KVM: GPF in native_load_tr_desc

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I am seeing a general protection fault on an Intel Broadwell system with 54 hardware threads running an old kernel (3.10.0-327.22.2 Centos 7). 

What seems to be happening is that qemu tried to run a vcpu thread, but the vcpu was somehow in a halted state, so kvm got scheduled out, and in the process LTR was invoked to fix the TSS limit, although there was no vmx enter/exit in this case. LTR then triggered a GP and crashed the system. According to Intel SDM, LTR causes GP if the segment selector points to local or the TSS is not available. The segment selector is set to 0x40, and TSS is marked as available in reload_tss() before the LTR call. So I am not sure how GP can be triggered. Do people have any insight? Thanks!

Lei

[2952828.436319] general protection fault: 0040 [#1] SMP
[2952828.436361] Modules linked in: loop nls_utf8 isofs udf crc_itu_t softdog tun ebtable_filter ebtables ip6table_filter ip6_tables iptable_filter drbd(OE) binfmt_misc ipmi_poweroff bridge stp llc ext4 mbcache jbd2 iTCO_wdt iTCO_vendor_support intel_powerclamp coretemp intel_rapl crc32_pclmul ipmi_devintf ghash_clmulni_intel aesni_intel lrw gf128mul glue_helper ablk_helper cryptd raid1 pcspkr sg sb_edac hpwdt hpilo edac_core lpc_ich shpchp i2c_i801 mfd_core wmi ipmi_si ipmi_msghandler acpi_power_meter nfsd auth_rpcgss nfs_acl lockd grace sunrpc ip_tables xfs libcrc32c sd_mod crc_t10dif crct10dif_generic kvm_intel(OE) kvm(OE) mgag200 crct10dif_pclmul syscopyarea crct10dif_common sysfillrect crc32c_intel sysimgblt i2c_algo_bit serio_raw drm_kms_helper ttm ixgbe drm mdio tg3 dca i2c_core hpsa(OE) ptp scsi_transport_sas
[2952828.436999]  pps_core dm_mirror dm_region_hash dm_log dm_mod
[2952828.437031] CPU: 46 PID: 42266 Comm: qemu-unity Tainted: G           OE  ------------   3.10.0-327.22.2.el7.x86_64 #1
[2952828.437078] Hardware name: HP ProLiant DL380 Gen9/ProLiant DL380 Gen9, BIOS P89 04/25/2017
[2952828.437115] task: ffff881ff25bc500 ti: ffff881ffb9b0000 task.ti: ffff881ffb9b0000
[2952828.437148] RIP: 0010:[<ffffffff81058f19>]  [<ffffffff81058f19>] native_load_tr_desc+0x9/0x10
[2952828.437197] RSP: 0018:ffff881ffb9b3c88  EFLAGS: 00010002
[2952828.437223] RAX: 0000000000000040 RBX: ffff881006180000 RCX: 0000000000000000
[2952828.437262] RDX: ffff88203f449000 RSI: 0000000000000000 RDI: 00000000c0000102
[2952828.437296] RBP: ffff881ffb9b3c88 R08: 0000000000000000 R09: 0000000000000000
[2952828.437327] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88203f4547c0
[2952828.437359] R13: 00000000000154d0 R14: ffff881006180080 R15: ffff882028da8b80
[2952828.437391] FS:  00007fe8f57d2700(0000) GS:ffff88203f440000(0000) knlGS:0000000000000000
[2952828.437429] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[2952828.437457] CR2: 000000000042e080 CR3: 0000002026707000 CR4: 00000000003427e0
[2952828.437493] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[2952828.437527] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[2952828.437559] Stack:
[2952828.437575]  ffff881ffb9b3cb8 ffffffffa15dbe64 000000003f4547c0 00000000f90a44b4
[2952828.437636]  ffff881006180000 ffff882028da8b80 ffff881ffb9b3cd0 ffffffffa15de075
[2952828.437696]  ffff881006180000 ffff881ffb9b3ce8 ffffffffa06c6dc7 ffff881006180008
[2952828.437752] Call Trace:
[2952828.437775]  [<ffffffffa15dbe64>] __vmx_load_host_state.part.47+0xc4/0x180 [kvm_intel]
[2952828.437815]  [<ffffffffa15de075>] vmx_vcpu_put+0x45/0x50 [kvm_intel]
[2952828.437874]  [<ffffffffa06c6dc7>] kvm_arch_vcpu_put+0x17/0x30 [kvm]
[2952828.437915]  [<ffffffffa06a654d>] kvm_sched_out+0x2d/0x30 [kvm]
[2952828.439049]  [<ffffffff8163b08d>] __schedule+0x1ad/0x900
[2952828.440128]  [<ffffffff8163b809>] schedule+0x29/0x70
[2952828.441265]  [<ffffffffa06a71f3>] kvm_vcpu_block+0x83/0x170 [kvm]
[2952828.442323]  [<ffffffff810a6ae0>] ? wake_up_atomic_t+0x30/0x30
[2952828.443396]  [<ffffffffa06c5591>] kvm_arch_vcpu_ioctl_run+0x101/0x490 [kvm]
[2952828.444454]  [<ffffffffa06ab63d>] kvm_vcpu_ioctl+0x32d/0x6f0 [kvm]
[2952828.445794]  [<ffffffff810e52d2>] ? do_futex+0x122/0x5b0
[2952828.447228]  [<ffffffff811f2545>] do_vfs_ioctl+0x2e5/0x4c0
[2952828.448665]  [<ffffffff8128c42e>] ? file_has_perm+0xae/0xc0
[2952828.450092]  [<ffffffff811f27c1>] SyS_ioctl+0xa1/0xc0
[2952828.451523]  [<ffffffff81646889>] system_call_fastpath+0x16/0x1b
[2952828.452952] Code: 66 90 55 48 89 e5 0f 01 f8 5d c3 0f 1f 80 00 00 00 00 55 48 89 e5 e8 97 05 00 00 66 90 5d c3 0f 1f 00 55 b8 40 00 00 00 48 89 e5 <0f> 00 d8 5d c3 66 90 55 48 89 e5 0f 01 17 5d c3 0f 1f 80 00 00
[2952828.456062] RIP  [<ffffffff81058f19>] native_load_tr_desc+0x9/0x10
[2952828.457600]  RSP <ffff881ffb9b3c88>
[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux