Re: KVM crash on Jetson TK1

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Marc Zyngier <marc.zyngier@arm.com>
To: Jan Kiszka <jan.kiszka@web.de>
Cc: kvm <kvm@vger.kernel.org>, kvmarm <kvmarm@lists.cs.columbia.edu>,
	Christoffer Dall <christoffer.dall@linaro.org>
Subject: Re: KVM crash on Jetson TK1
Date: Sat, 7 Feb 2015 20:26:48 +0000	[thread overview]
Message-ID: <20150207202648.53857923@arm.com> (raw)
In-Reply-To: <54D670EA.2090504@web.de>

On Sat, 7 Feb 2015 20:09:14 +0000
Jan Kiszka <jan.kiszka@web.de> wrote:

Hi Jan,

> Hi,
> 
> using Ian Campbell's PSCI patches for U-Boot (ported to master, see
> [1]), I managed to enable KVM on the Jetson TK1 board. Unfortunately,
> I'm getting a crash on the host when starting QEMU:
> 
> [   59.164674] kernel BUG at ../arch/arm/include/asm/kvm_mmu.h:189!
> [   59.173139] Internal error: Oops - BUG: 0 [#1] PREEMPT SMP ARM
> [   59.181442] Modules linked in:
> [   59.186960] CPU: 0 PID: 820 Comm: qemu-system-arm Not tainted
> 3.19.0-rc7-00050-gdf75905-dirty #6 [   59.198353] Hardware name:
> NVIDIA Tegra SoC (Flattened Device Tree) [   59.207249] task:
> ed33b340 ti: ed15e000 task.ti: ed15e000 [   59.215288] PC is at
> kvm_handle_guest_abort+0x2c0/0x320 [   59.223161] LR is at
> kvm_handle_guest_abort+0x2c0/0x320 [   59.230996] pc :
> [<c00175c4>]    lr : [<c00175c4>]    psr: 600f0013 [   59.230996]
> sp : ed15fe70  ip : 00000000  fp : 00000000 [   59.247782] r10:
> 00000000  r9 : 00000000  r8 : 000aafa6 [   59.255678] r7 : ed117000
> r6 : 0000016f  r5 : 00080000  r4 : ed2e5630 [   59.264912] r3 :
> 00000010  r2 : 0008027c  r1 : eed564c0  r0 : 00000000 [   59.274146]
> Flags: nZCv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  Segment user
> [   59.284044] Control: 30c5387d  Table: ad9d0ac0  DAC: fffffffd
> [   59.292558] Process qemu-system-arm (pid: 820, stack limit =
> 0xed15e238) [   59.302114] Stack: (0xed15fe70 to 0xed160000)
> [   59.309340] fe60:                                     00000000
> ed15fe87 00000000 73800000 [   59.320462] fe80: 0000000f 01010000
> 00000504 ed2e5630 c0917450 00000007 00010000 00000001 [   59.331630]
> fea0: edac4000 c0960164 c0917450 c0014710 00000000 00010000 ed91a580
> 7ffbfeff [   59.342833] fec0: fffffffe fffffffb 00000001 00000000
> 0000ae80 ed2e5630 ed114040 00000000 [   59.354049] fee0: 00000000
> ed114040 ed2e5630 00000000 ed15e000 00000000 737fed4c c001063c
> [   59.365272] ff00: 737fea4c c0042688 00000240 00000000 00000000
> 00000000 0000000a 00000000 [   59.376493] ff20: edc0de78 00000000
> ed114040 0000000b 00000000 c0109678 00000001 b749ba00 [   59.387737]
> ff40: 000000f0 00000000 00000001 00000081 b7032dc0 c009627c 00000002
> 00000000 [   59.399006] ff60: ffffffff 00000000 00000000 737feb4c
> ed114040 ed114041 0000000b ed114040 [   59.410271] ff80: 0000ae80
> 00000000 ed15e000 c01098a0 b6a62eb0 00004254 b749ba00 00000036
> [   59.421558] ffa0: c001e2e4 c001e160 b6a62eb0 00004254 0000000b
> 0000ae80 00000000 cc628500 [   59.432884] ffc0: b6a62eb0 00004254
> b749ba00 00000036 b76baba8 bebc9da8 00000000 737fed4c [   59.444244]
> ffe0: b6fc33f8 737feb74 b6b3afcc b57f3abc 600f0010 0000000b 00000000
> 00000000 [   59.455661] [<c00175c4>] (kvm_handle_guest_abort) from
> [<c0014710>] (kvm_arch_vcpu_ioctl_run+0x160/0x400) [   59.468552]
> [<c0014710>] (kvm_arch_vcpu_ioctl_run) from [<c001063c>]
> (kvm_vcpu_ioctl+0x2e4/0x6ec) [   59.480803] [<c001063c>]
> (kvm_vcpu_ioctl) from [<c0109678>] (do_vfs_ioctl+0x40c/0x600)
> [   59.492142] [<c0109678>] (do_vfs_ioctl) from [<c01098a0>]
> (SyS_ioctl+0x34/0x5c) [   59.502909] [<c01098a0>] (SyS_ioctl) from
> [<c001e160>] (ret_fast_syscall+0x0/0x34) [   59.513944] Code:
> 0a000002 e1a00008 e1a01009 ebffe2c7 (e7f001f2) 
> 
> Host kernel is from Linus tree. I can try a different one if there are
> pending fixes somewhere.
> 
> Any ideas? Anything I should look at in particular?

That crash doesn't make much sense. If you look at the BUG_ON you're
hitting, we check that the size to flush is a multiple of PAGE_SIZE.

The only two call sites do pass  either PMD_SIZE or PAGE_SIZE, so it is
hard to imagine how this can trigger.

What compiler are you using? Can you force the compiler not to inline
this function and see if that makes a difference? I'd be very
interested in seeing the assembly code generated for this particular
function.

Thanks,

	M.
-- 
Jazz is not dead. It just smells funny.

next prev parent reply	other threads:[~2015-02-07 20:36 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-02-07 20:09 KVM crash on Jetson TK1 Jan Kiszka
2015-02-07 20:26 ` Marc Zyngier [this message]
2015-02-07 20:43   ` Jan Kiszka
2015-02-07 21:21     ` [PATCH] ARM: KVM: Fix size check in __coherent_cache_guest_page Jan Kiszka
2015-02-13  4:57       ` Christoffer Dall
2015-02-13 22:07         ` Paolo Bonzini
2015-02-15 20:22           ` Christoffer Dall

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20150207202648.53857923@arm.com \
    --to=marc.zyngier@arm.com \
    --cc=christoffer.dall@linaro.org \
    --cc=jan.kiszka@web.de \
    --cc=kvm@vger.kernel.org \
    --cc=kvmarm@lists.cs.columbia.edu \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.