From mboxrd@z Thu Jan 1 00:00:00 1970 From: Avi Kivity Subject: Re: Physical memory read: word crosses page boundary + host kernel oops Date: Tue, 27 Mar 2007 16:45:12 +0200 Message-ID: <46092DF8.1020202@qumranet.com> References: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Cc: kvm-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org To: "Kiselev, Sergey" Return-path: In-Reply-To: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: kvm-devel-bounces-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org Errors-To: kvm-devel-bounces-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org List-Id: kvm.vger.kernel.org Kiselev, Sergey wrote: > Hi, > > 1. When booting old Linux (RH7.1 based, 2.4.9, 32bit) guest on kvm-18, > kvm userspace process crashes with 'Bus error' (last output on guest's > screen is "Uncompressing Linux..."). > I did some debugging and found that kvm_readl() function calls > ldl_phys() with address 0x9FFFD, so resulting double-word read crosses > page boundary. > After looking at qemu/exec.c it seems that ld*_phys and st*_phys > functions not really care about crossing page boundary (even there is > a comment sayng "warning: addr must be aligned"). So either > qemu/exec.c should be updated to check such condition or (more logical > place) qemu/qemu-kvm.c should take care of it. > > gdb backtrace: > (gdb) bt > #0 ldl_phys (addr=4093) at ../cpu-all.h:322 > #1 0x000000000047e08d in kvm_readl (opaque=0x9f, addr=159, > data=0x2b63605a5030) at /srv/src/kvm-18/qemu/qemu-kvm.c:543 This is quite surprising. I agree that hacking kvm_readl() is the best fix. > 2. After working-around the first issue, I have following problem: at > some point of guest's Linux boot sequence (after running > microcode_ctl, before running kudzu) following oops happens: > > > Mar 27 12:10:39 itstl140 kernel: Code: 4c 8b 08 41 0f 18 09 48 8d 70 > d8 31 c0 e9 39 ff ff ff 48 63 > Mar 27 12:10:39 itstl140 kernel: RIP > {:kvm:mmu_page_remove_parent_pte+225} RSP > > Mar 27 12:10:39 itstl140 kernel: CR2: 000000030593a563 > I tried to disable both microcode_ctl and kudzu, in this case oops h Strangely, I've seen this exact oops somewhere booting Windows XP in safe mode. I haven't been able to reproduce it, though. If this is reproducible, it may be debugged by turning on audit (s/#undef AUDIT/#define AUDIT/ in mmu.c). Audit slows the guest down, but is a little faster if you reduce the amount of guest memory. If this is reproducible using a publicly available image, I may have a go at it too. -- error compiling committee.c: too many arguments to function ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV