From mboxrd@z Thu Jan  1 00:00:00 1970
From: Wei Liu <wei.liu2@citrix.com>
Subject: Re: Regression in guest destruction caused by altp2m
Date: Mon, 27 Jul 2015 19:09:39 +0100
Message-ID: <20150727180939.GC5111@zion.uk.xensource.com>
References: <20150727151815.GB5111@zion.uk.xensource.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xen.org>
Received: from mail6.bemta14.messagelabs.com ([193.109.254.103])
	by lists.xen.org with esmtp (Exim 4.72)
	(envelope-from <prvs=6434a30be=wei.liu2@citrix.com>)
	id 1ZJmqS-0002Ve-LR
	for xen-devel@lists.xenproject.org; Mon, 27 Jul 2015 18:09:48 +0000
Content-Disposition: inline
In-Reply-To: <20150727151815.GB5111@zion.uk.xensource.com>
List-Unsubscribe: <http://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <http://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Sender: xen-devel-bounces@lists.xen.org
Errors-To: xen-devel-bounces@lists.xen.org
To: xen-devel@lists.xenproject.org, ravi.sahita@intel.com, edmund.h.white@intel.com
Cc: George Dunlap <george.dunlap@eu.citrix.com>, Andrew Cooper <andrew.cooper3@citrix.com>, wei.liu2@citrix.com, Jan Beulich <JBeulich@suse.com>, tim@xen.org
List-Id: xen-devel@lists.xenproject.org

On Mon, Jul 27, 2015 at 04:18:15PM +0100, Wei Liu wrote:
> Found this when I did "xl destroy" to a hvm guest *without* altp2m turned
> on.
> 
> Current staging branch.
> 
> (XEN) ----[ Xen-4.6-unstable  x86_64  debug=y  Tainted:    C ]----
> (XEN) CPU:    0
> (XEN) RIP:    e008:[<ffff82d0801fce0d>] vmx_vmenter_helper+0x263/0x2f3
> (XEN) RFLAGS: 0000000000010242   CONTEXT: hypervisor (d0v0)
> (XEN) rax: 000000000000201a   rbx: ffff8300cf5f9000   rcx: 0000000000000000
> (XEN) rdx: 0000000000000200   rsi: ffff830225fc5000   rdi: ffff8300cf5f9000
> (XEN) rbp: ffff8300cf30fde8   rsp: ffff8300cf30fdd8   r8:  ffff8300cf0fc5e0
> (XEN) r9:  00000016e7ea5ca3   r10: 0000000000000000   r11: 00000016f1000b66
> (XEN) r12: ffff830227b18740   r13: ffff830227bda250   r14: ffff830227bda240
> (XEN) r15: 0000000000000000   cr0: 0000000080050033   cr4: 00000000000026e0
> (XEN) cr3: 000000000f03a000   cr2: 00007fb13dc65150
> (XEN) ds: 0000   es: 0000   fs: 0000   gs: 0000   ss: 0000   cs: e008
> (XEN) Xen stack trace from rsp=ffff8300cf30fdd8:
> (XEN)    ffff8300cf5f9000 ffff8300cf5f9000 ffff8300cf30fdf8 ffff82d0801d95fb
> (XEN)    ffff8300cf30fe18 ffff82d0802145eb ffff82d08012d455 ffff830227bda250
> (XEN)    ffff8300cf30fe48 ffff82d0801d3e0c ffff8300cf5f9000 0000000000000001
> (XEN)    ffff830227bdaf28 ffff830227bda000 ffff8300cf30fe68 ffff82d080174c6f
> (XEN)    ffff8300cf5f9000 ffff8300cf5f9000 ffff8300cf30fe98 ffff82d080105e07
> (XEN)    ffff82d0803545c0 0000000000000000 0000000000000000 ffff8300cf308000
> (XEN)    ffff8300cf30fec8 ffff82d08012148a ffff82d080328080 ffff82d080328080
> (XEN)    ffff82d080328080 ffffffffffffffff ffff8300cf30fef8 ffff82d08012cbe7
> (XEN)    ffff8300ce68e000 00007fb13dc65150 ffffea00000715a0 0000000000000000
> (XEN)    ffff8300cf30ff08 ffff82d08012cc3f 00007cff30cf00c7 ffff82d08024dd51
> (XEN)    0000000000000000 0000000000000000 ffffea00000715a0 00007fb13dc65150
> (XEN)    ffff8800cd4ff3d8 ffffea0000267a50 ffff880000000328 00000000000000a9
> (XEN)    ffffea00000715a0 ffff8800cd4ff3d8 ffff880207c997b9 0000000000267a50
> (XEN)    00007fb13dc65150 ffff8800cd4ff3d8 ffffea0000267a50 000000fa00000000
> (XEN)    ffffffff8113d09d 000000000000e033 0000000000000202 ffff88000b807d68
> (XEN)    000000000000e02b 000000000000beef 000000000000beef 000000000000beef
> (XEN)    000000000000beef 0000000000000000 ffff8300ce68e000 0000000000000000
> (XEN)    0000000000000000
> (XEN) Xen call trace:
> (XEN)    [<ffff82d0801fce0d>] vmx_vmenter_helper+0x263/0x2f3
> (XEN)    [<ffff82d0801d95fb>] altp2m_vcpu_update_p2m+0x12/0x15
> (XEN)    [<ffff82d0802145eb>] altp2m_vcpu_destroy+0x6b/0x94
> (XEN)    [<ffff82d0801d3e0c>] hvm_vcpu_destroy+0x5a/0xa7
> (XEN)    [<ffff82d080174c6f>] vcpu_destroy+0x5d/0x72
> (XEN)    [<ffff82d080105e07>] complete_domain_destroy+0x49/0x186
> (XEN)    [<ffff82d08012148a>] rcu_process_callbacks+0x144/0x1a5
> (XEN)    [<ffff82d08012cbe7>] __do_softirq+0x82/0x8d
> (XEN)    [<ffff82d08012cc3f>] do_softirq+0x13/0x15
> (XEN)    [<ffff82d08024dd51>] process_softirqs+0x21/0x30
> (XEN) 
> (XEN) 
> (XEN) ****************************************
> (XEN) Panic on CPU 0:
> (XEN) FATAL TRAP: vector = 6 (invalid opcode)
> (XEN) ****************************************
> (XEN) 

This makes me think it doesn't matter if I do "xl destroy" or just
normal shutdown. And another test to normally shutdown guest confirmed
that.

The machine I have is quite old and doesn't support EPT. The real issues
seems to be that you failed to properly disable that feature for old
machines.

Wei.

> 
> Wei.