From: "Alex Bennée" <alex.bennee@linaro.org>
To: qemu-devel@nongnu.org
Cc: "Reinoud Zandijk" <reinoud@netbsd.org>,
"Cédric Le Goater" <clg@redhat.com>,
"Huacai Chen" <chenhuacai@kernel.org>,
"Zhao Liu" <zhao1.liu@intel.com>,
"Paolo Bonzini" <pbonzini@redhat.com>,
"Alistair Francis" <alistair.francis@wdc.com>,
qemu-arm@nongnu.org, "Fam Zheng" <fam@euphon.net>,
"Helge Deller" <deller@gmx.de>,
"Matthew Rosato" <mjrosato@linux.ibm.com>,
"Fabiano Rosas" <farosas@suse.de>,
qemu-rust@nongnu.org, "Bibo Mao" <maobibo@loongson.cn>,
qemu-riscv@nongnu.org,
"Thanos Makatos" <thanos.makatos@nutanix.com>,
"Liu Zhiwei" <zhiwei_liu@linux.alibaba.com>,
"Riku Voipio" <riku.voipio@iki.fi>,
"Cameron Esfahani" <dirty@apple.com>,
"Alexander Graf" <agraf@csgraf.de>,
"Laurent Vivier" <lvivier@redhat.com>,
"Harsh Prateek Bora" <harshpb@linux.ibm.com>,
"Daniel P. Berrangé" <berrange@redhat.com>,
qemu-ppc@nongnu.org, "Stafford Horne" <shorne@gmail.com>,
"Sunil Muthuswamy" <sunilmut@microsoft.com>,
"Jagannathan Raman" <jag.raman@oracle.com>,
"Igor Mammedov" <imammedo@redhat.com>,
"Brian Cain" <brian.cain@oss.qualcomm.com>,
"Phil Dennis-Jordan" <phil@philjordan.eu>,
devel@lists.libvirt.org, "Mads Ynddal" <mads@ynddal.dk>,
"Elena Ufimtseva" <elena.ufimtseva@oracle.com>,
"Peter Xu" <peterx@redhat.com>,
"Jason Herne" <jjherne@linux.ibm.com>,
"Michael Rolnik" <mrolnik@gmail.com>,
"Weiwei Li" <liwei1518@gmail.com>,
"Laurent Vivier" <laurent@vivier.eu>,
"Ilya Leoshkevich" <iii@linux.ibm.com>,
qemu-block@nongnu.org, "Peter Maydell" <peter.maydell@linaro.org>,
"Kostiantyn Kostiuk" <kkostiuk@redhat.com>,
"Kyle Evans" <kevans@freebsd.org>,
"David Hildenbrand" <david@redhat.com>,
"Edgar E. Iglesias" <edgar.iglesias@gmail.com>,
"Warner Losh" <imp@bsdimp.com>,
"Daniel Henrique Barboza" <dbarboza@ventanamicro.com>,
"John Snow" <jsnow@redhat.com>,
"Yoshinori Sato" <yoshinori.sato@nifty.com>,
"Aleksandar Rikalo" <arikalo@gmail.com>,
"Alistair Francis" <alistair@alistair23.me>,
"Marcelo Tosatti" <mtosatti@redhat.com>,
"Yonggang Luo" <luoyonggang@gmail.com>,
"Radoslaw Biernacki" <rad@semihalf.com>,
"Artyom Tarasenko" <atar4qemu@gmail.com>,
"Yanan Wang" <wangyanan55@huawei.com>,
"Eduardo Habkost" <eduardo@habkost.net>,
"Aurelien Jarno" <aurelien@aurel32.net>,
"Richard Henderson" <richard.henderson@linaro.org>,
qemu-s390x@nongnu.org,
"Alex Williamson" <alex.williamson@redhat.com>,
"Michael S. Tsirkin" <mst@redhat.com>,
"Ani Sinha" <anisinha@redhat.com>,
"Roman Bolshakov" <rbolshakov@ddn.com>,
"Manos Pitsidianakis" <manos.pitsidianakis@linaro.org>,
"Chinmay Rath" <rathc@linux.ibm.com>,
"Thomas Huth" <thuth@redhat.com>,
"Cleber Rosa" <crosa@redhat.com>,
kvm@vger.kernel.org, "Song Gao" <gaosong@loongson.cn>,
"Philippe Mathieu-Daudé" <philmd@linaro.org>,
"Halil Pasic" <pasic@linux.ibm.com>,
"Eric Farman" <farman@linux.ibm.com>,
"Palmer Dabbelt" <palmer@dabbelt.com>,
"Leif Lindholm" <leif.lindholm@oss.qualcomm.com>,
"Christian Borntraeger" <borntraeger@linux.ibm.com>,
"Michael Roth" <michael.roth@amd.com>,
"Mauro Carvalho Chehab" <mchehab+huawei@kernel.org>,
"Jiaxun Yang" <jiaxun.yang@flygoat.com>,
"Marc-André Lureau" <marcandre.lureau@redhat.com>,
"Mark Cave-Ayland" <mark.cave-ayland@ilande.co.uk>,
"Marcel Apfelbaum" <marcel.apfelbaum@gmail.com>,
"Alex Bennée" <alex.bennee@linaro.org>,
"Nicholas Piggin" <npiggin@gmail.com>,
"John Levon" <john.levon@nutanix.com>,
"Xin Wang" <wangxinxin.wang@huawei.com>
Subject: [PATCH v2 001/281] target/i386: Add support for save/load of exception error code
Date: Thu, 4 Sep 2025 09:06:35 +0100 [thread overview]
Message-ID: <20250904081128.1942269-2-alex.bennee@linaro.org> (raw)
In-Reply-To: <20250904081128.1942269-1-alex.bennee@linaro.org>
From: Xin Wang <wangxinxin.wang@huawei.com>
For now, qemu save/load CPU exception info(such as exception_nr and
has_error_code), while the exception error_code is ignored. This will
cause the dest hypervisor reinject a vCPU exception with error_code(0),
potentially causing a guest kernel panic.
For instance, if src VM stopped with an user-mode write #PF (error_code 6),
the dest hypervisor will reinject an #PF with error_code(0) when vCPU resume,
then guest kernel panic as:
BUG: unable to handle page fault for address: 00007f80319cb010
#PF: supervisor read access in user mode
#PF: error_code(0x0000) - not-present page
RIP: 0033:0x40115d
To fix it, support save/load exception error_code.
Signed-off-by: Xin Wang <wangxinxin.wang@huawei.com>
Link: https://lore.kernel.org/r/20250819145834.3998-1-wangxinxin.wang@huawei.com
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
target/i386/machine.c | 19 +++++++++++++++++++
1 file changed, 19 insertions(+)
diff --git a/target/i386/machine.c b/target/i386/machine.c
index dd2dac1d443..45b7cea80aa 100644
--- a/target/i386/machine.c
+++ b/target/i386/machine.c
@@ -462,6 +462,24 @@ static const VMStateDescription vmstate_exception_info = {
}
};
+static bool cpu_errcode_needed(void *opaque)
+{
+ X86CPU *cpu = opaque;
+
+ return cpu->env.has_error_code != 0;
+}
+
+static const VMStateDescription vmstate_error_code = {
+ .name = "cpu/error_code",
+ .version_id = 1,
+ .minimum_version_id = 1,
+ .needed = cpu_errcode_needed,
+ .fields = (const VMStateField[]) {
+ VMSTATE_INT32(env.error_code, X86CPU),
+ VMSTATE_END_OF_LIST()
+ }
+};
+
/* Poll control MSR enabled by default */
static bool poll_control_msr_needed(void *opaque)
{
@@ -1746,6 +1764,7 @@ const VMStateDescription vmstate_x86_cpu = {
},
.subsections = (const VMStateDescription * const []) {
&vmstate_exception_info,
+ &vmstate_error_code,
&vmstate_async_pf_msr,
&vmstate_async_pf_int_msr,
&vmstate_pv_eoi_msr,
--
2.47.2
next prev parent reply other threads:[~2025-09-04 8:20 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-09-04 8:06 [PATCH v2 000/281] arm_load_dtb cleanups Alex Bennée
2025-09-04 8:06 ` Alex Bennée [this message]
2025-09-04 12:08 ` [PATCH v2 001/281] target/i386: Add support for save/load of exception error code Igor Mammedov
2025-09-05 12:36 ` Alex Bennée
2025-09-04 8:06 ` [PATCH v2 002/281] scripts/minikconf.py: fix invalid attribute access Alex Bennée
2025-09-04 8:06 ` [PATCH v2 003/281] scripts/minikconf.py: s/Error/KconfigParserError Alex Bennée
2025-09-04 8:06 ` [PATCH v2 004/281] python: mkvenv: fix messages printed by mkvenv Alex Bennée
2025-09-04 8:06 ` [PATCH v2 005/281] MAINTAINERS: add a few more files to "Top Level Makefile and configure" Alex Bennée
2025-09-04 8:06 ` [PATCH v2 006/281] Update version for the v10.1.0 release Alex Bennée
2025-09-04 8:06 ` [PATCH v2 007/281] Open 10.2 development tree Alex Bennée
2025-09-04 8:06 ` [PATCH v2 008/281] hw: add compat machines for 10.2 Alex Bennée
2025-09-04 8:06 ` [PATCH v2 010/281] tests/functional/test_aarch64_virt_gpu: Skip test if EGL won't initialize Alex Bennée
2025-09-04 8:06 ` [PATCH v2 011/281] tests/functional: Fix reverse_debugging asset precaching Alex Bennée
2025-09-04 8:06 ` [PATCH v2 015/281] tests/functional/meson.build: Split timeout settings by target Alex Bennée
2025-09-04 8:06 ` [PATCH v2 016/281] tests/functional/meson.build: Allow tests to reside in subfolders Alex Bennée
2025-09-04 8:06 ` [PATCH v2 018/281] tests/functional: Move alpha tests into architecture specific folder Alex Bennée
2025-09-04 8:06 ` [PATCH v2 021/281] tests/functional: Move hppa " Alex Bennée
2025-09-04 8:06 ` [PATCH v2 024/281] tests/functional: Move m68k " Alex Bennée
2025-09-04 8:07 ` [PATCH v2 031/281] tests/functional: Move s390x tests into target-specific folders Alex Bennée
2025-09-04 8:07 ` [PATCH v2 032/281] tests/functional: Move sh4/sh4eb " Alex Bennée
2025-09-04 8:07 ` [PATCH v2 034/281] tests/functional: Move x86_64 tests into target-specific folder Alex Bennée
2025-09-04 8:07 ` [PATCH v2 045/281] rust/qemu-api-macros: make derive(Object) friendly when missing parent Alex Bennée
2025-09-04 8:07 ` [PATCH v2 048/281] semihosting: Retrieve stack top from image_info Alex Bennée
2025-09-04 8:07 ` [PATCH v2 049/281] semihosting: Initialize heap once per process Alex Bennée
2025-09-04 8:07 ` [PATCH v2 051/281] linux-user: Move ppc uabi/asm/elf.h workaround to osdep.h Alex Bennée
2025-09-04 8:07 ` [PATCH v2 055/281] linux-user: Move get_elf_hwcap to sparc/elfload.c Alex Bennée
2025-09-04 8:07 ` [PATCH v2 057/281] linux-user: Move get_elf_hwcap to loongarch64/elfload.c Alex Bennée
2025-09-04 8:07 ` [PATCH v2 058/281] linux-user: Move get_elf_hwcap to mips/elfload.c Alex Bennée
2025-09-04 8:07 ` [PATCH v2 059/281] linux-user: Move get_elf_hwcap to sh4/elfload.c Alex Bennée
2025-09-04 8:07 ` [PATCH v2 069/281] linux-user: Remove ELF_PLATFORM Alex Bennée
2025-09-04 8:07 ` [PATCH v2 071/281] linux-user: Move target_cpu_copy_regs decl to qemu.h Alex Bennée
2025-09-04 8:07 ` [PATCH v2 076/281] linux-user/aarch64: Create init_main_thread Alex Bennée
2025-09-04 8:07 ` [PATCH v2 080/281] linux-user/mips: " Alex Bennée
2025-09-04 8:07 ` [PATCH v2 082/281] linux-user/openrisc: " Alex Bennée
2025-09-04 8:07 ` [PATCH v2 083/281] linux-user/sh4: " Alex Bennée
2025-09-04 8:07 ` [PATCH v2 084/281] linux-user/m68k: " Alex Bennée
2025-09-04 8:08 ` [PATCH v2 087/281] linux-user/riscv: " Alex Bennée
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250904081128.1942269-2-alex.bennee@linaro.org \
--to=alex.bennee@linaro.org \
--cc=agraf@csgraf.de \
--cc=alex.williamson@redhat.com \
--cc=alistair.francis@wdc.com \
--cc=alistair@alistair23.me \
--cc=anisinha@redhat.com \
--cc=arikalo@gmail.com \
--cc=atar4qemu@gmail.com \
--cc=aurelien@aurel32.net \
--cc=berrange@redhat.com \
--cc=borntraeger@linux.ibm.com \
--cc=brian.cain@oss.qualcomm.com \
--cc=chenhuacai@kernel.org \
--cc=clg@redhat.com \
--cc=crosa@redhat.com \
--cc=david@redhat.com \
--cc=dbarboza@ventanamicro.com \
--cc=deller@gmx.de \
--cc=devel@lists.libvirt.org \
--cc=dirty@apple.com \
--cc=edgar.iglesias@gmail.com \
--cc=eduardo@habkost.net \
--cc=elena.ufimtseva@oracle.com \
--cc=fam@euphon.net \
--cc=farman@linux.ibm.com \
--cc=farosas@suse.de \
--cc=gaosong@loongson.cn \
--cc=harshpb@linux.ibm.com \
--cc=iii@linux.ibm.com \
--cc=imammedo@redhat.com \
--cc=imp@bsdimp.com \
--cc=jag.raman@oracle.com \
--cc=jiaxun.yang@flygoat.com \
--cc=jjherne@linux.ibm.com \
--cc=john.levon@nutanix.com \
--cc=jsnow@redhat.com \
--cc=kevans@freebsd.org \
--cc=kkostiuk@redhat.com \
--cc=kvm@vger.kernel.org \
--cc=laurent@vivier.eu \
--cc=leif.lindholm@oss.qualcomm.com \
--cc=liwei1518@gmail.com \
--cc=luoyonggang@gmail.com \
--cc=lvivier@redhat.com \
--cc=mads@ynddal.dk \
--cc=manos.pitsidianakis@linaro.org \
--cc=maobibo@loongson.cn \
--cc=marcandre.lureau@redhat.com \
--cc=marcel.apfelbaum@gmail.com \
--cc=mark.cave-ayland@ilande.co.uk \
--cc=mchehab+huawei@kernel.org \
--cc=michael.roth@amd.com \
--cc=mjrosato@linux.ibm.com \
--cc=mrolnik@gmail.com \
--cc=mst@redhat.com \
--cc=mtosatti@redhat.com \
--cc=npiggin@gmail.com \
--cc=palmer@dabbelt.com \
--cc=pasic@linux.ibm.com \
--cc=pbonzini@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=peterx@redhat.com \
--cc=phil@philjordan.eu \
--cc=philmd@linaro.org \
--cc=qemu-arm@nongnu.org \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
--cc=qemu-ppc@nongnu.org \
--cc=qemu-riscv@nongnu.org \
--cc=qemu-rust@nongnu.org \
--cc=qemu-s390x@nongnu.org \
--cc=rad@semihalf.com \
--cc=rathc@linux.ibm.com \
--cc=rbolshakov@ddn.com \
--cc=reinoud@netbsd.org \
--cc=richard.henderson@linaro.org \
--cc=riku.voipio@iki.fi \
--cc=shorne@gmail.com \
--cc=sunilmut@microsoft.com \
--cc=thanos.makatos@nutanix.com \
--cc=thuth@redhat.com \
--cc=wangxinxin.wang@huawei.com \
--cc=wangyanan55@huawei.com \
--cc=yoshinori.sato@nifty.com \
--cc=zhao1.liu@intel.com \
--cc=zhiwei_liu@linux.alibaba.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).