From mboxrd@z Thu Jan 1 00:00:00 1970 From: Avi Kivity Subject: Re: 2.6.38.1 general protection fault Date: Sat, 26 Mar 2011 11:15:00 +0200 Message-ID: <4D8DAE94.7070604@redhat.com> References: <4D8C6110.6090204@wpkg.org> Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Cc: "kvm@vger.kernel.org" , Andrea Arcangeli To: Tomasz Chmielewski Return-path: Received: from mx1.redhat.com ([209.132.183.28]:9279 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751727Ab1CZJPE (ORCPT ); Sat, 26 Mar 2011 05:15:04 -0400 In-Reply-To: <4D8C6110.6090204@wpkg.org> Sender: kvm-owner@vger.kernel.org List-ID: On 03/25/2011 11:32 AM, Tomasz Chmielewski wrote: > I got this on a 2.6.38.1 system which (I think) had some problem accessing guest image on a btrfs filesystem. > > > general protection fault: 0000 [#1] SMP > last sysfs file: /sys/kernel/uevent_seqnum > CPU 0 > Modules linked in: ipt_MASQUERADE vhost_net kvm_intel kvm iptable_filter xt_tcpudp iptable_nat nf_nat nf_conntrack_ipv4 nf_conntrack nf_defrag_ipv4 ip_tables x_tables bridge stp btrfs zlib_deflate crc32c libcrc32c coretemp f71882fg snd_pcm snd_timer snd soundcore i2c_i801 snd_page_alloc tpm_tis tpm tpm_bios pcspkr i7core_edac edac_core r8169 mii raid10 raid456 async_pq async_xor xor async_memcpy async_raid6_recov raid6_pq async_tx raid1 raid0 ahci libahci sata_nv sata_sil sata_via 3w_9xxx 3w_xxxx [last unloaded: scsi_wait_scan] > > Pid: 10199, comm: kvm Not tainted 2.6.38.1 #1 MSI MS-7522/MSI X58 Pro-E (MS-7522) > RIP: 0010:[] [] kvm_unmap_rmapp+0x20/0x70 [kvm] > RSP: 0018:ffff880508ee9bf0 EFLAGS: 00010202 > RAX: 00008805d6b087f8 RBX: ffff8805b7b10000 RCX: 0000000000000050 > RDX: 0000000000000000 RSI: 00008805d6b087f8 RDI: ffff8805b7b10000 > RBP: ffff880508ee9c10 R08: ffff8801061d4000 R09: ffffc9001f19aff0 > R10: 0000000000000030 R11: 0000000000000000 R12: 0000000000000000 > R13: ffffc9001f19aff8 R14: 0000000000000060 R15: ffff8801061d4000 > FS: 00007f7ca25d6730(0000) GS:ffff8800bf400000(0000) knlGS:0000000000000000 > CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b > CR2: 0000000000462b10 CR3: 00000003ac47f000 CR4: 00000000000026e0 > DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 > DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400 > Process kvm (pid: 10199, threadinfo ffff880508ee8000, task ffff88001b5a5b00) > Stack: > ffffffffffffffcf 00000000000220ff 0000000000000001 ffff8801061d4050 > ffff880508ee9c80 ffffffffa02c8a54 0000000000000030 ffffffffa02cae00 > 0000000000000000 00007f7c80a2b000 ffff8805b7b10000 0000000000000001 > Call Trace: > [] kvm_handle_hva+0xb4/0x170 [kvm] > [] ? kvm_unmap_rmapp+0x0/0x70 [kvm] > [] kvm_unmap_hva+0x17/0x20 [kvm] > [] kvm_mmu_notifier_invalidate_range_start+0x62/0xb0 [kvm] > [] __mmu_notifier_invalidate_range_start+0x51/0x70 > [] copy_page_range+0x3b1/0x460 > [] ? rb_insert_color+0x98/0x140 > [] dup_mm+0x2fc/0x500 > [] copy_process+0x8be/0x11b0 > [] do_fork+0x75/0x350 > [] ? mntput+0x1d/0x40 > [] ? fput+0x1e5/0x270 > [] ? _raw_spin_lock_irq+0x15/0x20 > [] ? sigprocmask+0x91/0x110 > [] sys_clone+0x28/0x30 > [] stub_clone+0x13/0x20 > [] ? system_call_fastpath+0x16/0x1b > Code: 49 89 01 eb 91 66 0f 1f 44 00 00 55 48 89 e5 41 55 41 54 53 48 83 ec 08 0f 1f 44 00 00 45 31 e4 48 89 fb 49 89 f5 eb 1d 0f 1f 00 06 01 74 38 48 8b 15 a4 66 02 00 48 89 df 41 bc 01 00 00 00 > RIP [] kvm_unmap_rmapp+0x20/0x70 [kvm] > RSP > ---[ end trace 85201a339b7635fc ]--- > > > 0: 55 push %rbp 1: 48 89 e5 mov %rsp,%rbp 4: 41 55 push %r13 6: 41 54 push %r12 8: 53 push %rbx 9: 48 83 ec 08 sub $0x8,%rsp d: 0f 1f 44 00 00 nopl 0x0(%rax,%rax,1) 12: 45 31 e4 xor %r12d,%r12d 15: 48 89 fb mov %rdi,%rbx 18: 49 89 f5 mov %rsi,%r13 1b: eb 1d jmp 0x3a 1d: 0f 1f 00 nopl (%rax) 20: f6 06 01 testb $0x1,(%rsi) Looks like the top 16 bits of %rsi are flipped. Also wierd to see a fork(). What's your qemu command line? -- I have a truly marvellous patch that fixes the bug which this signature is too narrow to contain.