[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] regression from 22242:7831b8e5aae2 (x86 guest pagetable walker: check for invalid bits in pagetable entries)?

  • To: "Tim Deegan" <tim@xxxxxxx>
  • From: "Jan Beulich" <JBeulich@xxxxxxxx>
  • Date: Fri, 17 Feb 2012 15:50:38 +0000
  • Cc: xen-devel <xen-devel@xxxxxxxxxxxxx>
  • Delivery-date: Fri, 17 Feb 2012 15:51:14 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xensource.com>


this c/s or-s PFEC_reserved_bit into the error code passed to the guest
in two places, and I'm afraid it is responsible for problems we're seeing
when a Linux HVM PAE guest on a non-HAP platform runs into
invocations of pgtable_bad(). Linux check the reserved bit before
looking at the present bit, and expects the reserved bit to always be
clear when the present bit also is. The respective lines from the
guest's kernel log however are

Bad pagetable: 000c [#1] SMP
Bad pagetable: 000e [#2] SMP
Bad pagetable: 000e [#3] SMP
Bad pagetable: 000c [#4] SMP
Bad pagetable: 000c [#5] SMP
Bad pagetable: 000c [#6] SMP
Bad pagetable: 000a [#7] SMP
Bad pagetable: 000a [#8] SMP
Bad pagetable: 000c [#10] SMP
Bad pagetable: 000c [#11] SMP

(i.e. reserved flag always set, present flag always clear) with the
corresponding page table dumps being

*pdpt = 0000000035682001 *pde = 0000000013014067 *pte = 002dea0000000000
*pdpt = 0000000035d65001 *pde = 0000000028a8a067 *pte = 002dd16000000000
*pdpt = 0000000013177001 *pde = 0000000028bf9067 *pte = 002dd16000000000
*pdpt = 0000000035480001 *pde = 000000005e6b1067
*pdpt = 00000000133b6001 *pde = 000000005e6c1067
*pdpt = 00000000131b7001 *pde = 000000005de15067
*pdpt = 00000000354bd001 *pde = 00000000355ad067 *pte = 002dfca000000000
*pdpt = 000000002bd5c001 *pde = 000000002bf2c067 *pte = 002dfa6000000000
*pdpt = 000000002bd79001 *pde = 0000000000000000
*pdpt = 000000002bdc6001 *pde = 000000005e63c067
*pdpt = 00000000130ef001 *pde = 000000005e690067

(i.e. no invalid bits at all, but paged out entries with page indexes
into the swap file indicating a swap size of over 10G - with anything
up to 4G, the reserved bits would never be run into).

The problem appears to be that the or-ing in of PFEC_reserved_bit
happens without consideration of PFEC_present. If you can confirm
I'm not mis-interpreting things, fixing this should be relatively
strait forward (though the question would be whether it should be
guest_walk_tables() or its callers that should be fixed).


Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.