From mboxrd@z Thu Jan 1 00:00:00 1970 From: Gleb Natapov Subject: Re: [PATCH RFC] KVM: inject #UD if instruction emulation fails while vcpu is in cpl==3 Date: Thu, 6 May 2010 15:25:53 +0300 Message-ID: <20100506122553.GC24787@redhat.com> References: <20100429115847.GW10044@redhat.com> <4BE288CE.5050801@redhat.com> <20100506100645.GB24787@redhat.com> <4BE2964A.1090906@redhat.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: mtosatti@redhat.com, kvm@vger.kernel.org To: Avi Kivity Return-path: Received: from mx1.redhat.com ([209.132.183.28]:56052 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754855Ab0EFMZz (ORCPT ); Thu, 6 May 2010 08:25:55 -0400 Received: from int-mx08.intmail.prod.int.phx2.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by mx1.redhat.com (8.13.8/8.13.8) with ESMTP id o46CPtgg027353 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Thu, 6 May 2010 08:25:55 -0400 Content-Disposition: inline In-Reply-To: <4BE2964A.1090906@redhat.com> Sender: kvm-owner@vger.kernel.org List-ID: On Thu, May 06, 2010 at 01:13:30PM +0300, Avi Kivity wrote: > On 05/06/2010 01:06 PM, Gleb Natapov wrote: > >On Thu, May 06, 2010 at 12:15:58PM +0300, Avi Kivity wrote: > >>On 04/29/2010 02:58 PM, Gleb Natapov wrote: > >>>Do not kill VM If instruction emulation fails while vcpu is in > >>>userspace. Inject #UD instead in a hope that guest OS will kill offending > >>>process. Emulation failure is still traced by ftrace point to help > >>>analyze the problem. > >>Still there's the risk here that a critical failure goes unnoticed. > >>ftrace isn't on at all times. > >> > >Kvm_stat will still show that there was emulation failure, so if strange > >application behaviour is reported kvm_stat output will have hints where > >to look. Next step in analyzing the problem will be enabling emulator > >tracing. > > We can expect that from a developer or a user subscribed to kvm@. > But what about some random user running virt-manager? > What virt-manager would do about such error? > dmesg and kvm_stat will not go up the management stack. > > >>We can probably inject a #UD unconditionally and exit to userspace. > >>Userspace would then report the problem to the user and reenter the > >>guest, which would then recover or not. > >> > >By "unconditionally" you mean even if guest is in kernel mode? > > Yes. > > >There is > >no point in trying to continue after that happens. Instead of getting > >paused VM at exact place where problem happened and easily analyzable we > >will get misbehaved VM with undefined state. > > True. But the same problem exists with cpl>0 #UD. It may be a > critical driver in userspace (say, video driver). > > Also need to think consider nested kernels (which are userspace for > this purpose). Ugh, we can check if vcpu is in nested mode. > > How about default to unconditional #UD and report, and pause if > requested (in userspace)? Usually emulation failures will be 100% > reproducible, so the user can rerun their workload. > Didn't what to involve userspace in this, but it can be done of course. -- Gleb.