Giter Club home page Giter Club logo

Comments (12)

milantracy avatar milantracy commented on May 24, 2024

thanks for trying out gVisor

I tried to reproduce the issue which gave a different error message

I0820 11:45:31.316446       1 loader.go:614] Platform: kvm
I0820 11:45:31.317054       1 physical_map.go:148] region: virtual [ff11503000,ffff91503000)
I0820 11:45:31.317457       1 physical_map.go:200] physicalRegion: virtual [1000,10000) => physical [1000,10000)
I0820 11:45:31.317498       1 physical_map.go:200] physicalRegion: virtual [10000,b37000) => physical [10000,b37000)
I0820 11:45:31.317531       1 physical_map.go:200] physicalRegion: virtual [b37000,b40000) => physical [b37000,b40000)
I0820 11:45:31.317563       1 physical_map.go:200] physicalRegion: virtual [b40000,1a2f000) => physical [b40000,1a2f000)
I0820 11:45:31.317594       1 physical_map.go:200] physicalRegion: virtual [1a2f000,ff11503000) => physical [1a2f000,ff11503000)
I0820 11:45:31.317626       1 physical_map.go:200] physicalRegion: virtual [ffff91503000,ffffb8b89000) => physical [ff11503000,ff38b89000)
I0820 11:45:31.317656       1 physical_map.go:200] physicalRegion: virtual [ffffb8b89000,ffffb8b8a000) => physical [ff38b89000,ff38b8a000)
I0820 11:45:31.317687       1 physical_map.go:200] physicalRegion: virtual [ffffb8b8a000,ffffb8b8b000) => physical [ff38b8a000,ff38b8b000)
I0820 11:45:31.317717       1 physical_map.go:200] physicalRegion: virtual [ffffb8b8b000,fffffffff000) => physical [ff38b8b000,ff7ffff000)
D0820 11:45:31.318135       1 machine.go:250] The maximum number of vCPUs is 4.
D0820 11:45:31.318224       1 machine.go:262] The maximum number of slots is 512.
D0820 11:45:31.318304       1 machine.go:268] TSC scaling support: false.
D0820 11:45:31.319822       1 seccomp.go:183] syscall filter mmap: [( * * & 0x4 == 0x0 & 0x800 == 0x0 )] => 0x7472617020283029
fatal error: set memory region failed: unknown reason

my machine's settings are:

jing@rbp-1:~$ dpkg --print-architecture
arm64
jing@rbp-1:~$ uname -a
Linux rbp-1 5.4.0-1077-raspi #88-Ubuntu SMP PREEMPT Mon Nov 28 14:31:37 UTC 2022 aarch64 aarch64 aarch64 GNU/Linux
jing@rbp-1:~$ runsc --version
runsc version release-20230807.0
spec: 1.1.0-rc.1
jing@rbp-1:~$ cat /etc/docker/daemon.json
{
    "runtimes": {
        "runsc": {
            "path": "/usr/bin/runsc",
	    "runtimeArgs": [
                "--debug-log=/tmp/runsc/",
		"--platform=kvm",
                "--debug",
                "--strace"
            ]
        }
    }
}
jing@rbp-1:~$ docker version
Client: Docker Engine - Community
 Version:           24.0.5
 API version:       1.43
 Go version:        go1.20.6
 Git commit:        ced0996
 Built:             Fri Jul 21 20:35:47 2023
 OS/Arch:           linux/arm64
 Context:           default

The panic your saw I believe is WAI at

gvisor/pkg/sentry/platform/kvm/physical_map.go

Lines 141 to 143 in 755c1f2

if current == 0 {
panic("filling address space failed")
}

I am not able to find sufficient information for debugging from your posts, while my guess is that the system call mmap which is made at

gvisor/pkg/sentry/platform/kvm/physical_map.go

Lines 96 to 108 in 755c1f2

addr, _, errno := unix.RawSyscall6(
unix.SYS_MMAP,
0, // Suggested address.
current,
unix.PROT_NONE,
unix.MAP_ANONYMOUS|unix.MAP_PRIVATE|unix.MAP_NORESERVE,
0, 0)
if errno != 0 {
// One page is the smallest mapping that can be allocated.
if current == hostarch.PageSize {
current = 0
break
}
may lead to the panic.

it might be better off adding more debugging information when starting up gVisor

from gvisor.

kuanyongwong avatar kuanyongwong commented on May 24, 2024

Any way I can help? Like any debug flags I should add? Or any code line changes I can make for recompiling from source code to print more useful information?

from gvisor.

avagin avatar avagin commented on May 24, 2024

Could you show /proc/cpuinfo for your hosts?

strace output can help here too. You need to run the following command:

$ strace -fo strace.log -s 1024 ./runsc --platform kvm do ls

and attach strace.log to this issue.

from gvisor.

milantracy avatar milantracy commented on May 24, 2024

strace.log

post my strace log and /proc/cpuinfo here for whoever is interested

$ cat /proc/cpuinfo
processor	: 0
BogoMIPS	: 108.00
Features	: fp asimd evtstrm crc32 cpuid
CPU implementer	: 0x41
CPU architecture: 8
CPU variant	: 0x0
CPU part	: 0xd08
CPU revision	: 3

processor	: 1
BogoMIPS	: 108.00
Features	: fp asimd evtstrm crc32 cpuid
CPU implementer	: 0x41
CPU architecture: 8
CPU variant	: 0x0
CPU part	: 0xd08
CPU revision	: 3

processor	: 2
BogoMIPS	: 108.00
Features	: fp asimd evtstrm crc32 cpuid
CPU implementer	: 0x41
CPU architecture: 8
CPU variant	: 0x0
CPU part	: 0xd08
CPU revision	: 3

processor	: 3
BogoMIPS	: 108.00
Features	: fp asimd evtstrm crc32 cpuid
CPU implementer	: 0x41
CPU architecture: 8
CPU variant	: 0x0
CPU part	: 0xd08
CPU revision	: 3

Hardware	: BCM2835
Revision	: d03114
Serial		: 100000009bc47eff
Model		: Raspberry Pi 4 Model B Rev 1.4

from gvisor.

wildsheepz avatar wildsheepz commented on May 24, 2024

Could you show /proc/cpuinfo for your hosts?

strace output can help here too. You need to run the following command:

$ strace -fo strace.log -s 1024 ./runsc --platform kvm do ls

and attach strace.log to this issue.

kuanyong@indiedroid-nova:/tmp/runsc$ cat /proc/cpuinfo 
processor       : 0
BogoMIPS        : 48.00
Features        : fp asimd evtstrm aes pmull sha1 sha2 crc32 atomics fphp asimdhp cpuid asimdrdm lrcpc dcpop asimddp
CPU implementer : 0x41
CPU architecture: 8
CPU variant     : 0x2
CPU part        : 0xd05
CPU revision    : 0

processor       : 1
BogoMIPS        : 48.00
Features        : fp asimd evtstrm aes pmull sha1 sha2 crc32 atomics fphp asimdhp cpuid asimdrdm lrcpc dcpop asimddp
CPU implementer : 0x41
CPU architecture: 8
CPU variant     : 0x2
CPU part        : 0xd05
CPU revision    : 0

processor       : 2
BogoMIPS        : 48.00
Features        : fp asimd evtstrm aes pmull sha1 sha2 crc32 atomics fphp asimdhp cpuid asimdrdm lrcpc dcpop asimddp
CPU implementer : 0x41
CPU architecture: 8
CPU variant     : 0x2
CPU part        : 0xd05
CPU revision    : 0

processor       : 3
BogoMIPS        : 48.00
Features        : fp asimd evtstrm aes pmull sha1 sha2 crc32 atomics fphp asimdhp cpuid asimdrdm lrcpc dcpop asimddp
CPU implementer : 0x41
CPU architecture: 8
CPU variant     : 0x2
CPU part        : 0xd05
CPU revision    : 0

processor       : 4
BogoMIPS        : 48.00
Features        : fp asimd evtstrm aes pmull sha1 sha2 crc32 atomics fphp asimdhp cpuid asimdrdm lrcpc dcpop asimddp
CPU implementer : 0x41
CPU architecture: 8
CPU variant     : 0x4
CPU part        : 0xd0b
CPU revision    : 0

processor       : 5
BogoMIPS        : 48.00
Features        : fp asimd evtstrm aes pmull sha1 sha2 crc32 atomics fphp asimdhp cpuid asimdrdm lrcpc dcpop asimddp
CPU implementer : 0x41
CPU architecture: 8
CPU variant     : 0x4
CPU part        : 0xd0b
CPU revision    : 0

processor       : 6
BogoMIPS        : 48.00
Features        : fp asimd evtstrm aes pmull sha1 sha2 crc32 atomics fphp asimdhp cpuid asimdrdm lrcpc dcpop asimddp
CPU implementer : 0x41
CPU architecture: 8
CPU variant     : 0x4
CPU part        : 0xd0b
CPU revision    : 0

processor       : 7
BogoMIPS        : 48.00
Features        : fp asimd evtstrm aes pmull sha1 sha2 crc32 atomics fphp asimdhp cpuid asimdrdm lrcpc dcpop asimddp
CPU implementer : 0x41
CPU architecture: 8
CPU variant     : 0x4
CPU part        : 0xd0b
CPU revision    : 0

Serial          : b197b9dca38e8ef9

strace.log

from gvisor.

milantracy avatar milantracy commented on May 24, 2024

I upgraded my kernel version from 5.4.0 to 5.15.0, the runsc works fine now.

jing@rbp-1:~$ uname -r
5.15.0-1034-raspi

I chat with @avagin offline, the patch at torvalds/linux@97418e9 fixes the issue I saw. The patch was shipped with a newer version of kernel.

gVisor hardcodes physical and virtual address space size at

gvisor/pkg/ring0/aarch64.go

Line 34 in e8c1fff

VirtualAddressBits = 48
, which may see the issue when doing mmap system call.

Please let me know if it works for you or not!

from gvisor.

avagin avatar avagin commented on May 24, 2024

@wildsheepz I think, in your case, the kernel has been built with ARM64_VA_BITS_39. You can try to change VirtualAddressBits to 39. If it works in this case, I will prepare a patch with a proper fix.

from gvisor.

wildsheepz avatar wildsheepz commented on May 24, 2024

Unfortunately it didn't fix the problem. Steps I took:

  1. I updated the path to /usr/local/bin/runsc in /etc/docker/daemon.json
  2. ran sudo systemctl daemon-reload
  3. ran sudo systemctl restart docker
  4. ran docker run --rm -it --runtime runsc ubuntu:22.04
kuanyong@indiedroid-nova:/tmp/runsc$ docker run --rm -it --runtime runsc ubuntu:22.04
docker: Error response from daemon: OCI runtime start failed: starting container: starting root container: urpc method "containerManager.StartRoot" failed: EOF: unknown.

strace.log
runsc.log.20230824-224213.744806.create.txt
runsc.log.20230824-224213.773790.gofer.txt
runsc.log.20230824-224213.777446.boot.txt
runsc.log.20230824-224214.170482.start.txt
runsc.log.20230824-224214.328119.kill.txt

from gvisor.

avagin avatar avagin commented on May 24, 2024

@wildsheepz There are more places that have to be fixed. CONFIG_ARM64_VA_BITS_39 means 3 level page tables, we don't support this configuration and don't have any plans to support it in a near future.

You can recompile your kernel with CONFIG_ARM64_VA_BITS_48 or you can try to use a non-kvm platform (ptrace, systrap).

What is your use-case? Are you just experimenting?

from gvisor.

milantracy avatar milantracy commented on May 24, 2024

@wildsheepz There are more places that have to be fixed. CONFIG_ARM64_VA_BITS_39 means 3 level page tables, we don't support this configuration and don't have any plans to support it in a near future.

You can recompile your kernel with CONFIG_ARM64_VA_BITS_48 or you can try to use a non-kvm platform (ptrace, systrap).

What is your use-case? Is it something real, or are you just playing?

I read the strace boot log, I think for the second attempt, it failed on systrap .

from gvisor.

wildsheepz avatar wildsheepz commented on May 24, 2024

Thanks @avagin @milantracy for your efforts so far.
I heard about gvisor from an industry contact and because I had been experimenting with running ephemeral containers, I wanted to try gvisor. Anyway, I will be recompiling the kernel to see if it works.

from gvisor.

wildsheepz avatar wildsheepz commented on May 24, 2024

I have good news, after compiling with 48 bits, its working now.

image

from gvisor.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.