[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [Bug 1497479] [NEW] memory corruption with migrate/savevm i
From: |
Pavel Boldin |
Subject: |
[Qemu-devel] [Bug 1497479] [NEW] memory corruption with migrate/savevm in TCG mode |
Date: |
Fri, 18 Sep 2015 23:58:53 -0000 |
Public bug reported:
[ISSUE]
QEMU releases 2.3.1 and lower are forgetting to flush TLBs before
enabling the global dirty pages log and entering the final stage of
saving the VM.
[DESCRIPTION]
The situation is the following:
1. TLB misses is the only way for page dirtying in the TCG mode.
2. If TLB is hit by a running VM during the execution of the `ram_save_iterate'
by migration thread (e.g. if VM is mostly idling) then some pages are missing
in the dirty log.
3. These pages are then not migrated during `ram_save_complete'.
4. This makes memory content in a saved VM state differ from the actual VM
memory.
5. If the affected area includes some Kernel data structures such as trees or
lists this can cause Kernel to Oops after loading the saved state.
[SOLUTION]
A proposed solution is to flush TLB when `log_global_start' is called.
Here is the patch:
https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/1493049/+attachment/4459905/+files/tcg-commit-on-log-global-start.patch
[LINKS]
Ubuntu bug: https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/1493049
** Affects: qemu
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1497479
Title:
memory corruption with migrate/savevm in TCG mode
Status in QEMU:
New
Bug description:
[ISSUE]
QEMU releases 2.3.1 and lower are forgetting to flush TLBs before
enabling the global dirty pages log and entering the final stage of
saving the VM.
[DESCRIPTION]
The situation is the following:
1. TLB misses is the only way for page dirtying in the TCG mode.
2. If TLB is hit by a running VM during the execution of the
`ram_save_iterate' by migration thread (e.g. if VM is mostly idling) then some
pages are missing in the dirty log.
3. These pages are then not migrated during `ram_save_complete'.
4. This makes memory content in a saved VM state differ from the actual VM
memory.
5. If the affected area includes some Kernel data structures such as trees or
lists this can cause Kernel to Oops after loading the saved state.
[SOLUTION]
A proposed solution is to flush TLB when `log_global_start' is called.
Here is the patch:
https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/1493049/+attachment/4459905/+files/tcg-commit-on-log-global-start.patch
[LINKS]
Ubuntu bug:
https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/1493049
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1497479/+subscriptions
- [Qemu-devel] [Bug 1497479] [NEW] memory corruption with migrate/savevm in TCG mode,
Pavel Boldin <=