34282 – general protection fault when starting virtual machine with qemu

Bug 34282 - general protection fault when starting virtual machine with qemu

Summary: general protection fault when starting virtual machine with qemu

Status:	RESOLVED CODE_FIX

Alias:	None

Product:	Virtualization
Classification:	Unclassified
Component:	kvm (show other bugs)
Hardware:	All Linux

Importance:	P1 normal
Assignee:	virtualization_kvm

URL:
Keywords:

Depends on:
Blocks:

Reported:	2011-05-03 13:25 UTC by Ricardo Wurmus
Modified:	2012-08-23 13:50 UTC (History)
CC List:	2 users (show)

See Also:
Kernel Version:	2.6.38
Subsystem:
Regression:	No
Bisected commit-id:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Ricardo Wurmus 2011-05-03 13:25:21 UTC

A general protection fault occurs when running qemu-kvm on a qcow2 image (holding an installation of WinXP). The problem happens whenever the following command is executed:

qemu-kvm \
-snapshot \
/path/to/image.qcow2 \
-net nic,model=e1000 -net user,hostname=host,hostfwd=tcp:3389-:3398 \
-m 384 \
-monitor unix:/tmp/kvm_console,server,nowait \
-usb \
-nographic

Almost immediately after issuing the command, the trace (see below) is printed on the screen. The system doesn't go down (switching VTs clears the message from the screen), but qemu-kvm cannot be aborted from the terminal window in which it was launched.

My system is running the latest kernel packaged for Arch Linux.

$ uname -a
Linux jingles 2.6.38-ARCH #1 SMP PREEMPT Fri Apr 22 17:48:36 UTC 2011 i686 AMD Phenom(tm) II X4 940 Processor AuthenticAMD GNU/Linux

$ pacman -Qi qemu-kvm
Name           : qemu-kvm
Version        : 0.14.0-1
<snip>
Architecture   : i686

I'm running i686 linux on x86_64 hardware.

This is the message + trace:

[69862.239933] general protection fault: 0000 [#1] PREEMPT SMP 
[69862.240031] last sysfs file: /sys/devices/pci0000:00/0000:00:14.1/host4/uevent
[69862.240136] Modules linked in: snd_seq_midi snd_hrtimer cpufreq_ondemand nfsd exportfs nfs lockd fscache nfs_acl auth_rpcgss sunrpc ipv6 ext3 jbd jfs joydev usbhid hid snd_usb_audio snd_usbmidi_lib radeon wacom snd_hda_codec_hdmi snd_hda_codec_realtek ttm drm_kms_helper drm agpgart ppdev snd_ice1724 snd_rawmidi snd_ice17xx_ak4xxx snd_ac97_codec ac97_bus snd_ak4xxx_adda snd_ak4114 snd_pt2258 snd_i2c powernow_k8 lp freq_table snd_hda_intel sp5100_tco snd_hda_codec evdev i2c_algo_bit snd_ak4113 snd_seq_dummy snd_seq_oss snd_seq_midi_event snd_seq snd_seq_device firewire_ohci ohci_hcd i2c_piix4 shpchp snd_pcm_oss snd_hwdep snd_mixer_oss snd_pcm snd_timer floppy parport_pc mperf pcspkr r8169 ehci_hcd pci_hotplug snd parport firewire_core k10temp usbcore processor button i2c_core wmi mii kvm_amd soundcore snd_page_alloc serio_raw sg crc_itu_t kvm ext2 mbcache sr_mod cdrom sd_mod pata_acpi pata_atiixp ahci libahci libata scsi_mod
[69862.241531] 
[69862.241554] Pid: 3738, comm: qemu-kvm Not tainted 2.6.38-ARCH #1 Gigabyte Technology Co., Ltd. GA-MA78GM-US2H/GA-MA78GM-US2H
[69862.241725] EIP: 0060:[<c118e11e>] EFLAGS: 00210202 CPU: 2
[69862.241806] EIP is at submit_bio+0xe/0x100
[69862.241870] EAX: 00000001 EBX: ed6be480 ECX: 00000000 EDX: ed6be480
[69862.241959] ESI: ed6be480 EDI: 00000001 EBP: cbde778c ESP: cbde773c
[69862.242049]  DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
[69862.242127] Process qemu-kvm (pid: 3738, ti=cbde6000 task=cbfae780 task.ti=cbde6000)
[69862.242240] Stack:
[69862.242269]  00000010 00000006 ef940be0 00000029 f5d075ac c1451200 ef2827a8 ed6be480
[69862.242399]  ed6be480 cbde7784 c112f2bb f1594bb4 00000010 00000001 0000000f ef2827a8
[69862.242527]  ef2827a8 ef2827a8 cbde778c c112f38e cbde77a0 c112a76c ef2827a8 ef2827a8
[69862.242656] Call Trace:
[69862.242695]  [<c112f2bb>] ? bio_alloc_bioset+0x3b/0xc0
[69862.242770]  [<c112f38e>] ? bio_alloc+0xe/0x20
[69862.242835]  [<c112a76c>] submit_bh+0xcc/0xf0
[69862.242898]  [<c112c1e3>] __block_write_full_page+0x223/0x380
[69862.242982]  [<c10fcfe8>] ? memcg_check_events+0x28/0x160
[69862.243040]  [<f823ed70>] ? ext2_get_block+0x0/0x800 [ext2]
[69862.243040]  [<c112c3de>] block_write_full_page_endio+0x9e/0xe0
[69862.243040]  [<c112aea0>] ? end_buffer_async_write+0x0/0x1b0
[69862.243040]  [<f823ed70>] ? ext2_get_block+0x0/0x800 [ext2]
[69862.243040]  [<c112c432>] block_write_full_page+0x12/0x20
[69862.243040]  [<c112aea0>] ? end_buffer_async_write+0x0/0x1b0
[69862.243040]  [<f823e80f>] ext2_writepage+0xf/0x20 [ext2]
[69862.243040]  [<c10cc942>] shrink_page_list+0x532/0x760
[69862.243040]  [<c10fe303>] ? mem_cgroup_del_lru_list+0x23/0xa0
[69862.243040]  [<c10ccea2>] shrink_inactive_list+0xf2/0x3f0
[69862.243040]  [<c10cd61c>] shrink_zone+0x47c/0x5c0
[69862.243040]  [<c10cdff2>] do_try_to_free_pages+0xb2/0x370
[69862.243040]  [<c10ce506>] try_to_free_pages+0x76/0x150
[69862.243040]  [<c10c53d0>] __alloc_pages_nodemask+0x420/0x750
[69862.243040]  [<c10faa57>] do_huge_pmd_anonymous_page+0x107/0x2d0
[69862.243040]  [<f82cb96b>] ? update_spte+0x8b/0x1a0 [kvm]
[69862.243040]  [<c10dd12e>] handle_mm_fault+0x17e/0x200
[69862.243040]  [<c10dd2c7>] __get_user_pages+0x117/0x3d0
[69862.243040]  [<c10dd637>] get_user_pages+0x57/0x70
[69862.243040]  [<c102ae0f>] get_user_pages_fast+0xef/0x150
[69862.243040]  [<f82b22a9>] hva_to_pfn.isra.39+0xb9/0x240 [kvm]
[69862.243040]  [<f82b24a9>] __gfn_to_pfn+0x49/0xa0 [kvm]
[69862.243040]  [<f82b26c9>] gfn_to_pfn_async+0x29/0x30 [kvm]
[69862.243040]  [<f82cdb57>] try_async_pf+0x37/0x280 [kvm]
[69862.243040]  [<f82d1a3f>] paging32_page_fault+0x15f/0x910 [kvm]
[69862.243040]  [<f82bcb18>] ? kvm_read_guest_virt_helper+0x48/0xb0 [kvm]
[69862.243040]  [<f82cdf70>] kvm_mmu_page_fault+0x20/0x90 [kvm]
[69862.243040]  [<f8387fd6>] pf_interception+0x96/0x180 [kvm_amd]
[69862.243040]  [<f838e012>] handle_exit+0x172/0x4bd [kvm_amd]
[69862.243040]  [<c1004dfb>] ? do_device_not_available+0xb/0x20
[69862.243040]  [<c131afbb>] ? error_code+0x67/0x6c
[69862.243040]  [<f82c0d54>] ? kvm_get_cr8+0x14/0x30 [kvm]
[69862.243040]  [<f82c6920>] kvm_arch_vcpu_ioctl_run+0x390/0xf90 [kvm]
[69862.243040]  [<f82c22df>] ? kvm_arch_vcpu_load+0x3f/0x140 [kvm]
[69862.243040]  [<f82b2ca5>] kvm_vcpu_ioctl+0x475/0x640 [kvm]
[69862.243040]  [<c103e72a>] ? wake_up_state+0xa/0x10
[69862.243040]  [<c10726c0>] ? wake_futex+0x30/0x50
[69862.243040]  [<c1074c05>] ? do_futex+0x595/0x8c0
[69862.243040]  [<c107090f>] ? tick_dev_program_event+0x3f/0x160
[69862.243040]  [<c1064998>] ? __run_hrtimer+0x98/0x250
[69862.243040]  [<f82b2830>] ? kvm_vcpu_ioctl+0x0/0x640 [kvm]
[69862.243040]  [<c1113a49>] do_vfs_ioctl+0x79/0x570
[69862.243040]  [<c106ae74>] ? ktime_get_ts+0xe4/0x110
[69862.243040]  [<c1105fcb>] ? fget_light+0x6b/0xc0
[69862.243040]  [<c1113fa7>] sys_ioctl+0x67/0x80
[69862.243040]  [<c10037df>] sysenter_do_call+0x12/0x28
[69862.243040] Code: fb ff ff ff e9 69 fb ff ff 0f 0b e8 2d 5e eb ff 8d b6 00 00 00 00 8d bc 27 00 00 00 00 55 89 e5 83 ec 50 89 5d f4 89 d3 09 43 14 <65> 8b 15 14 00 00 00 89 55 f0 31 d2 85 db 8b 53 20 89 75 f8 89 
[69862.243040] EIP: [<c118e11e>] submit_bio+0xe/0x100 SS:ESP 0068:cbde773c
[69862.342368] ---[ end trace 42722280d63dfe9f ]---

Comment 1 Joerg Roedel 2011-05-27 08:34:46 UTC

Does it happen with 2.6.39 vanilla kernel too?

Comment 2 Ricardo Wurmus 2011-05-27 13:19:57 UTC

With 2.6.39 (from the ArchLinux testing repository) this doesn't happen anymore. As far as I can tell[1] that kernel is unpatched downstream.
___
[1] http://www.archlinux.org/packages/testing/i686/kernel26/

Note You need to log in before you can comment on or make changes to this bug.