Problem with gntdev : Bad page map

Problem with gntdev : Bad page map

[Sébastien Frémal]

[-- Attachment #1.1: Type: text/plain, Size: 6470 bytes --]

Hello,

I'm using xen 4.1.2 and I try to shared memory pages between the dom0 and
domU's. For that purpose, I looked at gntalloc and gntdev. To test these
modules, I created two programs :

   - gntalloc_test : a program running in dom0 and granting some pages to a
   domU and putting random values in it.
   - gntdev_test : a program running in the domU, mapping the granted pages
   and reading the values contained in it.

I succeeded in transferring values from dom0 to domU, but I have a Bad page
map error when the program in domU exits :

[  123.903755] BUG: Bad page map in process test  pte:80000000107ff167
pmd:0c7e3067
[  123.903765] page:ffffea000041ffc0 count:0 mapcount:-1 mapping:
 (null) index:0xffff88000e56b500
[  123.903899] page flags:
0x100000000000c14(referenced|dirty|reserved|private)
[  123.903910] addr:00007f9845c3d000 vm_flags:000e00fb anon_vma:
 (null) mapping:ffff88000d637668 index:0
[  123.903920] vma->vm_ops->fault: 0x0
[  123.903924] vma->vm_file->f_op->mmap: gntdev_mmap+0x0/0x290 [xen_gntdev]

If I run several times gntdev_test, the count and the mapcount keeps
decreasing :

[  125.144693] page:ffffea000041ffc0 count:-1 mapcount:-2 mapping:
 (null) index:0xffff88000e56b720
[  126.072717] page:ffffea000041ffc0 count:-2 mapcount:-3 mapping:
 (null) index:0xffff88000e56b7c0

The error message coming from dmesg is :

[  126.072703] BUG: Bad page map in process test  pte:80000000107ff167
pmd:0e6a2067
[  126.072717] page:ffffea000041ffc0 count:-2 mapcount:-3 mapping:
 (null) index:0xffff88000e56b7c0
[  126.072724] page flags:
0x100000000000c14(referenced|dirty|reserved|private)
[  126.072739] addr:00007ff931aec000 vm_flags:000e00fb anon_vma:
 (null) mapping:ffff88000d637668 index:0
[  126.072749] vma->vm_ops->fault: 0x0
[  126.072754] vma->vm_file->f_op->mmap: gntdev_mmap+0x0/0x290 [xen_gntdev]
[  126.072761] Pid: 1268, comm: test Tainted: G    B   W
 3.2.0-34-generic #53-Ubuntu
[  126.072764] Call Trace:
[  126.072769]  [<ffffffff81139c99>] print_bad_pte+0x1d9/0x270
[  126.072772]  [<ffffffff8113c799>] zap_pte_range+0x369/0x3d0
[  126.072775]  [<ffffffff81005339>] ?
__raw_callee_save_xen_pmd_val+0x11/0x1e
[  126.072779]  [<ffffffff8113c9aa>] unmap_page_range+0x1aa/0x300
[  126.072782]  [<ffffffff8113d08a>] unmap_vmas+0xca/0x1a0
[  126.072785]  [<ffffffff81144607>] exit_mmap+0x97/0x140
[  126.072788]  [<ffffffff8113dde8>] ? handle_mm_fault+0x1f8/0x350
[  126.072792]  [<ffffffff8165bfde>] ? _raw_spin_unlock_irqrestore+0x1e/0x30
[  126.072795]  [<ffffffff81064b92>] mmput.part.16+0x42/0x130
[  126.072798]  [<ffffffff81064ca9>] mmput+0x29/0x30
[  126.072802]  [<ffffffff8106b603>] exit_mm+0x113/0x130
[  126.072806]  [<ffffffff810e41c5>] ? taskstats_exit+0x45/0x240
[  126.072809]  [<ffffffff8165c0b5>] ? _raw_spin_lock_irq+0x15/0x20
[  126.072812]  [<ffffffff8106b78e>] do_exit+0x16e/0x450
[  126.072817]  [<ffffffff811783e0>] ? vfs_write+0x110/0x180
[  126.072820]  [<ffffffff8106bc14>] do_group_exit+0x44/0xa0
[  126.072823]  [<ffffffff8106bc87>] sys_exit_group+0x17/0x20
[  126.072826]  [<ffffffff816643c2>] system_call_fastpath+0x16/0x1b

Here are the codes of the two programs :

gntalloc_test.c :

#include <stdio.h>
#include <stdint.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/mman.h>
#include <fcntl.h>
#include <xen/gntalloc.h>
#include <linux/ioctl.h>

int main(){
        int fd = open("/dev/xen/gntalloc", O_RDWR);
        if(fd == -1){
                perror("Open : ");
                return -1;
        }
        struct ioctl_gntalloc_alloc_gref arg;
        arg.domid = 5;
        arg.flags = GNTALLOC_FLAG_WRITABLE;
        arg.count = 4;
        ioctl(fd, IOCTL_GNTALLOC_ALLOC_GREF, &arg);
        int i;
        for(i=0; i<4;++i)
            printf("Gref : %d\n", arg.gref_ids[i]);
        struct ioctl_gntalloc_dealloc_gref dearg;
        dearg.index = arg.index;
        dearg.count = arg.count;
        int * vadr = mmap(0, getpagesize(), PROT_READ | PROT_WRITE,
MAP_SHARED, fd, 0);
        vadr[0]=1337;
        vadr[1]=20057;
        vadr[2]=9000;
        int wait;
        printf("vadr : %d %d %d\nEn attente ...\n", vadr[0], vadr[1],
vadr[2]);
        scanf("%d", &wait);
        ioctl(fd, IOCTL_GNTALLOC_DEALLOC_GREF, &dearg);
}

gntdev_test.c :

#include <stdio.h>
#include <stdint.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/mman.h>
#include <fcntl.h>
#include <xen/gntdev.h>
#include <linux/ioctl.h>

int main(){
        int fd;
        if((fd = open("/dev/xen/gntdev2", O_RDWR))==-1){
                perror("open");
                return;
        }
        struct ioctl_gntdev_map_grant_ref arg;
        struct ioctl_gntdev_unmap_grant_ref dearg[2];
        arg.count = 1;
        arg.refs[0].ref=32;
        arg.refs[0].domid=0;
        ioctl(fd, IOCTL_GNTDEV_MAP_GRANT_REF, &arg);
        dearg[0].index = arg.index;
        dearg[0].count = arg.count;
        arg.refs[0].ref=33;
        ioctl(fd, IOCTL_GNTDEV_MAP_GRANT_REF, &arg);
        printf("Index in the file : %ld\n", arg.index);
        int * vaddr;
        if((vaddr = mmap(0, getpagesize(), PROT_READ | PROT_WRITE,
MAP_SHARED, f
d, 0))==NULL)
                return;
        printf("Vaddr : %d %d %d\n", vaddr[0], vaddr[1], vaddr[2]);

        dearg[1].index = arg.index;
        dearg[1].count = arg.count;
        printf("First grant\n");
        ioctl(fd, IOCTL_GNTDEV_UNMAP_GRANT_REF, &dearg[0]);
        printf("Second grant\n");
        ioctl(fd, IOCTL_GNTDEV_UNMAP_GRANT_REF, &dearg[1]);
        printf("The end\n");
}

I tried to track where the error comes from. When I execute gntdev_test,
the error message is displayed after the final message (The end) ; if I
look dmesg I can see than :
- The first page is "unmapped"
- The second page is "unmapped"
- The second page is freed
- The error happens
- gntdev_vma_close is called
- The first page is freed
I used a modified version of the module to track these steps, but the
original module
(/lib/modules/3.2.0-34-generic/kernel/drivers/xen/xen-gntdev.ko) gives the
same error.

I suppose that something is missing in gntdev_test.c to manage the mapping
of pages but I don't know what. I tried to call the unmap function, but
it's worst as it adds other errors.

Does someone know what's missing please ?

Best regards,

Frémal Sébastien

[-- Attachment #1.2: Type: text/html, Size: 8561 bytes --]

[-- Attachment #2: Type: text/plain, Size: 126 bytes --]

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel

Re: Problem with gntdev : Bad page map

[Konrad Rzeszutek Wilk]

On Tue, Mar 26, 2013 at 05:32:00PM +0100, Sébastien Frémal wrote:
> Hello,
> 
> I'm using xen 4.1.2 and I try to shared memory pages between the dom0 and
> domU's. For that purpose, I looked at gntalloc and gntdev. To test these
> modules, I created two programs :

You are using an older kernel - and there wer some updates in the gntalloc/gntdev
driver. Do you see this when you use an updated kernel?
> 
>    - gntalloc_test : a program running in dom0 and granting some pages to a
>    domU and putting random values in it.
>    - gntdev_test : a program running in the domU, mapping the granted pages
>    and reading the values contained in it.
> 
> I succeeded in transferring values from dom0 to domU, but I have a Bad page
> map error when the program in domU exits :
> 
> [  123.903755] BUG: Bad page map in process test  pte:80000000107ff167
> pmd:0c7e3067
> [  123.903765] page:ffffea000041ffc0 count:0 mapcount:-1 mapping:
>  (null) index:0xffff88000e56b500
> [  123.903899] page flags:
> 0x100000000000c14(referenced|dirty|reserved|private)
> [  123.903910] addr:00007f9845c3d000 vm_flags:000e00fb anon_vma:
>  (null) mapping:ffff88000d637668 index:0
> [  123.903920] vma->vm_ops->fault: 0x0
> [  123.903924] vma->vm_file->f_op->mmap: gntdev_mmap+0x0/0x290 [xen_gntdev]
> 
> If I run several times gntdev_test, the count and the mapcount keeps
> decreasing :
> 
> [  125.144693] page:ffffea000041ffc0 count:-1 mapcount:-2 mapping:
>  (null) index:0xffff88000e56b720
> [  126.072717] page:ffffea000041ffc0 count:-2 mapcount:-3 mapping:
>  (null) index:0xffff88000e56b7c0
> 
> The error message coming from dmesg is :
> 
> [  126.072703] BUG: Bad page map in process test  pte:80000000107ff167
> pmd:0e6a2067
> [  126.072717] page:ffffea000041ffc0 count:-2 mapcount:-3 mapping:
>  (null) index:0xffff88000e56b7c0
> [  126.072724] page flags:
> 0x100000000000c14(referenced|dirty|reserved|private)
> [  126.072739] addr:00007ff931aec000 vm_flags:000e00fb anon_vma:
>  (null) mapping:ffff88000d637668 index:0
> [  126.072749] vma->vm_ops->fault: 0x0
> [  126.072754] vma->vm_file->f_op->mmap: gntdev_mmap+0x0/0x290 [xen_gntdev]
> [  126.072761] Pid: 1268, comm: test Tainted: G    B   W
>  3.2.0-34-generic #53-Ubuntu
> [  126.072764] Call Trace:
> [  126.072769]  [<ffffffff81139c99>] print_bad_pte+0x1d9/0x270
> [  126.072772]  [<ffffffff8113c799>] zap_pte_range+0x369/0x3d0
> [  126.072775]  [<ffffffff81005339>] ?
> __raw_callee_save_xen_pmd_val+0x11/0x1e
> [  126.072779]  [<ffffffff8113c9aa>] unmap_page_range+0x1aa/0x300
> [  126.072782]  [<ffffffff8113d08a>] unmap_vmas+0xca/0x1a0
> [  126.072785]  [<ffffffff81144607>] exit_mmap+0x97/0x140
> [  126.072788]  [<ffffffff8113dde8>] ? handle_mm_fault+0x1f8/0x350
> [  126.072792]  [<ffffffff8165bfde>] ? _raw_spin_unlock_irqrestore+0x1e/0x30
> [  126.072795]  [<ffffffff81064b92>] mmput.part.16+0x42/0x130
> [  126.072798]  [<ffffffff81064ca9>] mmput+0x29/0x30
> [  126.072802]  [<ffffffff8106b603>] exit_mm+0x113/0x130
> [  126.072806]  [<ffffffff810e41c5>] ? taskstats_exit+0x45/0x240
> [  126.072809]  [<ffffffff8165c0b5>] ? _raw_spin_lock_irq+0x15/0x20
> [  126.072812]  [<ffffffff8106b78e>] do_exit+0x16e/0x450
> [  126.072817]  [<ffffffff811783e0>] ? vfs_write+0x110/0x180
> [  126.072820]  [<ffffffff8106bc14>] do_group_exit+0x44/0xa0
> [  126.072823]  [<ffffffff8106bc87>] sys_exit_group+0x17/0x20
> [  126.072826]  [<ffffffff816643c2>] system_call_fastpath+0x16/0x1b
> 
> Here are the codes of the two programs :
> 
> gntalloc_test.c :
> 
> #include <stdio.h>
> #include <stdint.h>
> #include <sys/types.h>
> #include <sys/stat.h>
> #include <sys/mman.h>
> #include <fcntl.h>
> #include <xen/gntalloc.h>
> #include <linux/ioctl.h>
> 
> int main(){
>         int fd = open("/dev/xen/gntalloc", O_RDWR);
>         if(fd == -1){
>                 perror("Open : ");
>                 return -1;
>         }
>         struct ioctl_gntalloc_alloc_gref arg;
>         arg.domid = 5;
>         arg.flags = GNTALLOC_FLAG_WRITABLE;
>         arg.count = 4;
>         ioctl(fd, IOCTL_GNTALLOC_ALLOC_GREF, &arg);
>         int i;
>         for(i=0; i<4;++i)
>             printf("Gref : %d\n", arg.gref_ids[i]);
>         struct ioctl_gntalloc_dealloc_gref dearg;
>         dearg.index = arg.index;
>         dearg.count = arg.count;
>         int * vadr = mmap(0, getpagesize(), PROT_READ | PROT_WRITE,
> MAP_SHARED, fd, 0);
>         vadr[0]=1337;
>         vadr[1]=20057;
>         vadr[2]=9000;
>         int wait;
>         printf("vadr : %d %d %d\nEn attente ...\n", vadr[0], vadr[1],
> vadr[2]);
>         scanf("%d", &wait);
>         ioctl(fd, IOCTL_GNTALLOC_DEALLOC_GREF, &dearg);
> }
> 
> gntdev_test.c :
> 
> #include <stdio.h>
> #include <stdint.h>
> #include <sys/types.h>
> #include <sys/stat.h>
> #include <sys/mman.h>
> #include <fcntl.h>
> #include <xen/gntdev.h>
> #include <linux/ioctl.h>
> 
> int main(){
>         int fd;
>         if((fd = open("/dev/xen/gntdev2", O_RDWR))==-1){
>                 perror("open");
>                 return;
>         }
>         struct ioctl_gntdev_map_grant_ref arg;
>         struct ioctl_gntdev_unmap_grant_ref dearg[2];
>         arg.count = 1;
>         arg.refs[0].ref=32;
>         arg.refs[0].domid=0;
>         ioctl(fd, IOCTL_GNTDEV_MAP_GRANT_REF, &arg);
>         dearg[0].index = arg.index;
>         dearg[0].count = arg.count;
>         arg.refs[0].ref=33;
>         ioctl(fd, IOCTL_GNTDEV_MAP_GRANT_REF, &arg);
>         printf("Index in the file : %ld\n", arg.index);
>         int * vaddr;
>         if((vaddr = mmap(0, getpagesize(), PROT_READ | PROT_WRITE,
> MAP_SHARED, f
> d, 0))==NULL)
>                 return;
>         printf("Vaddr : %d %d %d\n", vaddr[0], vaddr[1], vaddr[2]);
> 
>         dearg[1].index = arg.index;
>         dearg[1].count = arg.count;
>         printf("First grant\n");
>         ioctl(fd, IOCTL_GNTDEV_UNMAP_GRANT_REF, &dearg[0]);
>         printf("Second grant\n");
>         ioctl(fd, IOCTL_GNTDEV_UNMAP_GRANT_REF, &dearg[1]);
>         printf("The end\n");
> }
> 
> I tried to track where the error comes from. When I execute gntdev_test,
> the error message is displayed after the final message (The end) ; if I
> look dmesg I can see than :
> - The first page is "unmapped"
> - The second page is "unmapped"
> - The second page is freed
> - The error happens
> - gntdev_vma_close is called
> - The first page is freed
> I used a modified version of the module to track these steps, but the
> original module
> (/lib/modules/3.2.0-34-generic/kernel/drivers/xen/xen-gntdev.ko) gives the
> same error.
> 
> I suppose that something is missing in gntdev_test.c to manage the mapping
> of pages but I don't know what. I tried to call the unmap function, but
> it's worst as it adds other errors.
> 
> Does someone know what's missing please ?
> 
> Best regards,
> 
> Frémal Sébastien

> _______________________________________________
> Xen-devel mailing list
> Xen-devel@lists.xen.org
> http://lists.xen.org/xen-devel

Re: Problem with gntdev : Bad page map

[Sébastien Frémal]

[-- Attachment #1.1: Type: text/plain, Size: 9623 bytes --]

Hello,

I upgraded my Linux kernel (3.2 -> 3.5) and my Xen version (4.1.2 -> 4.2.1)
but I have problems with xen-create-image. I installed Xen (as explained
here :
http://locatrix.com/build-and-install-xen-4-2-1-from-source-on-ubuntu-12-10/)
but xen-tools wasn't installed (I got the message : xen-create-image:
command not found). I searched for a solution, and the only one I found was
to install it with apt-get. apt-get installed xen-tools, some other xen
4.1.2 packages and failed to install some other packages because there were
conflicts with packages of xen 4.2.1.

I tried to create a new virtual machine to get a newer kernel, but there
were problems while executing xen-create-image :
hook 80-install-kernel failed: 256
Running command 'xt-customize-image --dist=squeeze
--location=/tmp/_XR3BFfEHU 2>&1' failed with exit code 256.

As it didn't work, I deleted 4.1.2 xen packages (as I want to work with the
4.2.1 version and that it doesn't solve the problem) and the error message
coming from xen-create-image also changed :
Installation method: debootstrap
Done
System installation failed.  Aborting
/tmp/L2E_5moWml/etc/ssh/ssh_host_rsa_key.pub: No such file or directory
Running command 'umount /tmp/L2E_5moWml/proc 2>&1' failed with exit code
256.
Aborting

Presently, my virtual machine is still running with a 3.2 linux kernel, I
can't compile the file gntdev.c written for the 3.5 linux kernel (found
here :
http://www.filewatcher.com/p/linux-3.5-rc6.tar.bz2.80960577/linux-3.5-rc6/drivers/xen/gntdev.c.html)
because functions have changed and I can't create a new virtual machine as
xen-tools (and more specifically xen-create-image) can't be found if
installed from sources.

I looked inside of the package xen-upstream-4.2.1.deb and I didn't find any
file like "xen-create-image". Do you know how to properly install xen-tools
from Xen 4.2.1 sources so I can test gntdev with a newer kernel please ?

Best regards,

Sébastien Frémal




2013/3/26 Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>

> On Tue, Mar 26, 2013 at 05:32:00PM +0100, Sébastien Frémal wrote:
> > Hello,
> >
> > I'm using xen 4.1.2 and I try to shared memory pages between the dom0 and
> > domU's. For that purpose, I looked at gntalloc and gntdev. To test these
> > modules, I created two programs :
>
> You are using an older kernel - and there wer some updates in the
> gntalloc/gntdev
> driver. Do you see this when you use an updated kernel?
> >
> >    - gntalloc_test : a program running in dom0 and granting some pages
> to a
> >    domU and putting random values in it.
> >    - gntdev_test : a program running in the domU, mapping the granted
> pages
> >    and reading the values contained in it.
> >
> > I succeeded in transferring values from dom0 to domU, but I have a Bad
> page
> > map error when the program in domU exits :
> >
> > [  123.903755] BUG: Bad page map in process test  pte:80000000107ff167
> > pmd:0c7e3067
> > [  123.903765] page:ffffea000041ffc0 count:0 mapcount:-1 mapping:
> >  (null) index:0xffff88000e56b500
> > [  123.903899] page flags:
> > 0x100000000000c14(referenced|dirty|reserved|private)
> > [  123.903910] addr:00007f9845c3d000 vm_flags:000e00fb anon_vma:
> >  (null) mapping:ffff88000d637668 index:0
> > [  123.903920] vma->vm_ops->fault: 0x0
> > [  123.903924] vma->vm_file->f_op->mmap: gntdev_mmap+0x0/0x290
> [xen_gntdev]
> >
> > If I run several times gntdev_test, the count and the mapcount keeps
> > decreasing :
> >
> > [  125.144693] page:ffffea000041ffc0 count:-1 mapcount:-2 mapping:
> >  (null) index:0xffff88000e56b720
> > [  126.072717] page:ffffea000041ffc0 count:-2 mapcount:-3 mapping:
> >  (null) index:0xffff88000e56b7c0
> >
> > The error message coming from dmesg is :
> >
> > [  126.072703] BUG: Bad page map in process test  pte:80000000107ff167
> > pmd:0e6a2067
> > [  126.072717] page:ffffea000041ffc0 count:-2 mapcount:-3 mapping:
> >  (null) index:0xffff88000e56b7c0
> > [  126.072724] page flags:
> > 0x100000000000c14(referenced|dirty|reserved|private)
> > [  126.072739] addr:00007ff931aec000 vm_flags:000e00fb anon_vma:
> >  (null) mapping:ffff88000d637668 index:0
> > [  126.072749] vma->vm_ops->fault: 0x0
> > [  126.072754] vma->vm_file->f_op->mmap: gntdev_mmap+0x0/0x290
> [xen_gntdev]
> > [  126.072761] Pid: 1268, comm: test Tainted: G    B   W
> >  3.2.0-34-generic #53-Ubuntu
> > [  126.072764] Call Trace:
> > [  126.072769]  [<ffffffff81139c99>] print_bad_pte+0x1d9/0x270
> > [  126.072772]  [<ffffffff8113c799>] zap_pte_range+0x369/0x3d0
> > [  126.072775]  [<ffffffff81005339>] ?
> > __raw_callee_save_xen_pmd_val+0x11/0x1e
> > [  126.072779]  [<ffffffff8113c9aa>] unmap_page_range+0x1aa/0x300
> > [  126.072782]  [<ffffffff8113d08a>] unmap_vmas+0xca/0x1a0
> > [  126.072785]  [<ffffffff81144607>] exit_mmap+0x97/0x140
> > [  126.072788]  [<ffffffff8113dde8>] ? handle_mm_fault+0x1f8/0x350
> > [  126.072792]  [<ffffffff8165bfde>] ?
> _raw_spin_unlock_irqrestore+0x1e/0x30
> > [  126.072795]  [<ffffffff81064b92>] mmput.part.16+0x42/0x130
> > [  126.072798]  [<ffffffff81064ca9>] mmput+0x29/0x30
> > [  126.072802]  [<ffffffff8106b603>] exit_mm+0x113/0x130
> > [  126.072806]  [<ffffffff810e41c5>] ? taskstats_exit+0x45/0x240
> > [  126.072809]  [<ffffffff8165c0b5>] ? _raw_spin_lock_irq+0x15/0x20
> > [  126.072812]  [<ffffffff8106b78e>] do_exit+0x16e/0x450
> > [  126.072817]  [<ffffffff811783e0>] ? vfs_write+0x110/0x180
> > [  126.072820]  [<ffffffff8106bc14>] do_group_exit+0x44/0xa0
> > [  126.072823]  [<ffffffff8106bc87>] sys_exit_group+0x17/0x20
> > [  126.072826]  [<ffffffff816643c2>] system_call_fastpath+0x16/0x1b
> >
> > Here are the codes of the two programs :
> >
> > gntalloc_test.c :
> >
> > #include <stdio.h>
> > #include <stdint.h>
> > #include <sys/types.h>
> > #include <sys/stat.h>
> > #include <sys/mman.h>
> > #include <fcntl.h>
> > #include <xen/gntalloc.h>
> > #include <linux/ioctl.h>
> >
> > int main(){
> >         int fd = open("/dev/xen/gntalloc", O_RDWR);
> >         if(fd == -1){
> >                 perror("Open : ");
> >                 return -1;
> >         }
> >         struct ioctl_gntalloc_alloc_gref arg;
> >         arg.domid = 5;
> >         arg.flags = GNTALLOC_FLAG_WRITABLE;
> >         arg.count = 4;
> >         ioctl(fd, IOCTL_GNTALLOC_ALLOC_GREF, &arg);
> >         int i;
> >         for(i=0; i<4;++i)
> >             printf("Gref : %d\n", arg.gref_ids[i]);
> >         struct ioctl_gntalloc_dealloc_gref dearg;
> >         dearg.index = arg.index;
> >         dearg.count = arg.count;
> >         int * vadr = mmap(0, getpagesize(), PROT_READ | PROT_WRITE,
> > MAP_SHARED, fd, 0);
> >         vadr[0]=1337;
> >         vadr[1]=20057;
> >         vadr[2]=9000;
> >         int wait;
> >         printf("vadr : %d %d %d\nEn attente ...\n", vadr[0], vadr[1],
> > vadr[2]);
> >         scanf("%d", &wait);
> >         ioctl(fd, IOCTL_GNTALLOC_DEALLOC_GREF, &dearg);
> > }
> >
> > gntdev_test.c :
> >
> > #include <stdio.h>
> > #include <stdint.h>
> > #include <sys/types.h>
> > #include <sys/stat.h>
> > #include <sys/mman.h>
> > #include <fcntl.h>
> > #include <xen/gntdev.h>
> > #include <linux/ioctl.h>
> >
> > int main(){
> >         int fd;
> >         if((fd = open("/dev/xen/gntdev2", O_RDWR))==-1){
> >                 perror("open");
> >                 return;
> >         }
> >         struct ioctl_gntdev_map_grant_ref arg;
> >         struct ioctl_gntdev_unmap_grant_ref dearg[2];
> >         arg.count = 1;
> >         arg.refs[0].ref=32;
> >         arg.refs[0].domid=0;
> >         ioctl(fd, IOCTL_GNTDEV_MAP_GRANT_REF, &arg);
> >         dearg[0].index = arg.index;
> >         dearg[0].count = arg.count;
> >         arg.refs[0].ref=33;
> >         ioctl(fd, IOCTL_GNTDEV_MAP_GRANT_REF, &arg);
> >         printf("Index in the file : %ld\n", arg.index);
> >         int * vaddr;
> >         if((vaddr = mmap(0, getpagesize(), PROT_READ | PROT_WRITE,
> > MAP_SHARED, f
> > d, 0))==NULL)
> >                 return;
> >         printf("Vaddr : %d %d %d\n", vaddr[0], vaddr[1], vaddr[2]);
> >
> >         dearg[1].index = arg.index;
> >         dearg[1].count = arg.count;
> >         printf("First grant\n");
> >         ioctl(fd, IOCTL_GNTDEV_UNMAP_GRANT_REF, &dearg[0]);
> >         printf("Second grant\n");
> >         ioctl(fd, IOCTL_GNTDEV_UNMAP_GRANT_REF, &dearg[1]);
> >         printf("The end\n");
> > }
> >
> > I tried to track where the error comes from. When I execute gntdev_test,
> > the error message is displayed after the final message (The end) ; if I
> > look dmesg I can see than :
> > - The first page is "unmapped"
> > - The second page is "unmapped"
> > - The second page is freed
> > - The error happens
> > - gntdev_vma_close is called
> > - The first page is freed
> > I used a modified version of the module to track these steps, but the
> > original module
> > (/lib/modules/3.2.0-34-generic/kernel/drivers/xen/xen-gntdev.ko) gives
> the
> > same error.
> >
> > I suppose that something is missing in gntdev_test.c to manage the
> mapping
> > of pages but I don't know what. I tried to call the unmap function, but
> > it's worst as it adds other errors.
> >
> > Does someone know what's missing please ?
> >
> > Best regards,
> >
> > Frémal Sébastien
>
> > _______________________________________________
> > Xen-devel mailing list
> > Xen-devel@lists.xen.org
> > http://lists.xen.org/xen-devel
>
>

[-- Attachment #1.2: Type: text/html, Size: 12216 bytes --]

[-- Attachment #2: Type: text/plain, Size: 126 bytes --]

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel

Re: Problem with gntdev : Bad page map

[Sébastien Frémal]

[-- Attachment #1.1: Type: text/plain, Size: 432 bytes --]

Hello,

I finally found and installed sources of xen-tools. I created a virtual
machine with a linux kernel of version 3.5 but I still have a Bad page map
error with a decrease of the value of the variables "count" and "mapcount".

I will search to have access to these variables in the module
and monitor their value during the execution of the program to identify
what's going wrong.

Best regards,

Sébastien Frémal

[-- Attachment #1.2: Type: text/html, Size: 1058 bytes --]

[-- Attachment #2: Type: text/plain, Size: 126 bytes --]

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel

Re: Problem with gntdev : Bad page map

[Sébastien Frémal]

[-- Attachment #1.1: Type: text/plain, Size: 271 bytes --]

Finally, I used the v3.8 kernel on my computer and for the virtual machine.
The "channel" gntalloc + gntdev works now. I didn't discover what was the
bug with the previous versions of the kernel.

Thank you for your help and indications.

Best regards,

Sebastien Fremal

[-- Attachment #1.2: Type: text/html, Size: 380 bytes --]

[-- Attachment #2: Type: text/plain, Size: 126 bytes --]

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel