Received: by 2002:a05:7412:b995:b0:f9:9502:5bb8 with SMTP id it21csp7769161rdb; Thu, 4 Jan 2024 07:12:23 -0800 (PST) X-Google-Smtp-Source: AGHT+IHqbko2wMA+rdStuvgH9EgLvcTD5vEKg1Lf86YcxwdnSRmdHgA1McRqiGB6VXgREsE1L/IS X-Received: by 2002:a2e:8ec2:0:b0:2cc:c567:e539 with SMTP id e2-20020a2e8ec2000000b002ccc567e539mr442618ljl.101.1704381142789; Thu, 04 Jan 2024 07:12:22 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1704381142; cv=none; d=google.com; s=arc-20160816; b=Us052FHDR320zei5v0b9nSRcUotp/xE3PW22f+CuK8ltvLIggqA60Qut/gjrWP2uog jfTyM3rPRwOez508n/BevLMK94erujGXYblC0JeEotlYcY2NUlZvRRtohQFdzd4bk+NH l3RBlriDYzOUmQe4PPiVZ9UTyNY3M/EaldNpV3rfYiT1FLMFVLx7K5Cqb3coClSHnAFV 6BeIWrWTM/7blM7/bGLfqJrq44VmqXdOdxpUl21xpsA0bcWOr8v6kc9lZ3cPgyXScA0L Ef8P/LoRg7JgQGKu75hlg4lGEB2NyT1wCGeqgooggCs0QsQ8hScIZyUEmllabZp0kKd8 MiWQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:list-unsubscribe:list-subscribe :list-id:precedence:dkim-signature; bh=aezVZ21RXwDSPznUaEfqO8ObQ6DAwMB4uYqaeR9muhs=; fh=hjnZhCPDP/v8pV3SzF/+q4ltAv3hdHyF36QwyE2ZEZY=; b=vMP0N718ZcP/PpzwkGjCRhwdC/9+Kl5xyvRIJI2RMCYUb5uFUueY1hZ1L35JK7uCWm CHDfmqvTKWbiEegvHAnqkjdv7XTG2SAx3O61YKjKmsVD1Jmch3Aa83z408zx/iJmkRG/ bvm8ma5naevGQtu/0BPjbr5NmV9Sf8tOGIL66nTEgi5qfZYKxA/UVJix8BF6zNcWAU7d Lt9yKdCGQV7lDP/mmEREed+hLNGRpbqrCae9Qnhzk1UfmxCUzEltLwJ56FHDAyTsdqcg HU8tk4xqSkWYu9TM/kVYCsgGgTNYVx4FWZRz2hsMkc7+Cc8Xe2AOe5XZtmjGsI3K5I9r 4aVw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=Kd2fCAmh; spf=pass (google.com: domain of linux-kernel+bounces-16818-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-16818-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [2604:1380:4601:e00::3]) by mx.google.com with ESMTPS id z41-20020a509e2c000000b005539b01d102si13094483ede.608.2024.01.04.07.12.22 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 04 Jan 2024 07:12:22 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-16818-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) client-ip=2604:1380:4601:e00::3; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=Kd2fCAmh; spf=pass (google.com: domain of linux-kernel+bounces-16818-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-16818-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id C88AC1F22B1D for ; Thu, 4 Jan 2024 15:00:57 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 86E59241E0; Thu, 4 Jan 2024 15:00:11 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="Kd2fCAmh" X-Original-To: linux-kernel@vger.kernel.org Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 076ED2377C for ; Thu, 4 Jan 2024 15:00:08 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1704380408; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=aezVZ21RXwDSPznUaEfqO8ObQ6DAwMB4uYqaeR9muhs=; b=Kd2fCAmhoK0LpFlKeE2/ZmWLy+vejFuNGitUz2YD7+GTvUZprE2ihH0DH+FNLaqOTcDHa2 m4NFZWqC06XcR5QDYdFpuxMEmO/6Bfc+runm9jpzh1sZsGyef/ozfSacHtTDe+nzYk0zh6 XDBRllbDw85MyMTo0WLJ6QJiPx2U3jc= Received: from mail-vs1-f71.google.com (mail-vs1-f71.google.com [209.85.217.71]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-385--992aZnuO5yq791L8SkNxg-1; Thu, 04 Jan 2024 10:00:05 -0500 X-MC-Unique: -992aZnuO5yq791L8SkNxg-1 Received: by mail-vs1-f71.google.com with SMTP id ada2fe7eead31-466f26eefe0so177775137.1 for ; Thu, 04 Jan 2024 07:00:05 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1704380405; x=1704985205; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=aezVZ21RXwDSPznUaEfqO8ObQ6DAwMB4uYqaeR9muhs=; b=Zf53d6V5XjDgQ3xqyPqMsw0BVGbv28XG9pn35r1zc2zbjmqUE/H6WnPMKdXhDEYVlc 9IJKhtYe2yqBGqnMNw4g3GxcRbvaIj+++zp0MjqAo4YTvAkGMiZqYOvHrAoufm/sQzs8 GIpD87aZ8wFvKbyGGl+nTNWXpXiAngRDnpMCDGRkGyH9Uz0ZsQ1DlpHK5X/lFOzTchf8 wNbBSY6F9P9J/kYVUWd/xPu609qT8apq0LEOwqO60e0jyuZtT+OggJ0mCHXCoEn52p5A WATrUU6feInqnCS1xmkyuW4tnrwDjRaJMxsaqH5mrAci+IzE7/CRsZzvVW3NDdAppkOK KrGA== X-Gm-Message-State: AOJu0YwzwNp2d2IhadxqygmChTM+CCv12fw4Q7JW3gog7/zhBTN8G2RC nxDESy4Y8+CGV76J4rXLXLnTFfFV1G/D8J7q03pnlUOCEcYv3D5gRRIe7G2p/eTWEVkU0K9leL1 oJhEKa0HpVqqQL72LsYX/oEu9FInqCwsJ1XSGtAg4T7vLN2mm X-Received: by 2002:a05:6102:3d0c:b0:467:ab82:8541 with SMTP id i12-20020a0561023d0c00b00467ab828541mr539164vsv.2.1704380405030; Thu, 04 Jan 2024 07:00:05 -0800 (PST) X-Received: by 2002:a05:6102:3d0c:b0:467:ab82:8541 with SMTP id i12-20020a0561023d0c00b00467ab828541mr539149vsv.2.1704380404783; Thu, 04 Jan 2024 07:00:04 -0800 (PST) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 References: <3d8f5987-e09c-4dd2-a9c0-8ba22c9e948a@paulmck-laptop> <88f49775-2b56-48cc-81b8-651a940b7d6b@paulmck-laptop> <77d7a3e3-f35e-4507-82c2-488405b25fa4@paulmck-laptop> In-Reply-To: From: Paolo Bonzini Date: Thu, 4 Jan 2024 15:59:52 +0100 Message-ID: Subject: Re: [BUG] Guest OSes die simultaneously (bisected) To: paulmck@kernel.org Cc: Sean Christopherson , Like Xu , Andi Kleen , Kan Liang , Luwei Kang , Peter Zijlstra , linux-perf-users@vger.kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Breno Leitao , Arnaldo Carvalho de Melo , Ingo Molnar Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Thu, Jan 4, 2024 at 3:58=E2=80=AFPM Paul E. McKenney wrote: > > On Wed, Jan 03, 2024 at 05:00:35PM -0800, Paul E. McKenney wrote: > > On Wed, Jan 03, 2024 at 04:24:06PM -0800, Sean Christopherson wrote: > > > On Wed, Jan 03, 2024, Paul E. McKenney wrote: > > > > On Wed, Jan 03, 2024 at 02:22:23PM -0800, Paul E. McKenney wrote: > > > > > Hello! > > > > > > > > > > Since some time between v5.19 and v6.4, long-running rcutorture t= ests > > > > > would (rarely but intolerably often) have all guests on a given h= ost die > > > > > simultaneously with something like an instruction fault or a segm= entation > > > > > violation. > > > > > > > > > > Each bisection step required 20 hosts running 10 hours each, and > > > > > this eventually fingered commit c59a1f106f5c ("KVM: x86/pmu: Add > > > > > IA32_PEBS_ENABLE MSR emulation for extended PEBS"). Although thi= s commit > > > > > is certainly messing with things that could possibly cause all ma= nner > > > > > of mischief, I don't immediately see a smoking gun. Except that = the > > > > > commit prior to this one is rock solid. > > > > > Just to make things a bit more exciting, bisection in mainline pr= oved > > > > > to be problematic due to bugs of various kinds that hid this one.= I was > > > > > therefore forced to bisect among the commits backported to the in= ternal > > > > > v5.19-based kernel, which fingered the backported version of the = patch > > > > > called out above. > > > > > > > > Ah, and so why do I believe that this is a problem in mainline rath= er > > > > than just (say) a backporting mistake? > > > > > > > > Because this issue was first located in v6.4, which already has thi= s > > > > commit included. > > > > > > > > Thanx, Paul > > > > > > > > > Please note that this is not (yet) an emergency. I will just con= tinue > > > > > to run rcutorture on v5.19-based hypervisors in the meantime. > > > > > > > > > > Any suggestions for debugging or fixing? > > > > > > This looks suspect: > > > > > > + u64 pebs_mask =3D cpuc->pebs_enabled & x86_pmu.pebs_capable; > > > + int global_ctrl, pebs_enable; > > > > > > - arr[0].msr =3D MSR_CORE_PERF_GLOBAL_CTRL; > > > - arr[0].host =3D intel_ctrl & ~cpuc->intel_ctrl_guest_mask; > > > - arr[0].guest =3D intel_ctrl & ~cpuc->intel_ctrl_host_mask; > > > - arr[0].guest &=3D ~(cpuc->pebs_enabled & x86_pmu.pebs_capable= ); > > > - *nr =3D 1; > > > + *nr =3D 0; > > > + global_ctrl =3D (*nr)++; > > > + arr[global_ctrl] =3D (struct perf_guest_switch_msr){ > > > + .msr =3D MSR_CORE_PERF_GLOBAL_CTRL, > > > + .host =3D intel_ctrl & ~cpuc->intel_ctrl_guest_mask, > > > + .guest =3D intel_ctrl & (~cpuc->intel_ctrl_host_mask = | ~pebs_mask), > > > + }; > > > > > > > > > IIUC (always a big if with this code), the intent is that the guest's= version of > > > PERF_GLOBAL_CTRL gets bits that are (a) not exclusive to the host and= (b) not > > > being used for PEBS. (b) is necessary because PEBS generates records= in memory > > > using virtual addresses, i.e. the CPU will write to memory using a vi= rtual address > > > that is valid for the host but not the guest. And so PMU counters th= at are > > > configured to generate PEBS records need to be disabled while running= the guest. > > > > > > Before that commit, the logic was: > > > > > > guest[PERF_GLOBAL_CTRL] =3D ctrl & ~host; > > > guest[PERF_GLOBAL_CTRL] &=3D ~pebs; > > > > > > But after, it's now: > > > > > > guest[PERF_GLOBAL_CTRL] =3D ctrl & (~host | ~pebs); > > > > > > I.e. the kernel is enabled counters in the guest that are not host-on= ly OR not > > > PEBS. E.g. if only counter 0 is in use, it's using PEBS, but it's no= t exclusive > > > to the host, then the new code will yield (truncated to a single byte= for sanity) > > > > > > 1 =3D 1 & (0xf | 0xe) > > > > > > and thus keep counter 0 enabled, whereas the old code would yield > > > > > > 1 =3D 1 & 0xf > > > 0 =3D 1 & 0xe > > > > > > A bit of a shot in the dark and completed untested, but I think this = is the correct > > > fix? > > > > I am firing off some tests, and either way, thank you very much!!! > > Woo-hoo!!! ;-) > > Tested-by: Paul E. McKenney > > Will you be sending a proper patch, or would you prefer that I do so? > In the latter case, I would need your Signed-off-by. I will fast track this one to Linus. Paolo > And again, thank you very much!!! > > Thanx, Paul > > > > diff --git a/arch/x86/events/intel/core.c b/arch/x86/events/intel/cor= e.c > > > index a08f794a0e79..92d5a3464cb2 100644 > > > --- a/arch/x86/events/intel/core.c > > > +++ b/arch/x86/events/intel/core.c > > > @@ -4056,7 +4056,7 @@ static struct perf_guest_switch_msr *intel_gues= t_get_msrs(int *nr, void *data) > > > arr[global_ctrl] =3D (struct perf_guest_switch_msr){ > > > .msr =3D MSR_CORE_PERF_GLOBAL_CTRL, > > > .host =3D intel_ctrl & ~cpuc->intel_ctrl_guest_mask, > > > - .guest =3D intel_ctrl & (~cpuc->intel_ctrl_host_mask = | ~pebs_mask), > > > + .guest =3D intel_ctrl & ~(cpuc->intel_ctrl_host_mask = | pebs_mask), > > > }; > > > > > > if (!x86_pmu.pebs) > > > >