On Apr 15, 2016 07:46, "liuweijie" <liuwj0129@xxxxxxx> wrote:
>
> Dear list,
>
> When I use VMFUNC instructions on a Xen HVM, domain crashes sometimes.
>
> My serial console shows like this:
>
> domain_crash called from p2m.c:2204
> Domain 1 (vcpu#0) crashed on cpu#7
> ……
>
> My testbed runs on Xen-4.6.0, and my CPU is Intel i7-4790. I can provide more logs if needed.
>
> I know you guys have implemented helpful interfaces to manage alternative P2Ms in version 4.6. Those ‘hvm_altp2m_op’ hypercalls are invoked before VMFUNC instructions are executed. And ten alternative P2Ms can be built successfully.
>
> The pseudo-code of my experiment is as follows:
>
> for (i = 0; i < 10; i++)
> switch the current eptp to eptp[i];
>
>
> However, once switching to eptp[4], namely when doing "mov eax 0; mov ecx 4; vmfunc.”, my Ubuntu HVM crashes. And as soon as I switched to more than 4 EPTPs, it crashed too. In other words, when I executed VMFUNC to switch to the fifth different altp2m, the domain would crash.
>
> Then when I just created 4 altp2ms, that weird phenomenon never happened again. Four altp2ms seems tolerable, but I still would like to use more. In addition, the Intel manual says we can switch between 512 altp2ms, right?
>
> FYI, I know the bug lies in the function ‘p2m_altp2m_lazy_copy’, and it is caused by the wrong return number of function ‘p2m_set_entry’.
>
> Can you guys fix the bug? Or is there something wrong with my test?
>
> Any help is appreciated! Thanks so much!
>
> Cheers,
> Weijie.
Hi Weijie,
While the hardware could handle 512 EPTs Xen only implements support for up to 10. The crash you are seeing is likely caused by the domain running out hap pool space when trying to copy the EPT to the new table. Try adding 'shadow_memory=16' to your domain config, it should fix the crash.
