From mboxrd@z Thu Jan  1 00:00:00 1970
From: "Tian, Kevin" <kevin.tian@intel.com>
Subject: RE: RE: Kernel BUG at arch/x86/mm/tlb.c:61
Date: Tue, 26 Apr 2011 13:55:50 +0800
Message-ID: <625BA99ED14B2D499DC4E29D8138F1505C7F2C518E@shsmsx502.ccr.corp.intel.com>
References: <COL0-MC1-F14hmBzxHs00230882@col0-mc1-f14.Col0.hotmail.com>,
	<BLU157-w488E5FEBD5E2DBC0666EF1DAA70@phx.gbl>,
	<BLU157-w5025BFBB4B1CDFA7AA0966DAA90@phx.gbl>,
	<BLU157-w540B39FBA137B4D96278D2DAA90@phx.gbl>,
	<BANLkTimgh_iip27zkDPNV9r7miwbxHmdVg@mail.gmail.com>,
	<BANLkTimkMgYNyANcKiZu5tJTL4==zdP3xg@mail.gmail.com>,
	<BLU157-w116F1BB57ABFDE535C7851DAA80@phx.gbl>,
	<4DA3438A.6070503@goop.org>,
	<BLU157-w2C6CD57CEA345B8D115E8DAAB0@phx.gbl>,
	<BLU157-w36F4E0A7503A357C9DE6A3DAAB0@phx.gbl>,
	<20110412100000.GA15647@dumpdata.com>,
	<BLU157-w14B84A51C80B41AB72B6CBDAAD0@phx.gbl>,
	<BANLkTinNxLnJxtZD68ODLSJqafq0tDRPfw@mail.gmail.com>,
	<BLU157-w30A1A208238A9031F0D18EDAAD0@phx.gbl>,
	<BLU157-w383D1A2536480BCD4C0E0EDAAD0@phx.gbl>,
	<BLU157-w42DAD248C94153635E9749DAAC0@phx.gbl>,
	<4DA8B715.9080508@goop.org>,
	<BLU157-w3221B2A034DA7D179CB8D0DA960@phx.gbl>,
	<BLU157-w631135A14B22DA4A7FCEC5DA960@phx.gbl>,
	<BLU157-w1963BE0D46AB93FDA390CBDA960@phx.gbl>
	<BLU157-w15A2BBA7C03E899C3272EDA960@phx.gbl>
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="===============1962481668=="
Return-path: <xen-devel-bounces@lists.xensource.com>
In-Reply-To: <BLU157-w15A2BBA7C03E899C3272EDA960@phx.gbl>
Content-Language: en-US
List-Unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xensource.com>
List-Help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-Subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
Sender: xen-devel-bounces@lists.xensource.com
Errors-To: xen-devel-bounces@lists.xensource.com
To: MaoXiaoyun <tinnycloud@hotmail.com>, "jeremy@goop.org" <jeremy@goop.org>
Cc: xen devel <xen-devel@lists.xensource.com>, "giamteckchoon@gmail.com" <giamteckchoon@gmail.com>, "konrad.wilk@oracle.com" <konrad.wilk@oracle.com>
List-Id: xen-devel@lists.xenproject.org

--===============1962481668==
Content-Language: en-US
Content-Type: multipart/alternative;
	boundary="_000_625BA99ED14B2D499DC4E29D8138F1505C7F2C518Eshsmsx502ccrc_"

--_000_625BA99ED14B2D499DC4E29D8138F1505C7F2C518Eshsmsx502ccrc_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

the race window is always there, but whether it will be triggered is not de=
termined. It's possible that you never met this bug on 2.6.31.x now, but it=
 doesn't mean you won't meet it in long run in the future. :)

Thanks
Kevin

From: xen-devel-bounces@lists.xensource.com [mailto:xen-devel-bounces@lists=
.xensource.com] On Behalf Of MaoXiaoyun
Sent: Monday, April 25, 2011 11:05 PM
To: jeremy@goop.org
Cc: xen devel; giamteckchoon@gmail.com; konrad.wilk@oracle.com
Subject: [Xen-devel] RE: Kernel BUG at arch/x86/mm/tlb.c:61

Please ignore my last two mails, I just learnt that Current is meanless in =
irq context.

Just come up one whole assumption:

In my opinion:

1) CPU running in switch_mm has the possiblity of receiving IPI message and=
 enter interrupt
2) Before revert that patch, not matter the if statement is true or not, th=
e cpu_tlbstate.state
could be changed to TLBSTATE_OK, right before enter irq routhine
3) Since the cpu_tlbstate is per CPU variable, before calling leave_mm(), t=
est cpu_tlbstate.state
in drop_other_mm_ref is feasible and nessary
4) If I am right, strange thing is the code of 2.6.32.36 is same as 2.6.31.=
x, which we never met tlb bug before.

any comments?

Many thanks.


--_000_625BA99ED14B2D499DC4E29D8138F1505C7F2C518Eshsmsx502ccrc_
Content-Type: text/html; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<html xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:o=3D"urn:schemas-micr=
osoft-com:office:office" xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" xmlns=3D"http:=
//www.w3.org/TR/REC-html40"><head><META HTTP-EQUIV=3D"Content-Type" CONTENT=
=3D"text/html; charset=3Dus-ascii"><meta name=3DGenerator content=3D"Micros=
oft Word 12 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
	{font-family:Wingdings;
	panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
	{font-family:\5B8B\4F53;
	panose-1:2 1 6 0 3 1 1 1 1 1;}
@font-face
	{font-family:"Cambria Math";
	panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
	{font-family:Calibri;
	panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
	{font-family:Tahoma;
	panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
	{font-family:"\@\5B8B\4F53";
	panose-1:2 1 6 0 3 1 1 1 1 1;}
@font-face
	{font-family:\5FAE\8F6F\96C5\9ED1;
	panose-1:2 11 5 3 2 2 4 2 2 4;}
@font-face
	{font-family:"\@\5FAE\8F6F\96C5\9ED1";
	panose-1:2 11 5 3 2 2 4 2 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0cm;
	margin-bottom:.0001pt;
	font-size:12.0pt;
	font-family:\5B8B\4F53;}
a:link, span.MsoHyperlink
	{mso-style-priority:99;
	color:blue;
	text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
	{mso-style-priority:99;
	color:purple;
	text-decoration:underline;}
p
	{mso-style-priority:99;
	mso-margin-top-alt:auto;
	margin-right:0cm;
	mso-margin-bottom-alt:auto;
	margin-left:0cm;
	font-size:12.0pt;
	font-family:\5B8B\4F53;}
span.EmailStyle18
	{mso-style-type:personal-reply;
	font-family:"Calibri","sans-serif";
	color:#1F497D;}
.MsoChpDefault
	{mso-style-type:export-only;
	font-size:10.0pt;}
@page WordSection1
	{size:612.0pt 792.0pt;
	margin:72.0pt 90.0pt 72.0pt 90.0pt;}
div.WordSection1
	{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]--></head><body lang=3DZH-CN link=3Dblue vli=
nk=3Dpurple><div class=3DWordSection1><p class=3DMsoNormal><span lang=3DEN-=
US style=3D'font-size:10.5pt;font-family:"Calibri","sans-serif";color:#1F49=
7D'>the race window is always there, but whether it will be triggered is no=
t determined. It&#8217;s possible that you never met this bug on 2.6.31.x n=
ow, but it doesn&#8217;t mean you won&#8217;t meet it in long run in the fu=
ture. </span><span lang=3DEN-US style=3D'font-size:10.5pt;font-family:Wingd=
ings;color:#1F497D'>J</span><span lang=3DEN-US style=3D'font-size:10.5pt;fo=
nt-family:"Calibri","sans-serif";color:#1F497D'><o:p></o:p></span></p><p cl=
ass=3DMsoNormal><span lang=3DEN-US style=3D'font-size:10.5pt;font-family:"C=
alibri","sans-serif";color:#1F497D'><o:p>&nbsp;</o:p></span></p><p class=3D=
MsoNormal><span lang=3DEN-US style=3D'font-size:10.5pt;font-family:"Calibri=
","sans-serif";color:#1F497D'>Thanks<o:p></o:p></span></p><p class=3DMsoNor=
mal><span lang=3DEN-US style=3D'font-size:10.5pt;font-family:"Calibri","san=
s-serif";color:#1F497D'>Kevin<o:p></o:p></span></p><p class=3DMsoNormal><sp=
an lang=3DEN-US style=3D'font-size:10.5pt;font-family:"Calibri","sans-serif=
";color:#1F497D'><o:p>&nbsp;</o:p></span></p><div style=3D'border:none;bord=
er-left:solid blue 1.5pt;padding:0cm 0cm 0cm 4.0pt'><div><div style=3D'bord=
er:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0cm 0cm 0cm'><p class=
=3DMsoNormal><b><span lang=3DEN-US style=3D'font-size:10.0pt;font-family:"T=
ahoma","sans-serif"'>From:</span></b><span lang=3DEN-US style=3D'font-size:=
10.0pt;font-family:"Tahoma","sans-serif"'> xen-devel-bounces@lists.xensourc=
e.com [mailto:xen-devel-bounces@lists.xensource.com] <b>On Behalf Of </b>Ma=
oXiaoyun<br><b>Sent:</b> Monday, April 25, 2011 11:05 PM<br><b>To:</b> jere=
my@goop.org<br><b>Cc:</b> xen devel; giamteckchoon@gmail.com; konrad.wilk@o=
racle.com<br><b>Subject:</b> [Xen-devel] RE: Kernel BUG at arch/x86/mm/tlb.=
c:61<o:p></o:p></span></p></div></div><p class=3DMsoNormal><span lang=3DEN-=
US><o:p>&nbsp;</o:p></span></p><p class=3DMsoNormal><span lang=3DEN-US styl=
e=3D'font-size:10.0pt;font-family:"&#24494;&#36719;&#38597;&#40657;","sans-=
serif"'>Please ignore my last two mails, I just learnt that Current is mean=
less in irq context.<br>&nbsp;<br>Just come up one whole assumption:<br>&nb=
sp;<br>In my opinion:<br>&nbsp;<br>1) CPU running in switch_mm has the poss=
iblity of receiving IPI message and enter interrupt<br>2) Before revert tha=
t patch, not matter the if statement is true or not, the cpu_tlbstate.state=
<br>could be changed to TLBSTATE_OK, right before enter irq routhine<br>3) =
Since the cpu_tlbstate is per CPU variable,&nbsp;before calling leave_mm(),=
 test cpu_tlbstate.state<br>in drop_other_mm_ref is feasible and nessary<br=
>4) If I am right, strange thing is the code of 2.6.32.36 is same as 2.6.31=
.x, which we never met tlb bug before.<br>&nbsp;<br>any comments?<br>&nbsp;=
<br>Many thanks.<br>&nbsp;<o:p></o:p></span></p></div></div></body></html>=

--_000_625BA99ED14B2D499DC4E29D8138F1505C7F2C518Eshsmsx502ccrc_--


--===============1962481668==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

--===============1962481668==--