Red Hat Bugzilla – Bug 247545
kernel BUG at arch/i386/mm/pgtable-xen.c:306! >=2GB guest mem.
Last modified: 2007-11-16 20:14:56 EST
Description of problem: Im trying to run RHEL 4.5 (kernel-xenU-2.6.9-55.0.2.EL.i686) guests in RHEL 5 xen RHEL 5 (kernel-xen-2.6.18-8.1.6.el5) but I getting kernel panic when allocating more the 2GB (2000) of RAM on the rhel4.5 guest, The panic will happen randomly when booting, some time it can stay up for some minutes. Ive gotten the guest to run stable when running on exactly 2000 in mem.. but if you play around with the mem the kernel will then panic. My system is a HP BL465c 16GB RAM. guest config: # Automatically generated xen config file name = "rhel45guest" memory = "4096" disk = [ 'tap:aio:/xen/images/my-hostname/hda,xvda,w', ] vif = [ 'mac=00:16:3e:38:32:73, bridge=xenbr1', ] uuid = "8d06a0f2-3705-4a7a-9853-679f25220d61" bootloader="/usr/bin/pygrub" vcpus=2 serial = "pty" # enable serial console on_reboot = 'restart' #on_crash = 'restart' How reproducible: running a big machine with RHEL5 and RHEL4.5 PV guests allocating more then 2GB ram to the guest. Steps to Reproduce: 1. create a rhel 4.5 pv guest in rhel 5 2. add more the 2000 on guest 3. xm create <guest-config> Actual results: Im spammed with this in the xm dmesg on domain 0: (XEN) (file=/builddir/build/BUILD/kernel-2.6.18/xen/include/asm/mm.h, line=220) Error pfn 2a33f9: rd=ff26c080, od=ff1b2080, caf=80000001, taf=e8000000 (XEN) DOM21: (file=mm.c, line=618) Error getting mfn 2a33f9 (pfn 1edbf9) from L1 entry 00000002a33f9025 for dom21 (XEN) DOM21: (file=mm.c, line=3173) ptwr_emulate: fixing up invalid PAE PTE 00000002a33f9025 (XEN) (XEN) (file=memory.c, line=127) Could not allocate order=0 extent: id=21 memflags=1 (0 of 1) the guest panic error: ------------[ cut here ]------------ kernel BUG at arch/i386/mm/pgtable-xen.c:306! invalid operand: 0000 [#8] SMP Modules linked in: dm_snapshot dm_zero dm_mirror ext3 jbd dm_mod xenblk sd_mod scsi_mod CPU: 1 EIP: 0061:[<c011163a>] Not tainted VLI EFLAGS: 00010282 (2.6.9-55.0.2.ELxenU) EIP is at pgd_ctor+0x1d/0x26 eax: fffffff4 ebx: 00000000 ecx: f5392040 edx: 00000000 esi: c321dd80 edi: ed6f2620 ebp: 00000001 esp: ecb57d6c ds: 007b es: 007b ss: 0068 Process default.hotplug (pid: 464, threadinfo=ecb57000 task=ecb21930) Stack: c0141ad5 ecbb6000 c321dd80 00000001 ecbb6000 ed6f2620 c321dd80 c321de40 c0141c57 c321dd80 ed6f2620 00000001 c321dd80 ed6f2620 ecbb6000 00000010 00000001 000000d0 c329c080 0000000c c321de08 c321dd80 c0141e46 c321dd80 Call Trace: [<c0141ad5>] cache_init_objs+0x35/0x56 [<c0141c57>] cache_grow+0xfb/0x187 [<c0141e46>] cache_alloc_refill+0x163/0x19c [<c0142061>] kmem_cache_alloc+0x67/0x97 [<c0111671>] pgd_alloc+0x17/0x336 [<c01199d4>] mm_init+0xd7/0x116 [<c01199e4>] mm_init+0xe7/0x116 [<c0119c8a>] copy_mm+0xbb/0x396 [<c0268a6c>] __cond_resched+0x14/0x3c [<c011aa5a>] copy_process+0x6b5/0xb0b [<c011af9d>] do_fork+0x8a/0x16b [<c0126b05>] sigprocmask+0xb6/0xd0 [<c0126c58>] sys_rt_sigprocmask+0x139/0x14c [<c0105d2c>] sys_clone+0x24/0x28 [<c010737f>] syscall_call+0x7/0xb Code: 74 02 66 a5 a8 01 74 01 a4 5e 5b 5e 5f c3 80 3d 04 07 2f c0 00 75 1c 6a 20 6a 00 ff 74 24 0c e8 ce 37 00 00 83 c4 0c 85 c0 74 08 <0f> 0b 32 01 16 2d 27 c0 c3 80 3d 04 07 2f c0 00 75 0d c7 44 24 <0>Fatal exception: panic in 5 seconds Expected results: to work and be stable.
change QA contact
This is a duplicate of a bug that we already have a patch for. Closing it as such. Chris Lalancette *** This bug has been marked as a duplicate of 233543 ***