From patchwork Sun May 21 03:32:32 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Wanpeng Li X-Patchwork-Id: 9738821 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id F20F560326 for ; Sun, 21 May 2017 03:32:58 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id E2D2928422 for ; Sun, 21 May 2017 03:32:58 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id D464D284B2; Sun, 21 May 2017 03:32:58 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.5 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM, RCVD_IN_DNSWL_HI, RCVD_IN_SORBS_SPAM autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 52FFA28422 for ; Sun, 21 May 2017 03:32:58 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1756561AbdEUDcn (ORCPT ); Sat, 20 May 2017 23:32:43 -0400 Received: from mail-qt0-f194.google.com ([209.85.216.194]:35304 "EHLO mail-qt0-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751848AbdEUDcl (ORCPT ); Sat, 20 May 2017 23:32:41 -0400 Received: by mail-qt0-f194.google.com with SMTP id r58so14395774qtb.2; Sat, 20 May 2017 20:32:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=UQxhcyscu6webaYbzTHCFhqYJQSkex1FIe2Je1gyRZU=; b=L+6Z+fEd9QrlY5z/o6NPbzNJXk7HOzUSTGBq1kfr5X/slHldUElpgQOraOOPnY27SK NM4W3COSV2GwgpExo5vqgqgieBEWNnjVMAA/htsWnA33YGM0GuIZoh690w/n6i76zmwp kHgJ4E2VXYjEx0V84QXOExoQzMcL6mk1pbXWwJmJA7bx9pmlmHOMK4CmF9QcQGQuk4wp t26MyT4xBnAeRkjz4XDt4qVRXQ2Ap5vt7SXsb/NxKFYJaKDPHEnqB69DrOfkxL0UG2ta FBKV/PXH9+rF2NafQ2yMQfw8SvIqOgdd4mDSc/rEUlQUPozK2akZMoNm8z50NbjiSg96 hUIA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=UQxhcyscu6webaYbzTHCFhqYJQSkex1FIe2Je1gyRZU=; b=BrKDldmDcM+IF5oe2kFzgcy6V5RAULNhgnssnnU9dLLGWw5AMcLtRwpJukWJaRZX/g YLlCrx0OtU7+y+rCKoncXxjfbBCas4rgk5m9PSC6xs6H+hOO/1SUKRjq6TCB8tdlnkhu n05i0X02Vfv07J8x7+IO4EJNG97kYOEEHDyuPFxFjVFMb4pQtwzGqWBy/nCPxJx8Pvfb 7FfP9+XmvOvs7e9M+wN/2DyZznzeOJfkoDjeYk6e9lz1RiuatOl1V8MJYN+c87aHXYac bCrCkFfA0WF9Vu9Oo/ueDSVOnX+tDw9tDGXwu/LUHOFeqQq5lN/WDukg22F67hFrfJ34 WGew== X-Gm-Message-State: AODbwcCnzzuoIHB0MDTYv+HQIh55QgdsFfa2B16No0CitaSgqvMpUMsR O+DrnVaaY8Om/w== X-Received: by 10.200.45.121 with SMTP id o54mr15115935qta.43.1495337560090; Sat, 20 May 2017 20:32:40 -0700 (PDT) Received: from localhost ([67.205.145.118]) by smtp.gmail.com with ESMTPSA id q5sm9104036qtb.52.2017.05.20.20.32.36 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sat, 20 May 2017 20:32:39 -0700 (PDT) From: Wanpeng Li X-Google-Original-From: Wanpeng Li To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Paolo Bonzini , =?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= , Wanpeng Li Subject: [PATCH] KVM: X86: Fix preempt the preemption timer cancel Date: Sat, 20 May 2017 20:32:32 -0700 Message-Id: <1495337552-78885-1-git-send-email-wanpeng.li@hotmail.com> X-Mailer: git-send-email 2.7.4 MIME-Version: 1.0 Sender: kvm-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP From: Wanpeng Li WARNING: CPU: 3 PID: 1952 at arch/x86/kvm/lapic.c:1529 kvm_lapic_expired_hv_timer+0xb5/0xd0 [kvm] CPU: 3 PID: 1952 Comm: qemu-system-x86 Not tainted 4.12.0-rc1+ #24 RIP: 0010:kvm_lapic_expired_hv_timer+0xb5/0xd0 [kvm] Call Trace: handle_preemption_timer+0xe/0x20 [kvm_intel] vmx_handle_exit+0xc9/0x15f0 [kvm_intel] ? lock_acquire+0xdb/0x250 ? lock_acquire+0xdb/0x250 ? kvm_arch_vcpu_ioctl_run+0xdf3/0x1ce0 [kvm] kvm_arch_vcpu_ioctl_run+0xe55/0x1ce0 [kvm] kvm_vcpu_ioctl+0x384/0x7b0 [kvm] ? kvm_vcpu_ioctl+0x384/0x7b0 [kvm] ? __fget+0xf3/0x210 do_vfs_ioctl+0xa4/0x700 ? __fget+0x114/0x210 SyS_ioctl+0x79/0x90 do_syscall_64+0x8f/0x750 ? trace_hardirqs_on_thunk+0x1a/0x1c entry_SYSCALL64_slow_path+0x25/0x25 This can be reproduced sporadically during boot L2 on a preemptible L1, and splat on L1. CPU0 CPU1 vmx_cancel_hv_timer vCPU0's vmx->hv_deadline_tsc = -1 preempt occur clear preemption timer field in CPU1's active vmcs vCPU0's apic_timer.hv_timer_in_use = false vmx_vcpu_run(vCPU0) vmx_arm_hv_timer if (vmx->hv_deadline_tsc == -1) nothing change handle_preemption_timer(vCPU0) kvm_lapic_expired_hv_timer WARN_ON(!apic->lapic_timer.hv_timer_in_use); Preemption can occur during cancel preemption timer, and there will be inconsistent status in lapic, vmx and vmcs field. This patch fixes it by disable preemption for cancelling preemption timer. Cc: Paolo Bonzini Cc: Radim Krčmář Signed-off-by: Wanpeng Li --- arch/x86/kvm/lapic.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/arch/x86/kvm/lapic.c b/arch/x86/kvm/lapic.c index c329d28..6e6f345 100644 --- a/arch/x86/kvm/lapic.c +++ b/arch/x86/kvm/lapic.c @@ -1495,8 +1495,10 @@ EXPORT_SYMBOL_GPL(kvm_lapic_hv_timer_in_use); static void cancel_hv_timer(struct kvm_lapic *apic) { + preempt_disable(); kvm_x86_ops->cancel_hv_timer(apic->vcpu); apic->lapic_timer.hv_timer_in_use = false; + preempt_enable(); } static bool start_hv_timer(struct kvm_lapic *apic)