24.06.2021 03:25, stsp пишет:
What does this test-case do?
It provokes the PF by writing to
the NULL pointer. The PF handler
checks if PF is coming from the
right place, or from the nearby
IRQ8 timer handler. If PF is coming
from the very first instruction of
the timer handler, then we got
that nasty SIGALRM race and
KVM exited to user-space with
the pending PF exception.
How to replicate the buggy setup?
Since I don't think anyone wanted
to install dosemu2, I now created
the qemu-based reproducer.
Unfortunately, even with qemu
you still need the real core2 CPU
to reproduce.
At least I don't know how to enable
the emulated VTx under qemu, but
maybe someone else knows.
So you need a disk image that I
uploaded here:
https://www.filemail.com/d/fvkwgqgcmrhsxmk
<https://www.filemail.com/d/fvkwgqgcmrhsxmk>
And you can run it like so:
|qemu-system-x86_64 -hda disk.img -enable-kvm \ -cpu host -bios
/usr/share/OVMF/OVMF_CODE.fd \ -device intel-hda -device hda-duplex -m
2G The result on a core2 CPU will be like here:
https://github.com/dosemu2/dosemu2/issues/1500#issuecomment-867838848
"Race DETECTED" means that the test-case detected the page-fault coming
from an interrupt handler, when it shouldn't. |
