaaaaaa aaaaaaaa aaaaaaaa aaaaaaaa(XEN) 00000015 aaaaaaaa aaaaaaaa ffbe7080 00000020 ff1d3fac 00e2c037 ff17f7f5(XEN) 00000003 c1873e9c deadbeef deadbeef deadbeef deadbeef c0401407 00000020(XEN) 00000003 c1873e9c c1873e9c 00000009 c06e18a8 00000015 00000020 000d0000(XEN) c0401407 00000061 00000203 c1873e68 0000e021 0000007b 0000007b 00000000(XEN) 00000000 00000000 ffbe7080
(XEN) Xen call trace:
(XEN)    [<ff11c58a>] __bug+0x2a/0x30
(XEN)    [<ff1293d5>] pirq_guest_unbind+0x1a5/0x340
(XEN)    [<ff1061ca>] __evtchn_close+0x14a/0x330
(XEN)    [<ff106c98>] do_event_channel_op+0x7c8/0xfc0
(XEN)    [<ff17f7f5>] hypercall+0x95/0xb5
(XEN) ************************************
(XEN) CPU0 FATAL TRAP 6 (invalid opcode), ERROR_CODE 0000, IN INTERRUPT CONTEXT.(XEN) System shutting down -- need manual reset.
(XEN) ************************************

I traced it down to this code:

    cpu_eoi_map = action->cpu_eoi_map;
    if ( !cpus_empty(cpu_eoi_map) )
       BUG_ON(action->ack_type != ACKTYPE_EOI);
       spin_unlock_irqrestore(&desc->lock, flags);
       on_selected_cpus(cpu_eoi_map, flush_all_pending_eoi, NULL, 1, 1);
       on_selected_cpus(cpu_online_map, flush_ready_eoi, NULL, 1, 1);
       spin_lock_irqsave(&desc->lock, flags);


When cpu_eoi_map is set, neither flush_all_pending_eoi nor flush_read_eoi clear the cpu_eoi_map bit. So I hit the BUG_ON.

I haven't put too much effort into this patch, but it seems that it gets me past the problem I was having. (I'm now crashing later on in Dom0 but that's my problem :)

I added the ASSERT because it seems that that bit should be set regardless. Thinking that pending_eoi_sp should be in sync with cpu_eoi_map (but I could be wrong on this).

-- Steve

Signed-off-by: Steven Rostedt <srostedt@xxxxxxxxxx>

Index: xen/arch/x86/irq.c
--- xen.orig/arch/x86/irq.c     2006-08-22 23:14:25.000000000 -0400
+++ xen/arch/x86/irq.c  2006-08-22 23:19:37.000000000 -0400
@@ -289,6 +289,8 @@ static void flush_all_pending_eoi(void *
         action = (irq_guest_action_t *)desc->action;
         ASSERT(action->ack_type == ACKTYPE_EOI);
         ASSERT(desc->status & IRQ_GUEST);
+        ASSERT(cpu_isset(action->cpu_eoi_map));
+        cpu_clear(cpu, action->cpu_eoi_map);
         for ( i = 0; i < action->nr_guests; i++ )
             clear_bit(vector_to_irq(vector), action->guest[i]->pirq_mask);
         action->in_flight = 0;
Xen-devel mailing list
<Prev in Thread] Current Thread [Next in Thread>