From mboxrd@z Thu Jan  1 00:00:00 1970
From: Avi Kivity <avi@redhat.com>
Subject: Re: Debugging an inconsistent shadow page table
Date: Sun, 26 Apr 2009 13:32:38 +0300
Message-ID: <49F43846.40807@redhat.com>
References: <49F2E79A.6070602@web.de>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-15; format=flowed
Content-Transfer-Encoding: 7bit
Cc: kvm-devel <kvm@vger.kernel.org>
To: Jan Kiszka <jan.kiszka@web.de>
Return-path: <kvm-owner@vger.kernel.org>
Received: from mx2.redhat.com ([66.187.237.31]:40568 "EHLO mx2.redhat.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1751455AbZDZKcl (ORCPT <rfc822;kvm@vger.kernel.org>);
	Sun, 26 Apr 2009 06:32:41 -0400
In-Reply-To: <49F2E79A.6070602@web.de>
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

Jan Kiszka wrote:
> Hi,
>
> turning on MMU_DEBUG and AUDIT in arch/x86/kvm/mmu.c (and fixing a build
> error, patch will follow) I got this (and then a #GP :( - patch will
> follow):
>
> ...
> kvm_mmu_get_page: looking gfn 0 role f0120
> kvm_mmu_get_page: found
> kvm_mmu_get_page: looking gfn 0 role f0220
> kvm_mmu_get_page: found
> kvm_mmu_get_page: looking gfn 0 role f0320
> kvm_mmu_get_page: found
> kvm_mmu_get_page: looking gfn e1f role e0044
> kvm_mmu_get_page: adding gfn e1f role e0044
> rmap_write_protect: spte ffff8100660a60f8 7ca98067
> paging64_page_fault: addr 100105 err 19
> audit_write_protection: (pre page fault) shadow page has writable mappings: gfn e1f role e0044
> audit: (pre page fault) nontrapping pte in nonleaf level: levels 4 gva 8000000000 level 4 pte 0
>
> Is the last message indicating a problem? I get it very early during
> guest boot. oos_shadow is disabled.
>   

Yes.  It means the guest will receive a page fault if is accesses 
anything this pte points to.  Theoretically we could have made this 
work, but we never did.

But the message is self-contradictory.  Level 4 PTEs map 0.5TB each, and 
the gva mentioned isn't 0.5TB aligned.

> I'm currently trying to understand an obvious inconsistency in the pte
> describing a page of the virtio-net rx ring. On some guests with some
> qemu (upstream) command lines I can trigger this with '-smb /some/path'
> and then doing smbclient -L in the guest. Once the inconsistency slipped
> in, host and guest see different page contents and virtio-net stops to
> work. Very strange, but fortunately easily reproducible here. Any hints
> or debugging suggestions welcome!
>   

What type of inconsistency? pfn or flags?

-- 
error compiling committee.c: too many arguments to function