From mboxrd@z Thu Jan 1 00:00:00 1970 From: Avi Kivity Subject: Re: [PATCH] KVM: SVM: fix random segfaults with NPT enabled Date: Thu, 28 Aug 2008 18:29:19 +0300 Message-ID: <48B6C44F.2000201@qumranet.com> References: <1219839523-25677-1-git-send-email-joerg.roedel@amd.com> <48B55266.4000300@qumranet.com> <48B55C56.2060503@qumranet.com> <20080827135731.GC26059@amd.com> <48B57126.7000603@qumranet.com> <20080827153550.GB3801@8bytes.org> <48B577C3.3050302@qumranet.com> <20080827162715.GA28498@amd.com> <48B58599.1040509@qumranet.com> <48B587EC.7020606@qumranet.com> <20080828145838.GA4971@amd.com> <48B6C12D.1020501@qumranet.com> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: Joerg Roedel , kvm@vger.kernel.org, stable@kernel.org, Alexander Graf To: Joerg Rodel Return-path: Received: from il.qumranet.com ([212.179.150.194]:42941 "EHLO il.qumranet.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753182AbYH1P3V (ORCPT ); Thu, 28 Aug 2008 11:29:21 -0400 In-Reply-To: <48B6C12D.1020501@qumranet.com> Sender: kvm-owner@vger.kernel.org List-ID: Avi Kivity wrote: > Joerg Rodel wrote: > >> I did a bit meditation about the softmmu code today. In the path of the >> NPT fault the function kvm_mmu_free_some_pages() is called which itself >> calls kvm_mmu_zap_page(). There the two functions >> kvm_mmu_page_unlink_children() and kvm_mmu_unlink_parents() are called. >> They both call mmu_page_remove_parent_pte() which modifies ptes. But >> only the first function, kvm_mmu_page_unlink_children(), flushes remote >> TLBs. The function kvm_mmu_unlink_parents() does not. Is this correct? >> >> >> > > It isn't correct. I'll move the flush below. Good catch. > > However, I can't believe this is responsible. There is very little page > zapping going on with npt. > > Indeed, the mmu_shadow_zapped counter for the guest I'm testing is zero, so this code path was never hit. -- Do not meddle in the internals of kernels, for they are subtle and quick to panic.