Bug 676662

Summary: domain crash at the end of hibernation for Windows 2003
Product: Red Hat Enterprise Linux 5 Reporter: Paolo Bonzini <pbonzini>
Component: kernel-xenAssignee: Xen Maintainance List <xen-maint>
Status: CLOSED CURRENTRELEASE QA Contact: Virtualization Bugs <virt-bugs>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 5.6CC: jzheng, leiwang, pbonzini, qwan, xen-maint, yuzhang, yuzhou
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-10-27 14:31:21 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On:    
Bug Blocks: 514490    

Description Paolo Bonzini 2011-02-10 16:29:34 UTC 
This does not prevent completing hibernation and resuming from it, but causes the on_crash handler to be invoked instead of on_poweroff.

Steps to Reproduce:
1. Install W2K3 32-bit
2. Install pv drivers (didn't try without).
3. Run "powercfg -h on" from Command Prompt
4. Hibernate (reboot first if the shutdown menu doesn't show the item).
  
Actual results:
xm dmesg shows a crash.

Expected results:
No crash.

Additional info:

(XEN) Failed vm entry (exit reason 0x80000021) caused by invalid guest state (0).
(XEN) ************* VMCS Area **************
(XEN) *** Guest State ***
(XEN) CR0: actual=0x000000008005003b, shadow=0x0000000000050033, gh_mask=ffffffffffffffff
(XEN) CR4: actual=0x00000000000026a0, shadow=0x0000000000000610, gh_mask=ffffffffffffffff
(XEN) CR3: actual=0x00000000bde1f980, target_count=0
(XEN)      target0=0000000000000000, target1=0000000000000000
(XEN)      target2=0000000000000000, target3=0000000000000000
(XEN) RSP = 0x0000000000000000  RIP = 0x00000000000d0000
(XEN) DR7 = 0x0000000000000000  RFLAGS = 0x0000000000000002
(XEN) Sysenter RSP=00000000f78b3000 CS:RIP=0008:0000000080889690
(XEN) CS: sel=0x0000, attr=0x0c9b, limit=0xffffffff, base=0x0000000000000000
(XEN) DS: sel=0x0023, attr=0x0c93, limit=0xffffffff, base=0x0000000000000000
(XEN) SS: sel=0x0000, attr=0x0c93, limit=0xffffffff, base=0x0000000000000000
(XEN) ES: sel=0x0023, attr=0x0c93, limit=0xffffffff, base=0x0000000000000000
(XEN) FS: sel=0x0030, attr=0x0c93, limit=0xffffffff, base=0x0000000000000000
(XEN) GS: sel=0x0000, attr=0x0c93, limit=0xffffffff, base=0x0000000000000000
(XEN) GDTR: sel=0x0000, attr=0x0000, limit=0x00000000, base=0x0000000000000000
(XEN) LDTR: sel=0x0000, attr=0x0082, limit=0x00000000, base=0x0000000000000000
(XEN) IDTR: sel=0x0000, attr=0x0000, limit=0x00000000, base=0x0000000000000000
(XEN) TR: sel=0x0028, attr=0x008b, limit=0x000000ff, base=0x0000000000000000
(XEN) TSC Offset = fffffc072aa5ac67
(XEN) DebugCtl=0000000000000000 DebugExceptions=0000000000000000
(XEN) Interruptibility=0000 ActivityState=0000
(XEN) *** Host State ***
(XEN) RSP = 0xffff8300bdef7fa0  RIP = 0xffff828c801777c0
(XEN) CS=e008 DS=0000 ES=0000 FS=0000 GS=0000 SS=0000 TR=e040
(XEN) FSBase=0000000045f72940 GSBase=ffffffff8062b100 TRBase=ffff828c80336700
(XEN) GDTBase=ffff830236fe2000 IDTBase=ffff8300bdffc080
(XEN) CR0=000000008005003b CR3=0000000226f64000 CR4=00000000000026b0
(XEN) Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
(XEN) *** Control State ***
(XEN) PinBased=0000003f CPUBased=96a1e7fa SecondaryExec=00000001
(XEN) EntryControls=000011ff ExitControls=0003efff
(XEN) ExceptionBitmap=00044080
(XEN) VMEntry: intr_info=00000000 errcode=00000014 ilen=00000000
(XEN) VMExit: intr_info=800000fc errcode=00000000 ilen=00000000
(XEN)         reason=80000021 qualification=00000000
(XEN) IDTVectoring: info=00000000 errcode=00000000
(XEN) TPR Threshold = 0x00
(XEN) secondary exec control = 0x00000001
(XEN) Guest PAT = 0x0000000000000000
(XEN) Host PAT = 0x0000000000000000
(XEN) EPT pointer = 0x0000000000000000
(XEN) virtual processor ID = 0x0000
(XEN) **************************************
(XEN) domain_crash called from vmx.c:3219
(XEN) Domain 6 (vcpu#1) crashed on cpu#3:
(XEN) ----[ Xen-3.1.2-240.el5.pbtest  x86_64  debug=n  Not tainted ]----
(XEN) CPU:    3
(XEN) RIP:    0000:[<00000000000d0000>]
(XEN) RFLAGS: 0000000000000002   CONTEXT: hvm
(XEN) rax: 0000000000000000   rbx: 0000000000000022   rcx: 0000000000000000
(XEN) rdx: 0000000000000001   rsi: 0000000000000000   rdi: 0000000000000000
(XEN) rbp: 0000000000000000   rsp: 0000000000000000   r8:  0000000000000000
(XEN) r9:  0000000000000000   r10: 0000000000000000   r11: 0000000000000000
(XEN) r12: 0000000000000000   r13: 0000000000000000   r14: 0000000000000000
(XEN) r15: 0000000000000000   cr0: 0000000000050033   cr4: 0000000000000610
(XEN) cr3: 0000000000772000   cr2: 0000000050059736
(XEN) ds: 5555   es: 5555   fs: 5555   gs: 5555   ss: 0000   cs: 0000

(note dr7 and rflags are inverted in the xen serial output, fixed above).
Comment 1 Paolo Bonzini 2011-02-10 16:31:58 UTC 
Note that D0000 is the address of VMXAssist.
Comment 4 Paolo Bonzini 2011-10-27 14:31:21 UTC 
Seems fixed in -289.