Oopse in kvm

Oopse in kvm

[David Brown]

I was wondering of anyone could help out on this, just found an oopse
when trying to start rhel4 on i386 box. I was wondering if anyone else
has seen this with kvm-18 and if I should submit a bug for it.

[10937.520000] BUG: unable to handle kernel NULL pointer dereference
at virtual address 00000023
[10937.520000]  printing eip:
[10937.520000] f9004eec
[10937.520000] *pde = 00000000
[10937.520000] Oops: 0000 [#1]
[10937.520000] SMP
[10937.520000] Modules linked in: tun fuse kvm_intel kvm bridge i915
drm ipv6 arc4 ecb ieee80211_crypt_wep binfmt_misc snd_pcm_oss
snd_mixer_oss ext2 mbcache configfs ipw3945 capability commoncap
cpufreq_stats cpufreq_ondemand cpufreq_powersave cpufreq_userspace
cpufreq_conservative acpi_cpufreq freq_table processor eth1394 pcmcia
ieee80211 ieee80211_crypt ata_generic ata_piix tg3 ohci1394
yenta_socket rsrc_nonstatic iTCO_wdt iTCO_vendor_support joydev libata
intel_agp rtc tsdev sdhci mmc_core ieee1394 pcmcia_core scsi_mod
generic shpchp pci_hotplug agpgart rng_core psmouse serio_raw ehci_hcd
i2c_i801 i2c_core uhci_hcd usbcore snd_hda_intel snd_hda_codec snd_pcm
snd_timer snd soundcore snd_page_alloc evdev reiserfs dm_crypt aes
suspend_encrypt suspend_compress suspend_file suspend_swap
suspend_block_io suspend_core ide_disk piix ide_core dm_mod
[10937.520000] CPU:    0
[10937.520000] EIP:    0060:[<f9004eec>]    Not tainted VLI
[10937.520000] EFLAGS: 00010292   (2.6.20.7 #1)
[10937.520000] EIP is at mmu_page_remove_parent_pte+0xc/0xf0 [kvm]
[10937.520000] eax: c4568464   ebx: 000209bf   ecx: e8480000   edx: ffffffff
[10937.520000] esi: 00000002   edi: e8480000   ebp: ffffffff   esp: c918fbbc
[10937.520000] ds: 007b   es: 007b   ss: 0068
[10937.520000] Process qemu (pid: 15999, ti=c918e000 task=c1a88560
task.ti=c918e000)
[10937.520000] Stack: c4568464 000209bf 00000002 e8480000 c456ac50
f9005441 c4568464 0000957a
[10937.520000]        c456a568 00000fff 00000000 00000000 00000ff8
c4568464 0000957a 00000000
[10937.520000]        00000001 f9001929 00000001 0957afff 00000000
c12fa980 000094ba 00000000
[10937.520000] Call Trace:
[10937.520000]  [<f9005441>] kvm_mmu_pre_write+0x121/0x1f0 [kvm]
[10937.520000]  [<f9001929>] emulator_write_emulated+0x119/0x180 [kvm]
[10937.520000]  [<f90097cf>] x86_emulate_memop+0x17ef/0x3130 [kvm]
[10937.520000]  [<f900665b>] paging32_walk_addr+0x25b/0x310 [kvm]
[10937.520000]  [<f90056cb>] gpa_to_hpa+0x3b/0xc0 [kvm]
[10937.520000]  [<c01884a3>] d_splice_alias+0x53/0x100
[10937.520000]  [<c01884a2>] d_splice_alias+0x52/0x100
[10937.520000]  [<f9003969>] emulate_instruction+0x109/0x230 [kvm]
[10937.520000]  [<f8db28f8>] handle_exception+0x1d8/0x240 [kvm_intel]
[10937.520000]  [<f8db1b8a>] kvm_vmx_return+0xed/0x593 [kvm_intel]
[10937.520000]  [<c026b7f8>] sock_wfree+0x38/0x40
[10937.520000]  [<c010d036>] cacheinfo_cpu_callback+0x286/0x3b0
[10937.520000]  [<f9003a90>] kvm_vcpu_ioctl+0x0/0xb90 [kvm]
[10937.520000]  [<f900406d>] kvm_vcpu_ioctl+0x5dd/0xb90 [kvm]
[10937.520000]  [<c02d1cdd>] unix_stream_recvmsg+0x23d/0x560
[10937.520000]  [<c0182c8d>] core_sys_select+0x22d/0x2c0
[10937.520000]  [<c0108ae2>] save_i387+0x142/0x190
[10937.520000]  [<c0102424>] setup_sigcontext+0x104/0x1b0
[10937.520000]  [<c01c731a>] avc_has_perm+0x5a/0x70
[10937.520000]  [<c01c7bf7>] inode_has_perm+0x47/0x90
[10937.520000]  [<c0102b9d>] do_notify_resume+0x44d/0x720
[10937.520000]  [<c01c7cea>] file_has_perm+0xaa/0xb0
[10937.521000]  [<f9003a90>] kvm_vcpu_ioctl+0x0/0xb90 [kvm]
[10937.521000]  [<c01817eb>] do_ioctl+0x2b/0x90
[10937.521000]  [<c01818ac>] vfs_ioctl+0x5c/0x2a0
[10937.521000]  [<c0181b62>] sys_ioctl+0x72/0x90
[10937.521000]  [<c0103224>] syscall_call+0x7/0xb
[10937.521000]  =======================
[10937.521000] Code: 89 03 8b 44 83 04 e8 24 c8 16 c7 8b 03 85 c0 75
ee 5b c3 8d b6 00 00 00 00 8d bf 00 00 00 00 55 89 d5 57 56 53 83 ec
04 89 04 24 <8b> 7a 24 85 ff 0f 84 c9 00 00 00 8b 52 2c 85 d2 0f 84 b6
00 00
[10937.521000] EIP: [<f9004eec>] mmu_page_remove_parent_pte+0xc/0xf0
[kvm] SS:ESP 0068:c918fbbc
[10937.521000]

This locked up the rhel4 guest.

root@dmlb2010-lappy:~# uname -a
Linux dmlb2010-lappy 2.6.20.7 #1 SMP Sat Apr 14 16:55:05 PDT 2007 i686 GNU/Linux

root@dmlb2010-lappy:~# cat /proc/cpuinfo
processor       : 0
vendor_id       : GenuineIntel
cpu family      : 6
model           : 14
model name      : Genuine Intel(R) CPU           U2500  @ 1.20GHz
stepping        : 8
cpu MHz         : 1200.000
cache size      : 2048 KB
physical id     : 0
siblings        : 2
core id         : 0
cpu cores       : 2
fdiv_bug        : no
hlt_bug         : no
f00f_bug        : no
coma_bug        : no
fpu             : yes
fpu_exception   : yes
cpuid level     : 10
wp              : yes
flags           : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge
mca cmov pat clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe nx
constant_tsc pni monitor vmx est tm2 xtpr
bogomips        : 2396.90
clflush size    : 64

processor       : 1
vendor_id       : GenuineIntel
cpu family      : 6
model           : 14
model name      : Genuine Intel(R) CPU           U2500  @ 1.20GHz
stepping        : 8
cpu MHz         : 1200.000
cache size      : 2048 KB
physical id     : 0
siblings        : 2
core id         : 1
cpu cores       : 2
fdiv_bug        : no
hlt_bug         : no
f00f_bug        : no
coma_bug        : no
fpu             : yes
fpu_exception   : yes
cpuid level     : 10
wp              : yes
flags           : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge
mca cmov pat clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe nx
constant_tsc pni monitor vmx est tm2 xtpr
bogomips        : 2394.67
clflush size    : 64

here's the script that I use to start rhel4, made it a little generic
so I can start/install different things.

root@dmlb2010-lappy:~# cat bin/start-rhel4
#!/bin/bash

KVER="2.6.9-42.0.10.EL"
INITRD_BASE="initrd"
INITRD_APPEND=".img"
APPEND="ro root=/dev/hda1"
DEV=mapper/VolGroup00-rhel4
BOOT=mapper/VolGroup00-rhel4--boot

qemu -kernel "/root/boot/vmlinuz-${KVER}" \
    -initrd "/root/boot/${INITRD_BASE}-${KVER}${INITRD_APPEND}" \
    -append "${APPEND}" \
    -m 256 -no-rtc \
    \
    -usb \
    -soundhw es1370 \
    -net nic,vlan0,macaddr=52:54:56:34:12:01 \
    -net tap,vlan=0,ifname=tap1 \
    -hdb "/dev/$BOOT" \
    /dev/$DEV

and here's sdl's env
root@dmlb2010-lappy:~# env | grep SDL
SDL_VIDEODRIVER=x11

Thanks for any help.

- David Brown

-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/

Re: Oopse in kvm

[David Brown]

Just realized kvm-19 is out I'll go update and try again.

- David Brown

On 4/17/07, David Brown <dmlb2000-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:
> I was wondering of anyone could help out on this, just found an oopse
> when trying to start rhel4 on i386 box. I was wondering if anyone else
> has seen this with kvm-18 and if I should submit a bug for it.
>
> [10937.520000] BUG: unable to handle kernel NULL pointer dereference
> at virtual address 00000023
> [10937.520000]  printing eip:
> [10937.520000] f9004eec
> [10937.520000] *pde = 00000000
> [10937.520000] Oops: 0000 [#1]
> [10937.520000] SMP
> [10937.520000] Modules linked in: tun fuse kvm_intel kvm bridge i915
> drm ipv6 arc4 ecb ieee80211_crypt_wep binfmt_misc snd_pcm_oss
> snd_mixer_oss ext2 mbcache configfs ipw3945 capability commoncap
> cpufreq_stats cpufreq_ondemand cpufreq_powersave cpufreq_userspace
> cpufreq_conservative acpi_cpufreq freq_table processor eth1394 pcmcia
> ieee80211 ieee80211_crypt ata_generic ata_piix tg3 ohci1394
> yenta_socket rsrc_nonstatic iTCO_wdt iTCO_vendor_support joydev libata
> intel_agp rtc tsdev sdhci mmc_core ieee1394 pcmcia_core scsi_mod
> generic shpchp pci_hotplug agpgart rng_core psmouse serio_raw ehci_hcd
> i2c_i801 i2c_core uhci_hcd usbcore snd_hda_intel snd_hda_codec snd_pcm
> snd_timer snd soundcore snd_page_alloc evdev reiserfs dm_crypt aes
> suspend_encrypt suspend_compress suspend_file suspend_swap
> suspend_block_io suspend_core ide_disk piix ide_core dm_mod
> [10937.520000] CPU:    0
> [10937.520000] EIP:    0060:[<f9004eec>]    Not tainted VLI
> [10937.520000] EFLAGS: 00010292   (2.6.20.7 #1)
> [10937.520000] EIP is at mmu_page_remove_parent_pte+0xc/0xf0 [kvm]
> [10937.520000] eax: c4568464   ebx: 000209bf   ecx: e8480000   edx: ffffffff
> [10937.520000] esi: 00000002   edi: e8480000   ebp: ffffffff   esp: c918fbbc
> [10937.520000] ds: 007b   es: 007b   ss: 0068
> [10937.520000] Process qemu (pid: 15999, ti=c918e000 task=c1a88560
> task.ti=c918e000)
> [10937.520000] Stack: c4568464 000209bf 00000002 e8480000 c456ac50
> f9005441 c4568464 0000957a
> [10937.520000]        c456a568 00000fff 00000000 00000000 00000ff8
> c4568464 0000957a 00000000
> [10937.520000]        00000001 f9001929 00000001 0957afff 00000000
> c12fa980 000094ba 00000000
> [10937.520000] Call Trace:
> [10937.520000]  [<f9005441>] kvm_mmu_pre_write+0x121/0x1f0 [kvm]
> [10937.520000]  [<f9001929>] emulator_write_emulated+0x119/0x180 [kvm]
> [10937.520000]  [<f90097cf>] x86_emulate_memop+0x17ef/0x3130 [kvm]
> [10937.520000]  [<f900665b>] paging32_walk_addr+0x25b/0x310 [kvm]
> [10937.520000]  [<f90056cb>] gpa_to_hpa+0x3b/0xc0 [kvm]
> [10937.520000]  [<c01884a3>] d_splice_alias+0x53/0x100
> [10937.520000]  [<c01884a2>] d_splice_alias+0x52/0x100
> [10937.520000]  [<f9003969>] emulate_instruction+0x109/0x230 [kvm]
> [10937.520000]  [<f8db28f8>] handle_exception+0x1d8/0x240 [kvm_intel]
> [10937.520000]  [<f8db1b8a>] kvm_vmx_return+0xed/0x593 [kvm_intel]
> [10937.520000]  [<c026b7f8>] sock_wfree+0x38/0x40
> [10937.520000]  [<c010d036>] cacheinfo_cpu_callback+0x286/0x3b0
> [10937.520000]  [<f9003a90>] kvm_vcpu_ioctl+0x0/0xb90 [kvm]
> [10937.520000]  [<f900406d>] kvm_vcpu_ioctl+0x5dd/0xb90 [kvm]
> [10937.520000]  [<c02d1cdd>] unix_stream_recvmsg+0x23d/0x560
> [10937.520000]  [<c0182c8d>] core_sys_select+0x22d/0x2c0
> [10937.520000]  [<c0108ae2>] save_i387+0x142/0x190
> [10937.520000]  [<c0102424>] setup_sigcontext+0x104/0x1b0
> [10937.520000]  [<c01c731a>] avc_has_perm+0x5a/0x70
> [10937.520000]  [<c01c7bf7>] inode_has_perm+0x47/0x90
> [10937.520000]  [<c0102b9d>] do_notify_resume+0x44d/0x720
> [10937.520000]  [<c01c7cea>] file_has_perm+0xaa/0xb0
> [10937.521000]  [<f9003a90>] kvm_vcpu_ioctl+0x0/0xb90 [kvm]
> [10937.521000]  [<c01817eb>] do_ioctl+0x2b/0x90
> [10937.521000]  [<c01818ac>] vfs_ioctl+0x5c/0x2a0
> [10937.521000]  [<c0181b62>] sys_ioctl+0x72/0x90
> [10937.521000]  [<c0103224>] syscall_call+0x7/0xb
> [10937.521000]  =======================
> [10937.521000] Code: 89 03 8b 44 83 04 e8 24 c8 16 c7 8b 03 85 c0 75
> ee 5b c3 8d b6 00 00 00 00 8d bf 00 00 00 00 55 89 d5 57 56 53 83 ec
> 04 89 04 24 <8b> 7a 24 85 ff 0f 84 c9 00 00 00 8b 52 2c 85 d2 0f 84 b6
> 00 00
> [10937.521000] EIP: [<f9004eec>] mmu_page_remove_parent_pte+0xc/0xf0
> [kvm] SS:ESP 0068:c918fbbc
> [10937.521000]
>
> This locked up the rhel4 guest.
>
> root@dmlb2010-lappy:~# uname -a
> Linux dmlb2010-lappy 2.6.20.7 #1 SMP Sat Apr 14 16:55:05 PDT 2007 i686 GNU/Linux
>
> root@dmlb2010-lappy:~# cat /proc/cpuinfo
> processor       : 0
> vendor_id       : GenuineIntel
> cpu family      : 6
> model           : 14
> model name      : Genuine Intel(R) CPU           U2500  @ 1.20GHz
> stepping        : 8
> cpu MHz         : 1200.000
> cache size      : 2048 KB
> physical id     : 0
> siblings        : 2
> core id         : 0
> cpu cores       : 2
> fdiv_bug        : no
> hlt_bug         : no
> f00f_bug        : no
> coma_bug        : no
> fpu             : yes
> fpu_exception   : yes
> cpuid level     : 10
> wp              : yes
> flags           : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge
> mca cmov pat clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe nx
> constant_tsc pni monitor vmx est tm2 xtpr
> bogomips        : 2396.90
> clflush size    : 64
>
> processor       : 1
> vendor_id       : GenuineIntel
> cpu family      : 6
> model           : 14
> model name      : Genuine Intel(R) CPU           U2500  @ 1.20GHz
> stepping        : 8
> cpu MHz         : 1200.000
> cache size      : 2048 KB
> physical id     : 0
> siblings        : 2
> core id         : 1
> cpu cores       : 2
> fdiv_bug        : no
> hlt_bug         : no
> f00f_bug        : no
> coma_bug        : no
> fpu             : yes
> fpu_exception   : yes
> cpuid level     : 10
> wp              : yes
> flags           : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge
> mca cmov pat clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe nx
> constant_tsc pni monitor vmx est tm2 xtpr
> bogomips        : 2394.67
> clflush size    : 64
>
> here's the script that I use to start rhel4, made it a little generic
> so I can start/install different things.
>
> root@dmlb2010-lappy:~# cat bin/start-rhel4
> #!/bin/bash
>
> KVER="2.6.9-42.0.10.EL"
> INITRD_BASE="initrd"
> INITRD_APPEND=".img"
> APPEND="ro root=/dev/hda1"
> DEV=mapper/VolGroup00-rhel4
> BOOT=mapper/VolGroup00-rhel4--boot
>
> qemu -kernel "/root/boot/vmlinuz-${KVER}" \
>     -initrd "/root/boot/${INITRD_BASE}-${KVER}${INITRD_APPEND}" \
>     -append "${APPEND}" \
>     -m 256 -no-rtc \
>     \
>     -usb \
>     -soundhw es1370 \
>     -net nic,vlan0,macaddr=52:54:56:34:12:01 \
>     -net tap,vlan=0,ifname=tap1 \
>     -hdb "/dev/$BOOT" \
>     /dev/$DEV
>
> and here's sdl's env
> root@dmlb2010-lappy:~# env | grep SDL
> SDL_VIDEODRIVER=x11
>
> Thanks for any help.
>
> - David Brown
>

-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/

Re: Oopse in kvm

[Avi Kivity]

David Brown wrote:
> I was wondering of anyone could help out on this, just found an oopse
> when trying to start rhel4 on i386 box. I was wondering if anyone else
> has seen this with kvm-18 and if I should submit a bug for it.
>
> [10937.520000] BUG: unable to handle kernel NULL pointer dereference
> [10937.521000] EIP: [<f9004eec>] mmu_page_remove_parent_pte+0xc/0xf0
> [kvm] SS:ESP 0068:c918fbbc
> [10937.521000]
>
>   


I've seen a few reports like this, but never managed to get one of my own.

Is this reproducible?  If so, a recipe would be _very_  valuable.

At what stage in the boot process does it crash?

-- 
Do not meddle in the internals of kernels, for they are subtle and quick to panic.


-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/

Re: Oopse in kvm

[David Brown]

> I've seen a few reports like this, but never managed to get one of my own.
>
> Is this reproducible?  If so, a recipe would be _very_  valuable.
>
> At what stage in the boot process does it crash?
>

No its not entirely reproducible, I made it happen using the standard
rhel4 kernel and it was trying to do the login of gdm, like I hit
enter after the password and it never came back... didn't even get to
the gnome loading screen at all...

I haven't had this happen with 19 yet... but this was the first time
this has happened to me at all really.  I will try some stuff tomorrow
and I'll send something if I figure out how to reproduce it.

- David Brown

-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/

Re: Oopse in kvm

[Avi Kivity]

[-- Attachment #1: Type: text/plain, Size: 982 bytes --]

Avi Kivity wrote:
> David Brown wrote:
>   
>> I was wondering of anyone could help out on this, just found an oopse
>> when trying to start rhel4 on i386 box. I was wondering if anyone else
>> has seen this with kvm-18 and if I should submit a bug for it.
>>
>> [10937.520000] BUG: unable to handle kernel NULL pointer dereference
>> [10937.521000] EIP: [<f9004eec>] mmu_page_remove_parent_pte+0xc/0xf0
>> [kvm] SS:ESP 0068:c918fbbc
>> [10937.521000]
>>
>>   
>>     
>
>
> I've seen a few reports like this, but never managed to get one of my own.
>
> Is this reproducible?  If so, a recipe would be _very_  valuable.
>
> At what stage in the boot process does it crash?
>
>   

Okay, I got a testcase through a private mail which reproduced this on 
guest boot.  The attached patch fixes it.

Note that the problem is only with nonpae guests, so if your guest is 
pae, you're probably seeing something different.

-- 
error compiling committee.c: too many arguments to function


[-- Attachment #2: nonpae-oops-fix.patch --]
[-- Type: text/x-patch, Size: 398 bytes --]

diff --git a/drivers/kvm/mmu.c b/drivers/kvm/mmu.c
index b872f09..c814394 100644
--- a/drivers/kvm/mmu.c
+++ b/drivers/kvm/mmu.c
@@ -1190,6 +1190,7 @@ void kvm_mmu_pre_write(struct kvm_vcpu *vcpu, gpa_t gpa, int bytes)
 			 * and zap two pdes instead of one.
 			 */
 			if (level == PT32_ROOT_LEVEL) {
+				page_offset &= ~7; /* kill rounding error */
 				page_offset <<= 1;
 				npte = 2;
 			}

[-- Attachment #3: Type: text/plain, Size: 286 bytes --]

-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/

[-- Attachment #4: Type: text/plain, Size: 186 bytes --]

_______________________________________________
kvm-devel mailing list
kvm-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org
https://lists.sourceforge.net/lists/listinfo/kvm-devel

Re: Oopse in kvm

[Thomas Glanzmann]

Hello Avi,
I had an kernel OOPS that morning with RHEL_5_ it isn't reproducable.

Apr 18 08:57:42 thinkpad kernel: BUG: unable to handle kernel NULL pointer dereference at virtual address 00000024
Apr 18 08:57:42 thinkpad kernel:  printing eip:
Apr 18 08:57:42 thinkpad kernel: 78351d8c
Apr 18 08:57:42 thinkpad kernel: *pde = 00000000
Apr 18 08:57:42 thinkpad kernel: Oops: 0000 [#1]
Apr 18 08:57:42 thinkpad kernel: SMP
Apr 18 08:57:42 thinkpad kernel: Modules linked in: fglrx(P) pcmcia ehci_hcd i2c_i801 uhci_hcd intel_agp yenta_socket rsrc_nonstatic pcmcia_core i2c_core psmouse e1000 agpgart usbcore evdev
Apr 18 08:57:42 thinkpad kernel: CPU:    0
Apr 18 08:57:42 thinkpad kernel: EIP:    0060:[<78351d8c>]    Tainted: P       VLI
Apr 18 08:57:42 thinkpad kernel: EFLAGS: 00210286   (2.6.21-rc6 #17)
Apr 18 08:57:42 thinkpad kernel: EIP is at mmu_page_remove_parent_pte+0xc/0xf0
Apr 18 08:57:42 thinkpad kernel: eax: f08a8498   ebx: 0811da9d   ecx: f0df0000   edx: 00000000
Apr 18 08:57:42 thinkpad kernel: esi: 0811da9d   edi: f0df0000   ebp: 00000000   esp: f0887b48
Apr 18 08:57:42 thinkpad kernel: ds: 007b   es: 007b   fs: 00d8  gs: 0033  ss: 0068
Apr 18 08:57:42 thinkpad kernel: Process qemu (pid: 4152, ti=f0886000 task=7a1d8570 task.ti=f0886000)
Apr 18 08:57:42 thinkpad kernel: Stack: f08a8498 0811da9d 0811da9d f0df0000 f08a8a34 783521fb f08a8498 00037b06
Apr 18 08:57:42 thinkpad kernel:        f08a9b7c 00000fff 00000000 00000000 00000ff8 00000001 00037b06 00000000
Apr 18 08:57:42 thinkpad kernel:        f08a8498 7834e716 00000001 37b06fff 00000000 797e59a0 00000000 00000000
Apr 18 08:57:42 thinkpad kernel: Call Trace:
Apr 18 08:57:42 thinkpad kernel:  [<783521fb>] kvm_mmu_pre_write+0x12b/0x200
Apr 18 08:57:42 thinkpad kernel:  [<7834e716>] emulator_write_emulated+0x106/0x180
Apr 18 08:57:42 thinkpad kernel:  [<7835673f>] x86_emulate_memop+0x17df/0x3120
Apr 18 08:57:42 thinkpad kernel:  [<7834ddfc>] gfn_to_page+0x1c/0x40
Apr 18 08:57:42 thinkpad kernel:  [<783531a9>] paging32_walk_addr+0x229/0x2e0
Apr 18 08:57:42 thinkpad kernel:  [<7834ddfc>] gfn_to_page+0x1c/0x40
Apr 18 08:57:42 thinkpad kernel:  [<78352576>] gpa_to_hpa+0x36/0xc0
Apr 18 08:57:42 thinkpad kernel:  [<78350719>] emulate_instruction+0x109/0x230
Apr 18 08:57:42 thinkpad kernel:  [<78351853>] kvm_setup_pio+0x1e3/0x220
Apr 18 08:57:42 thinkpad kernel:  [<7835a8cb>] handle_exception+0x1db/0x240
Apr 18 08:57:42 thinkpad kernel:  [<78359cbb>] kvm_vmx_return+0x119/0x53e
Apr 18 08:57:42 thinkpad kernel:  [<78351151>] kvm_vcpu_ioctl+0x911/0xd30
Apr 18 08:57:42 thinkpad kernel:  [<781362fd>] __sigqueue_alloc+0x2d/0x80
Apr 18 08:57:42 thinkpad kernel:  [<7813691b>] __group_send_sig_info+0x6b/0x90
Apr 18 08:57:42 thinkpad kernel:  [<78124441>] __activate_task+0x21/0x40
Apr 18 08:57:42 thinkpad kernel:  [<781267a1>] try_to_wake_up+0x41/0x3c0
Apr 18 08:57:42 thinkpad kernel:  [<78186057>] touch_atime+0x87/0x130
Apr 18 08:57:42 thinkpad kernel:  [<7815543a>] do_generic_mapping_read+0x3ca/0x4e0
Apr 18 08:57:42 thinkpad kernel:  [<7817f23d>] core_sys_select+0x22d/0x2c0
Apr 18 08:57:42 thinkpad kernel:  [<7810956e>] convert_fxsr_to_user+0xde/0x180
Apr 18 08:57:42 thinkpad kernel:  [<781099a8>] save_i387+0x138/0x160
Apr 18 08:57:42 thinkpad kernel:  [<781033e4>] setup_sigcontext+0x104/0x1b0
Apr 18 08:57:42 thinkpad kernel:  [<781360c6>] __dequeue_signal+0x126/0x190
Apr 18 08:57:42 thinkpad kernel:  [<78103b4a>] do_notify_resume+0x43a/0x6f0
Apr 18 08:57:42 thinkpad kernel:  [<78350840>] kvm_vcpu_ioctl+0x0/0xd30
Apr 18 08:57:42 thinkpad kernel:  [<7817ddeb>] do_ioctl+0x2b/0x90
Apr 18 08:57:42 thinkpad kernel:  [<7817deac>] vfs_ioctl+0x5c/0x2a0
Apr 18 08:57:42 thinkpad kernel:  [<7817e12d>] sys_ioctl+0x3d/0x70
Apr 18 08:57:42 thinkpad kernel:  [<78104174>] syscall_call+0x7/0xb
Apr 18 08:57:42 thinkpad kernel:  =======================
Apr 18 08:57:42 thinkpad kernel: Code: 10 85 c0 74 08 83 c8 01 89 45 0c eb d8 8b 02 89 45 0c eb d1 8d 74 26 00 8d bc 27 00 00 00 00 55 89 d5 57 56 53 83 ec 04 89 04 24 <8b> 7a 24 85 ff 0f 84 c9 00 00 00 8b 52 2c 85 d2 0f 84 b6 00 00
Apr 18 08:57:42 thinkpad kernel: EIP: [<78351d8c>] mmu_page_remove_parent_pte+0xc/0xf0 SS:ESP 0068:f0887b48
Apr 18 08:58:14 thinkpad kernel: SysRq : Emergency Sync
Apr 18 08:58:14 thinkpad kernel: Emergency Sync complete
Apr 18 08:58:15 thinkpad kernel: SysRq : Emergency Remount R/O

But I saw it a few times. Can you push your other fix upstream please?

Thanks,
        Thomas

-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/

Re: Oopse in kvm

[Avi Kivity]

Thomas Glanzmann wrote:
> Hello Avi,
> I had an kernel OOPS that morning with RHEL_5_ it isn't reproducable.
>
> Apr 18 08:57:42 thinkpad kernel: BUG: unable to handle kernel NULL pointer dereference at virtual address 00000024
> Apr 18 08:57:42 thinkpad kernel:  printing eip:
> Apr 18 08:57:42 thinkpad kernel: 78351d8c
>   

hehe, the 4g4g patch.

> Apr 18 08:57:42 thinkpad kernel: EIP: [<78351d8c>] mmu_page_remove_parent_pte+0xc/0xf0 SS:ESP 0068:f0887b48
>
>   

It's the same bug.

> But I saw it a few times. Can you push your other fix upstream please?
>   

Ok.  You mean you're running linus -rc?


-- 
error compiling committee.c: too many arguments to function


-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/

Re: Oopse in kvm

[Thomas Glanzmann]

Hello Avi,

> hehe, the 4g4g patch.

I see. I thought noone would use that anymore because of the overhead
during context switches.

> It's the same bug.

perfect.

> Ok.  You mean you're running linus -rc?

In fact I do. But I didn't meant that upstream. I was talking about your
repository[1]. But it isn't in the kvm kernel repository yet. So I commited it
local. And thanks to git if you commit it, it will merge that automatically.

[1] git://kvm.qumranet.com/home/avi/kvm.git

(thinkpad) [/scratch/tg/linux-2.6] git fetch kvm
(thinkpad) [/scratch/tg/linux-2.6]

I always pull from linus, than from you and merge the two.

        Thomas

-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/

Re: Oopse in kvm

[Avi Kivity]

Thomas Glanzmann wrote:
>   
>> Ok.  You mean you're running linus -rc?
>>     
>
> In fact I do. But I didn't meant that upstream. I was talking about your
> repository[1]. But it isn't in the kvm kernel repository yet. So I commited it
> local. And thanks to git if you commit it, it will merge that automatically.
>
> [1] git://kvm.qumranet.com/home/avi/kvm.git
>
> (thinkpad) [/scratch/tg/linux-2.6] git fetch kvm
> (thinkpad) [/scratch/tg/linux-2.6]
>
> I always pull from linus, than from you and merge the two.
>   

I see.  Consider it pushed.  I'll send it linuswards if there's no 
negative feedback in a day or two.


-- 
error compiling committee.c: too many arguments to function


-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/

Re: Oopse in kvm

[David Brown]

>
> I see.  Consider it pushed.  I'll send it linuswards if there's no
> negative feedback in a day or two.
>

Oooo, patch!

What was the method for reproduction? since I was unable to reproduce
the bug maybe I could with your method.

Don't worry I'll be on this thread until the problem is fixed, I'm not
the type that takes the patch and runs with it without telling you
guys that it indeed fixed the problem. I like the whole cycle; bug
found, bug fixed, bug verified :)

- David Brown

-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/

Re: Oopse in kvm

[Kiselev, Sergey]

It fixes the problem, at least for me...

Thanks,
Sergey 

-----Original Message-----
From: kvm-devel-bounces-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org
[mailto:kvm-devel-bounces-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org] On Behalf Of Avi Kivity
Sent: 18 April 2007 11:22
To: David Brown
Cc: kvm-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org
Subject: Re: [kvm-devel] Oopse in kvm

Avi Kivity wrote:
> David Brown wrote:
>   
>> I was wondering of anyone could help out on this, just found an oopse
>> when trying to start rhel4 on i386 box. I was wondering if anyone
else
>> has seen this with kvm-18 and if I should submit a bug for it.
>>
>> [10937.520000] BUG: unable to handle kernel NULL pointer dereference
>> [10937.521000] EIP: [<f9004eec>] mmu_page_remove_parent_pte+0xc/0xf0
>> [kvm] SS:ESP 0068:c918fbbc
>> [10937.521000]
>>
>>   
>>     
>
>
> I've seen a few reports like this, but never managed to get one of my
own.
>
> Is this reproducible?  If so, a recipe would be _very_  valuable.
>
> At what stage in the boot process does it crash?
>
>   

Okay, I got a testcase through a private mail which reproduced this on 
guest boot.  The attached patch fixes it.

Note that the problem is only with nonpae guests, so if your guest is 
pae, you're probably seeing something different.

-- 
error compiling committee.c: too many arguments to function

-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/

Re: Oopse in kvm

[Avi Kivity]

David Brown wrote:
>>
>> I see.  Consider it pushed.  I'll send it linuswards if there's no
>> negative feedback in a day or two.
>>
>
> Oooo, patch!
>
> What was the method for reproduction? since I was unable to reproduce
> the bug maybe I could with your method.
>

It was the SLES 9 installer/initrd pair, booting with 1.5G RAM 
reproduced it almost always.

> Don't worry I'll be on this thread until the problem is fixed, I'm not
> the type that takes the patch and runs with it without telling you
> guys that it indeed fixed the problem. I like the whole cycle; bug
> found, bug fixed, bug verified :)

Great, that increases the probability that the patch is a net gain.

I don't think you need to run the SLES installer as both Sergey and me 
have it working.  Instead, running with your regular workload (possibly 
stressing it) would be a good test.

-- 
error compiling committee.c: too many arguments to function


-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/

Re: Oopse in kvm

[David Brown]

> Great, that increases the probability that the patch is a net gain.
>
> I don't think you need to run the SLES installer as both Sergey and me
> have it working.  Instead, running with your regular workload (possibly
> stressing it) would be a good test.

Okay yeah I don't seem to have problems anymore.

Thanks,
- David Brown

-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/