http://bugzilla.xensource.com/bugzilla/show_bug.cgi?id=252
------- Additional Comments From aravindh.puthiyaparambil@xxxxxxxxxx
2005-09-28 15:54 -------
The alignment check is happening on a "lock cmpxchg8b". Is it possible for ACs
to happen when going across page boundaries on cmpxchg8b? Is there any other
scenario when ACs with cmpxchg8b in CPL 0?
Thanks,
Aravindh
This is what I see on the serial console when the system dies.
(XEN) (file=traps.c, line=960) Non-priv domain attempted
RDMSR(00000000c0000080,00020000,00020000).
(XEN) CPU: 3
(XEN) RIP: e010:[<ffff83000014a750>] get_page+0x108/0x14a
(XEN) RFLAGS: 0000000000010286 CONTEXT: hypervisor
(XEN) rax: 0000000080000002 rbx: 0000000080000003 rcx: 0000000000fcd080
(XEN) rdx: 0000000000fcd080 rsi: ffff830000fcd080 rdi: ffff8284021e713c
(XEN) rbp: ffff830000213bc8 rsp: ffff830000213b78 r8: 00000000deadbeef
(XEN) r9: 00000000deadbeef r10: ffff8300001aefe0 r11: 0000000000000206
(XEN) r12: ffff8300001cb780 r13: 0000000000000180 r14: ffffffff802b0aa3
(XEN) r15: ffff880000000000 cr0: 000000008005003b cr3: 00000000e7ea0000
(XEN) Xen stack trace from rsp=ffff830000213b78:
(XEN) ffff8300001cb900 0000000000213f28 00fcd08000213ba8 ffff83000012a4dd
(XEN) 00fcd08000fcd080 8000000200fcd080 8000000280000003 ffff830000fcd080
(XEN) ffff8284021e7128 0000000000000000 ffff830000213c18 ffff830000140f7e
(XEN) ffffffff802b0aa8 0000000000000000 0000000000000008 ffff830000000065
(XEN) ffff8284021e7128 00000000000d8fa1 ffff830000fcd080 00000000d8fa1065
(XEN) ffff830000213c98 ffff8300001422ac 0000000000000000 ffff830000fcd080
(XEN) 0000000100000008 07fffc0200000065 07fffc0230000002 0000000000000000
(XEN) 0000000000000008 ffff8300d8fa3600 ffff830000213c78 ffff830000fcd080
(XEN) 00000000d8fa1067 07fffc0230000003 00000000d8fa1065 ffff8300d8fa3600
(XEN) ffff830000213f08 ffff830000145b3c ffff830000213cc8 000000000012a4dd
(XEN) ffff830000213cc8 000000000012a4ab ffff830000213ce8 ffff83000012a218
(XEN) ffff830000213d38 ffff830000213cf8 00007cffffdec2e7 ffff83000013ae51
(XEN) ffff800000000000 ffffffff80105000 00000000005c2000 ffffffff80105010
(XEN) ffff830000213dd8 ffff830000000008 00000004021b1f70 0000000080000002
(XEN) 0000000080000002 00000004f0000001 0000000080000001 0000000080000002
(XEN) ffff8284021b1f64 80000002f0000001 8000000180000002 ffff8284021b1f50
(XEN) ffff830000213d98 ffff83000014a7b0 ffff830000fcd080 ffff8284021b1f50
(XEN) ffff830000213dd8 ffff8300001415e7 0000000000000000 ffff830000fcd080
(XEN) ffff8284021b1f50 00000000000d7a62 ffff830000fcd080 00000000d7a62027
(XEN) ffff830000213e58 ffff83000014230f 0000000020000000 00000000000d8fa3
(XEN) Xen call trace:
(XEN) [<ffff83000014a750>] get_page+0x108/0x14a
(XEN) [<ffff830000140f7e>] get_page_from_l1e+0x27e/0x28c
(XEN) [<ffff8300001422ac>] mod_l1_entry+0x21d/0x28c
(XEN) [<ffff830000145b3c>] do_mmu_update+0x553/0x14bd
(XEN) [<ffff83000016a940>] syscall_enter+0xa0/0xfa
(XEN)
(XEN)
(XEN) ****************************************
(XEN) Panic on CPU 3:
(XEN) CPU3 FATAL TRAP: vector = 17 (alignment check)
(XEN) [error_code=0000]
(XEN) ****************************************
Here is the code snippet which caused the AC to happen.
__asm__ __volatile__(
ffff83000014a736: 48 8b 7d f0 mov
0xfffffffffffffff0(%rbp),%rdi
ffff83000014a73a: 48 83 c7 14 add $0x14,%rdi
ffff83000014a73e: 8b 55 d8 mov
0xffffffffffffffd8(%rbp),%edx
ffff83000014a741: 8b 45 e4 mov
0xffffffffffffffe4(%rbp),%eax
ffff83000014a744: 8b 4d d8 mov
0xffffffffffffffd8(%rbp),%ecx
ffff83000014a747: 89 4d c4 mov
%ecx,0xffffffffffffffc4(%rbp)
ffff83000014a74a: 8b 5d e0 mov
0xffffffffffffffe0(%rbp),%ebx
ffff83000014a74d: 8b 4d c4 mov
0xffffffffffffffc4(%rbp),%ecx
ffff83000014a750: f0 0f c7 0f lock cmpxchg8b (%rdi)
ffff83000014a754: 89 ce mov %ecx,%esi
ffff83000014a756: 89 45 c4 mov
%eax,0xffffffffffffffc4(%rbp)
ffff83000014a759: 89 d0 mov %edx,%eax
ffff83000014a75b: 89 45 d4 mov
%eax,0xffffffffffffffd4(%rbp)
ffff83000014a75e: 8b 45 c4 mov
0xffffffffffffffc4(%rbp),%eax
ffff83000014a761: 89 45 dc mov
%eax,0xffffffffffffffdc(%rbp)
ffff83000014a764: 89 f0 mov %esi,%eax
ffff83000014a766: 89 45 d8 mov
%eax,0xffffffffffffffd8(%rbp)
LOCK_PREFIX "cmpxchg8b %3"
: "=d" (nd), "=a" (y), "=c" (d),
"=m" (*(volatile u64 *)(&page->count_info))
: "0" (d), "1" (x), "c" (d), "b" (nx) );
}
--
Configure bugmail:
http://bugzilla.xensource.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
_______________________________________________
Xen-bugs mailing list
Xen-bugs@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-bugs
|
Home