From: Nix <nix@esperi.org.uk>
To: Avi Kivity <avi@redhat.com>
Cc: kvm@vger.kernel.org,
Linux-Kernel-Mailing-List <linux-kernel@vger.kernel.org>
Subject: Re: 2.6.31.5 x86-64 KVM: 'emulation failed (pagetable) rip 7fb49335da7b 66 0f 7f 07'
Date: Sun, 29 Nov 2009 13:48:16 +0000 [thread overview]
Message-ID: <87k4x9saqn.fsf@spindle.srvr.nix> (raw)
In-Reply-To: <4B125051.6010506@redhat.com> (Avi Kivity's message of "Sun, 29 Nov 2009 12:43:29 +0200")
On 29 Nov 2009, Avi Kivity uttered the following:
> 66 0f 7f 07 movdqa %xmm0,(%rdi)
>
> which we don't emulate.
x86-64 glibc 2.10 memset(), perhaps? On SSE-capable platforms that does
a whole bunch of
L(SSE0QB): movdqa %xmm0,-0xb0(%rdi)
L(SSE0QA): movdqa %xmm0,-0xa0(%rdi)
L(SSE0Q9): movdqa %xmm0,-0x90(%rdi)
L(SSE0Q8): movdqa %xmm0,-0x80(%rdi)
L(SSE0Q7): movdqa %xmm0,-0x70(%rdi)
L(SSE0Q6): movdqa %xmm0,-0x60(%rdi)
L(SSE0Q5): movdqa %xmm0,-0x50(%rdi)
L(SSE0Q4): movdqa %xmm0,-0x40(%rdi)
L(SSE0Q3): movdqa %xmm0,-0x30(%rdi)
L(SSE0Q2): movdqa %xmm0,-0x20(%rdi)
L(SSE0Q1): movdqa %xmm0,-0x10(%rdi)
L(SSE0Q0): retq
(multiple blocks of this, catering for alignment, I guess)
and x86-64 is always SSE-capable.
> Can you, using the qemu monitor, see where the guest is trying to write?
>
> (qemu) info registers
> (qemu) x/30i $eip - 20
looks like a leaveq, consistently (big flow-of-control change): want a
dump of some higher stack frames?
(qemu) info registers
RAX=0000000000000000 RBX=ffffffff81813a28 RCX=0000000000000000 RDX=0000000000000000
RSI=0000000000000001 RDI=ffffffff818f4fa8 RBP=ffffffff81769eb8 RSP=ffffffff81769eb8
R8 =0000000000000000 R9 =ffffffff81925418 R10=000000000000000e R11=0000000000ffff0e
R12=6db6db6db6db6db7 R13=ffffffff818f2000 R14=ffffffff81769fa8 R15=000000000008c000
RIP=ffffffff810316f6 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
FS =0000 0000000000000000 ffffffff 00000000
GS =0000 ffff8800019c5000 ffffffff 00000000
LDT=0000 0000000000000000 ffffffff 00000000
TR =0040 ffff8800019d8140 00002087 00008b00 DPL=0 TSS64-busy
GDT= ffff8800019c9000 0000007f
IDT= ffffffff818f2000 00000fff
CR0=8005003b CR2=0000000000f57000 CR3=000000003dc13000 CR4=000006b0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00000000
FPR0=0000000000000025 ffff FPR1=000000000000001b ffff
FPR2=12a05f24a8000000 ffff FPR3=00000002540be495 ffff
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 ffff
XMM00=0000ff0000000000000000000000ff00 XMM01=00000000000000000000000000000000
XMM02=00000000000000000000000000000000 XMM03=000000000000000000000000000000ff
XMM04=0000000000000000406e000000000000 XMM05=00000000000000003fd8234618ab9d47
XMM06=00000000000000003fd8234618ab9d47 XMM07=00000000000000003fec5c5c5c5c5c5c
XMM08=00000000000000004032000000000000 XMM09=0000000000000000404e000000000000
XMM10=0000000000000000405e000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
(qemu) x/30i $eip - 20
0xffffffff810316e2: mov %esp,%ebp
0xffffffff810316e4: sti
0xffffffff810316e5: leaveq
0xffffffff810316e6: retq
0xffffffff810316e7: nopw 0x0(%rax,%rax,1)
0xffffffff810316f0: push %rbp
0xffffffff810316f1: mov %rsp,%rbp
0xffffffff810316f4: sti
0xffffffff810316f5: hlt
0xffffffff810316f6: leaveq
0xffffffff810316f7: retq
0xffffffff810316f8: nopl 0x0(%rax,%rax,1)
0xffffffff81031700: push %rbp
0xffffffff81031701: mov %rsp,%rbp
0xffffffff81031704: hlt
0xffffffff81031705: leaveq
0xffffffff81031706: retq
0xffffffff81031707: nopw 0x0(%rax,%rax,1)
0xffffffff81031710: push %rbp
0xffffffff81031711: mov %rsp,%rbp
0xffffffff81031714: clts
0xffffffff81031716: leaveq
0xffffffff81031717: retq
0xffffffff81031718: nopl 0x0(%rax,%rax,1)
0xffffffff81031720: push %rbp
0xffffffff81031721: mov %rsp,%rbp
0xffffffff81031724: mov %cr0,%rax
0xffffffff81031727: leaveq
0xffffffff81031728: retq
0xffffffff81031729: nopl 0x0(%rax)
next prev parent reply other threads:[~2009-11-29 13:48 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-11-27 21:56 2.6.31.5 x86-64 KVM: 'emulation failed (pagetable) rip 7fb49335da7b 66 0f 7f 07' Nix
2009-11-29 10:43 ` Avi Kivity
2009-11-29 13:48 ` Nix [this message]
2009-11-29 14:23 ` Avi Kivity
2009-11-29 22:27 ` usb_add crashes stable kvm-0.11.0 Nix
2009-12-03 0:27 ` Nix
2009-11-29 23:31 ` 2.6.31.5 x86-64 KVM: 'emulation failed (pagetable) rip 7fb49335da7b 66 0f 7f 07' Nix
2009-11-30 8:15 ` Avi Kivity
2009-11-30 12:05 ` Alejandro Riveira Fernández
2009-11-30 21:40 ` Nix
2009-12-01 9:59 ` Avi Kivity
2009-12-01 10:12 ` Avi Kivity
2009-12-02 13:25 ` Avi Kivity
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87k4x9saqn.fsf@spindle.srvr.nix \
--to=nix@esperi.org.uk \
--cc=avi@redhat.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox