Received: by 2002:a05:7412:b995:b0:f9:9502:5bb8 with SMTP id it21csp7430703rdb;
        Wed, 3 Jan 2024 16:25:13 -0800 (PST)
X-Google-Smtp-Source: AGHT+IEhAVKY9iqy3GPKiD3yZnP7k3k8SiJBFzjGpyX/IXHpLkcQPJUGu+/HOcgvy0kw3u/Xe2i8
X-Received: by 2002:a17:903:230d:b0:1d3:155b:8181 with SMTP id d13-20020a170903230d00b001d3155b8181mr26093483plh.1.1704327912785;
        Wed, 03 Jan 2024 16:25:12 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1704327912; cv=none;
        d=google.com; s=arc-20160816;
        b=GD/laMrPJETJCKTT5D2NUYsU/3yapKoUDI/EJo0amJAqRE71fgFrhe4LCQs9OyjLv+
         eVmzW7Jjd0II163mA0wkborztm4sNDnfCbGgpHWmUOixaVr5YOA2Y+GBy3H7J8hxd+Eb
         zuQQqdGv24sKtfSyQvCEPdr1fvIxIMI5ksIQJHWm5Z/gPLDVHWglx8zqvlcUwidqcxMx
         RjTVQC/Hpr/v2eXf1Wh5tNUoxqPjczkULiWPJ1thlMxUw48MdxKsndlfLRadxkrx+FY7
         RpCpicy5szGjQ97zEALvTrbrXlJgJ5deCCc2svbP6A3dyCAwWuJv8hEz08jbA+zZeJwk
         oIkg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=cc:to:from:subject:message-id:references:mime-version
         :list-unsubscribe:list-subscribe:list-id:precedence:in-reply-to:date
         :dkim-signature;
        bh=YGoAdMkmn3Mnvumr2fIYY5+6zsbtkTCTOlb0bB43RH8=;
        fh=YfBg0695AxdbAVUYOudpRFa4esWHkRTxIu9ZFXHFCk0=;
        b=nxN6Z9pMUQ7HX2H39Xta2l9vV7fZdtgXIqfJvARJs2uaiDZMTMOLdtRxnEs44vQNg8
         jquYTouLtbEG3j/EpdFWa0w1M8MeYG+xzmXpfGNPGLkOJFPX4s6yTWinaUIQLOSNic8P
         Gqvq2r2+de41+9gfR1nNjOnSIW1GAqPH4YgnpdmoXr3VOFpfNEOVWGqfBbn+P5syVCqA
         yP5yBvTvzE2I2c9OCdoUIZapLq09PfKQnofq4enyKQkjfW9/mUD2muWZbcfgfbfm88iM
         MDP1Vy8WemLDveOSWE8xNr33lXlVxc3lnchme668PZS2wICZwZa6cF7Kd3QLzg558UOH
         404Q==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@google.com header.s=20230601 header.b=RFpA8CKw;
       spf=pass (google.com: domain of linux-kernel+bounces-16141-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-16141-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Return-Path: <linux-kernel+bounces-16141-linux.lists.archive=gmail.com@vger.kernel.org>
Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [147.75.48.161])
        by mx.google.com with ESMTPS id m1-20020a1709026bc100b001d466549dfbsi15280728plt.563.2024.01.03.16.25.12
        for <linux.lists.archive@gmail.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 03 Jan 2024 16:25:12 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel+bounces-16141-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) client-ip=147.75.48.161;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@google.com header.s=20230601 header.b=RFpA8CKw;
       spf=pass (google.com: domain of linux-kernel+bounces-16141-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-16141-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by sy.mirrors.kernel.org (Postfix) with ESMTPS id 782C9B224D0
	for <linux.lists.archive@gmail.com>; Thu,  4 Jan 2024 00:24:28 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
	by smtp.subspace.kernel.org (Postfix) with ESMTP id A3A2E23C6;
	Thu,  4 Jan 2024 00:24:12 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="RFpA8CKw"
X-Original-To: linux-kernel@vger.kernel.org
Received: from mail-yw1-f202.google.com (mail-yw1-f202.google.com [209.85.128.202])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 726E21859
	for <linux-kernel@vger.kernel.org>; Thu,  4 Jan 2024 00:24:09 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com
Received: by mail-yw1-f202.google.com with SMTP id 00721157ae682-5efb07ddb0fso146657b3.0
        for <linux-kernel@vger.kernel.org>; Wed, 03 Jan 2024 16:24:09 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1704327848; x=1704932648; darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=YGoAdMkmn3Mnvumr2fIYY5+6zsbtkTCTOlb0bB43RH8=;
        b=RFpA8CKw0QT9basRBKCniJs1Un80M1ye9YVQbKW9qNaAM5wVvtrWsapA5Uqe7c2hIY
         +WJAv9XNkLwkOc3AJyWi7enOcEJFagrCc07G7pTmXxqnTJusTV6N/dsllcxXtAJqC+ys
         wkeSsMvRNYlCQfQixWCZ4+xYNC/KB+nMehXQwNDggsgBBMb8NK9zKA5oCNEtM97Ezju0
         3J6wTYq8+Gn/rvAqHPZk1PVgaCjIodkPx+ljVRGPiDoaFsCRypkTHfIRkAl07jQJRBv2
         Lu1lbzv/0wbhvgEC0uzHMqGxyDioE+QW2dmNfjIZdqWkWUz4OLTsnU7ZzSxDKDJ6/+1D
         WgCQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1704327848; x=1704932648;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=YGoAdMkmn3Mnvumr2fIYY5+6zsbtkTCTOlb0bB43RH8=;
        b=qBDzF9QbTV0y0RIfxsoeaQYt3zpE9OO55g+JmjDHcmyUDbOkLOH5+hVQa1AyrQgFbd
         jEV05nMvGaBXlOo20BUJ954UoDVnbTW+d1MIB+iUfXDgNwc1TrnWl4yT9BmWlnJ/WlYY
         odz0XPn+0ZVB7Apw2iQ4XrWNV9B2jxGhEhwzhSVmbAAGjreY8KbKdu/Bh+0t1WXBI3mU
         w56es3MHXdX7uw/Qs84UMgA+9GWdb0xTp8xVnsCgq8hfET6t6qL55fIorPwxZ3qeGRcZ
         HjbSfYyLg53jLVjPu1DBAZJ0n28t2OsdgFVX6abNbxKguDFI/XryTpEwEFsO01Jquq1Y
         iIxw==
X-Gm-Message-State: AOJu0Ywtzu0oskqk7VE/ailY+OUF5030k2Q02gPQTWUgqBMhdCk1G3tG
	W6jEgqiWQKkilUbW5Q5HOLeYni1MLG/7LUdiaQ==
X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37])
 (user=seanjc job=sendgmr) by 2002:a25:8142:0:b0:d9c:801c:4230 with SMTP id
 j2-20020a258142000000b00d9c801c4230mr472209ybm.5.1704327848261; Wed, 03 Jan
 2024 16:24:08 -0800 (PST)
Date: Wed, 3 Jan 2024 16:24:06 -0800
In-Reply-To: <88f49775-2b56-48cc-81b8-651a940b7d6b@paulmck-laptop>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <3d8f5987-e09c-4dd2-a9c0-8ba22c9e948a@paulmck-laptop> <88f49775-2b56-48cc-81b8-651a940b7d6b@paulmck-laptop>
Message-ID: <ZZX6pkHnZP777DVi@google.com>
Subject: Re: [BUG] Guest OSes die simultaneously (bisected)
From: Sean Christopherson <seanjc@google.com>
To: "Paul E. McKenney" <paulmck@kernel.org>
Cc: Like Xu <like.xu@linux.intel.com>, Andi Kleen <ak@linux.intel.com>, 
	Kan Liang <kan.liang@linux.intel.com>, Luwei Kang <luwei.kang@intel.com>, 
	Peter Zijlstra <peterz@infradead.org>, Paolo Bonzini <pbonzini@redhat.com>, 
	linux-perf-users@vger.kernel.org, linux-kernel@vger.kernel.org, 
	kvm@vger.kernel.org, Breno Leitao <leitao@debian.org>, 
	Arnaldo Carvalho de Melo <acme@kernel.org>, Ingo Molnar <mingo@redhat.com>
Content-Type: text/plain; charset="us-ascii"

On Wed, Jan 03, 2024, Paul E. McKenney wrote:
> On Wed, Jan 03, 2024 at 02:22:23PM -0800, Paul E. McKenney wrote:
> > Hello!
> > 
> > Since some time between v5.19 and v6.4, long-running rcutorture tests
> > would (rarely but intolerably often) have all guests on a given host die
> > simultaneously with something like an instruction fault or a segmentation
> > violation.
> > 
> > Each bisection step required 20 hosts running 10 hours each, and
> > this eventually fingered commit c59a1f106f5c ("KVM: x86/pmu: Add
> > IA32_PEBS_ENABLE MSR emulation for extended PEBS").  Although this commit
> > is certainly messing with things that could possibly cause all manner
> > of mischief, I don't immediately see a smoking gun.  Except that the
> > commit prior to this one is rock solid.
> > Just to make things a bit more exciting, bisection in mainline proved
> > to be problematic due to bugs of various kinds that hid this one.  I was
> > therefore forced to bisect among the commits backported to the internal
> > v5.19-based kernel, which fingered the backported version of the patch
> > called out above.
> 
> Ah, and so why do I believe that this is a problem in mainline rather
> than just (say) a backporting mistake?
> 
> Because this issue was first located in v6.4, which already has this
> commit included.
> 
> 							Thanx, Paul
> 
> > Please note that this is not (yet) an emergency.  I will just continue
> > to run rcutorture on v5.19-based hypervisors in the meantime.
> > 
> > Any suggestions for debugging or fixing?

This looks suspect:

+       u64 pebs_mask = cpuc->pebs_enabled & x86_pmu.pebs_capable;
+       int global_ctrl, pebs_enable;
 
-       arr[0].msr = MSR_CORE_PERF_GLOBAL_CTRL;
-       arr[0].host = intel_ctrl & ~cpuc->intel_ctrl_guest_mask;
-       arr[0].guest = intel_ctrl & ~cpuc->intel_ctrl_host_mask;
-       arr[0].guest &= ~(cpuc->pebs_enabled & x86_pmu.pebs_capable);
-       *nr = 1;
+       *nr = 0;
+       global_ctrl = (*nr)++;
+       arr[global_ctrl] = (struct perf_guest_switch_msr){
+               .msr = MSR_CORE_PERF_GLOBAL_CTRL,
+               .host = intel_ctrl & ~cpuc->intel_ctrl_guest_mask,
+               .guest = intel_ctrl & (~cpuc->intel_ctrl_host_mask | ~pebs_mask),
+       };


IIUC (always a big if with this code), the intent is that the guest's version of
PERF_GLOBAL_CTRL gets bits that are (a) not exclusive to the host and (b) not
being used for PEBS.  (b) is necessary because PEBS generates records in memory
using virtual addresses, i.e. the CPU will write to memory using a virtual address
that is valid for the host but not the guest.  And so PMU counters that are
configured to generate PEBS records need to be disabled while running the guest.

Before that commit, the logic was:

  guest[PERF_GLOBAL_CTRL] = ctrl & ~host;
  guest[PERF_GLOBAL_CTRL] &= ~pebs;

But after, it's now:

  guest[PERF_GLOBAL_CTRL] = ctrl & (~host | ~pebs);

I.e. the kernel is enabled counters in the guest that are not host-only OR not
PEBS.  E.g. if only counter 0 is in use, it's using PEBS, but it's not exclusive
to the host, then the new code will yield (truncated to a single byte for sanity)

  1 = 1 & (0xf | 0xe)

and thus keep counter 0 enabled, whereas the old code would yield

  1 = 1 & 0xf
  0 = 1 & 0xe

A bit of a shot in the dark and completed untested, but I think this is the correct
fix?

diff --git a/arch/x86/events/intel/core.c b/arch/x86/events/intel/core.c
index a08f794a0e79..92d5a3464cb2 100644
--- a/arch/x86/events/intel/core.c
+++ b/arch/x86/events/intel/core.c
@@ -4056,7 +4056,7 @@ static struct perf_guest_switch_msr *intel_guest_get_msrs(int *nr, void *data)
        arr[global_ctrl] = (struct perf_guest_switch_msr){
                .msr = MSR_CORE_PERF_GLOBAL_CTRL,
                .host = intel_ctrl & ~cpuc->intel_ctrl_guest_mask,
-               .guest = intel_ctrl & (~cpuc->intel_ctrl_host_mask | ~pebs_mask),
+               .guest = intel_ctrl & ~(cpuc->intel_ctrl_host_mask | pebs_mask),
        };
 
        if (!x86_pmu.pebs)