VirtualBox

Ignore:
Timestamp:
Mar 6, 2017 8:41:43 PM (8 years ago)
Author:
vboxsync
Message:

PGMPool: Address problem where we would incorrectly try to flush an active CR3 page (or pages in PAE) because we thought it was being reused, which obviously would fail, then pretend we succeeded and restart the instruction. Happend on a STOS during linux bootup (e.g. ubuntu 15.10/amd64). Fix was to extend pgmRZPoolMonitorIsReused with a check on locked pages.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/src/VBox/VMM/VMMAll/PGMAllPool.cpp

    r65901 r65957  
    737737 * @param   pDis        The disassembly info for the faulting instruction.
    738738 * @param   pvFault     The fault address.
     739 * @param   pPage       The pool page being accessed.
    739740 *
    740741 * @remark  The REP prefix check is left to the caller because of STOSD/W.
    741742 */
    742 DECLINLINE(bool) pgmRZPoolMonitorIsReused(PVM pVM, PVMCPU pVCpu, PCPUMCTXCORE pRegFrame, PDISCPUSTATE pDis, RTGCPTR pvFault)
    743 {
     743DECLINLINE(bool) pgmRZPoolMonitorIsReused(PVM pVM, PVMCPU pVCpu, PCPUMCTXCORE pRegFrame, PDISCPUSTATE pDis, RTGCPTR pvFault,
     744                                          PPGMPOOLPAGE pPage)
     745{
     746    /* Locked (CR3, PDPTR*4) should not be reusable.  Considering them as
     747       such may cause loops booting tst-ubuntu-15_10-64-efi, ++. */
     748    if (pPage->cLocked)
     749    {
     750        Log2(("pgmRZPoolMonitorIsReused: %RGv (%p) can't have been resued, because it's locked!\n", pvFault, pPage));
     751        return false;
     752    }
     753
    744754# ifndef IN_RC
    745755    /** @todo could make this general, faulting close to rsp should be a safe reuse heuristic. */
     
    11881198             || pgmPoolIsPageLocked(pPage)
    11891199            )
    1190         &&  !(fReused = pgmRZPoolMonitorIsReused(pVM, pVCpu, pRegFrame, pDis, pvFault))
     1200        &&  !(fReused = pgmRZPoolMonitorIsReused(pVM, pVCpu, pRegFrame, pDis, pvFault, pPage))
    11911201        &&  !pgmRZPoolMonitorIsForking(pPool, pDis, GCPhysFault & PAGE_OFFSET_MASK))
    11921202    {
     
    12891299        &&  (pPage->enmKind == PGMPOOLKIND_PAE_PT_FOR_PAE_PT || pPage->enmKind == PGMPOOLKIND_PAE_PT_FOR_32BIT_PT)
    12901300        &&  (   fNotReusedNotForking
    1291              || (   !pgmRZPoolMonitorIsReused(pVM, pVCpu, pRegFrame, pDis, pvFault)
     1301             || (   !pgmRZPoolMonitorIsReused(pVM, pVCpu, pRegFrame, pDis, pvFault, pPage)
    12921302                 && !pgmRZPoolMonitorIsForking(pPool, pDis, GCPhysFault & PAGE_OFFSET_MASK))
    12931303            )
Note: See TracChangeset for help on using the changeset viewer.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette