From mboxrd@z Thu Jan 1 00:00:00 1970 From: "Zdenek Kabelac" Subject: Re: loop in copy_user_generic_string Date: Tue, 4 Mar 2008 17:39:21 +0100 Message-ID: References: <47CD73DF.6070502@qumranet.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Cc: kvm-devel@lists.sourceforge.net To: "Avi Kivity" Return-path: In-Reply-To: <47CD73DF.6070502@qumranet.com> Content-Disposition: inline List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: kvm-devel-bounces@lists.sourceforge.net Errors-To: kvm-devel-bounces@lists.sourceforge.net List-Id: kvm.vger.kernel.org 2008/3/4, Avi Kivity : > Zdenek Kabelac wrote: > > Hello > > > > > > I'm having weird problem and being a bit puzzled about where to look > > for this bug. > > > > I'm using T61 - C2D 2GB > > > > So I'll describe symptoms: > > > > When I run inside my 0.5G smp qemu-kvm guest with Debian these two > > loops in parallel: > > > > 'while : ; do dmsetup status ; done' > > > > and > > > > 'while : ; do cat /dev/zero >/dev/mapper/any_free_to_use_lvm_partition ; done' > > > > after a while dmsetup start to loop in this place: > > > > > [ 356.257323] [] ? copy_user_generic_string+0x17/0x40 > > > > > > > I'm using preemptible kernel and the code will stay in the > > copy_user_generic_string call forever eating 100%cpu - without > > preemption the kernel gets dead. > > > > With preemption when I run at this moment second dmsetup status in > > paralllel the busy-looped dmsetup gets finished and while loop starts > > to continue agains until next dmsetup busy-loop. > > > > I've noticed that if I change inside drivers/md/dm-ioctl.c > > copy_params the parameter tmp.data_size in the copy_from_user call to > > just page size (4kB) - or when I replace vmalloc to kmalloc - the busy > > loop will not happen. > > > > So it seems to be related to page jump somehow > > > > Anyway might have any idea - what is going on here ? > > > > > Most likely movs emulation is broken for long counts. Please post a > disassembly of copy_user_generic_string to make sure we're looking at > the same code. > Is it emulated ? I've thought it's running natively with vmx? Anyway here is objdump of copy_user_64.o (loops on 0x1d7) 00000000000001c0 : 1c0: 41 89 c8 mov %ecx,%r8d 1c3: 89 d1 mov %edx,%ecx 1c5: c1 e9 03 shr $0x3,%ecx 1c8: 83 e2 07 and $0x7,%edx 1cb: 74 0a je 1d7 1cd: f3 48 a5 rep movsq %ds:(%rsi),%es:(%rdi) 1d0: 89 d1 mov %edx,%ecx 1d2: f3 a4 rep movsb %ds:(%rsi),%es:(%rdi) 1d4: 89 c8 mov %ecx,%eax 1d6: c3 retq 1d7: f3 48 a5 rep movsq %ds:(%rsi),%es:(%rdi) 1da: 31 c0 xor %eax,%eax 1dc: c3 retq 1dd: 48 8d 04 ca lea (%rdx,%rcx,8),%rax 1e1: eb 02 jmp 1e5 1e3: 89 c8 mov %ecx,%eax 1e5: 45 85 c0 test %r8d,%r8d 1e8: 74 08 je 1f2 1ea: 89 c1 mov %eax,%ecx 1ec: 50 push %rax 1ed: 31 c0 xor %eax,%eax 1ef: f3 aa rep stos %al,%es:(%rdi) 1f1: 58 pop %rax 1f2: c3 retq Zdenek ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/