Avi Kivity <a...@redhat.com> writes: > On 08/14/2012 11:44 AM, Markus Armbruster wrote: [...] >> And another one: >> >> $ qemu-system-x86_64 -nodefaults --enable-kvm -vnc :0 -monitor >> stdio -m 900k >> QEMU 1.1.50 monitor - type 'help' for more information >> (qemu) KVM internal error. Suberror: 1 >> emulation failure >> EAX=000fdb78 EBX=00000000 ECX=00000000 EDX=000fdb64 >> ESI=00000000 EDI=000fdb64 EBP=00000000 ESP=00006f98 >> EIP=000e3492 EFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 >> ES =0010 00000000 ffffffff 00c09300 DPL=0 DS [-WA] >> CS =0008 00000000 ffffffff 00c09b00 DPL=0 CS32 [-RA] >> SS =0010 00000000 ffffffff 00c09300 DPL=0 DS [-WA] >> DS =0010 00000000 ffffffff 00c09300 DPL=0 DS [-WA] >> FS =0010 00000000 ffffffff 00c09300 DPL=0 DS [-WA] >> GS =0010 00000000 ffffffff 00c09300 DPL=0 DS [-WA] >> LDT=0000 00000000 0000ffff 00008200 DPL=0 LDT >> TR =0000 00000000 0000ffff 00008b00 DPL=0 TSS32-busy >> GDT= 000fcd68 00000037 >> IDT= 000fdb60 00000000 >> CR0=00000011 CR2=00000000 CR3=00000000 CR4=00000000 >> DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 >> DR3=0000000000000000 >> DR6=00000000ffff0ff0 DR7=0000000000000400 >> EFER=0000000000000000 >> Code=00 00 b8 26 00 00 00 eb 95 83 c8 ff 83 c4 4c 5b 5e 5f 5d c3 >> <57> 56 53 89 d6 39 c2 72 06 89 c7 f3 a4 eb 1b 8d 51 ff 01 d0 01 d6 >> 89 cf 31 d2 eb 08 8a 1c >> q >> > > Not sure what's the problem. 57 is a push reg instruction which we > ought to emulate fine. > > 900k is 0xe1000, just below eip, but we ought to execute just fine from > unshadowed ROM. > > >> Breakpoint on kvm_handle_internal_error() yields backtrace: >> >> #0 kvm_handle_internal_error (env=0x1389b30, run=0x7ffff7ffa000) >> at /work/armbru/qemu/kvm-all.c:1424 >> #1 0x0000000000674c5a in kvm_cpu_exec (env=0x1389b30) >> at /work/armbru/qemu/kvm-all.c:1586 >> #2 0x000000000060e0b4 in qemu_kvm_cpu_thread_fn (arg=0x1389b30) >> at /work/armbru/qemu/cpus.c:757 >> #3 0x0000003b0ea07d14 in start_thread () from /lib64/libpthread.so.0 >> #4 0x0000003b0def197d in clone () from /lib64/libc.so.6 >> >> Also seen with 904k, 908k, 964k, 968k, 972k 976k, and a whole lot more. > > Same EIP in the dump with those?
Offenders within 1s in range 868k..1028k step 4: 900 EIP=000e3492 EFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 904 EIP=000e3492 EFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 908 EIP=000e3492 EFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 916 EIP=000e570e EFL=00000012 [----A--] CPL=0 II=0 A20=1 SMM=0 HLT=0 964 EIP=000f2b76 EFL=00000012 [----A--] CPL=0 II=0 A20=1 SMM=0 HLT=0 968 EIP=000f2b76 EFL=00000012 [----A--] CPL=0 II=0 A20=1 SMM=0 HLT=0 972 EIP=000fc6db EFL=00000087 [--S--PC] CPL=0 II=0 A20=1 SMM=0 HLT=0 976 EIP=000fc6db EFL=00000087 [--S--PC] CPL=0 II=0 A20=1 SMM=0 HLT=0 980 EIP=000fc6db EFL=00000087 [--S--PC] CPL=0 II=0 A20=1 SMM=0 HLT=0 984 EIP=000fc6db EFL=00000087 [--S--PC] CPL=0 II=0 A20=1 SMM=0 HLT=0 988 EIP=000fc6db EFL=00000087 [--S--PC] CPL=0 II=0 A20=1 SMM=0 HLT=0 992 EIP=000fc6db EFL=00000087 [--S--PC] CPL=0 II=0 A20=1 SMM=0 HLT=0 996 EIP=000fc6db EFL=00000087 [--S--PC] CPL=0 II=0 A20=1 SMM=0 HLT=0 1000 EIP=000fc6db EFL=00000087 [--S--PC] CPL=0 II=0 A20=1 SMM=0 HLT=0 1004 EIP=000fc6db EFL=00000087 [--S--PC] CPL=0 II=0 A20=1 SMM=0 HLT=0 1008 EIP=000fc6db EFL=00000087 [--S--PC] CPL=0 II=0 A20=1 SMM=0 HLT=0 1012 EIP=000fe69f EFL=00000087 [--S--PC] CPL=0 II=0 A20=1 SMM=0 HLT=0 1016 EIP=000fe69f EFL=00000083 [--S---C] CPL=0 II=0 A20=1 SMM=0 HLT=0 1020 EIP=0000f000 EFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 >> Not reproduced with 1024k+. >> >> An easy way to "fix" these is to require 1MiB of RAM :) > > Or disabling kvm.