Re: [PATCH] kvm: x86: move tracepoints outside extended quiescent state

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Borislav Petkov <bp@alien8.de>
To: Paolo Bonzini <pbonzini@redhat.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org,
	"Jörg Rödel" <joro@8bytes.org>,
	"Andy Lutomirski" <luto@amacapital.net>
Subject: Re: [PATCH] kvm: x86: move tracepoints outside extended quiescent state
Date: Fri, 11 Dec 2015 13:20:22 +0100	[thread overview]
Message-ID: <20151211122021.GA4226@pd.tnic> (raw)
In-Reply-To: <566AA85A.9000507@redhat.com>

On Fri, Dec 11, 2015 at 11:41:30AM +0100, Paolo Bonzini wrote:
> You can disable it (well, make it take a few days to appear) with this:
> 
> diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c
> index 484079efea5b..a9070e260c72 100644
> --- a/virt/kvm/kvm_main.c
> +++ b/virt/kvm/kvm_main.c
> @@ -496,7 +496,7 @@ static struct kvm_memslots *kvm_alloc_memslots(void)
>  	 * Init kvm generation close to the maximum to easily test the
>  	 * code of handling generation number wrap-around.
>  	 */
> -	slots->generation = -150;
> +	slots->generation = 0;
>  	for (i = 0; i < KVM_MEM_SLOTS_NUM; i++)
>  		slots->id_to_index[i] = slots->memslots[i].id = i;
> 
> but it would not be AMD-specific.

Yeah, that didn't help. This time the splat is a bit more interesting:

qemu process segfaulted at a kernel address - ffffffff816e2db1 - which
is the last insn of entry_SYSCALL_64_fastpath:

ffffffff816e2d45 <entry_SYSCALL_64_fastpath>:
ffffffff816e2d45:       25 ff ff ff bf          and    $0xbfffffff,%eax
ffffffff816e2d4a:       3d 21 02 00 00          cmp    $0x221,%eax

...

ffffffff816e2d9e:       4c 8b 9c 24 90 00 00    mov    0x90(%rsp),%r11
ffffffff816e2da5:       00 
ffffffff816e2da6:       48 8b a4 24 98 00 00    mov    0x98(%rsp),%rsp
ffffffff816e2dad:       00 
ffffffff816e2dae:       0f 01 f8                swapgs
ffffffff816e2db1:       48 0f 07                sysretq

Yap, at SYSRET.

Andy might find this a little amusing :-)

[  459.130565] qemu-system-x86[3724]: segfault at ffffffff816e2db1 ip ffffffff816e2db1 sp 00007fd593ffe970 error 15
[  512.578297] BUG: unable to handle kernel NULL pointer dereference at           (null)
[  512.586189] IP: [<          (null)>]           (null)
[  512.591266] PGD 0 
[  512.593303] Oops: 0010 [#1] PREEMPT SMP 
[  512.597283] Modules linked in: tun sha256_ssse3 sha256_generic drbg binfmt_misc ipv6 vfat fat fuse dm_crypt dm_mod kvm_amd kvm irqbypass crc32_pclmul aesni_intel aes_x86_64 lrw gf128mul glue_helper ablk_helper cryptd amd64_edac_mod k10temp edac_mce_amd fam15h_power amdkfd amd_iommu_v2 radeon acpi_cpufreq
[  512.601698] CPU: 5 PID: 3787 Comm: qemu-system-x86 Not tainted 4.4.0-rc4+ #8
[  512.601699] Hardware name: To be filled by O.E.M. To be filled by O.E.M./M5A97 EVO R2.0, BIOS 1503 01/16/2013
[  512.601700] task: ffff8800b5d04680 ti: ffff88041104c000 task.ti: ffff88041104c000
[  512.601701] RIP: 0010:[<0000000000000000>] 
[  512.601701]  [<          (null)>]           (null)
[  512.601702] RSP: 0018:ffff88041104fcc0  EFLAGS: 00010212
[  512.601703] RAX: 0000000000000040 RBX: ffff8804110b4000 RCX: 0000000000000000
[  512.601703] RDX: 0000000000000000 RSI: ffff8804110b4000 RDI: ffff88041104fc20
[  512.601704] RBP: ffff88041104fcc8 R08: 0000000000000001 R09: 0000000000000000
[  512.601704] R10: 0000000000000001 R11: 0000000000000001 R12: 00000000ffffffff
[  512.601705] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  512.601706] FS:  00007fb0deaf4700(0000) GS:ffff88042d000000(0000) knlGS:0000000000000000
[  512.601706] CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
[  512.601707] CR2: 0000000000000000 CR3: 0000000428118000 CR4: 00000000000406e0
[  512.601707] Stack:
[  512.601708]  ffffffffa02b2d3c
[  512.601708]  ffff88041104fdd8
[  512.601709]  ffffffffa02b2d0e
[  512.601709]  ffffffffa02b2c9a

[  512.601710]  ffff8804110b4430
[  512.601710]  0000000000000000
[  512.601710]  0000000100000004
[  512.601711]  ffffffffa02e9bb0

[  512.601711]  0000000400000002
[  512.601711]  0000000000000000
[  512.601712]  0000000000000000
[  512.601712]  0000000000000000

[  512.601713] Call Trace:
[  512.601729]  [<ffffffffa02b2d3c>] ? kvm_set_irq+0x13c/0x250 [kvm]
[  512.601736]  [<ffffffffa02b2d0e>] kvm_set_irq+0x10e/0x250 [kvm]
[  512.601744]  [<ffffffffa02b2c9a>] ? kvm_set_irq+0x9a/0x250 [kvm]
[  512.601756]  [<ffffffffa02e9bb0>] ? kvm_set_msi_irq+0x1b0/0x1b0 [kvm]
[  512.601767]  [<ffffffffa02e9bd0>] ? kvm_set_ioapic_irq+0x20/0x20 [kvm]
[  512.601776]  [<ffffffffa02c2612>] kvm_vm_ioctl_irq_line+0x32/0x40 [kvm]
[  512.601783]  [<ffffffffa02af97b>] kvm_vm_ioctl+0x5eb/0x820 [kvm]
[  512.601786]  [<ffffffff810c6a25>] ? rcu_read_lock_held+0x45/0x60
[  512.601788]  [<ffffffff811a0930>] do_vfs_ioctl+0x2e0/0x540
[  512.601790]  [<ffffffff811ac8e9>] ? __fget_light+0x29/0x90
[  512.601791]  [<ffffffff811a0bdc>] SyS_ioctl+0x4c/0x90
[  512.601794]  [<ffffffff816e2d5b>] entry_SYSCALL_64_fastpath+0x16/0x6f
[  512.601797] Code:  Bad RIP value.
[  512.601798] RIP  [<          (null)>]           (null)
[  512.601798]  RSP <ffff88041104fcc0>
[  512.601799] CR2: 0000000000000000
[  512.609862] ---[ end trace ae4f00b514141891 ]---

-- 
Regards/Gruss,
    Boris.

ECO tip #101: Trim your mails when you reply.

     prev parent reply	other threads:[~2015-12-11 12:20 UTC|newest]

Thread overview: 8+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-12-10 17:38 [PATCH] kvm: x86: move tracepoints outside extended quiescent state Paolo Bonzini
2015-12-10 18:09 ` Borislav Petkov
2015-12-10 18:15   ` Paolo Bonzini
2015-12-11 10:22     ` Borislav Petkov
2015-12-11 10:41       ` Paolo Bonzini
     [not found]         ` <20151211114112.GA3704@pd.tnic>
2015-12-11 12:15           ` Paolo Bonzini
2015-12-11 13:02             ` Borislav Petkov
2015-12-11 12:20         ` Borislav Petkov [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20151211122021.GA4226@pd.tnic \
    --to=bp@alien8.de \
    --cc=joro@8bytes.org \
    --cc=kvm@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=luto@amacapital.net \
    --cc=pbonzini@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.