From mboxrd@z Thu Jan 1 00:00:00 1970 From: Avi Kivity Subject: Re: [PATCH RFC] KVM: inject #UD if instruction emulation fails while vcpu is in cpl==3 Date: Thu, 06 May 2010 13:13:30 +0300 Message-ID: <4BE2964A.1090906@redhat.com> References: <20100429115847.GW10044@redhat.com> <4BE288CE.5050801@redhat.com> <20100506100645.GB24787@redhat.com> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: mtosatti@redhat.com, kvm@vger.kernel.org To: Gleb Natapov Return-path: Received: from mx1.redhat.com ([209.132.183.28]:10947 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751830Ab0EFKNc (ORCPT ); Thu, 6 May 2010 06:13:32 -0400 Received: from int-mx01.intmail.prod.int.phx2.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) by mx1.redhat.com (8.13.8/8.13.8) with ESMTP id o46ADWIG010226 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Thu, 6 May 2010 06:13:32 -0400 Received: from cleopatra.tlv.redhat.com (cleopatra.tlv.redhat.com [10.35.255.11]) by int-mx01.intmail.prod.int.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id o46ADU4r006969 for ; Thu, 6 May 2010 06:13:31 -0400 In-Reply-To: <20100506100645.GB24787@redhat.com> Sender: kvm-owner@vger.kernel.org List-ID: On 05/06/2010 01:06 PM, Gleb Natapov wrote: > On Thu, May 06, 2010 at 12:15:58PM +0300, Avi Kivity wrote: > >> On 04/29/2010 02:58 PM, Gleb Natapov wrote: >> >>> Do not kill VM If instruction emulation fails while vcpu is in >>> userspace. Inject #UD instead in a hope that guest OS will kill offending >>> process. Emulation failure is still traced by ftrace point to help >>> analyze the problem. >>> >> Still there's the risk here that a critical failure goes unnoticed. >> ftrace isn't on at all times. >> >> > Kvm_stat will still show that there was emulation failure, so if strange > application behaviour is reported kvm_stat output will have hints where > to look. Next step in analyzing the problem will be enabling emulator > tracing. > We can expect that from a developer or a user subscribed to kvm@. But what about some random user running virt-manager? dmesg and kvm_stat will not go up the management stack. >> We can probably inject a #UD unconditionally and exit to userspace. >> Userspace would then report the problem to the user and reenter the >> guest, which would then recover or not. >> >> > By "unconditionally" you mean even if guest is in kernel mode? Yes. > There is > no point in trying to continue after that happens. Instead of getting > paused VM at exact place where problem happened and easily analyzable we > will get misbehaved VM with undefined state. > True. But the same problem exists with cpl>0 #UD. It may be a critical driver in userspace (say, video driver). Also need to think consider nested kernels (which are userspace for this purpose). How about default to unconditional #UD and report, and pause if requested (in userspace)? Usually emulation failures will be 100% reproducible, so the user can rerun their workload. -- error compiling committee.c: too many arguments to function