Xen project Mailing List

Re: [Xen-users] Domu windows 2012 crash.

To: Johnny Ström <johnny.strom@xxxxxxxxxxxxxxxxx>, "Hans van Kranenburg" <hans@xxxxxxxxxxx>, <xen-users@xxxxxxxxxxxxxxxxxxxx>

From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>

Date: Wed, 18 Mar 2020 15:36:20 +0000

Authentication-results: esa2.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none; spf=None smtp.pra=andrew.cooper3@xxxxxxxxxx; spf=Pass smtp.mailfrom=Andrew.Cooper3@xxxxxxxxxx; spf=None smtp.helo=postmaster@xxxxxxxxxxxxxxx

Cc: kim Ståhl <kim.stahl@xxxxxxxxxxxxxxxxx>

Delivery-date: Wed, 18 Mar 2020 20:18:54 +0000

Ironport-sdr: UOo5Syg8hCtPNcAifnI8iGnbqBAIp12LwWXkNTFol3ql+tCGbO6bdRJM90o0fJcg3Tqyee7S+S PhPMUudFzAy27R0Otd/VxAOvlnilxwG8LttW48D6CFDqXMqMaR6EJfX47/UHbBZ7aREj4hOgQo zPxeHBxN2XWTczwYAirHY1hVvemgm0ACcOp+uDwDQQ317SHg9NA4IGX6EUVYPzu424Mlg42MSP sAIJ+5y6Jc4uyp0gJL6dzpOi512ECtWq1VHoCnB9Fo0LnW3zhIMY8XJ44/+PNxmTNxFvOj65D7 scY=

List-id: Xen user discussion <xen-users.lists.xenproject.org>

On 18/03/2020 15:32, Johnny Ström wrote: > On 3/14/20 2:54 PM, Hans van Kranenburg wrote: >> Hi Johnny, >> >> On 2/20/20 10:10 AM, johnny Strom wrote: >>> After the latest updates/security updates for debian 9 and debian 10, >>> so will windows 2012 crash if more than 4096 memory is available to >>> domu. >> I am able to reproduce this with a Windows server essentials 2019 HVM >> domU. >> >> An example from xl dmesg: >> >> (XEN) Failed to shatter gfn 105245: -12 >> (XEN) d75v1 EPT violation 0x19c (--x/rw-) gpa 0x00000105245760 mfn >> 0x285245 type 0 >> (XEN) d75v1 Walking EPT tables for GFN 105245: >> (XEN) d75v1 epte 9c000004105f9007 >> (XEN) d75v1 epte 9c000002800000f3 >> (XEN) d75v1 --- GLA 0x7ff98b40d760 >> (XEN) domain_crash called from vmx.c:3497 >> (XEN) Domain 75 (vcpu#1) crashed on cpu#4: >> (XEN) ----[ Xen-4.11.4-pre x86_64 debug=n Not tainted ]---- >> (XEN) CPU: 4 >> (XEN) RIP: 0033:[<00007ff98b40d760>] >> (XEN) RFLAGS: 0000000000010216 CONTEXT: hvm guest (d75v1) >> (XEN) rax: 0000000000001212 rbx: 000000c714d9da58 rcx: >> 0000023500001590 >> (XEN) rdx: 000000c700000001 rsi: 000000c714d9da18 rdi: >> 000000c714d9db20 >> (XEN) rbp: 000000c714d9d950 rsp: 000000c714d9d918 r8: >> 0000023500001470 >> (XEN) r9: 00000235000014f0 r10: 00007ff99c5c0923 r11: >> 000000c714d9d970 >> (XEN) r12: 0000000000000000 r13: 000000c714d9d9d0 r14: >> 000000c714d9da58 >> (XEN) r15: 0000000000000006 cr0: 0000000080050031 cr4: >> 0000000000060678 >> (XEN) cr3: 00000001d9458002 cr2: 00007ff98b6fa048 >> (XEN) fsb: 0000000000000000 gsb: 000000c714e9e000 gss: >> ffffcd015dc40000 >> (XEN) ds: 002b es: 002b fs: 0053 gs: 002b ss: 002b cs: 0033 >> >>> So it's in debian 9 update: xen (4.8.5.final+shim4.10.4-1+deb9u12) >>> and in debian 10 update: xen (4.11.3+24-g14b62ab3e5-1) that is causing >>> the crashes. >> For 4.11, can you please try the workaround to enable "executable EPT >> superpages" again? >> >> It's the ept=exec-sp hypervisor setting, and can also be set without >> rebooting using: >> >> xl set-parameters ept=exec-sp > > > Hello > > > I have been running test with "xl set-parameters ept=exec-sp" and > windows 2012 R2. > > And it dose not crash anymore. > > I used memory = 5120 that did make it crash within 2 minutes before. > > So xl set-parameters ept=exec-sp seems to be an workaround for now. Right, but what you're doing is turning off the security fix for XSA-304. Do you have any shadow_memory= option set in your VM's config file? If so, please remove it. ~Andrew _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxxx https://lists.xenproject.org/mailman/listinfo/xen-users

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.