From mboxrd@z Thu Jan 1 00:00:00 1970 From: Avi Kivity Subject: Re: BUG at mmu.c:615 from localhost migration using ept+hugetlbfs Date: Tue, 09 Jun 2009 19:47:10 +0300 Message-ID: <4A2E920E.8010703@redhat.com> References: <20090529164326.GB11681@us.ibm.com> <20090609164036.GA10828@amt.cnet> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: Ryan Harper , kvm@vger.kernel.org To: Marcelo Tosatti Return-path: Received: from mx2.redhat.com ([66.187.237.31]:36224 "EHLO mx2.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753866AbZFIQrM (ORCPT ); Tue, 9 Jun 2009 12:47:12 -0400 In-Reply-To: <20090609164036.GA10828@amt.cnet> Sender: kvm-owner@vger.kernel.org List-ID: Marcelo Tosatti wrote: > Ryan, > > On Fri, May 29, 2009 at 11:43:26AM -0500, Ryan Harper wrote: > >> Testing latest qemu-kvm.git and kvm-kmod.git, ept enabled and backing >> guests with large pages trips a BUG in the mmu code. If I disable ept, >> but still use large pages, migration succeeds. Reproduce with: >> >> hugetlbfs setup: >> % mkdir -p /hugetlbfs && mount -t hugetlbfs hugetlbfs /hugetlbfs >> % echo 10000 > /proc/sys/vm/nr_hugepages >> >> qemu commands: >> >> guest a: >> sudo x86_64-softmmu/qemu-system-x86_64 -L pc-bios -m 2048 -mempath /hugetlbfs -net nic -net tap -vnc :12 -monitor stdio -hda /scratch/images/rharper/rhel4u8-32-ide.raw >> >> guest b: >> sudo x86_64-softmmu/qemu-system-x86_64 -L pc-bios -m 2048 -mempath /hugetlbfs -net nic -net tap -vnc :13 -monitor stdio -hda /scratch/images/rharper/rhel4u8-32-ide.raw -incoming tcp:0:4444 >> >> Once the guest a is up, issued migrate command: >> (qemu) migrate -d tcp:localhost:444 >> >> rmap_remove: ffff880a08e00098 c0336e65c0336e5b 0->BUG >> > ^^^^^^^^^^^^^^^^ > > This value looks very strange (bits 5:3 contain invalid value, for one). > Don't have access to HW at the very moment, so it would be great if you > had time to do a change equivalent to this and reproduce: > That spte is totally bogus. > diff --git a/arch/x86/kvm/mmu.c b/arch/x86/kvm/mmu.c > index 809cce0..ceb70b0 100644 > --- a/arch/x86/kvm/mmu.c > +++ b/arch/x86/kvm/mmu.c > @@ -1759,7 +1764,7 @@ static void mmu_set_spte(struct kvm_vcpu *vcpu, u64 *shadow_pte, > child = page_header(pte & PT64_BASE_ADDR_MASK); > mmu_page_remove_parent_pte(child, shadow_pte); > } else if (pfn != spte_to_pfn(*shadow_pte)) { > - pgprintk("hfn old %lx new %lx\n", > + printk(KERN_ERR "hfn old %lx new %lx\n", > spte_to_pfn(*shadow_pte), pfn); > rmap_remove(vcpu->kvm, shadow_pte); > } else > > Avi, any hints? > Not really. One thing, migration should transition the shadow pagetables from large pages to small ones, maybe that bit is broken. Maybe we're looking at a largepage spte and interpreting it as a normal L2 spte, and interpreting a guest page as the L1 spt. -- error compiling committee.c: too many arguments to function