From mboxrd@z Thu Jan 1 00:00:00 1970 From: John Rousseau Subject: Re: KVM: MMU: avoid creation of unreachable pages in the shadow Date: Tue, 25 Nov 2008 14:01:19 -0500 Message-ID: <492C4B7F.5010800@gmail.com> References: <20081125143310.GA11578@dmt.cnet> <492C438F.70203@gmail.com> <20081125155428.GA17250@dmt.cnet> Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Cc: Avi Kivity , kvm-devel To: Marcelo Tosatti Return-path: Received: from yx-out-2324.google.com ([74.125.44.30]:52500 "EHLO yx-out-2324.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752084AbYKYTBX (ORCPT ); Tue, 25 Nov 2008 14:01:23 -0500 Received: by yx-out-2324.google.com with SMTP id 8so64461yxm.1 for ; Tue, 25 Nov 2008 11:01:21 -0800 (PST) In-Reply-To: <20081125155428.GA17250@dmt.cnet> Sender: kvm-owner@vger.kernel.org List-ID: Marcelo Tosatti wrote: > On Tue, Nov 25, 2008 at 01:27:27PM -0500, John Rousseau wrote: >> Marcelo Tosatti wrote: >>> It is possible for a shadow page to have a parent link >>> pointing to a freed page. When zapping a high level table, >>> kvm_mmu_page_unlink_children fails to remove the parent_pte link. >>> For that to happen, the child must be unreachable via the shadow tree, >>> which can happen in shadow_walk_entry if the guest pte was >>> modified in between walk() and fetch(). Remove the parent pte >>> reference in such case. >>> >>> Possible cause for oops in bug #2217430. >> I'll apply this to the code that I'm testing, but with my change to >> 2.6.27, kvm-79 and Avi's patch from bug #2217430, I haven't seen the >> problem again. I still have been testing with oos_shadow=0, which I'll >> get rid of now. > > John, > > Please use the attached patch in addition (and drop Avi's). What > is the application set you use to reproduce these issues (that you > mentioned in the bugtrack) ? Just Vista desktop apps (Firefox, word, SMB via Windows explorer). Patching now. Thanks -John