This service will be undergoing maintenance at 00:00 UTC, 2017-10-23 It is expected to last about 30 minutes
Bug 201190 - dom0 crashes during boot with 'domain_crash_sync'
dom0 crashes during boot with 'domain_crash_sync'
Status: CLOSED WONTFIX
Product: Fedora
Classification: Fedora
Component: kernel-xen (Show other bugs)
rawhide
i686 Linux
medium Severity medium
: ---
: ---
Assigned To: Xen Maintainance List
Virtualization Bugs
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-08-03 10:31 EDT by James Morris
Modified: 2009-12-14 15:39 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-02-26 18:15:34 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description James Morris 2006-08-03 10:31:48 EDT
Booting dom0 on a PIII xeon (8-way), results in the following:

(XEN) Initrd len 0x448600, start at 0xc0797000
(XEN) Scrubbing Free RAM:
...............................................................................................done.
(XEN) Xen trace buffers: disabled
(XEN) *** Serial input -> DOM0 (type 'CTRL-f' three times to switch input to Xen).
(XEN) domain_crash_sync called from entry.S (ff17c8ed)
(XEN) Domain 0 (vcpu#0) crashed on cpu#0:
(XEN) ----[ Xen-3.0-unstable    Not tainted ]----
(XEN) CPU:    0
(XEN) EIP:    e019:[<c06d1fa7>]
(XEN) EFLAGS: 00000206   CONTEXT: guest
(XEN) eax: 008cc9d0   ebx: c06f705b   ecx: 0009a934   edx: c14ad000
(XEN) esi: c1242500   edi: c07c6500   ebp: c073ae44   esp: c06c7f88
(XEN) cr0: 8005003b   cr3: 074ae000
(XEN) ds: e021   es: e021   fs: 0000   gs: 0000   ss: e021   cs: e019
(XEN) Guest stack trace from esp=c06c7f88:
(XEN)    00000002 c06d1fa7 0001e019 00010006 001a4c8d 001a4c8c 001a4c8b 001a4c8a
(XEN)    001a4c89 001a4c88 001a4c87 001a4c86 001a4c85 001a4c84 001a4c83 001a4c82
(XEN)    001a4c81 001a4c80 001a4c7f 001a4c7e 001a4c7d 001a4c7c 001a4c7b 001a4c7a
(XEN)    001a4c79 001a4c78 001a4c77 001a4c76 001a4c75 001a4c74
(XEN) Domain 0 crashed: rebooting machine in 5 seconds

cpuinfo:

processor       : 6
vendor_id       : GenuineIntel
cpu family      : 6
model           : 10
model name      : Pentium III (Cascades)
stepping        : 4
cpu MHz         : 900.094
cache size      : 2048 KB
fdiv_bug        : no
hlt_bug         : no
f00f_bug        : no
coma_bug        : no
fpu             : yes
fpu_exception   : yes
cpuid level     : 2
wp              : yes
flags           : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat
pse36 mmx fxsr sse
bogomips        : 1800.16

GDB:
(gdb) l *0xc06d1fa7
0xc06d1fa7 is in setup_arch (include/asm/string.h:206).
201     }
202
203     static __always_inline void * __memcpy(void * to, const void * from,
size_t n)
204     {
205     int d0, d1, d2;
206     __asm__ __volatile__(
207             "rep ; movsl\n\t"
208             "movl %4,%%ecx\n\t"
209             "andl $3,%%ecx\n\t"
210     #if 1   /* want to pay 2 byte penalty for a chance to skip microcoded
rep? */

Dissaembly:
0xc06d1fa4 <setup_arch+2139>:   shr    $0x2,%ecx
0xc06d1fa7 <setup_arch+2142>:   rep movsl %ds:(%esi),%es:(%edi)
0xc06d1fa9 <setup_arch+2144>:   mov    %eax,%ecx


This happens with (at least) the following xen kernels:
2.6.17-1.2488.fc6
2.6.17-1.2505.fc6
2.6.17-1.2510.fc6
but not 2.6.17-1.2462.fc6
Comment 1 James Morris 2006-08-04 09:33:10 EDT
Same problem with 2.6.17-1.2517.fc6

(XEN) domain_crash_sync called from entry.S (ff17c8ed)
(XEN) Domain 0 (vcpu#0) crashed on cpu#0:
(XEN) ----[ Xen-3.0-unstable    Not tainted ]----
(XEN) CPU:    0
(XEN) EIP:    e019:[<c06d1fa7>]
(XEN) EFLAGS: 00000206   CONTEXT: guest
(XEN) eax: 008cc9d0   ebx: c06f705b   ecx: 000af36c   edx: c14ad000
(XEN) esi: c11efc20   edi: c0773c20   ebp: c073ae44   esp: c06c7f88
(XEN) cr0: 8005003b   cr3: 074ae000
(XEN) ds: e021   es: e021   fs: 0000   gs: 0000   ss: e021   cs: e019
(XEN) Guest stack trace from esp=c06c7f88:
(XEN)    00000002 c06d1fa7 0001e019 00010006 001a4c8d 001a4c8c 001a4c8b 001a4c8a
(XEN)    001a4c89 001a4c88 001a4c87 001a4c86 001a4c85 001a4c84 001a4c83 001a4c82
(XEN)    001a4c81 001a4c80 001a4c7f 001a4c7e 001a4c7d 001a4c7c 001a4c7b 001a4c7a
(XEN)    001a4c79 001a4c78 001a4c77 001a4c76 001a4c75 001a4c74
(XEN) Domain 0 crashed: rebooting machine in 5 seconds.

Comment 2 James Morris 2006-08-04 10:03:57 EDT
Also, on 2524.

(XEN) *** Serial input -> DOM0 (type 'CTRL-f' three times to switch input to Xen).
(XEN) domain_crash_sync called from entry.S (ff17f4bd)
(XEN) Domain 0 (vcpu#0) crashed on cpu#0:
(XEN) ----[ Xen-3.0-unstable    Not tainted ]----
(XEN) CPU:    0
(XEN) EIP:    e019:[<c06d1f7b>]
(XEN) EFLAGS: 00000206   CONTEXT: guest
(XEN) eax: 008cc9d0   ebx: c06f705b   ecx: 0009fbcc   edx: c14ad000
(XEN) esi: c122daa0   edi: c07b1aa0   ebp: c073ae44   esp: c06c7f88
(XEN) cr0: 8005003b   cr3: 074ae000
(XEN) ds: e021   es: e021   fs: 0000   gs: 0000   ss: e021   cs: e019
(XEN) Guest stack trace from esp=c06c7f88:
(XEN)    00000002 c06d1f7b 0001e019 00010006 001a4c8d 001a4c8c 001a4c8b 001a4c8a
(XEN)    001a4c89 001a4c88 001a4c87 001a4c86 001a4c85 001a4c84 001a4c83 001a4c82
(XEN)    001a4c81 001a4c80 001a4c7f 001a4c7e 001a4c7d 001a4c7c 001a4c7b 001a4c7a
(XEN)    001a4c79 001a4c78 001a4c77 001a4c76 001a4c75 001a4c74
(XEN) Domain 0 crashed: rebooting machine in 5 seconds.

Comment 3 James Morris 2006-08-04 10:17:07 EDT
Current upstream xen works ok, it's something in our build.
Comment 4 James Morris 2006-08-04 15:55:38 EDT
After testing combinations of rawide & upstream hv/kernel, it seems that it's
definitely the rawhide kernel causing this.
Comment 5 Stephen Tweedie 2007-03-16 10:54:17 EDT
Is this reproducible on FC6-final?
Comment 6 Red Hat Bugzilla 2007-07-24 21:32:27 EDT
change QA contact
Comment 7 Chris Lalancette 2008-02-26 18:15:34 EST
This report targets FC6, which is now end-of-life.

Please re-test against Fedora 7 or later, and if the issue persists, open a new bug.

Thanks

Note You need to log in before you can comment on or make changes to this bug.