Xen devel - Mar 2009 - 2.6.28.7 domU: 32-bit emulation seems to be broken

Hi,

I cannot execute any 32-bit executables. Same problem with 2.6.29-rc7.

I compiled and linked them statically on another machine where they work
just fine! But inside the xen domU, they just segfault:


a.out[32093] general protection ip:f7f7042f sp:ffc6f2d4 error:0


Is this a knows problem? CONFIG_IA32_EMULATION is turned on!


Regards,
  Sven


_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

Also asking the devel-list for help:

Sven Köhler schrieb:
> Hi,
> 
> I cannot execute any 32-bit executables. Same problem with 2.6.29-rc7.
> 
> I compiled and linked them statically on another machine where they work
> just fine! But inside the xen domU, they just segfault:
> 
> 
> a.out[32093] general protection ip:f7f7042f sp:ffc6f2d4 error:0
> 
> 
> Is this a knows problem? CONFIG_IA32_EMULATION is turned on!
> 
> 
> Regards,
>   Sven

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

Sven Köhler wrote:
> Also asking the devel-list for help:
>
> Sven Köhler schrieb:
>> Hi,
>>
>> I cannot execute any 32-bit executables. Same problem with 2.6.29-rc7.
>>
>> I compiled and linked them statically on another machine where they
work
>> just fine! But inside the xen domU, they just segfault:
>>
>>
>> a.out[32093] general protection ip:f7f7042f sp:ffc6f2d4 error:0
>>
>>
>> Is this a knows problem? CONFIG_IA32_EMULATION is turned on!
Hm, it works for me.  Can you give more detail about what you''re trying
to run, the kernel .config and the distro?  dmesg output would have some 
clues too.

Thanks,
    J

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

Jeremy Fitzhardinge wrote:
> Sven Köhler wrote:
>> Also asking the devel-list for help:
>>
>> Sven Köhler schrieb:
>>> Hi,
>>>
>>> I cannot execute any 32-bit executables. Same problem with
2.6.29-rc7.
>>>
>>> I compiled and linked them statically on another machine where they
>>> work
>>> just fine! But inside the xen domU, they just segfault:
>>>
>>>
>>> a.out[32093] general protection ip:f7f7042f sp:ffc6f2d4 error:0
>>>
>>>
>>> Is this a knows problem? CONFIG_IA32_EMULATION is turned on!
>
> Hm, it works for me.  Can you give more detail about what you''re 
> trying to run, the kernel .config and the distro?  dmesg output would 
> have some clues too. 
Oh, and what''s the CPU?  AMD?

    J

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

Jeremy Fitzhardinge schrieb:
> Jeremy Fitzhardinge wrote:
>> Sven Köhler wrote:
>>> Also asking the devel-list for help:
>>>
>>> Sven Köhler schrieb:
>>>> Hi,
>>>>
>>>> I cannot execute any 32-bit executables. Same problem with
2.6.29-rc7.
>>>>
>>>> I compiled and linked them statically on another machine where
they
>>>> work
>>>> just fine! But inside the xen domU, they just segfault:
>>>>
>>>>
>>>> a.out[32093] general protection ip:f7f7042f sp:ffc6f2d4 error:0
>>>>
>>>>
>>>> Is this a knows problem? CONFIG_IA32_EMULATION is turned on!
>>
>> Hm, it works for me.  Can you give more detail about what
you''re
>> trying to run, the kernel .config and the distro?  dmesg output would 
>> have some clues too. 
> 
> Oh, and what''s the CPU?  AMD?
The host is running Xen version 3.3.0.
The host CPU is:

# cat /proc/cpuinfo
processor	: 0
vendor_id	: AuthenticAMD
cpu family	: 15
model		: 47
model name	: AMD Athlon(tm) 64 Processor 3800+
stepping	: 2
cpu MHz		: 2399.822
cache size	: 512 KB
fpu		: yes
fpu_exception	: yes
cpuid level	: 1
wp		: yes
flags		: fpu de tsc msr pae cx8 apic mtrr cmov pat clflush mmx fxsr sse 
sse2 syscall nx mmxext fxsr_opt lm 3dnowext 3dnow pni lahf_lm
bogomips	: 4800.70
TLB size	: 1024 4K pages
clflush size	: 64
cache_alignment	: 64
address sizes	: 40 bits physical, 48 bits virtual
power management: ts fid vid ttp tm stc

The kernel is vanilla (except for the xen/blkfront: use blk_rq_map_sg to 
generate ring entries patch). The config of my 2.6.28.7 is attached.

The program I''m trying to run is:
$ cat test.c
#include <stdio.h>

int main(void)
{
   printf("Hallo Welt!\n");
   return 0;
}

I compiled it with "gcc --static test.c" on other box where the
program
runs fine and copied the output to my domU. I checked with ldd, that it 
really isn''t a dynamic executable.

The dmesg output on the domU is this mysterious:
a.out[32093] general protection ip:f7f7042f sp:ffc6f2d4 error:0

The line appears each time, that the program segfaults.


On the host, I''m using Gentoo and xen has been compiled using the 
following settings:
[ebuild   R   ] app-emulation/xen-tools-3.3.0  USE="screen -acm -api 
-custom-cflags -debug -doc -flask (-hvm) -pygrub" 0 kB
[ebuild   R   ] app-emulation/xen-3.3.0  USE="pae -acm -custom-cflags 
-debug -flask -xsm" 0 kB


If you need more info just ask.


Regards,
   Sven


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

Jeremy Fitzhardinge schrieb:
> Sven Köhler wrote:
>> Also asking the devel-list for help:
>>
>> Sven Köhler schrieb:
>>> Hi,
>>>
>>> I cannot execute any 32-bit executables. Same problem with
2.6.29-rc7.
>>>
>>> I compiled and linked them statically on another machine where they
work
>>> just fine! But inside the xen domU, they just segfault:
>>>
>>>
>>> a.out[32093] general protection ip:f7f7042f sp:ffc6f2d4 error:0
>>>
>>>
>>> Is this a knows problem? CONFIG_IA32_EMULATION is turned on!
> 
> Hm, it works for me.  Can you give more detail about what you''re
trying
> to run, the kernel .config and the distro?  dmesg output would have some 
> clues too.
xm dmesg shows nothing.

A full dmesg of the domU kernel is attached.



_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

Sven Köhler wrote:
> Jeremy Fitzhardinge schrieb:
>> Jeremy Fitzhardinge wrote:
>>> Sven Köhler wrote:
>>>> Also asking the devel-list for help:
>>>>
>>>> Sven Köhler schrieb:
>>>>> Hi,
>>>>>
>>>>> I cannot execute any 32-bit executables. Same problem with 
>>>>> 2.6.29-rc7.
>>>>>
>>>>> I compiled and linked them statically on another machine
where
>>>>> they work
>>>>> just fine! But inside the xen domU, they just segfault:
>>>>>
>>>>>
>>>>> a.out[32093] general protection ip:f7f7042f sp:ffc6f2d4
error:0
>>>>>
>>>>>
>>>>> Is this a knows problem? CONFIG_IA32_EMULATION is turned
on!
>>>
>>> Hm, it works for me.  Can you give more detail about what
you''re
>>> trying to run, the kernel .config and the distro?  dmesg output 
>>> would have some clues too. 
>>
>> Oh, and what''s the CPU?  AMD?
>
> The host is running Xen version 3.3.0.
> The host CPU is:
>
> # cat /proc/cpuinfo
> processor    : 0
> vendor_id    : AuthenticAMD
> cpu family    : 15
> model        : 47
> model name    : AMD Athlon(tm) 64 Processor 3800+
> stepping    : 2
> cpu MHz        : 2399.822
> cache size    : 512 KB
> fpu        : yes
> fpu_exception    : yes
> cpuid level    : 1
> wp        : yes
> flags        : fpu de tsc msr pae cx8 apic mtrr cmov pat clflush mmx 
> fxsr sse sse2 syscall nx mmxext fxsr_opt lm 3dnowext 3dnow pni lahf_lm
> bogomips    : 4800.70
> TLB size    : 1024 4K pages
> clflush size    : 64
> cache_alignment    : 64
> address sizes    : 40 bits physical, 48 bits virtual
> power management: ts fid vid ttp tm stc
>
> The kernel is vanilla (except for the xen/blkfront: use blk_rq_map_sg 
> to generate ring entries patch). The config of my 2.6.28.7 is attached.
>
> The program I''m trying to run is:
> $ cat test.c
> #include <stdio.h>
>
> int main(void)
> {
>   printf("Hallo Welt!\n");
>   return 0;
> }
>
> I compiled it with "gcc --static test.c" on other box where the 
> program runs fine and copied the output to my domU. I checked with 
> ldd, that it really isn''t a dynamic executable.
>
> The dmesg output on the domU is this mysterious:
> a.out[32093] general protection ip:f7f7042f sp:ffc6f2d4 error:0
>
> The line appears each time, that the program segfaults.
Has it ever worked?  If so, what kernel version did it stop working at?  
Does it fail with all 32-bit executables or just your "hello world"?

Can you get a coredump from the fault and see what the faulting 
instruction was?

    J

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

Jeremy Fitzhardinge schrieb:
> Has it ever worked?  If so, what kernel version did it stop working at? 
> Does it fail with all 32-bit executables or just your "hello
world"?
I discovered the bug as I tried to compile glibc inside the domU.
glibc''s configure tries to compile a test program to determine the
sizeof the long datatype or something simple like that. So at least this
is another program that fails.

I did quick test, whether the empty program (just a main with return 0;
in it) segfaults - but it doesn''t segfault. The moment I add a printf,
it segfaults again.
> Can you get a coredump from the fault and see what the faulting
> instruction was?
How do I do that?
Sorry for the stupid question, but unfortunatly this is beyond my
knowledge of the tooldchain :-(

I didn''t find any automatically generated file.


Regards,
  Sven




_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

Jeremy Fitzhardinge schrieb:
> Has it ever worked?  If so, what kernel version did it stop working at? 
I''ve just tried a good old non-pv_ops 2.6.18 kernel:

I ran the same binary file, that segfaults on 2.6.28.7.
It runs just fine on 2.6.18.

I haven''t tested any other pc_ops kernel version. I''m not
sure, that it
ever worked with these kernel. Which was the first kernel version, that
had domU support? 2.6.28.0 ?



_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

--- On Sun, 3/15/09, Sven Köhler <sven.koehler@gmail.com> wrote:
From: Sven Köhler <sven.koehler@gmail.com>
Subject: [Xen-users] Re: [Xen-devel] Re: 2.6.28.7 domU: 32-bit emulation seems
to be broken
To: "Jeremy Fitzhardinge" <jeremy@goop.org>
Cc: xen-devel@lists.xensource.com, xen-users@lists.xensource.com
Date: Sunday, March 15, 2009, 8:24 AM

Jeremy Fitzhardinge schrieb:
> Has it ever worked?  If so, what kernel version did it stop working at? 
I''ve just tried a good old non-pv_ops 2.6.18 kernel:

I ran the same binary file, that segfaults on 2.6.28.7.
It runs just fine on 2.6.18.

I haven''t tested any other pc_ops kernel version. I''m not
sure, that it
ever worked with these kernel. Which was the first kernel version, that
had domU support? 2.6.28.0 ?
******************************************************
Yes, 2.6.28 has pvops support for DomU. It''s for sure
But, i believe 2.6.27 as well . That''s version
of Ubuntu Intrepid (8.10) Server.
View:-
http://wiki.xensource.com/xenwiki/XenParavirtOps
******************************************************


_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users


      

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

On Sun, Mar 15, 2009 at 7:24 PM, Sven Köhler <sven.koehler@gmail.com>
wrote:
> Jeremy Fitzhardinge schrieb:
>> Has it ever worked?  If so, what kernel version did it stop working at?
>
> I''ve just tried a good old non-pv_ops 2.6.18 kernel:
>
> I ran the same binary file, that segfaults on 2.6.28.7.
> It runs just fine on 2.6.18.
>
I tried 32bit statically-linked busybox on 64bit kernel, it runs just fine.
Tested on 2.6.28.6 and 2.6.28.7, Xen 3.3.1, Intel CPU. Probably
something specific in your setup prevents it from working.

I believe I asked this earlier, but did you have NX bit turned of in
BIOS by any chance?

Regards,

Fajar

_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

Fajar A. Nugraha schrieb:
> I believe I asked this earlier, but did you have NX bit turned of in
> BIOS by any chance?
I don''t have access to the BIOS settings.

But the nx bit is listed in /proc/cpuinfo.

Would it be listed there, if it''s disabled in the BIOS?



_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

Sven Köhler wrote:
>> Can you get a coredump from the fault and see what the faulting
>> instruction was?
>>     
>
> How do I do that?
> Sorry for the stupid question, but unfortunatly this is beyond my
> knowledge of the tooldchain :-(
$ ulimit -c unlimited
$ ./a.out
Segmentation Fault (core dumped)
$ ls core.*
core.XXXXX
$ gdb ./a.out core.*
[...]
(gdb) x/i $eip-2

It will help to compile your a.out with -g.

	J


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

Sven Köhler wrote:
> I haven''t tested any other pc_ops kernel version. I''m not
sure, that it
> ever worked with these kernel. Which was the first kernel version, that
> had domU support? 2.6.28.0 ?
>   
2.6.27 was the first version with x86-64 domU support.

    J

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

Sven Köhler wrote:
> Jeremy Fitzhardinge schrieb:
>   
>> Has it ever worked?  If so, what kernel version did it stop working at?
>>     
>
> I''ve just tried a good old non-pv_ops 2.6.18 kernel:
>
> I ran the same binary file, that segfaults on 2.6.28.7.
> It runs just fine on 2.6.18.
>
> I haven''t tested any other pc_ops kernel version. I''m not
sure, that it
> ever worked with these kernel. Which was the first kernel version, that
> had domU support? 2.6.28.0 ?
>
>   
Does this patch help?

diff --git a/arch/x86/ia32/ia32entry.S b/arch/x86/ia32/ia32entry.S
index e4baa06..3ea8299 100644
--- a/arch/x86/ia32/ia32entry.S
+++ b/arch/x86/ia32/ia32entry.S
@@ -400,7 +400,6 @@ ENTRY(ia32_syscall)
 	/*CFI_REL_OFFSET	rflags,EFLAGS-RIP*/
 	/*CFI_REL_OFFSET	cs,CS-RIP*/
 	CFI_REL_OFFSET	rip,RIP-RIP
-	PARAVIRT_ADJUST_EXCEPTION_FRAME
 	SWAPGS
 	/*
 	 * No need to follow this irqs on/off section: the syscall

	J


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

Jeremy Fitzhardinge schrieb:
> Sven Köhler wrote:
>> Jeremy Fitzhardinge schrieb:
>>  
>>> Has it ever worked?  If so, what kernel version did it stop working
>>> at?     
>>
>> I''ve just tried a good old non-pv_ops 2.6.18 kernel:
>>
>> I ran the same binary file, that segfaults on 2.6.28.7.
>> It runs just fine on 2.6.18.
>>
>> I haven''t tested any other pc_ops kernel version. I''m
not sure, that it
>> ever worked with these kernel. Which was the first kernel version, that
>> had domU support? 2.6.28.0 ?
>>
>>   
> Does this patch help?
> 
> diff --git a/arch/x86/ia32/ia32entry.S b/arch/x86/ia32/ia32entry.S
> index e4baa06..3ea8299 100644
> --- a/arch/x86/ia32/ia32entry.S
> +++ b/arch/x86/ia32/ia32entry.S
> @@ -400,7 +400,6 @@ ENTRY(ia32_syscall)
>     /*CFI_REL_OFFSET    rflags,EFLAGS-RIP*/
>     /*CFI_REL_OFFSET    cs,CS-RIP*/
>     CFI_REL_OFFSET    rip,RIP-RIP
> -    PARAVIRT_ADJUST_EXCEPTION_FRAME
>     SWAPGS
>     /*
>      * No need to follow this irqs on/off section: the syscall
No, still segfaults :-(




_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

Jeremy Fitzhardinge schrieb:
> Sven Köhler wrote:
>>> Can you get a coredump from the fault and see what the faulting
>>> instruction was?
>>>     
>>
>> How do I do that?
>> Sorry for the stupid question, but unfortunatly this is beyond my
>> knowledge of the tooldchain :-(
> 
> $ ulimit -c unlimited
> $ ./a.out
> Segmentation Fault (core dumped)
> $ ls core.*
> core.XXXXX
> $ gdb ./a.out core.*
> [...]
> (gdb) x/i $eip-2
> 
> It will help to compile your a.out with -g.
# ulimit -c unlimited
# ./a.out
Segmentation fault (core dumped)
# gdb a.out core
GNU gdb 6.8
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
<http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show
copying"
and "show warranty" for details.
This GDB was configured as "x86_64-pc-linux-gnu"...
Core was generated by `./a.out''.
Program terminated with signal 11, Segmentation fault.
[New process 13256]
#0  0xf7f3642f in __kernel_vsyscall ()
(gdb) x/i $eip-2
0xf7f3642d <__kernel_vsyscall+13>:      jmp    0x25f4278f
(gdb)




_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

Sven Köhler wrote:
> Jeremy Fitzhardinge schrieb:
>   
>> Sven Köhler wrote:
>>     
>>>> Can you get a coredump from the fault and see what the faulting
>>>> instruction was?
>>>>     
>>>>         
>>> How do I do that?
>>> Sorry for the stupid question, but unfortunatly this is beyond my
>>> knowledge of the tooldchain :-(
>>>       
>> $ ulimit -c unlimited
>> $ ./a.out
>> Segmentation Fault (core dumped)
>> $ ls core.*
>> core.XXXXX
>> $ gdb ./a.out core.*
>> [...]
>> (gdb) x/i $eip-2
>>
>> It will help to compile your a.out with -g.
>>     
>
> # ulimit -c unlimited
> # ./a.out
> Segmentation fault (core dumped)
> # gdb a.out core
> GNU gdb 6.8
> Copyright (C) 2008 Free Software Foundation, Inc.
> License GPLv3+: GNU GPL version 3 or later
> <http://gnu.org/licenses/gpl.html>
> This is free software: you are free to change and redistribute it.
> There is NO WARRANTY, to the extent permitted by law.  Type "show
copying"
> and "show warranty" for details.
> This GDB was configured as "x86_64-pc-linux-gnu"...
> Core was generated by `./a.out''.
> Program terminated with signal 11, Segmentation fault.
> [New process 13256]
> #0  0xf7f3642f in __kernel_vsyscall ()
> (gdb) x/i $eip-2
> 0xf7f3642d <__kernel_vsyscall+13>:      jmp    0x25f4278f
> (gdb)
>   
Hm.  How about "x/30i __kernel_vsyscall"?

    J

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

Sven Köhler wrote:
> (gdb) x/i $eip-2
> 0xf7f3642d <__kernel_vsyscall+13>:      jmp    0x25f4278f
> (gdb)
Oh, and "x/i <whatever appears after ip: in the kernel dmesg>"

    J

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

Jeremy Fitzhardinge schrieb:
> Hm.  How about "x/30i __kernel_vsyscall"?
# export LANG=C
# ulimit -c unlimited
# ./a.out
Segmentation fault (core dumped)
# dmesg|grep "ip:"
a.out[18031] general protection ip:f7f4642f sp:ff943d74 error:0
a.out[18038] general protection ip:f7f0042f sp:ff8fd534 error:0
# gdb ./a.out core
GNU gdb 6.8
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later 
<http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show
copying"
and "show warranty" for details.
This GDB was configured as "x86_64-pc-linux-gnu"...
Core was generated by `./a.out''.
Program terminated with signal 11, Segmentation fault.
[New process 18038]
#0  0xf7f0042f in __kernel_vsyscall ()
(gdb) x/i f7f0042f
No symbol "f7f0042f" in current context.
(gdb) x/i $eip-2
0xf7f0042d <__kernel_vsyscall+13>:	jmp    0x25f0c78f
(gdb) x/30i __kernel_vsyscall
0xf7f00420 <__kernel_vsyscall>:	push   %ebp
0xf7f00421 <__kernel_vsyscall+1>:	mov    %ecx,%ebp
0xf7f00423 <__kernel_vsyscall+3>:	syscall
0xf7f00425 <__kernel_vsyscall+5>:	mov    $0x2b,%ecx
0xf7f0042a <__kernel_vsyscall+10>:	mov    %ecx,%ss
0xf7f0042c <__kernel_vsyscall+12>:	mov    %ebp,%ecx
0xf7f0042e <__kernel_vsyscall+14>:	pop    %ebp
0xf7f0042f <__kernel_vsyscall+15>:	ret
0xf7f00430:	add    %ch,(%esi)
0xf7f00432:	jae    0xf7f0049c
0xf7f00434:	jae    0xf7f004aa
0xf7f00436:	jb     0xf7f004ac
0xf7f00438:	popa
0xf7f00439:	bound  %eax,(%eax)
0xf7f0043b:	cs
0xf7f0043c:	push   $0x687361
0xf7f00441:	cs
0xf7f00442:	fs
0xf7f00443:	jns    0xf7f004b3
0xf7f00445:	jae    0xf7f004c0
0xf7f00447:	insl   (%dx),%es:(%edi)
0xf7f00448:	add    %ch,(%esi)
0xf7f0044a:	fs
---Type <return> to continue, or q <return> to quit---
0xf7f0044b:	jns    0xf7f004bb
0xf7f0044d:	jae    0xf7f004c3
0xf7f0044f:	jb     0xf7f00451
0xf7f00451:	addr16 outsb %cs:(%si),(%dx)
0xf7f00454:	jne    0xf7f00484
0xf7f00456:	jbe    0xf7f004bd
0xf7f00458:	jb     0xf7f004cd
(gdb)

_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

Sven Köhler schrieb:
> (gdb) x/i f7f0042f
> No symbol "f7f0042f" in current context.
Doh! Silly me. Here''s the correct thing:

(gdb) x/i 0xf7f0042f
0xf7f0042f <__kernel_vsyscall+15>:	ret

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

Sven Köhler wrote:
> Jeremy Fitzhardinge schrieb:
>   
>> Sven Köhler wrote:
>>     
>>> Jeremy Fitzhardinge schrieb:
>>>  
>>>       
>>>> Has it ever worked?  If so, what kernel version did it stop
working
>>>> at?     
>>>>         
>>> I''ve just tried a good old non-pv_ops 2.6.18 kernel:
>>>
>>> I ran the same binary file, that segfaults on 2.6.28.7.
>>> It runs just fine on 2.6.18.
>>>
>>> I haven''t tested any other pc_ops kernel version.
I''m not sure, that it
>>> ever worked with these kernel. Which was the first kernel version,
that
>>> had domU support? 2.6.28.0 ?
>>>
>>>   
>>>       
>> Does this patch help?
>>
>> diff --git a/arch/x86/ia32/ia32entry.S b/arch/x86/ia32/ia32entry.S
>> index e4baa06..3ea8299 100644
>> --- a/arch/x86/ia32/ia32entry.S
>> +++ b/arch/x86/ia32/ia32entry.S
>> @@ -400,7 +400,6 @@ ENTRY(ia32_syscall)
>>     /*CFI_REL_OFFSET    rflags,EFLAGS-RIP*/
>>     /*CFI_REL_OFFSET    cs,CS-RIP*/
>>     CFI_REL_OFFSET    rip,RIP-RIP
>> -    PARAVIRT_ADJUST_EXCEPTION_FRAME
>>     SWAPGS
>>     /*
>>      * No need to follow this irqs on/off section: the syscall
>>     
>
> No, still segfaults :-(
>   
Do you have auditing enabled?

    J

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

Jeremy Fitzhardinge wrote:
>
> Do you have auditing enabled?
(No)

    J

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

Jeremy Fitzhardinge schrieb:
> Jeremy Fitzhardinge wrote:
>>
>> Do you have auditing enabled?
> (No)
You answered yourself, right?
(yes, CONFIG_AUDIT is disabled)

Can I supply you with any further information?

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

Sven Köhler wrote:
> Jeremy Fitzhardinge schrieb:
>> Jeremy Fitzhardinge wrote:
>>>
>>> Do you have auditing enabled?
>> (No)
>
> You answered yourself, right?
> (yes, CONFIG_AUDIT is disabled)
>
> Can I supply you with any further information?
I need to find/set up an AMD system to try to repro it I think.  I think 
the problem is actually the return from the syscall, rather than the 
syscall entry itself.  What happens if you run the program under either 
strace or gdb?

    J


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

Jeremy Fitzhardinge schrieb:
> Sven Köhler wrote:
>> Jeremy Fitzhardinge schrieb:
>>> Jeremy Fitzhardinge wrote:
>>>>
>>>> Do you have auditing enabled?
>>> (No)
>>
>> You answered yourself, right?
>> (yes, CONFIG_AUDIT is disabled)
>>
>> Can I supply you with any further information?
> 
> I need to find/set up an AMD system to try to repro it I think.  I think
> the problem is actually the return from the syscall, rather than the
> syscall entry itself.  What happens if you run the program under either
> strace or gdb?
The program just works:

# strace ./a.out
execve("./a.out", ["./a.out"], [/* 24 vars */]) = 0
[ Process PID=8968 runs in 32 bit mode. ]
uname({sys="Linux", node="xen-to1", ...}) = 0
brk(0)                                  = 0x80c3000
brk(0x80c3cb0)                          = 0x80c3cb0
set_thread_area(0xffa5182c)             = 0
brk(0x80e4cb0)                          = 0x80e4cb0
brk(0x80e5000)                          = 0x80e5000
fstat64(1, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 0), ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
0) = 0xfffffffff7f51000
write(1, "Hallo Welt!\n"..., 12Hallo Welt!
)        = 12
exit_group(0)                           = ?



_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

Sven Köhler wrote:
> Jeremy Fitzhardinge schrieb:
>   
>> Sven Köhler wrote:
>>     
>>> Jeremy Fitzhardinge schrieb:
>>>       
>>>> Jeremy Fitzhardinge wrote:
>>>>         
>>>>> Do you have auditing enabled?
>>>>>           
>>>> (No)
>>>>         
>>> You answered yourself, right?
>>> (yes, CONFIG_AUDIT is disabled)
>>>
>>> Can I supply you with any further information?
>>>       
>> I need to find/set up an AMD system to try to repro it I think.  I
think
>> the problem is actually the return from the syscall, rather than the
>> syscall entry itself.  What happens if you run the program under either
>> strace or gdb?
>>     
>
> The program just works:
>
> # strace ./a.out
> execve("./a.out", ["./a.out"], [/* 24 vars */]) = 0
> [ Process PID=8968 runs in 32 bit mode. ]
> uname({sys="Linux", node="xen-to1", ...}) = 0
> brk(0)                                  = 0x80c3000
> brk(0x80c3cb0)                          = 0x80c3cb0
> set_thread_area(0xffa5182c)             = 0
> brk(0x80e4cb0)                          = 0x80e4cb0
> brk(0x80e5000)                          = 0x80e5000
> fstat64(1, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 0), ...}) = 0
> mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
> 0) = 0xfffffffff7f51000
> write(1, "Hallo Welt!\n"..., 12Hallo Welt!
> )        = 12
> exit_group(0)                           = ?
>   
OK, that confirms that its sysret32 that''s failing.  vdso32=0 on the 
kernel command line should be the workaround until we''ve got a proper
fix.

    J

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

Jeremy Fitzhardinge schrieb:
> OK, that confirms that its sysret32 that''s failing.  vdso32=0 on
the
> kernel command line should be the workaround until we''ve got a
proper fix.
vdso32=0 works. Thank you for your help!

But i wonder: what''s the drawback of this workaround? Performance loss?
Or something more dramatic?


Regards,
   Sven

_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

Sven Köhler wrote:
> Jeremy Fitzhardinge schrieb:
>> OK, that confirms that its sysret32 that''s failing.  vdso32=0
on the
>> kernel command line should be the workaround until we''ve got a
proper
>> fix.
>
> vdso32=0 works. Thank you for your help!
>
> But i wonder: what''s the drawback of this workaround? Performance 
> loss? Or something more dramatic? 
Slight performance loss, probably only measurable with micro-benchmarks.

    J

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

On Tue, 17 Mar 2009 09:52:59 -0700
Jeremy Fitzhardinge <jeremy@goop.org> wrote:
> Sven Köhler wrote:
> > Jeremy Fitzhardinge schrieb:
> > 
> >> I need to find/set up an AMD system to try to repro it I think.  I
think
> >> the problem is actually the return from the syscall, rather than
the
> >> syscall entry itself.  What happens if you run the program under
either
> >> strace or gdb?
> >>     
> >
> > The program just works:
> >
> > # strace ./a.out
> > [...]
> 
> OK, that confirms that its sysret32 that''s failing.  vdso32=0 on
the
> kernel command line should be the workaround until we''ve got a
proper fix.
Hi, 

I still notice this problem with vanilla 2.6.30.4 domU under Xen 3.3.2
(32 bit binaries on a 64 bit domU kernel segfault, AMD CPU).  vdso32=0
still helps. 

Any news? 

Regards,
Milan 


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

On Monday 10 August 2009 13:21:21 Milan Holzäpfel wrote:
> On Tue, 17 Mar 2009 09:52:59 -0700
>
> Jeremy Fitzhardinge <jeremy@goop.org> wrote:
> > Sven Köhler wrote:
> > > Jeremy Fitzhardinge schrieb:
> > >> I need to find/set up an AMD system to try to repro it I
think.  I
> > >> think the problem is actually the return from the syscall,
rather than
> > >> the syscall entry itself.  What happens if you run the
program under
> > >> either strace or gdb?
> > >
> > > The program just works:
> > >
> > > # strace ./a.out
> > > [...]
> >
> > OK, that confirms that its sysret32 that''s failing.  vdso32=0
on the
> > kernel command line should be the workaround until we''ve got
a proper
> > fix.
>
> Hi,
>
> I still notice this problem with vanilla 2.6.30.4 domU under Xen 3.3.2
> (32 bit binaries on a 64 bit domU kernel segfault, AMD CPU).  vdso32=0
> still helps.
>
> Any news?
What does Linux use w/o vdso32=0 on your box ? Does it use sysenter, syscall
or int 0x80 ?

Do you boot the DomU directly or does this happen after migration from
an Intel box ?

Christoph


-- 
---to satisfy European Law for business letters:
Advanced Micro Devices GmbH
Karl-Hammerschmidt-Str. 34, 85609 Dornach b. Muenchen
Geschaeftsfuehrer: Thomas M. McCoy, Giuliano Meroni
Sitz: Dornach, Gemeinde Aschheim, Landkreis Muenchen
Registergericht Muenchen, HRB Nr. 43632


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

On Mon, 10 Aug 2009 14:59:31 +0200
Christoph Egger <Christoph.Egger@amd.com> wrote:
> On Monday 10 August 2009 13:21:21 Milan Holzäpfel wrote:
> > On Tue, 17 Mar 2009 09:52:59 -0700
> >
> > Jeremy Fitzhardinge <jeremy@goop.org> wrote:
> > > Sven Köhler wrote:
> > > > Jeremy Fitzhardinge schrieb:
> > > >> I need to find/set up an AMD system to try to repro it I
think.  I
> > > >> think the problem is actually the return from the
syscall, rather than
> > > >> the syscall entry itself.  What happens if you run the
program under
> > > >> either strace or gdb?
> > > >
> > > > The program just works:
> > > >
> > > > # strace ./a.out
> > > > [...]
> > >
> > > OK, that confirms that its sysret32 that''s failing. 
vdso32=0 on the
> > > kernel command line should be the workaround until we''ve
got a proper
> > > fix.
> >
> > Hi,
> >
> > I still notice this problem with vanilla 2.6.30.4 domU under Xen 3.3.2
> > (32 bit binaries on a 64 bit domU kernel segfault, AMD CPU).  vdso32=0
> > still helps.
> >
> > Any news?
> 
> What does Linux use w/o vdso32=0 on your box ? Does it use sysenter,
syscall
> or int 0x80 ?
I''m not quite sure.  I collected the same gdb output as Sven Köhler did
in March, see below. 
> Do you boot the DomU directly or does this happen after migration from
> an Intel box ?
The DomU was booted directly on the AMD CPU, no migration was used. 

Here''s the GDB output:

server64d ~ # uname -a
Linux server64d 2.6.30.4-9nfs #1 SMP Mon Aug 10 12:25:11 CEST 2009 x86_64 AMD
Athlon(tm) X2 Dual Core Processor BE-2400 AuthenticAMD GNU/Linux
server64d ~ # cat test1.c 
#include <stdio.h>
int main() {
  printf("Hello, World\n");
}

server64d ~ # gcc -g -m32 test1.c -o test1
server64d ~ # ulimit -c unlimited
server64d ~ # rm -f core 
server64d ~ # ./test1
Segmentation fault (core dumped)
server64d ~ # dmesg | grep ip:
[  102.223656] test1[2313] general protection ip:ffffe42f sp:ffdb0dc0 error:0
[  265.468057] test1[2318] general protection ip:ffffe42f sp:ffec3880 error:0
[  758.153330] test1[11120] general protection ip:ffffe42f sp:ffe7ea20 error:0
[  791.662222] test1[11129] general protection ip:ffffe42f sp:ff9a5990 error:0
[ 1188.283930] test1[11136] general protection ip:ffffe42f sp:ffb06650 error:0
server64d ~ # gdb test1 core 
GNU gdb 6.8
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
<http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show
copying"
and "show warranty" for details.
This GDB was configured as "x86_64-pc-linux-gnu"...

warning: Can''t read pathname for load map: Input/output error.
Loaded symbols for /root/test1
Reading symbols from /lib32/libc.so.6...done.
Loaded symbols for /lib32/libc.so.6
Reading symbols from /lib64/ld-linux.so.2...done.
Loaded symbols for /lib/ld-linux.so.2
Core was generated by `./test1''.
Program terminated with signal 11, Segmentation fault.
[New process 11136]
#0  0xffffe42f in __kernel_vsyscall ()
(gdb) x/i 0xffffe42f
0xffffe42f <__kernel_vsyscall+15>:	ret    
(gdb) x/i $eip-2
0xffffe42d <__kernel_vsyscall+13>:	jmp    0x2e00a78f
(gdb) x/30i __kernel_vsyscall
0xffffe420 <__kernel_vsyscall>:	push   %ebp
0xffffe421 <__kernel_vsyscall+1>:	mov    %ecx,%ebp
0xffffe423 <__kernel_vsyscall+3>:	syscall 
0xffffe425 <__kernel_vsyscall+5>:	mov    $0x2b,%ecx
0xffffe42a <__kernel_vsyscall+10>:	mov    %ecx,%ss
0xffffe42c <__kernel_vsyscall+12>:	mov    %ebp,%ecx
0xffffe42e <__kernel_vsyscall+14>:	pop    %ebp
0xffffe42f <__kernel_vsyscall+15>:	ret    
0xffffe430:	add    %ch,(%esi)
0xffffe432:	jae    0xffffe49c
0xffffe434:	jae    0xffffe4aa
0xffffe436:	jb     0xffffe4ac
0xffffe438:	popa   
0xffffe439:	bound  %eax,(%eax)
0xffffe43b:	cs
0xffffe43c:	push   $0x687361
0xffffe441:	cs
0xffffe442:	fs
0xffffe443:	jns    0xffffe4b3
0xffffe445:	jae    0xffffe4c0
0xffffe447:	insl   (%dx),%es:(%edi)
0xffffe448:	add    %ch,(%esi)
0xffffe44a:	fs
0xffffe44b:	jns    0xffffe4bb
0xffffe44d:	jae    0xffffe4c3
0xffffe44f:	jb     0xffffe451
0xffffe451:	addr16 outsb %cs:(%si),(%dx)
0xffffe454:	jne    0xffffe484
0xffffe456:	jbe    0xffffe4bd
0xffffe458:	jb     0xffffe4cd
(gdb) quit
server64d ~ # 


Regards,
Milan


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

On 08/10/09 05:59, Christoph Egger wrote:
>> I still notice this problem with vanilla 2.6.30.4 domU under Xen 3.3.2
>> (32 bit binaries on a 64 bit domU kernel segfault, AMD CPU).  vdso32=0
>> still helps.
>>
>> Any news?
>>     
>
> What does Linux use w/o vdso32=0 on your box ? Does it use sysenter,
syscall
> or int 0x80 ?
>
> Do you boot the DomU directly or does this happen after migration from
> an Intel box ?
>   
There appears to be a bug in the 64-bit xen_sysret32, which attempts to
take the sysret environment and turn it into an iret hypercall (since
iret is the only way to do a 64-bit kernel -> 32-bit user return).

I don''t have an AMD test machine on hand, so I haven''t had a
chance to
work out what''s actually failing.  I couldn''t see anything
wrong by
staring at the code, but that probably means I was either starting hard
at the bug, or looking right next to the bug...

Could you try looking at this?

    J

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel