Re: port-xen/58561 (panic: kernel diagnostic assertion, "x86_read_psl() == 0" failed: file, "/home/netbsd/10/src/sys/arch/x86/x86/pmap.c", line 3581)

[Manuel Bouyer <bouyer%antioche.eu.org@localhost>]

On Fri, Jan 09, 2026 at 07:24:17AM -0800, Konrad Schroder wrote:
> I can reliably reproduce this issue, quickly enough that a NetBSD
> tools+release build usually will not complete before the system panics.  I
> am using yesterday's -current, with a kernel config as follows:
> 
>     netbsd# cat sys/arch/amd64/conf/LFS
>     include "arch/amd64/conf/XEN3_DOMU"
> 
>     options         LOCKDEBUG
> 
> The host system is Ubuntu 22.04.5 running xen-hypervisor-4.16-amd64, and the
> guest config is:
> 
>     linux# cat lfs
>     name = "lfs"
>     kernel = "/etc/xen/netbsd-lfs.gz"
>     memory = 16384
>     vcpus = 2
>     vif = [ 'bridge=br0' ]
>     disk = [ '/dev/md3p6,raw,hda,rw' ]
> 
>     on_poweroff = 'destroy'
>     on_reboot   = 'destroy'
>     on_crash    = 'destroy'
> 
> The load running on the system is from
> 
>     ./build.sh -j4 -U -u -O obj.amd64 tools release
> 
> in a freshly unpacked src.
> 
> If I configure the VM with "vcpus = 1", or turn off LOCKDEBUG, it doesn't
> panic.
> 
> (As the names imply, I'm hoping to use this configuration to test LFS, but
> the problem is unrelated: the system panics without any LFS file system ever
> having been active since boot.)
> 
> The panic traces vary, but are consistent after the call to copyout():
> 
>     [ 842.2695658] panic: kernel diagnostic assertion "(psl =
> x86_read_psl()) == 0" failed: file
> "/home/src-current/sys/arch/x86/x86/pmap.c", line 3596 psl=0x1
>     [ 842.2695658] cpu1: Begin traceback...
>     [ 842.2695658] vpanic() at netbsd:vpanic+0x164
>     [ 842.2695658] kern_assert() at netbsd:kern_assert+0x4b
>     [ 842.2695658] pmap_load() at netbsd:pmap_load+0x13d
>     [ 842.2695658] do_pmap_load() at netbsd:do_pmap_load+0x1d
>     [ 842.2695658] copyout() at netbsd:copyout+0x48
>     [ 842.2695658] ubc_uiomove() at netbsd:ubc_uiomove+0x12e
>     [ 842.2695658] ffs_read() at netbsd:ffs_read+0xf0
>     [ 842.2695658] VOP_READ() at netbsd:VOP_READ+0x3c
>     [ 842.2695658] vn_rdwr() at netbsd:vn_rdwr+0x100
>     [ 842.2695658] vmcmd_readvn() at netbsd:vmcmd_readvn+0x56
>     [ 842.2695658] execve_runproc() at netbsd:execve_runproc+0x34e
>     [ 842.2695658] execve1() at netbsd:execve1+0x4c
>     [ 842.2695658] sys_execve() at netbsd:sys_execve+0x2a
>     [ 842.2695658] syscall() at netbsd:syscall+0x98
>     [ 842.2695658] --- syscall (number 59) ---
>     [ 842.2695658] netbsd:syscall+0x98:
>     [ 842.2695658] cpu1: End traceback...
> 
> Let me know if there is anything you'd like me to do to help test or further
> diagnose the issue.

Hello,
can you try with the attached patch ? It won't fix the problem but
should let us know if syscall() is already called with interrupts disabled,
or if they're disabled later

-- 
Manuel Bouyer <bouyer%antioche.eu.org@localhost>
     NetBSD: 26 ans d'experience feront toujours la difference
--

Index: sys/arch/amd64/amd64/copy.S
===================================================================
RCS file: /cvsroot/src/sys/arch/amd64/amd64/copy.S,v
retrieving revision 1.36
diff -u -p -u -r1.36 copy.S
--- sys/arch/amd64/amd64/copy.S	24 Sep 2024 20:19:30 -0000	1.36
+++ sys/arch/amd64/amd64/copy.S	10 Jan 2026 12:52:12 -0000
@@ -176,6 +176,7 @@ ENTRY(kcopy)
 END(kcopy)
 
 ENTRY(copyout)
+	call _C_LABEL(amd64_check_psl)
 	DEFERRED_SWITCH_CHECK
 
 	xchgq	%rdi,%rsi		/* kernel address to %rsi, user to %rdi */
Index: sys/arch/amd64/amd64/trap.c
===================================================================
RCS file: /cvsroot/src/sys/arch/amd64/amd64/trap.c,v
retrieving revision 1.130
diff -u -p -u -r1.130 trap.c
--- sys/arch/amd64/amd64/trap.c	20 Jun 2025 17:02:18 -0000	1.130
+++ sys/arch/amd64/amd64/trap.c	10 Jan 2026 12:52:12 -0000
@@ -720,3 +722,13 @@ sigdebug(const struct trapframe *tf, con
 	frame_dump(tf, lwp_getpcb(l));
 }
 #endif
+
+void amd64_check_psl(void);
+void
+amd64_check_psl(void)
+{
+#ifdef XENPV
+		/* Check to see if interrupts are enabled (ie; no events are masked) */
+		KASSERT(x86_read_psl() == 0);
+#endif
+}
Index: sys/arch/x86/x86/syscall.c
===================================================================
RCS file: /cvsroot/src/sys/arch/x86/x86/syscall.c,v
retrieving revision 1.22
diff -u -p -u -r1.22 syscall.c
--- sys/arch/x86/x86/syscall.c	5 Oct 2023 19:41:06 -0000	1.22
+++ sys/arch/x86/x86/syscall.c	10 Jan 2026 12:52:12 -0000
@@ -48,6 +48,7 @@ __KERNEL_RCSID(0, "$NetBSD: syscall.c,v 
 #include <machine/userret.h>
 
 #include "opt_dtrace.h"
+#include "opt_xen.h"
 
 #ifndef __x86_64__
 int		x86_copyargs(void *, void *, size_t);
@@ -90,6 +91,10 @@ static
 void
 syscall(struct trapframe *frame)
 {
+#ifdef XENPV
+		/* Check to see if interrupts are enabled (ie; no events are masked) */
+		KASSERT(x86_read_psl() == 0);
+#endif
 	const struct sysent *callp;
 	struct proc *p;
 	struct lwp *l;