On 01/12/2023 7:59 pm, René Winther Højgaard wrote: > If I set smt=off and try to configure cpupools with credit(1) as if > all cores are available, I get the following crash. > > The crash happens when I try to use xl cpupool-add-cpu on the disabled > HT sibling cores. > > Hyper-threading is enabled in the firmware, and only disabled with > smt=off.
CC'ing some maintainers. I expect this will also explode when a CPU is runtime offlined with `xen-hptool cpu-offline` and then added to a cpupool. Interestingly, the crash is mov (%rdx,%rax,1),%r13, and I think that's the percpu posion value in %rdx. I expect cpupools want to reject parked/offline CPUs. ~Andrew > > Software: Xen-4.17.3 / Qubes OS 4.2.0-RC5 > Firmware: Dasharo 0.9.0 - Z790P > Hardware: 13900K > > (XEN) ----[ Xen-4.17.3-pre x86_64 debug=y Not tainted ]---- > (XEN) CPU: 6 > (XEN) RIP: e008:[<ffff82d040248f89>] schedule_cpu_add+0x50/0x456 > (XEN) RFLAGS: 0000000000010202 CONTEXT: hypervisor (d0v3) > (XEN) rax: ffff82d0405a9288 rbx: ffff83107f5a1980 rcx: > 0000000000000020 > (XEN) rdx: 80007d2fbfa59000 rsi: ffff83107f5a1980 rdi: > 0000000000000020 > (XEN) rbp: 0000000000000009 rsp: ffff831087d3fc68 r8: > 0000000000000000 > (XEN) r9: ffff82d0405b6b60 r10: ffff831087d22ab0 r11: > 0000000000000003 > (XEN) r12: ffff831087d22ab0 r13: 0000000000000020 r14: > ffff831087d22ab0 > (XEN) r15: ffff82d0405ae680 cr0: 0000000080050033 cr4: > 0000000000b526e0 > (XEN) cr3: 0000000912e30000 cr2: 000072e5cb008375 > (XEN) fsb: 000072e5caac7380 gsb: ffff8881b9d80000 gss: > 0000000000000000 > (XEN) ds: 0000 es: 0000 fs: 0000 gs: 0000 ss: e010 cs: e008 > (XEN) Xen code around <ffff82d040248f89> (schedule_cpu_add+0x50/0x456): > (XEN) db 8e 37 00 48 8b 14 ca <4c> 8b 2c 02 3b 3d 75 f0 1f 00 0f 83 > c9 01 00 00 > (XEN) Xen stack trace from rsp=ffff831087d3fc68: > (XEN) ffff83107f5a16e0 ffff82d040204c3b ffff831000000018 > ffff831087d3fd28 > (XEN) ffff831087d3fcc8 3431831087d3fcd0 ffff83107f002033 > ffff831087d3fcd0 > (XEN) 0000000000000000 ffff831087d40d70 ffff82d040246d48 > 0000000000000000 > (XEN) ffff83107f5a1980 0000000000000009 ffff831087d22ab0 > 0000000000000020 > (XEN) ffff831087d22ab0 ffff82d0405ae680 ffff82d040235dec > ffff831087d3fe20 > (XEN) 00000000ffffffed 0000000000000009 ffff83107f5a1980 > ffff82d040236b05 > (XEN) 0000000000000000 0000000000000000 000072e5cb098010 > ffff831087d3ffff > (XEN) 0000000000000000 ffff82d04045d5d8 ffff82d040234763 > 00000000c0000102 > (XEN) 0000000000000000 0000000000000000 00000000c0000102 > 0000000d00000000 > (XEN) ffffffff8101ede6 000000000000e033 0000000000011082 > ffffc90043c1fb00 > (XEN) 000000000000e02b 11e6f31d9b4cbeef 96994088d9fcbeef > 7d897394f3ecbeef > (XEN) c501dd1632b4beef ffff82d040227cc6 ffff831087d3fe48 > 0000000000000000 > (XEN) 0000000000011082 0000000000000000 ffff831087d3ffff > 0000000000000000 > (XEN) ffffffff8101ede4 ffff82d0403495d0 0000001500000012 > 0000000200000004 > (XEN) 0000000000000000 0000000000000009 000072e5cad9cb60 > 7be382ddb0c16b00 > (XEN) 0000000000a97768 0000000000a97150 0000000000000000 > 00007ffe90589abc > (XEN) 00007ffe9058a780 000000000043d990 000000000043d9b0 > 000072e5cad20434 > (XEN) 00007ffe90589ac0 000072e5cafa3f79 0000000000000008 > ffff831087d3fef8 > (XEN) 0000000000000023 ffff83107f52b000 0000000000000000 > 0000000000000000 > (XEN) 0000000000000000 ffff82d0402dd07f ffff83107f52b000 > 0000000000000000 > (XEN) Xen call trace: > (XEN) [<ffff82d040248f89>] R schedule_cpu_add+0x50/0x456 > (XEN) [<ffff82d040204c3b>] S debugtrace_printk+0x119/0x2cc > (XEN) [<ffff82d040246d48>] S free_affinity_masks+0x15/0x17 > (XEN) [<ffff82d040235dec>] S > cpupool.c#cpupool_assign_cpu_locked+0x53/0x160 > (XEN) [<ffff82d040236b05>] S cpupool_do_sysctl+0x367/0x760 > (XEN) [<ffff82d040234763>] S do_sysctl+0x827/0x1269 > (XEN) [<ffff82d040227cc6>] S timer.c#timer_lock+0x69/0x143 > (XEN) [<ffff82d0403495d0>] S x86_emulate_wrapper+0x24/0x56 > (XEN) [<ffff82d0402dd07f>] S pv_hypercall+0x3a2/0x4a9 > (XEN) [<ffff82d0402012b7>] S lstar_enter+0x137/0x140 > (XEN) > (XEN) debugtrace_dump() global buffer starting > (XEN) wrap: 0 > (XEN) debugtrace_dump() global buffer finished > (XEN) > (XEN) **************************************** > (XEN) Panic on CPU 6: > (XEN) GENERAL PROTECTION FAULT > (XEN) [error_code=0000] > (XEN) **************************************** > (XEN) > (XEN) Reboot in five seconds... > > /rene
