igxactly
commented
8 years ago This issue is resolved by pull request #29
Closed igxactly closed 8 years ago
igxactly
commented
8 years ago This issue is resolved by pull request #29
Below is the call flow that has a problem
main_cpu_init >> guest_sched_start >> guest_perform_switch >> perform_switch >> context_switch_to !!! THIS may be one of problems !!! >> interrupt_save >> guest_interrupt_save | Passing _vgic_status[255] as parmameter 'status' | !!! THIS IS A PROBLEM !!! >> vgic_save_status >> status->xxxxx = _vgic.base[XXXXX]; /* WRITES to the address which 'status' points to. for backing up the vGIC status of a VM instance */There's nothing to save when kick starting the first guest, but our current code does such of 'saving' action.
In the first context switching, current VM ID is VMID_INVALID (which is 0xFF=255), as it is the initial value of current_vmid array.
It is passed throughout the call flow above, and finally it makes a bad write to somewhere outside of _vgic_status array. The address points somewhere in vm_l3_pgtable, in my case.