Bug #6049
[ oi_151.1.8 hipster ] KVM internal error. Suberror: 1
Start date:
2015-07-03
Due date:
% Done:
0%
Estimated time:
Difficulty:
Medium
Tags:
needs-triage
Description
Hi folks,
I would like to report an error with qemu-kvm under openindiana 151a8 hipster.
My platform:
Intel NUC BOXD54250WYK2
Intel Core i5 4250U
Software:
(oidev) (root@sunhost adm)# pkg list -a *kvm* NAME (PUBLISHER) VERSION IFO driver/i86pc/kvm 0.0.1.20131030-2015.0.1.0 i-- system/qemu/kvm 0.0.1.20131024-2014.0.1.0 i--
Start script:
(oidev) (root@sunhost KVM)# cat kvm_illumos.sh
#!/usr/bin/bash
ISO=$1
DISK=$2
MAC=$3
VNC=$4
if [[ -z ${MAC} || -z ${DISK} || -z ${ISO} || -z ${VNC} ]] ; then
echo "$0 [iso_path] [disk_path] [mac_addr] [vnc_port]"
exit
fi
echo "ISO: $ISO"
echo "DISK: $DISK"
echo "MAC: $MAC"
echo "VNC: $VNC"
/usr/bin/qemu-kvm \
-enable-kvm \
-vnc 0.0.0.0:${VNC} \
-smp 2 \
-m 2048 \
-no-hpet \
-localtime \
-drive file=${DISK},if=ide,index=0 \
-drive file=${ISO},media=cdrom,if=ide,index=2 \
-net nic,vlan=0,name=net0,model=e1000,macaddr=$MAC \
-net vnic,vlan=0,name=net0,ifname=vnic0,macaddr=$MAC \
-vga std
Error:
(oidev) (root@sunhost KVM)# head -200 failedkvm.log qemu-kvm: -net vnic,vlan=0,name=net0,ifname=vnic0,macaddr=2:8:20:24:7:1: vnic dhcp disabled Start bios (version 0.6.1.2-20110201_165504-titi) Ram Size=0x80000000 (0x0000000000000000 high) CPU Mhz=1896 PCI: pci_bios_init_bus_rec bus = 0x0 PIIX3/PIIX4 init: elcr=00 0c PCI: bus=0 devfn=0x00: vendor_id=0x8086 device_id=0x1237 PCI: bus=0 devfn=0x08: vendor_id=0x8086 device_id=0x7000 PCI: bus=0 devfn=0x09: vendor_id=0x8086 device_id=0x7010 region 4: 0x0000c000 PCI: bus=0 devfn=0x0b: vendor_id=0x8086 device_id=0x7113 PCI: bus=0 devfn=0x10: vendor_id=0x1234 device_id=0x1111 region 0: 0xf0000000 region 6: 0xf1000000 PCI: bus=0 devfn=0x18: vendor_id=0x8086 device_id=0x100e region 0: 0xf1020000 region 1: 0x0000c040 region 6: 0xf1040000 Found 2 cpu(s) max supported 2 cpu(s) MP table addr=0x000fdbe0 MPC table addr=0x000fdbf0 size=244 SMBIOS ptr=0x000fdbc0 table=0x7ffffec0 ACPI tables: RSDP=0x000fdb90 RSDT=0x7fffdbd0 Scan for VGA option rom Running option rom at c000:0003 VGABios $Id$ VBE Bios $Id$ Turning on vga text mode console SeaBIOS (version 0.6.1.2-20110201_165504-titi) Found 1 lpt ports Found 1 serial ports ATA controller 0 at 1f0/3f4/0 (irq 14 dev 9) ATA controller 1 at 170/374/0 (irq 15 dev 9) ata0-0: QEMU HARDDISK ATA-7 Hard-Disk (20480 MiBytes) drive 0x000fdb40: PCHS=16383/16/63 translation=lba LCHS=1024/255/63 s=41943040 ata1-0: QEMU DVD-ROM ATAPI-4 DVD/CD PS2 keyboard initialized All threads complete. Scan for option roms Running option rom at ca00:0003 pnp call arg1=60 pmm call arg1=0 pmm call arg1=2 pmm call arg1=0 Running option rom at ca80:0003 ebda moved from 9fc00 to 9f400 Returned 53248 bytes of ZoneHigh e820 map has 7 items: 0: 0000000000000000 - 000000000009f400 = 1 1: 000000000009f400 - 00000000000a0000 = 2 2: 00000000000f0000 - 0000000000100000 = 2 3: 0000000000100000 - 000000007fffd000 = 1 4: 000000007fffd000 - 0000000080000000 = 2 5: 00000000feffc000 - 00000000ff000000 = 2 6: 00000000fffc0000 - 0000000100000000 = 2 enter handle_19: NULL Booting from Hard Disk... Boot failed: not a bootable disk enter handle_18: NULL Booting from Floppy... Boot failed: could not read the boot disk enter handle_18: NULL Booting from DVD/CD... 643MB medium detected Booting from 0000:7c00 Start bios (version 0.6.1.2-20110201_165504-titi) Ram Size=0x80000000 (0x0000000000000000 high) CPU Mhz=1898 PCI: pci_bios_init_bus_rec bus = 0x0 PIIX3/PIIX4 init: elcr=00 0c PCI: bus=0 devfn=0x00: vendor_id=0x8086 device_id=0x1237 PCI: bus=0 devfn=0x08: vendor_id=0x8086 device_id=0x7000 PCI: bus=0 devfn=0x09: vendor_id=0x8086 device_id=0x7010 region 4: 0x0000c000 PCI: bus=0 devfn=0x0b: vendor_id=0x8086 device_id=0x7113 PCI: bus=0 devfn=0x10: vendor_id=0x1234 device_id=0x1111 region 0: 0xf0000000 region 6: 0xf1000000 PCI: bus=0 devfn=0x18: vendor_id=0x8086 device_id=0x100e region 0: 0xf1020000 region 1: 0x0000c040 region 6: 0xf1040000 Found 2 cpu(s) max supported 2 cpu(s) MP table addr=0x000fdbe0 MPC table addr=0x000fdbf0 size=244 SMBIOS ptr=0x000fdbc0 table=0x7ffffec0 ACPI tables: RSDP=0x000fdb90 RSDT=0x7fffdbd0 Scan for VGA option rom Running option rom at c000:0003 VGABios $Id$ VBE Bios $Id$ Turning on vga text mode console SeaBIOS (version 0.6.1.2-20110201_165504-titi) Found 1 lpt ports Found 1 serial ports ATA controller 0 at 1f0/3f4/0 (irq 14 dev 9) ATA controller 1 at 170/374/0 (irq 15 dev 9) ata0-0: QEMU HARDDISK ATA-7 Hard-Disk (20480 MiBytes) drive 0x000fdb40: PCHS=16383/16/63 translation=lba LCHS=1024/255/63 s=41943040 ata1-0: QEMU DVD-ROM ATAPI-4 DVD/CD PS2 keyboard initialized All threads complete. Scan for option roms Running option rom at ca00:0003 pnp call arg1=60 pmm call arg1=0 pmm call arg1=2 pmm call arg1=0 Running option rom at ca80:0003 ebda moved from 9fc00 to 9f400 Returned 53248 bytes of ZoneHigh e820 map has 7 items: 0: 0000000000000000 - 000000000009f400 = 1 1: 000000000009f400 - 00000000000a0000 = 2 2: 00000000000f0000 - 0000000000100000 = 2 3: 0000000000100000 - 000000007fffd000 = 1 4: 000000007fffd000 - 0000000080000000 = 2 5: 00000000feffc000 - 00000000ff000000 = 2 6: 00000000fffc0000 - 0000000100000000 = 2 enter handle_19: NULL Booting from Hard Disk... Boot failed: not a bootable disk enter handle_18: NULL Booting from Floppy... Boot failed: could not read the boot disk enter handle_18: NULL Booting from DVD/CD... 643MB medium detected Booting from 0000:7c00 KVM internal error. Suberror: 1 emulation failure KVM internal error. Suberror: 1 emulation failure KVM internal error. Suberror: 1 emulation failure
Updated by Josef Sipek over 5 years ago
The suberror 1 indicates that qemu-kvm was asked to emulate an instruction it didn't know how to emulate. The reason for this emulation is that the guest tried to access a page that the host hasn't mapped in yet:
kvm`kvm_mmut_page_fault+0x88 kvm`handle_ept_violation+0x111 kvm`vmx_handle_exit+0x16a kvm`vcpu_enter_guest+0x3ea kvm`__vcpu_run+0x8b kvm`kvm_arch_vcpu_ioctl_run+0x112 kvm`kvm_ioctl+0x466 cdev_ioctl+0x39 specfs`spec_ioctl+0x60 fop_ioctl+0x55 ioctl+0x9b sys_syscall+0x17a
kvm should at this point emulate the instruction and resume execution. But it doesn't know how to emulate:
0x66 0x0f 0xe7 0x07
or
movntdq %xmm0,(%rdi)
I can't speak for non-Illumos based OSes, but Illumos will happily use SSE instructions to zero out a page of memory:
hwblkclr+0x37: pxor %xmm0,%xmm0 hwblkclr+0x3b: movntdq %xmm0,(%rdi) <=== HERE hwblkclr+0x3f: movntdq %xmm0,0x10(%rdi) hwblkclr+0x44: movntdq %xmm0,0x20(%rdi) hwblkclr+0x49: movntdq %xmm0,0x30(%rdi)
It doesn't take long before Illumos boot tries to zero out a page - that's why Illumos guests trigger this bug:
pfnzero ufs`ufs_getpage_miss+0x35f ufs`ufs_getpage+0x8a6 fop_getpage+0x7e segmap_fault+0x141 fbread+0xd1 ufs`blkatoff+0xf4 ufs`ufs_dirlook+0x216 ufs`ufs_lookup+0x191 fop_lookup+0xa2 lookuppnvp+0x1f6 lookuppnatcred+0x15e lookupnameatcred+0xad lookupname+0x38 vfs_mountdevices+0x96 vfs_mountroot+0x1b5 main+0x138 _locore_start+0x90
I have an ugly workaround that I'll try to get into Hipster's userland. The basic idea is to fault in all the pages before qemu starts the virtual cpus. That way, kvm never gets an mmu page fault that's valid.
Updated by Alexander Pyhalov over 5 years ago
- Assignee changed from OI Userland to Josef Sipek
Should be fixed in https://github.com/OpenIndiana/oi-userland/pull/1391.
Please, try pkg:/system/qemu/kvm@0.0.1.20131024,5.11-2015.0.1.1
Updated by Josef Sipek over 5 years ago
Alexander Pyhalov wrote:
Should be fixed in https://github.com/OpenIndiana/oi-userland/pull/1391.
Please, try pkg:/system/qemu/kvm@0.0.1.20131024,5.11-2015.0.1.1
Given that it works... do we want to close this issue?