WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-devel

[Xen-devel] xen-unstable HVM guest causes dom0 kernel crash

To: "xen-devel@xxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxx>
Subject: [Xen-devel] xen-unstable HVM guest causes dom0 kernel crash
From: "Fischer, Anna" <anna.fischer@xxxxxx>
Date: Thu, 26 Feb 2009 00:23:30 +0000
Accept-language: en-US
Acceptlanguage: en-US
Delivery-date: Wed, 25 Feb 2009 16:25:15 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
Thread-index: AcmXqHOkZpJzbEL/Q8m1+PFsOM6ouA==
Thread-topic: xen-unstable HVM guest causes dom0 kernel crash
I am running a single HVM guest under the latest xen-unstable version. I get 
very random kernel crashes when the HVM guest is running. Then the HVM guest 
freezes and I can only destroy and restart it. Sometimes even the whole 
physical box freezes and I have to reboot it.

I have attached some logs and kernel traces. Does anyone recognize a known 
issue about this?


xm info
=======

release                : 2.6.18.8-xen
version                : #4 SMP Thu Feb 19 07:20:00 PST 2009
machine                : i686
nr_cpus                : 2
nr_nodes               : 1
cores_per_socket       : 2
threads_per_core       : 1
cpu_mhz                : 2200
virt_caps              : hvm
total_memory           : 2039
free_memory            : 125
node_to_cpu            : node0:0-1
node_to_memory         : node0:125
xen_major              : 3
xen_minor              : 4
xen_extra              : -unstable
xen_caps               : xen-3.0-x86_32p hvm-3.0-x86_32 hvm-3.0-x86_32p 
xen_scheduler          : credit
xen_pagesize           : 4096
platform_params        : virt_start=0xf5800000
xen_changeset          : Wed Feb 18 08:59:26 2009 +0000 19228:b29a64d04a01
cc_compiler            : gcc version 4.1.2 20070925 (Red Hat 4.1.2-33)
cc_compile_by          : user
cc_compile_domain      : localdomain
cc_compile_date        : Wed Feb 18 09:43:26 PST 2009
xend_config_format     : 4 


Kernel trace 1
==============

tap1.1: no IPv6 routers present
tap1.2: no IPv6 routers present
general protection fault: 0000 [#1]
SMP
Modules linked in: xt_physdev iptable_filter ip_tables x_tables tun bridge 
rfcomm l2cap bluetooth autofs4 sunrpc binfmt_misc dm_mirror dm_multipath dm_mod 
ipv6 8250_pnp joydev 8250 serial_core tsdev serio_raw tpm_infineon tpm tpm_bios 
i2c_i801 i2c_core pcspkr piix usbhid ixgbe sg evdev rtc aacraid usb_storage 
libusual ata_piix ahci libata sd_mod scsi_mod ext3 jbd uhci_hcd ohci_hcd 
ehci_hcd usbcore
CPU:    0
EIP:    0061:[<c030c000>]    Not tainted VLI
EFLAGS: 00010046   (2.6.18.8-xen #4)
EIP is at _spin_lock_irqsave+0x20/0x40
eax: 00000000   ebx: f5616000   ecx: ffffffff   edx: 00000000
esi: ea005b14   edi: ea005b44   ebp: fffff060   esp: ea005b28
ds: 007b   es: 007b   ss: 0069
Process qemu-dm (pid: 4704, ti=ea004000 task=ea1418b0 task.ti=ea004000)
Stack: ffffffff c012fed0 ea005b68 ea005b68 00000000 c012ff9d c012ff47 00000000
       ea005b68 fffff060 00000000 00000000 c030ab1a c013b02a ea005c8c c013b0cd
       00000000 ea724780 ed652200 c012f530 ea1418b0 c043fe80 00000011 00000000
Call Trace:
 [<c012fed0>] lock_timer_base+0x20/0x50
 [<c012ff9d>] __mod_timer+0x2d/0xd0
 [<c012ff47>] try_to_del_timer_sync+0x47/0x50
 [<c030ab1a>] schedule_timeout+0x4a/0xd0
 [<c013b02a>] remove_wait_queue+0x1a/0x50
 [<c013b0cd>] add_wait_queue+0x1d/0x50
 [<c012f530>] process_timeout+0x0/0x10
 [<c018f113>] do_select+0x3a3/0x490
 [<c018f7d0>] __pollwait+0x0/0x100
 [<c011eaf0>] default_wake_function+0x0/0x10
 [<c011eaf0>] default_wake_function+0x0/0x10
 [<c011eaf0>] default_wake_function+0x0/0x10
 [<c011eaf0>] default_wake_function+0x0/0x10
 [<c011eaf0>] default_wake_function+0x0/0x10
 [<c011eaf0>] default_wake_function+0x0/0x10
 [<c025ea9e>] netif_be_start_xmit+0x4e/0x3f0
 [<c011223b>] send_IPI_mask_bitmask+0x7b/0x110
 [<c011d8c1>] __activate_task+0x21/0x40
 [<c011e7e1>] try_to_wake_up+0x41/0x350
 [<c011d499>] __wake_up_common+0x39/0x60
 [<c011da48>] __wake_up+0x38/0x50
 [<c0305c20>] unix_write_space+0x80/0x90
 [<c02a0718>] sock_wfree+0x38/0x40
 [<c02a21a9>] __kfree_skb+0x49/0x110
 [<c02a12f1>] skb_dequeue+0x41/0x60
 [<c03040da>] unix_stream_recvmsg+0x23a/0x550
 [<c018f3bb>] core_sys_select+0x1bb/0x2e0
 [<c029bf30>] sock_aio_read+0x80/0x90
 [<c017a6a4>] do_sync_read+0xc4/0x100
 [<c013ae10>] autoremove_wake_function+0x0/0x50
 [<c018fc01>] sys_select+0xe1/0x1a0
 [<c010846e>] do_syscall_trace+0x1ee/0x205
 [<c01059bf>] syscall_call+0x7/0xb
Code: 86 10 8b 04 24 e9 a1 f2 e1 ff 90 53 89 c1 8b 1d 04 47 36 c0 89 e0 25 00 
e0 ff ff 8b 50 10 c1 e2 06 0f b6 44 1a 01 c6 44 1a 01 01 <f0> fe 09 79 19 a9 00 
02 00 00 74 09 f3 90 80 39 00 7e f9 eb eb
EIP: [<c030c000>] _spin_lock_irqsave+0x20/0x40 SS:ESP 0069:ea005b28


Kernel trace 2
==============

eth0: port 3(vif15.0) entering learning state
eth0: topology change detected, propagating
eth0: port 3(vif15.0) entering forwarding state
avahi-daemon[3256]: Registering new address record for 
fe80::fcff:ffff:feff:ffff on vif15.0.*.
avahi-daemon[3256]: Registering new address record for 
fe80::6496:d3ff:fee5:440e on tap15.0.*.
 BUG: unable to handle kernel NULL pointer dereference at virtual address 
000004b4
  printing eip:
 c014fc3e
 23b1a000 -> *pde = 00000000:25592001
 1dc30000 -> *pme = 00000000:00000000
 Oops: 0000 [#1]
 SMP
 Modules linked in: xt_physdev iptable_filter ip_tables x_tables tun bridge 
rfcomm l2cap bluetooth autofs4 sunrpc binfmt_misc dm_mirror dm_multipath dm_mod 
ipv6 joydev tsdev serio_raw usbhid tpm_infineon 8250_pnp 8250 serial_core tpm 
tpm_bios ixgbe pcspkr i2c_i801 piix i2c_core sg evdev rtc aacraid usb_storage 
libusual ata_piix ahci libata sd_mod scsi_mod ext3 jbd uhci_hcd ohci_hcd 
ehci_hcd usbcore
 CPU:    0
 EIP:    0061:[<c014fc3e>]    Not tainted VLI
 EFLAGS: 00010286   (2.6.18.8-xen #4)
 EIP is at audit_syscall_exit+0x1e/0x340
 eax: e2486014   ebx: 00000000   ecx: 00000001   edx: 00000000
 esi: 00000000   edi: ea476800   ebp: 00000000   esp: e2487f64
 ds: 007b   es: 007b   ss: 0069
 Process qemu-dm (pid: 20819, ti=e2486000 task=e2c99770 task.ti=e2486000)
 Stack: 0006e013 00000000 000301b6 49a2b00c e2487fa8 e2487fa8 00000000 e2486000
        00000000 00000000 ea476800 00000001 c010843a c0139970 00000001 00000000
        e2487fbc 00000001 f5616000 00000000 e2486000 c0105afd 00000001 bf934b04
 Call Trace:
  [<c010843a>] do_syscall_trace+0x1ba/0x205
  [<c0139970>] posix_ktime_get_ts+0x0/0x10
  [<c0105afd>] syscall_exit_work+0x25/0x2a
 Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 83 ec 30 89 c1 89 e0 25 00 e0 ff 
ff 89 5c 24 20 89 74 24 24 89 7c 24 28 89 6c 24 2c 8b 28 <8b> b5 b4 04 00 00 85 
f6 75 14 8b 5c 24 20 8b 74 24 24 8b 7c 24
 EIP: [<c014fc3e>] audit_syscall_exit+0x1e/0x340 SS:ESP 0069:e2487f64


Kernel trace 3
==============

eth1: port 2(tap2.2) entering forwarding state
device vif2.2 entered promiscuous mode
eth1: port 3(vif2.2) entering learning state
eth1: topology change detected, propagating
eth1: port 3(vif2.2) entering forwarding state
device vif2.1 entered promiscuous mode
device vif2.0 entered promiscuous mode
eth0: port 4(vif2.1) entering learning state
eth0: port 5(vif2.0) entering learning state
eth0: topology change detected, propagating
eth0: port 5(vif2.0) entering forwarding state
eth0: topology change detected, propagating
eth0: port 4(vif2.1) entering forwarding state
tap2.1: no IPv6 routers present
tap2.0: no IPv6 routers present
tap2.2: no IPv6 routers present
vif2.1: no IPv6 routers present
vif2.2: no IPv6 routers present
vif2.0: no IPv6 routers present
general protection fault: 0000 [#1]
SMP 
Modules linked in: xt_physdev iptable_filter ip_tables x_tables tun bridge 
rfcomm l2cap bluetooth autofs4 sunrpc binfmt_misc dm_mirror dm_multipath dm_mod 
ipv6 8250_pnp 8250 serial_core joydev tsdev piix tpm_infineon tpm tpm_bios 
i2c_i801 i2c_core pcspkr usbhid serio_raw ixgbe sg evdev rtc aacraid 
usb_storage libusual ata_piix ahci libata sd_mod scsi_mod ext3 jbd uhci_hcd 
ohci_hcd ehci_hcd usbcore
CPU:    0
EIP:    0061:[<c030c000>]    Not tainted VLI
EFLAGS: 00010046   (2.6.18.8-xen #4) 
EIP is at _spin_lock_irqsave+0x20/0x40
eax: 00000000   ebx: f5616000   ecx: ffffffff   edx: 00000000
esi: e68e3b14   edi: e68e3b44   ebp: 00000000   esp: e68e3b2c
ds: 007b   es: 007b   ss: 0069
Process qemu-dm (pid: 5437, ti=e68e2000 task=eaa3f480 task.ti=e68e2000)
Stack: ffffffff c012fed0 e68e3b68 ffffffff 00000000 c012ff13 00000000 e68e3b68 
       0003231f c012ff5e e68e3b68 c030ab26 c013b02a e68e3c8c c013b0cd 00000000 
       00200200 0003231f c012f530 eaa3f480 c043fe80 00000011 00000000 c018f113 
Call Trace:
 [<c012fed0>] lock_timer_base+0x20/0x50
 [<c012ff13>] try_to_del_timer_sync+0x13/0x50
 [<c012ff5e>] del_timer_sync+0xe/0x20
 [<c030ab26>] schedule_timeout+0x56/0xd0
 [<c013b02a>] remove_wait_queue+0x1a/0x50
 [<c013b0cd>] add_wait_queue+0x1d/0x50
 [<c012f530>] process_timeout+0x0/0x10
 [<c018f113>] do_select+0x3a3/0x490
 [<c018f7d0>] __pollwait+0x0/0x100
 [<c011eaf0>] default_wake_function+0x0/0x10
 [<c011eaf0>] default_wake_function+0x0/0x10
 [<c011eaf0>] default_wake_function+0x0/0x10
 [<c011eaf0>] default_wake_function+0x0/0x10
 [<c011eaf0>] default_wake_function+0x0/0x10
 [<c011eaf0>] default_wake_function+0x0/0x10
 [<c01f0b88>] swiotlb_map_single+0xa8/0x1e0
 [<c011223b>] send_IPI_mask_bitmask+0x7b/0x110
 [<c011e7e1>] try_to_wake_up+0x41/0x350
 [<c011d499>] __wake_up_common+0x39/0x60
 [<c011da48>] __wake_up+0x38/0x50
 [<c0305c20>] unix_write_space+0x80/0x90
 [<c02a0718>] sock_wfree+0x38/0x40
 [<c02a21a9>] __kfree_skb+0x49/0x110
 [<c02a12f1>] skb_dequeue+0x41/0x60
 [<c03040da>] unix_stream_recvmsg+0x23a/0x550
 [<c011d8c1>] __activate_task+0x21/0x40
 [<c018f3bb>] core_sys_select+0x1bb/0x2e0
 [<c029bf30>] sock_aio_read+0x80/0x90
 [<c017a6a4>] do_sync_read+0xc4/0x100
 [<c013ae10>] autoremove_wake_function+0x0/0x50
 [<c018fc01>] sys_select+0xe1/0x1a0
 [<c010846e>] do_syscall_trace+0x1ee/0x205
 [<c01059bf>] syscall_call+0x7/0xb
Code: 86 10 8b 04 24 e9 a1 f2 e1 ff 90 53 89 c1 8b 1d 04 47 36 c0 89 e0 25 00 
e0 ff ff 8b 50 10 c1 e2 06 0f b6 44 1a 01 c6 44 1a 01 01 <f0> fe 09 79 19 a9 00 
02 00 00 74 09 f3 90 80 39 00 7e f9 eb eb 
EIP: [<c030c000>] _spin_lock_irqsave+0x20/0x40 SS:ESP 0069:e68e3b2c


qemu-dm.log
===========

domid: 2
qemu: the number of cpus is 1
config qemu network with xen bridge for  tap2.0 eth0
config qemu network with xen bridge for  tap2.1 eth0
config qemu network with xen bridge for  tap2.2 eth1
Watching /local/domain/0/device-model/2/logdirty/next-active
Watching /local/domain/0/device-model/2/command
char device redirected to /dev/pts/2
qemu_map_cache_init nr_buckets = 4000 size 196608
shared page at pfn feffd
buffered io page at pfn feffb
Guest uuid = b4484d44-a16d-63b6-11e5-343dd1149359
Time offset set 0
populating video RAM at ff000000
mapping video RAM from ff000000
Register xen platform.
Done register platform.
xs_read(/local/domain/0/device-model/2/xen_extended_power_mgmt): read error
I/O request not ready: 0, ptr: 0, port: 0, data: 0, count: 0, size: 0
cirrus vga map change while on lfb mode
mapping vram to f0000000 - f0400000
gpe_en_write: addr=0x1f6c, val=0x0.
gpe_sts_write: addr=0x1f68, val=0xff.
gpe_en_write: addr=0x1f6d, val=0x0.
gpe_sts_write: addr=0x1f69, val=0xff.
gpe_en_write: addr=0x1f6e, val=0x0.
gpe_sts_write: addr=0x1f6a, val=0xff.
gpe_en_write: addr=0x1f6f, val=0x0.
gpe_sts_write: addr=0x1f6b, val=0xff.
gpe_en_write: addr=0x1f6c, val=0x8.
ACPI PCI hotplug: read addr=0x10c1, val=0x0.
ACPI PCI hotplug: read addr=0x10c2, val=0x0.
ACPI PCI hotplug: read addr=0x10c1, val=0x0.
ACPI PCI hotplug: read addr=0x10c2, val=0x0.
ACPI PCI hotplug: read addr=0x10c1, val=0x0.
ACPI PCI hotplug: read addr=0x10c2, val=0x0.
ACPI PCI hotplug: read addr=0x10c1, val=0x0.
ACPI PCI hotplug: read addr=0x10c2, val=0x0.
ACPI PCI hotplug: read addr=0x10c1, val=0x0.
ACPI PCI hotplug: read addr=0x10c2, val=0x0.
ACPI PCI hotplug: read addr=0x10c1, val=0x0.
ACPI PCI hotplug: read addr=0x10c2, val=0x0.
ACPI PCI hotplug: read addr=0x10c1, val=0x0.
ACPI PCI hotplug: read addr=0x10c2, val=0x0.
ACPI PCI hotplug: read addr=0x10c1, val=0x0.
ACPI PCI hotplug: read addr=0x10c2, val=0x0.
ACPI PCI hotplug: read addr=0x10c1, val=0x0.
ACPI PCI hotplug: read addr=0x10c2, val=0x0.
ACPI PCI hotplug: read addr=0x10c1, val=0x0.
ACPI PCI hotplug: read addr=0x10c2, val=0x0.
ACPI PCI hotplug: read addr=0x10c1, val=0x0.
ACPI PCI hotplug: read addr=0x10c2, val=0x0.
ACPI PCI hotplug: read addr=0x10c1, val=0x0.
ACPI PCI hotplug: read addr=0x10c2, val=0x0.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-devel] xen-unstable HVM guest causes dom0 kernel crash, Fischer, Anna <=