From owner-freebsd-emulation@FreeBSD.ORG Mon May 23 07:42:32 2011 Return-Path: Delivered-To: freebsd-emulation@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9FEB01065670 for ; Mon, 23 May 2011 07:42:32 +0000 (UTC) (envelope-from avg@FreeBSD.org) Received: from citadel.icyb.net.ua (citadel.icyb.net.ua [212.40.38.140]) by mx1.freebsd.org (Postfix) with ESMTP id B1A208FC12 for ; Mon, 23 May 2011 07:42:31 +0000 (UTC) Received: from porto.topspin.kiev.ua (porto-e.starpoint.kiev.ua [212.40.38.100]) by citadel.icyb.net.ua (8.8.8p3/ICyb-2.3exp) with ESMTP id KAA05887; Mon, 23 May 2011 10:42:30 +0300 (EEST) (envelope-from avg@FreeBSD.org) Received: from localhost.topspin.kiev.ua ([127.0.0.1]) by porto.topspin.kiev.ua with esmtp (Exim 4.34 (FreeBSD)) id 1QOPmY-0003KT-0O; Mon, 23 May 2011 10:42:30 +0300 Message-ID: <4DDA0FE5.5070101@FreeBSD.org> Date: Mon, 23 May 2011 10:42:29 +0300 From: Andriy Gapon User-Agent: Mozilla/5.0 (X11; U; FreeBSD amd64; en-US; rv:1.9.2.17) Gecko/20110503 Lightning/1.0b2 Thunderbird/3.1.10 MIME-Version: 1.0 To: vbox@FreeBSD.org X-Enigmail-Version: 1.1.2 Content-Type: text/plain; charset=X-VIET-VPS Content-Transfer-Encoding: 7bit Cc: freebsd-emulation@FreeBSD.org Subject: virtualbox kmod: pages incorrectly inserted into user map X-BeenThere: freebsd-emulation@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Development of Emulators of other operating systems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 23 May 2011 07:42:32 -0000 It seems that Virtualbox kernel module for FreeBSD has incorrect code for inserting kernel pages into a user map. First, vm_map_find(object=NULL) + pmap_enter() approach should not be applied to a user map. I am told that a pmap of a user process can be completely destroyed and re-constructed. And for the latter we must have correct mappings in the vm map, which will not be the case with this approach. Second, and probably as result of the above, Virtualbox may insert invalid pages into a user map. I am told that this must not be done ever. Here is an example of a panic that may result from this: panic: vm_page_dirty: page is invalid! (kgdb) bt #0 doadump () at pcpu.h:224 #1 0xffffffff80482b12 in kern_reboot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:437 #2 0xffffffff80482246 in panic (fmt=0x104
) at /usr/src/sys/kern/kern_shutdown.c:591 #3 0xffffffff8063bcdc in vm_page_dirty (m=0x0) at /usr/src/sys/vm/vm_page.c:742 #4 0xffffffff8062d00d in vm_fault_quick_hold_pages (map=0xfffffe00448db7a8, addr=35092844544, len=Variable "len" is not available. ) at /usr/src/sys/vm/vm_fault.c:1094 #5 0xffffffff8050953e in vmapbuf (bp=0xffffff80e5891020) at /usr/src/sys/kern/vfs_bio.c:3823 #6 0xffffffff80473637 in physio (dev=0xfffffe0007e51a00, uio=0xffffff811f417aa0, ioflag=Variable "ioflag" is not available. ) at /usr/src/sys/kern/kern_physio.c:95 #7 0xffffffff803e8fac in devfs_read_f (fp=0xfffffe00744cf3c0, uio=0xffffff811f417aa0, cred=Variable "cred" is not available. ) at /usr/src/sys/fs/devfs/devfs_vnops.c:1152 #8 0xffffffff804d7028 in dofileread (td=0xfffffe0083f07480, fd=32, fp=0xfffffe00744cf3c0, auio=0xffffff811f417aa0, offset=Variable "offset" is not available. ) at file.h:231 #9 0xffffffff804d733f in kern_readv (td=0xfffffe0083f07480, fd=32, auio=0xffffff811f417aa0) at /usr/src/sys/kern/sys_generic.c:238 #10 0xffffffff804d744c in read (td=0x0, uap=0x0) at /usr/src/sys/kern/sys_generic.c:154 #11 0xffffffff804cc5ae in syscallenter (td=0xfffffe0083f07480, sa=0xffffff811f417bc0) at /usr/src/sys/kern/subr_trap.c:344 #12 0xffffffff806658c2 in syscall (frame=0xffffff811f417c50) at /usr/src/sys/amd64/amd64/trap.c:910 #13 0xffffffff8064f76d in Xfast_syscall () at /usr/src/sys/amd64/amd64/exception.S:384 I have no patches at the moment to correctly fix these problems. I use a (hackish) work-around to the second issue which is to add the following line to rtR0MemObjFreeBSDPhysPageInit: pPage->valid = VM_PAGE_BITS_ALL; -- Andriy Gapon