Re: port-xen/58561 (panic: kernel diagnostic assertion, "x86_read_psl() == 0" failed: file, "/home/netbsd/10/src/sys/arch/x86/x86/pmap.c", line 3581)

[Manuel Bouyer <bouyer%antioche.eu.org@localhost>]

On Sat, Jan 10, 2026 at 11:30:27AM -0800, Konrad Schroder wrote:
> On 1/10/2026 4:55 AM, Manuel Bouyer wrote:
> > Hello,
> > can you try with the attached patch ? It won't fix the problem but
> > should let us know if syscall() is already called with interrupts disabled,
> > or if they're disabled later
> 
> Thanks!  Unfortunately that blows up almost instantly:
> [...]


Sorry; I should have checked more carefully. As there's a
call _C_LABEL(do_pmap_load)
early I assumed it was safe to call C functions here but do_pmap_load()
is in fact written in assembly.
Here's an updated patch which uses only assembly in copy.S
Also it adds the check to all copy* functions, not only copyout.
It boots multiuser on my test system.

-- 
Manuel Bouyer <bouyer%antioche.eu.org@localhost>
     NetBSD: 26 ans d'experience feront toujours la difference
--

Index: sys/arch/amd64/amd64/copy.S
===================================================================
RCS file: /cvsroot/src/sys/arch/amd64/amd64/copy.S,v
retrieving revision 1.36
diff -u -p -u -r1.36 copy.S
--- sys/arch/amd64/amd64/copy.S	24 Sep 2024 20:19:30 -0000	1.36
+++ sys/arch/amd64/amd64/copy.S	10 Jan 2026 20:56:54 -0000
@@ -47,12 +47,14 @@
 	movq	CPUVAR(CURLWP),reg; \
 	movq	L_PCB(reg),reg
 
+
 /*
  * These are arranged so that the abnormal case is a forwards
  * conditional branch - which will be predicted not-taken by
  * both Intel and AMD processors.
  */
 #define DEFERRED_SWITCH_CHECK \
+	call _C_LABEL(do_check_psl)		; \
 	CHECK_DEFERRED_SWITCH			; \
 	jnz	99f				; \
 98:
@@ -70,6 +72,33 @@
 
 x86_copyfunc_start:	.globl	x86_copyfunc_start
 
+pslmsg:	.ascii "do_check_psl failed"
+ENTRY(do_check_psl)
+	pushq	%rbp
+	movq	%rsp,%rbp
+	pushq	%rbx
+	movq	CPUVAR(CURLWP),%rbx
+	incl    L_NOPREEMPT(%rbx)
+	movq	CPUVAR(VCPU), %rax
+	movzbl EVTCHN_UPCALL_MASK(%rax),%eax
+	decl	L_NOPREEMPT(%rbx)
+	test   %eax,%eax
+	jne 	198f
+	popq	%rbx
+	leaveq
+	ret
+198:
+	movq $pslmsg, %rdi
+	callq _C_LABEL(panic)
+	popq	%rbx
+	leaveq
+	ret
+END(do_check_psl)
+
+
+
+
+
 /*
  * Handle deferred pmap switch.  We must re-enable preemption without
  * making a function call, so that the program counter is visible to
Index: sys/arch/x86/x86/syscall.c
===================================================================
RCS file: /cvsroot/src/sys/arch/x86/x86/syscall.c,v
retrieving revision 1.22
diff -u -p -u -r1.22 syscall.c
--- sys/arch/x86/x86/syscall.c	5 Oct 2023 19:41:06 -0000	1.22
+++ sys/arch/x86/x86/syscall.c	10 Jan 2026 20:56:54 -0000
@@ -48,6 +48,7 @@ __KERNEL_RCSID(0, "$NetBSD: syscall.c,v 
 #include <machine/userret.h>
 
 #include "opt_dtrace.h"
+#include "opt_xen.h"
 
 #ifndef __x86_64__
 int		x86_copyargs(void *, void *, size_t);
@@ -90,6 +91,10 @@ static
 void
 syscall(struct trapframe *frame)
 {
+#ifdef XENPV
+		/* Check to see if interrupts are enabled (ie; no events are masked) */
+		KASSERT(x86_read_psl() == 0);
+#endif
 	const struct sysent *callp;
 	struct proc *p;
 	struct lwp *l;