Re: [Xen-devel] writable page tables appear to be causing xen to

To:	Ian Pratt <m+Ian.Pratt@xxxxxxxxxxxx>
Subject:	Re: [Xen-devel] writable page tables appear to be causing xen to lock up
From:	Kip Macy <kip.macy@xxxxxxxxx>
Date:	Tue, 19 Apr 2005 10:28:20 -0700
Cc:	xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxx>
Delivery-date:	Tue, 19 Apr 2005 17:28:11 +0000
Domainkey-signature:	a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=UBjrKSPgC/CMUuPtfvs05XdDl4ff/6frgXalfrLqAaaIJvW9kAVQr+se4JQIeu6M//i86AE39gRBAHUb8pUkXoOm8zVfNVPmZVafZupW1dMFARoJ3miQA5vHQ9+vbNfZPY4oDEnhBOPsxYeVv4lDmQUFjSGp/OcqLNpI63D/u0k=
Envelope-to:	www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to:	<b1fa291705041816246458653@xxxxxxxxxxxxxx>
List-help:	<mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id:	Xen developer discussion <xen-devel.lists.xensource.com>
List-post:	<mailto:xen-devel@lists.xensource.com>
List-subscribe:	<http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe:	<http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References:	<A95E2296287EAD4EB592B5DEEFCE0E9D1E3C1C@xxxxxxxxxxxxxxxxxxxxxxxxxxx> <b1fa291705041816246458653@xxxxxxxxxxxxxx>
Reply-to:	Kip Macy <kip.macy@xxxxxxxxx>
Sender:	xen-devel-bounces@xxxxxxxxxxxxxxxxxxx

My guess from this is FreeBSD is DOSing xen by endlessly triggering
failsafe_callback. Although this is *extremely* likely to be my fault,
it raises an interesting point about the need for heavily reducing the
scheduling priority of misbehaved guests.


0xfc550862 <__copy_from_user_ll+53>:    repz movsb %ds:(%esi),%es:(%edi) 
0xfc552df4 <failsafe_callback+233>:     push   %ecx 
0xfc54df1e <error_code+94>:     add    $0x4,%esp 
0xfc550862 <__copy_from_user_ll+53>:    repz movsb %ds:(%esi),%es:(%edi)
0xfc5508f4 <copy_from_user+60>: mov    %eax,%ebx
0xfc54da4f <x86_emulate_read_std+40>:   test   %eax,%eax
0xfc54abfc <x86_emulate_memop+176>:     mov    %eax,0xffffffd4(%ebp)
0xfc54dae5 <memcpy+31>: leave
0xfc54cdca <x86_emulate_memop+8830>:    cmpl $0x1,0xffffffd4(%ebp)
0xfc52ba0f <alloc_l1_table+211>:        movl   $0x1,0xffffffec(%ebp)
0xfc52c3a0 <alloc_page_type+72>:        mov    %eax,0xfffffffc(%ebp)
0xfc52cab6 <get_page_type+860>: movl   $0x1,0xffffffd8(%ebp)
0xfc52e6a6 <do_mmu_update+2826>:        mov    0xffffffd8(%ebp),%eax
0xfc5304c1 <ptwr_do_page_fault+1070>:   test   %eax,%eax
0xfc5426b3 <debugger_trap_entry+11>:    mov    %eax,0xfffffffc(%ebp)
0xfc540100 <do_page_fault+300>: test   %eax,%eax
0xfc53ff60 <propagate_page_fault+18>:   mov    %eax,0xfffffff4(%ebp)
0xfc540330 <do_page_fault+860>: movl   $0x0,0xffffffe0(%ebp)
0xfc54df1e <error_code+94>:     add    $0x4,%esp
0xfc54dda3 <FLT14>:     mov    %eax,%gs:(%esi)
0xfc54de75 <process_guest_exception_and_events+21>:     jmp   
0xfc54dcd7 <test_all_events>

On 4/18/05, Kip Macy <kip.macy@xxxxxxxxx> wrote:
> > You'll have to give us a bit more to go on. I presume this is in
> > unstable?
> 
> Yes this is as of your last pushed checkin from 72hrs ago. LOL. If I
> had more I'd give it to you. I've just disabled writable pagetables in
> FreeBSD for the moment.
> 
> 
> > It's probably worth adding a show_stack and a show_guest_stack to see
> > how you're getting there.
> 
> I'll stick that in and let you know.
> 
>  -Kip
>

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

WARNING - OLD ARCHIVES

xen-devel

Re: [Xen-devel] writable page tables appear to be causing xen to lock up