[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freebsd-hackers
Subject:    Re: core dumps running in bhyve
From:       Fabian Freyer <fabian.freyer () physik ! tu-berlin ! de>
Date:       2018-12-28 10:53:07
Message-ID: 79b6eebd-2320-1888-1162-d3ca5492670c () physik ! tu-berlin ! de
[Download RAW message or body]

CCing freebsd-virtualization@, because they might know more about this.

Am 25.12.2018 um 02:24 schrieb Chuck Tuffli:
> Using the latest bhyve, I'm seeing core dumps in the guest when running:
>      nvmecontrol identify nvme0
> against the emulated NVMe drive. The location of the core dump changes
> from run to run, but I suspect the root cause is a memory corruption
> caused by the transfer of the Identify data (4KB) back to the guest.
> This transfer of data is actually a memcpy to an address returned from
> vm_map_gpa() based on the physical address provided by the guest.
> 
> Based on the signature of one of the core dumps, I modified
> nvmecontrol to always pass a 4KB aligned buffer to the driver instead
> of the (typically) unaligned address of the structure on the stack.
> With this change, nvmecontrol in the guest no longer core dumps. What
> I don't understand is why this changes the behavior. Do the addresses
> passed to vm_map_gpa() need to be page aligned?

AFAIK vm_map_gpa maps a page, so yes, it needs to be 4k-aligned.

> Or did moving the
> memory location from the stack to the heap merely mitigate what is
> corrupted?
> 
> Thoughts?
> 
> --chuck
> _______________________________________________
> freebsd-hackers@freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-hackers
> To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org"
> 
_______________________________________________
freebsd-hackers@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org"
[prev in list] [next in list] [prev in thread] [next in thread]