[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [xen-4.2-testing test] 21218: regressions - FAIL

flight 21218 xen-4.2-testing real [real]

Regressions :-(

Tests which did not succeed and are blocking,
including tests which could not be run:
 test-i386-i386-xl-qemuu-winxpsp3  7 windows-install       fail REGR. vs. 20806
 test-i386-i386-xl-qemut-winxpsp3  7 windows-install       fail REGR. vs. 20806
 test-i386-i386-xl-winxpsp3 10 guest-saverestore.2 fail in 21203 REGR. vs. 20806

Tests which are failing intermittently (not blocking):
 test-i386-i386-xl-winxpsp3    8 guest-saverestore           fail pass in 21203
 test-amd64-amd64-xl-sedf-pin 14 guest-localmigrate/x10 fail in 21203 pass in 

Tests which did not succeed, but are not blocking:
 test-amd64-amd64-xl-pcipt-intel  9 guest-start                 fail never pass
 test-amd64-i386-xl-winxpsp3-vcpus1 13 guest-stop               fail never pass
 test-amd64-amd64-xl-win7-amd64 13 guest-stop                   fail never pass
 test-amd64-i386-xl-qemut-win7-amd64 13 guest-stop              fail never pass
 test-amd64-amd64-xl-qemut-win7-amd64 13 guest-stop             fail never pass
 test-amd64-i386-xend-winxpsp3 16 leak-check/check             fail  never pass
 test-amd64-amd64-xl-qemuu-win7-amd64 13 guest-stop             fail never pass
 test-amd64-amd64-xl-winxpsp3 13 guest-stop                   fail   never pass
 test-amd64-amd64-xl-qemut-winxpsp3 13 guest-stop               fail never pass
 test-amd64-i386-xl-qemut-winxpsp3-vcpus1 13 guest-stop         fail never pass
 test-amd64-i386-xl-win7-amd64 13 guest-stop                   fail  never pass
 test-amd64-i386-xend-qemut-winxpsp3 16 leak-check/check        fail never pass
 test-amd64-amd64-xl-qemuu-winxpsp3 13 guest-stop               fail never pass

version targeted for testing:
 xen                  a489633284ce1e7d6e48011f198e71351213ecb2
baseline version:
 xen                  eba971d94289d91e4a3959d2c083a59deb100568

People who touched revisions under test:
  Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
  Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
  Jan Beulich <jbeulich@xxxxxxxx>
  Keir Fraser <keir@xxxxxxx>

 build-amd64                                                  pass    
 build-i386                                                   pass    
 build-amd64-oldkern                                          pass    
 build-i386-oldkern                                           pass    
 build-amd64-pvops                                            pass    
 build-i386-pvops                                             pass    
 test-amd64-amd64-xl                                          pass    
 test-amd64-i386-xl                                           pass    
 test-i386-i386-xl                                            pass    
 test-amd64-i386-rhel6hvm-amd                                 pass    
 test-amd64-i386-qemut-rhel6hvm-amd                           pass    
 test-amd64-i386-qemuu-rhel6hvm-amd                           pass    
 test-amd64-amd64-xl-qemut-win7-amd64                         fail    
 test-amd64-i386-xl-qemut-win7-amd64                          fail    
 test-amd64-amd64-xl-qemuu-win7-amd64                         fail    
 test-amd64-amd64-xl-win7-amd64                               fail    
 test-amd64-i386-xl-win7-amd64                                fail    
 test-amd64-i386-xl-credit2                                   pass    
 test-amd64-amd64-xl-pcipt-intel                              fail    
 test-amd64-i386-rhel6hvm-intel                               pass    
 test-amd64-i386-qemut-rhel6hvm-intel                         pass    
 test-amd64-i386-qemuu-rhel6hvm-intel                         pass    
 test-amd64-i386-xl-multivcpu                                 pass    
 test-amd64-amd64-pair                                        pass    
 test-amd64-i386-pair                                         pass    
 test-i386-i386-pair                                          pass    
 test-amd64-amd64-xl-sedf-pin                                 pass    
 test-amd64-amd64-pv                                          pass    
 test-amd64-i386-pv                                           pass    
 test-i386-i386-pv                                            pass    
 test-amd64-amd64-xl-sedf                                     pass    
 test-amd64-i386-xl-qemut-winxpsp3-vcpus1                     fail    
 test-amd64-i386-xl-winxpsp3-vcpus1                           fail    
 test-amd64-i386-xend-qemut-winxpsp3                          fail    
 test-amd64-amd64-xl-qemut-winxpsp3                           fail    
 test-i386-i386-xl-qemut-winxpsp3                             fail    
 test-amd64-amd64-xl-qemuu-winxpsp3                           fail    
 test-i386-i386-xl-qemuu-winxpsp3                             fail    
 test-amd64-i386-xend-winxpsp3                                fail    
 test-amd64-amd64-xl-winxpsp3                                 fail    
 test-i386-i386-xl-winxpsp3                                   fail    

sg-report-flight on woking.cam.xci-test.com
logs: /home/xc_osstest/logs
images: /home/xc_osstest/images

Logs, config files, etc. are available at

Test harness code can be found at

Not pushing.

commit a489633284ce1e7d6e48011f198e71351213ecb2
Author: Jan Beulich <jbeulich@xxxxxxxx>
Date:   Tue Oct 22 12:07:40 2013 +0200

    x86-64: check for canonical address before doing page walks
    ... as there doesn't really exists any valid mapping for them.
    Particularly in the case of do_page_walk() this also avoids returning
    non-NULL for such invalid input.
    Suggested-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
    Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
    Reviewed-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
    Acked-by: Keir Fraser <keir@xxxxxxx>
    master commit: 6fd9b0361e2eb5a7f12bdd5cbf7e42c0d1937d26
    master date: 2013-10-11 09:31:16 +0200

commit f17eab34ef3d53920816771f4ab5f907160e6ca6
Author: Jan Beulich <jbeulich@xxxxxxxx>
Date:   Tue Oct 22 12:06:43 2013 +0200

    x86: add address validity check to guest_map_l1e()
    Just like for guest_get_eff_l1e() this prevents accessing as page
    tables (and with the wrong memory attribute) internal data inside Xen
    happening to be mapped with 1Gb pages.
    Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
    Reviewed-by: Andrew Cooper <andrew.cooper@xxxxxxxxxx>
    Acked-by: Keir Fraser <keir@xxxxxxx>
    master commit: d06a0d715ec1423b6c42141ab1b0ff69a3effb56
    master date: 2013-10-11 09:29:43 +0200

commit 0f72e5d7608e01a79f26a8601a3ea289fa52589f
Author: Jan Beulich <jbeulich@xxxxxxxx>
Date:   Tue Oct 22 12:05:45 2013 +0200

    x86: correct LDT checks
    - MMUEXT_SET_LDT should behave as similarly to the LLDT instruction as
      possible: fail only if the base address is non-canonical
    - instead LDT descriptor accesses should fault if the descriptor
      address ends up being non-canonical (by ensuring this we at once
      avoid reading an entry from the mach-to-phys table and consider it a
      page table entry)
    - fault propagation on using LDT selectors must distinguish #PF and #GP
      (the latter must be raised for a non-canonical descriptor address,
      which also applies to several other uses of propagate_page_fault(),
      and hence the problem is being fixed there)
    - map_ldt_shadow_page() should properly wrap addresses for 32-bit VMs
    At once remove the odd invokation of map_ldt_shadow_page() from the
    MMUEXT_SET_LDT handler: There's nothing really telling us that the
    first LDT page is going to be preferred over others.
    Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
    Reviewed-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
    Acked-by: Keir Fraser <keir@xxxxxxx>
    master commit: 40d66baa46ca8a9ffa6df3e063a967d08ec92bcf
    master date: 2013-10-11 09:28:26 +0200

commit 29de283bdb3f547030012c4a4486e59e3d53fa27
Author: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
Date:   Tue Oct 22 12:04:43 2013 +0200

    forbid PV guest console reads
    The CONSOLEIO_read operation was incorrectly allowed to PV guests if the
    hypervisor was compiled in debug mode (with VERBOSE defined).
    Reported-by: Jan Beulich <jbeulich@xxxxxxxx>
    Signed-off-by: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
    master commit: 65ba631bcb62c79eb33ebfde8a0471fd012c37a8
    master date: 2013-10-04 12:51:44 +0200

commit 707aec94c54127ebfda7d0f8455ecbb332ee49f0
Author: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
Date:   Tue Oct 22 12:04:01 2013 +0200

    x86/percpu: Force INVALID_PERCPU_AREA into the non-canonical address region
    This causes accidental uses of per_cpu() on a pcpu with an 
    to result in a #GF for attempting to access the middle of the non-canonical
    virtual address region.
    This is preferable to the current behaviour, where incorrect use of 
    will result in an effective NULL structure dereference which has security
    implication in the context of PV guests.
    Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
    Acked-by: Keir Fraser <keir@xxxxxxx>
    master commit: 7cfb0053629c4dd1a6f01dc43cca7c0c25b8b7bf
    master date: 2013-10-04 12:24:34 +0200

commit bb3e0cc28ba3d519ca78a4ce19ff6493b496aeee
Author: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
Date:   Tue Oct 22 12:03:03 2013 +0200

    x86/idle: Fix get_cpu_idle_time()'s interaction with offline pcpus
    Checking for "idle_vcpu[cpu] != NULL" is insufficient protection against
    offline pcpus.  From a hypercall, vcpu_runstate_get() will determine "v !=
    current", and try to take the vcpu_schedule_lock().  This will try to look 
    per_cpu(schedule_data, v->processor) and promptly suffer a NULL structure
    deference as v->processors' __per_cpu_offset is INVALID_PERCPU_AREA.
    One example might look like this:
    Xen call trace:
       [<ffff82c4c0126ddb>] vcpu_runstate_get+0x50/0x113
       [<ffff82c4c0126ec6>] get_cpu_idle_time+0x28/0x2e
       [<ffff82c4c012b5cb>] do_sysctl+0x3db/0xeb8
       [<ffff82c4c023280d>] compat_hypercall+0xbd/0x116
    Pagetable walk from 0000000000000040:
     L4[0x000] = 0000000186df8027 0000000000028207
     L3[0x000] = 0000000188e36027 00000000000261c9
     L2[0x000] = 0000000000000000 ffffffffffffffff
    Panic on CPU 11:
    get_cpu_idle_time() has been updated to correctly deal with offline pcpus
    itself by returning 0, in the same way as it would if it was missing the
    idle_vcpu[] pointer.
    In doing so, XENPF_getidletime needed updating to correctly retain its
    described behaviour of clearing bits in the cpumap for offline pcpus.
    As this crash can only be triggered with toolstack hypercalls, it is not a
    security issue and just a simple bug.
    Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
    Acked-by: Keir Fraser <keir@xxxxxxx>
    master commit: 0aa27ce3351f7eb09d13e863a1d5f303086aa32a
    master date: 2013-10-04 12:23:23 +0200
(qemu changes not included)

Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.