[kvm-ppc-devel] more guest panic debugging

[Hollis Blanchard <hollisb@us.ibm.com>]

[-- Attachment #1: Type: text/plain, Size: 788 bytes --]

I tried the attached patch to detect the decrementer/ITLB miss breakage
we're getting. When I got the attached panic, I had the attached debug
info.

It looks like we're getting a decrementer interrupt while in guest
userspace, and then somehow that interrupt handler isn't mapped.
However, you can see from the dump that it should be mapped in both the
guest and shadow TLBs.

Significantly, the BUG_ON() in the ITLB part of kvmppc_handle_exit()
*didn't* fire, but the test in kvmppc_deliver_interrupts() did. That
suggests to me that somehow the PC has changed between that point and
where we deliver the interrupt, but I'm not yet sure how. We may not be
intending to deliver an ITLB miss to the guest at all, but end up at
that IVOR.

-- 
Hollis Blanchard
IBM Linux Technology Center

[-- Attachment #2: dec_itlb_miss.diff --]
[-- Type: text/x-patch, Size: 1163 bytes --]

diff --git a/arch/powerpc/kvm/powerpc.c b/arch/powerpc/kvm/powerpc.c
--- a/arch/powerpc/kvm/powerpc.c
+++ b/arch/powerpc/kvm/powerpc.c
@@ -169,6 +169,17 @@ static void kvmppc_deliver_interrupt(str
 	case BOOKE_INTERRUPT_DECREMENTER:
 		vcpu->arch.tsr |= TSR_DIS;
 		break;
+	}
+
+	switch (interrupt) {
+	case BOOKE_INTERRUPT_ITLB_MISS:
+	case BOOKE_INTERRUPT_INST_STORAGE:
+		if ((vcpu->arch.pc & 0xf0000000) == 0xc0000000) {
+			printk("bad fault %d\n", interrupt);
+			kvmppc_dump_vcpu(vcpu);
+			kvmppc_dump_tlbs(vcpu);
+			WARN_ON(1);
+		}
 	}
 
 	vcpu->arch.srr0 = vcpu->arch.pc;
@@ -304,6 +315,7 @@ int kvmppc_handle_exit(struct kvm_run *r
 
 	case BOOKE_INTERRUPT_INST_STORAGE:
 		vcpu->arch.esr = vcpu->arch.fault_esr;
+		BUG_ON((vcpu->arch.pc & 0xf0000000) == 0xc0000000);
 		kvmppc_queue_exception(vcpu, exit_nr);
 		r = RESUME_GUEST;
 		break;
@@ -362,6 +374,7 @@ int kvmppc_handle_exit(struct kvm_run *r
 		gtlbe = kvmppc_44x_itlb_search(vcpu, eaddr);
 		if (!gtlbe) {
 			/* The guest didn't have a mapping for it. */
+			BUG_ON((vcpu->arch.pc & 0xf0000000) == 0xc0000000);
 			kvmppc_queue_exception(vcpu, exit_nr);
 			r = RESUME_GUEST;
 			break;

[-- Attachment #3: panic.txt --]
[-- Type: text/plain, Size: 940 bytes --]

Unable to handle kernel paging request for instruction fetch
Faulting instruction address: 0xc0000ac0
Oops: Kernel access of bad area, sig: 11 [#1]
Bamboo
Modules linked in:
NIP: c0000ac0 LR: 1000a8a4 CTR: 100088a0
REGS: bfc85be0 TRAP: 0400   Not tainted  (2.6.25-rc3-hg1858cec8eb87-dirty)
MSR: 00021000 <ME>  CR: 80000028  XER: 00000000
TASK = c8810400[1] 'init' THREAD: c881e000
GPR00: 1000b1bc bfc85c90 1005ba50 bfc85fde 0000002f bfc85f0c 6474e551 00000004 
GPR08: 10000034 10070000 10000094 00000003 80808080 10079a64 00000000 00000000 
GPR16: 00000000 00000000 c881ff60 c0290000 c0290000 c0290000 1000028c 100007f8 
GPR24: 100008d0 00000000 bfc85f18 bfc85f04 00000001 bfc85f0c bfc85f04 bfc85fde 
NIP [c0000ac0] Decrementer+0x0/0xc0
LR [1000a8a4] 0x1000a8a4
Call Trace:
Instruction dump:
914b00b0 3d400002 614a1002 512a0420 4800c6ad c000b374 c000d91c 60000000 
60000000 60000000 60000000 60000000 <7d5043a6> 7d7143a6 7c3443a6 7d400026 

[-- Attachment #4: dump.txt --]
[-- Type: text/plain, Size: 1747 bytes --]

pc:   c0000ac0 msr:  00021000
lr:   1000a8a4 ctr:  100088a0
srr0: 1001d56c srr1: 0002d002
exceptions: 00000000
gpr00: 1000b1bc bfc85c90 1005ba50 bfc85fde
gpr04: 0000002f bfc85f0c 6474e551 00000004
gpr08: 10000034 10070000 10000094 00000003
gpr12: 80808080 10079a64 00000000 00000000
gpr16: 00000000 00000000 c881ff60 c0290000
gpr20: c0290000 c0290000 1000028c 100007f8
gpr24: 100008d0 00000000 bfc85f18 bfc85f04
gpr28: 00000001 bfc85f0c bfc85f04 10070000
vcpu 0 TLB dump:
| nr |     tid  |    word0 |    word1 |    word2 |
 G14 | 00000001 | 10071210 | 002C4000 | 002C035B |
 G16 | 00000001 | BFC85210 | 002C5000 | 002C035B |
 G18 | 00000001 | 10000210 | 08898000 | 0889016D |
 G19 | 00000001 | 1005B210 | 088F3000 | 088F0149 |
 G20 | 00000001 | 10072210 | 002C3000 | 002C035B |
 G22 | 00000001 | 1000A210 | 088A2000 | 088A016D |
 G24 | 00000001 | 10009210 | 088A1000 | 088A016D |
 G26 | 00000001 | 1000B210 | 088A3000 | 088A016D |
 G28 | 00000001 | 10008210 | 088A0000 | 088A016D |
 G29 | 00000001 | 1006F210 | 08907000 | 08900149 |
 G31 | 00000001 | 10025210 | 088BD000 | 088B016D |
 G33 | 00000001 | 10005210 | 0889D000 | 0889016D |
 G35 | 00000001 | 10004210 | 0889C000 | 0889016D |
 G37 | 00000001 | 10003210 | 0889B000 | 0889016D |
 G40 | 00000001 | 10006210 | 0889E000 | 0889016D |
 G42 | 00000001 | 10007210 | 0889F000 | 0889016D |
 G44 | 00000001 | 10002210 | 0889A000 | 0889016D |
 G46 | 00000001 | 10023210 | 088BB000 | 088B016D |
 G47 | 00000001 | 10073210 | 002C2000 | 002C035B |
 G48 | 00000001 | 10070210 | 002C1000 | 002C035B |
 G49 | 00000001 | 1005D210 | 088F5000 | 088F0149 |
 G50 | 00000001 | 1005C210 | 088F4000 | 088F0149 |
 G63 | 00000000 | C0000290 | 00000000 | 00000107 |
 S 7 | 00000000 | C0000310 | 0E5A1000 | 0000003F |

[-- Attachment #5: Type: text/plain, Size: 228 bytes --]

-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/

[-- Attachment #6: Type: text/plain, Size: 170 bytes --]

_______________________________________________
kvm-ppc-devel mailing list
kvm-ppc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/kvm-ppc-devel