From: Borislav Petkov <bp@alien8.de>
To: Satoru Takeuchi <satoru.takeuchi@gmail.com>,
Paolo Bonzini <pbonzini@redhat.com>
Cc: x86@kernel.org, linux-kernel@vger.kernel.org,
kvm ML <kvm@vger.kernel.org>
Subject: Re: [BUG] x86: failed to boot a kernel on a Ryzen machine
Date: Tue, 25 Apr 2017 11:36:08 +0200 [thread overview]
Message-ID: <20170425093607.n33gonz5kfzqgveg@pd.tnic> (raw)
In-Reply-To: <87shky7y1b.wl-satoru.takeuchi@gmail.com>
On Mon, Apr 24, 2017 at 10:09:04PM +0900, Satoru Takeuchi wrote:
> At Mon, 24 Apr 2017 14:48:46 +0200,
> Borislav Petkov wrote:
> >
> > On Mon, Apr 24, 2017 at 09:39:12PM +0900, Satoru Takeuchi wrote:
> > > I used the following auto-test tool (its backend is ktest).
> > >
> > > https://github.com/satoru-takeuchi/elkdat
> > >
> > > This problem can be reproduced by the following command on Ubuntu 16.04.
> > >
> > > ```
> > > $ sudo apt-get install git vagrant libvirt-bin libvirt-dev kernel-package qemu-kvm libssl-dev libncurses5-dev
> >
> > Can you minimize that reproducer? I.e, can you dump only the qemu
> > command line options from this setup?
> >
> > They're enough to be able to start a guest with your config without me
> > having to install all that other stuff.
>
> OK. Is it sufficient information?
>
> ```
> qemu-system-x86_64 -enable-kvm -name elkdat_ktest -S -machine pc-i440fx-xenial,accel=kvm,usb=off -cpu Opteron_G3,+smap,+adx,+rdseed,+bmi2,+smep,+avx2,+bmi1,+fsgsbase,+perfctr_nb,+perfctr_core,+topoext,+tce,+wdt,+skinit,+osvw,+3dnowprefetch,+cr8legacy,+extapic,+cmp_legacy,+pdpe1gb,+fxsr_opt,+mmxext,+rdrand,+f16c,+avx,+osxsave,+xsave,+aes,+movbe,+sse4.2,+sse4.1,+fma,+ssse3,+pclmuldq,+ht,+vme -m 512 -realtime mlock=off -smp 2,sockets=2,cores=1,threads=1 -uuid 12de0e96-5d01-4ab0-b0b3-165f55999960 -no-user-config -nodefaults -chardev socket,id=charmonitor,path=/var/lib/libvirt/qemu/domain-elkdat_ktest/monitor.sock,server,nowait -mon chardev=charmonitor,id=monitor,mode=control -rtc base=utc -no-shutdown -boot strict=on -device piix3-usb-uhci,id=usb,bus=pci.0,addr=0x1.0x2 -drive file=/var/lib/libvirt/images/elkdat_ktest.img,format=qcow2,if=none,id=drive-virtio-disk0 -device virtio-blk-pci,scsi=off,bus=pci.0,addr=0x3,drive=drive-virtio-disk0,id=virtio-disk0,bootindex=1 -netdev tap,fd=26,id=hostnet0,vhost=on,vhostfd=28 -device virtio-net-pci,netdev=hostnet0,id=net0,mac=52:54:00:e4:6f:3e,bus=pci.0,addr=0x5 -chardev pty,id=charserial0 -device isa-serial,chardev=charserial0,id=serial0 -vnc 127.0.0.1:0 -k en-us -device cirrus-vga,id=video0,bus=pci.0,addr=0x2 -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x4 -msg timestamp=on
> ```
Yes, thanks, I was able to reproduce:
[ 0.488015] raid6: sse2x1 gen() 2073 MB/s
[ 0.560008] raid6: sse2x1 xor() 2670 MB/s
[ 0.628022] raid6: sse2x2 gen() 3273 MB/s
[ 0.696007] raid6: sse2x2 xor() 3752 MB/s
[ 0.764015] raid6: sse2x4 gen() 5532 MB/s
[ 0.832009] raid6: sse2x4 xor() 3736 MB/s
[ 0.836019] invalid opcode: 0000 [#1] SMP
[ 0.838532] Modules linked in:
[ 0.840000] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 4.11.0-rc8 #2
[ 0.840000] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.10.2-0-g5f4c7b1-prebuilt.qemu-project.org 04/01/2014
[ 0.840000] task: ffff9c01bb828000 task.stack: ffffb1f68031c000
[ 0.840000] RIP: 0010:raid6_avx21_gen_syndrome+0x3d/0x120
[ 0.840000] RSP: 0018:ffffb1f68031fd78 EFLAGS: 00010246
[ 0.840000] RAX: 0000000080000000 RBX: ffffb1f68031fdc8 RCX: 00000000fffedbd9
[ 0.840000] RDX: 0000000000000080 RSI: 0000000000001000 RDI: 0000000000000012
[ 0.840000] RBP: ffffb1f68031fda8 R08: ffffffff90a7d4e0 R09: 00000000000000f0
[ 0.840000] R10: 00000000fffedbc8 R11: 0000000091171001 R12: 0000000000001000
[ 0.840000] R13: ffff9c01bb444000 R14: ffff9c01bb445000 R15: 0000000000000012
[ 0.840000] FS: 0000000000000000(0000) GS:ffff9c01bec00000(0000) knlGS:0000000000000000
[ 0.840000] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 0.840000] CR2: 0000000000000000 CR3: 0000000072e09000 CR4: 00000000003006f0
[ 0.840000] Call Trace:
[ 0.840000] raid6_select_algo+0x112/0x30f
[ 0.840000] ? libcrc32c_mod_init+0x2c/0x2c
[ 0.840000] ? set_debug_rodata+0x12/0x12
[ 0.840000] do_one_initcall+0x52/0x1a0
[ 0.840000] ? set_debug_rodata+0x12/0x12
[ 0.840000] kernel_init_freeable+0x178/0x200
[ 0.840000] ? rest_init+0x80/0x80
[ 0.840000] kernel_init+0xe/0x100
[ 0.840000] ret_from_fork+0x2c/0x40
[ 0.840000] Code: 55 41 54 53 48 89 d3 48 8d 14 c5 00 00 00 00 41 89 ff 49 89 f4 48 83 ec 08 4c 8b 2c c3 4c 8b 74 13 08 48 89 55 d0 e8 73 ca a9 ff <c5> fd 6f 05 eb 09 4e 00 c5 e5 ef db 4d 85 e4 48 8b 55 d0 0f 84
[ 0.840000] RIP: raid6_avx21_gen_syndrome+0x3d/0x120 RSP: ffffb1f68031fd78
[ 0.840009] ---[ end trace 5db62c95950cdfd9 ]---
[ 0.844549] Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b
[ 0.844549]
[ 0.848000] ---[ end Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b
[ 0.848000]
Looking at CR4: 00000000003006f0, it doesn't have OSXSAVE set. I.e., bit
18. And when that bit is not set, VMOVDQA raises an #UD.
And for some reason qemu doesn't like it even if you request that bit with
+osxsave:
warning: host doesn't support requested feature: CPUID.01H:ECX.osxsave [bit 27]
Even though the corresponding bit in CPUID on the host is set:
0x00000001: EAX=0x00800f00, EBX=0x40200800, ECX=0x7ed8320b, EDX=0x178bfbff
^
Paolo, any thoughts?
--
Regards/Gruss,
Boris.
Good mailing practices for 400: avoid top-posting and trim the reply.
WARNING: multiple messages have this Message-ID (diff)
From: Borislav Petkov <bp@alien8.de>
To: Satoru Takeuchi <satoru.takeuchi@gmail.com>,
Paolo Bonzini <pbonzini@redhat.com>
Cc: x86@kernel.org, linux-kernel@vger.kernel.org,
kvm ML <kvm@vger.kernel.org>
Subject: Re: [BUG] x86: failed to boot a kernel on a Ryzen machine
Date: Tue, 25 Apr 2017 11:36:08 +0200 [thread overview]
Message-ID: <20170425093607.n33gonz5kfzqgveg@pd.tnic> (raw)
In-Reply-To: <87shky7y1b.wl-satoru.takeuchi@gmail.com>
On Mon, Apr 24, 2017 at 10:09:04PM +0900, Satoru Takeuchi wrote:
> At Mon, 24 Apr 2017 14:48:46 +0200,
> Borislav Petkov wrote:
> >
> > On Mon, Apr 24, 2017 at 09:39:12PM +0900, Satoru Takeuchi wrote:
> > > I used the following auto-test tool (its backend is ktest).
> > >
> > > https://github.com/satoru-takeuchi/elkdat
> > >
> > > This problem can be reproduced by the following command on Ubuntu 16.04.
> > >
> > > ```
> > > $ sudo apt-get install git vagrant libvirt-bin libvirt-dev kernel-package qemu-kvm libssl-dev libncurses5-dev
> >
> > Can you minimize that reproducer? I.e, can you dump only the qemu
> > command line options from this setup?
> >
> > They're enough to be able to start a guest with your config without me
> > having to install all that other stuff.
>
> OK. Is it sufficient information?
>
> ```
> qemu-system-x86_64 -enable-kvm -name elkdat_ktest -S -machine pc-i440fx-xenial,accel=kvm,usb=off -cpu Opteron_G3,+smap,+adx,+rdseed,+bmi2,+smep,+avx2,+bmi1,+fsgsbase,+perfctr_nb,+perfctr_core,+topoext,+tce,+wdt,+skinit,+osvw,+3dnowprefetch,+cr8legacy,+extapic,+cmp_legacy,+pdpe1gb,+fxsr_opt,+mmxext,+rdrand,+f16c,+avx,+osxsave,+xsave,+aes,+movbe,+sse4.2,+sse4.1,+fma,+ssse3,+pclmuldq,+ht,+vme -m 512 -realtime mlock=off -smp 2,sockets=2,cores=1,threads=1 -uuid 12de0e96-5d01-4ab0-b0b3-165f55999960 -no-user-config -nodefaults -chardev socket,id=charmonitor,path=/var/lib/libvirt/qemu/domain-elkdat_ktest/monitor.sock,server,nowait -mon chardev=charmonitor,id=monitor,mode=control -rtc base=utc -no-shutdown -boot strict=on -device piix3-usb-uhci,id=usb,bus=pci.0,addr=0x1.0x2 -drive file=/var/lib/l
ibvirt/images/elkdat_ktest.img,format=qcow2,if=none,id=drive-virtio-disk0 -device virtio-blk-pci,scsi=off,bus=pci.0,addr=0x3,drive=drive-virtio-disk0,id=virtio-disk0,bootindex=1 -netdev tap,fd=26,id=hostnet0,vhost=on,vhostfd=28 -device virtio-net-pci,netdev=hostnet0,id=net0,mac=52:54:00:e4:6f:3e,bus=pci.0,addr=0x5 -chardev pty,id=charserial0 -device isa-serial,chardev=charserial0,id=serial0 -vnc 127.0.0.1:0 -k en-us -device cirrus-vga,id=video0,bus=pci.0,addr=0x2 -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x4 -msg timestamp=on
> ```
Yes, thanks, I was able to reproduce:
[ 0.488015] raid6: sse2x1 gen() 2073 MB/s
[ 0.560008] raid6: sse2x1 xor() 2670 MB/s
[ 0.628022] raid6: sse2x2 gen() 3273 MB/s
[ 0.696007] raid6: sse2x2 xor() 3752 MB/s
[ 0.764015] raid6: sse2x4 gen() 5532 MB/s
[ 0.832009] raid6: sse2x4 xor() 3736 MB/s
[ 0.836019] invalid opcode: 0000 [#1] SMP
[ 0.838532] Modules linked in:
[ 0.840000] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 4.11.0-rc8 #2
[ 0.840000] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.10.2-0-g5f4c7b1-prebuilt.qemu-project.org 04/01/2014
[ 0.840000] task: ffff9c01bb828000 task.stack: ffffb1f68031c000
[ 0.840000] RIP: 0010:raid6_avx21_gen_syndrome+0x3d/0x120
[ 0.840000] RSP: 0018:ffffb1f68031fd78 EFLAGS: 00010246
[ 0.840000] RAX: 0000000080000000 RBX: ffffb1f68031fdc8 RCX: 00000000fffedbd9
[ 0.840000] RDX: 0000000000000080 RSI: 0000000000001000 RDI: 0000000000000012
[ 0.840000] RBP: ffffb1f68031fda8 R08: ffffffff90a7d4e0 R09: 00000000000000f0
[ 0.840000] R10: 00000000fffedbc8 R11: 0000000091171001 R12: 0000000000001000
[ 0.840000] R13: ffff9c01bb444000 R14: ffff9c01bb445000 R15: 0000000000000012
[ 0.840000] FS: 0000000000000000(0000) GS:ffff9c01bec00000(0000) knlGS:0000000000000000
[ 0.840000] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 0.840000] CR2: 0000000000000000 CR3: 0000000072e09000 CR4: 00000000003006f0
[ 0.840000] Call Trace:
[ 0.840000] raid6_select_algo+0x112/0x30f
[ 0.840000] ? libcrc32c_mod_init+0x2c/0x2c
[ 0.840000] ? set_debug_rodata+0x12/0x12
[ 0.840000] do_one_initcall+0x52/0x1a0
[ 0.840000] ? set_debug_rodata+0x12/0x12
[ 0.840000] kernel_init_freeable+0x178/0x200
[ 0.840000] ? rest_init+0x80/0x80
[ 0.840000] kernel_init+0xe/0x100
[ 0.840000] ret_from_fork+0x2c/0x40
[ 0.840000] Code: 55 41 54 53 48 89 d3 48 8d 14 c5 00 00 00 00 41 89 ff 49 89 f4 48 83 ec 08 4c 8b 2c c3 4c 8b 74 13 08 48 89 55 d0 e8 73 ca a9 ff <c5> fd 6f 05 eb 09 4e 00 c5 e5 ef db 4d 85 e4 48 8b 55 d0 0f 84
[ 0.840000] RIP: raid6_avx21_gen_syndrome+0x3d/0x120 RSP: ffffb1f68031fd78
[ 0.840009] ---[ end trace 5db62c95950cdfd9 ]---
[ 0.844549] Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b
[ 0.844549]
[ 0.848000] ---[ end Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b
[ 0.848000]
Looking at CR4: 00000000003006f0, it doesn't have OSXSAVE set. I.e., bit
18. And when that bit is not set, VMOVDQA raises an #UD.
And for some reason qemu doesn't like it even if you request that bit with
+osxsave:
warning: host doesn't support requested feature: CPUID.01H:ECX.osxsave [bit 27]
Even though the corresponding bit in CPUID on the host is set:
0x00000001: EAX=0x00800f00, EBX=0x40200800, ECX=0x7ed8320b, EDX=0x178bfbff
^
Paolo, any thoughts?
--
Regards/Gruss,
Boris.
Good mailing practices for 400: avoid top-posting and trim the reply.
next prev parent reply other threads:[~2017-04-25 9:37 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-04-24 6:58 [BUG] x86: failed to boot a kernel on a Ryzen machine Satoru Takeuchi
2017-04-24 11:07 ` Borislav Petkov
2017-04-24 12:39 ` Satoru Takeuchi
2017-04-24 12:48 ` Borislav Petkov
2017-04-24 13:09 ` Satoru Takeuchi
2017-04-25 9:36 ` Borislav Petkov [this message]
2017-04-25 9:36 ` Borislav Petkov
2017-04-26 7:48 ` Paolo Bonzini
2017-04-26 8:14 ` Borislav Petkov
2017-04-26 11:47 ` Satoru Takeuchi
2017-04-26 16:58 ` Paolo Bonzini
2017-04-27 0:42 ` Satoru Takeuchi
2017-04-27 0:42 ` Satoru Takeuchi
2017-04-28 13:34 ` Paolo Bonzini
2017-04-28 13:34 ` Paolo Bonzini
2017-04-29 21:08 ` Satoru Takeuchi
2017-04-29 21:08 ` Satoru Takeuchi
2017-04-25 14:58 ` Masami Hiramatsu
2017-04-26 11:56 ` Satoru Takeuchi
2017-04-26 12:51 ` Borislav Petkov
2017-04-24 11:27 ` Satoru Takeuchi
2017-04-25 7:45 ` Jon Masters
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170425093607.n33gonz5kfzqgveg@pd.tnic \
--to=bp@alien8.de \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=satoru.takeuchi@gmail.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.