Bug 248947 - Running i386 FC6 with PVFB causes Dom0 kernel panic
Running i386 FC6 with PVFB causes Dom0 kernel panic
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: xen (Show other bugs)
5.0
All Linux
high Severity high
: ---
: ---
Assigned To: Markus Armbruster
:
Depends On:
Blocks: 249409
  Show dependency treegraph
 
Reported: 2007-07-19 15:13 EDT by Daniel Berrange
Modified: 2007-11-30 17:07 EST (History)
1 user (show)

See Also:
Fixed In Version: RHEA-2007-0635
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-11-07 12:11:12 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Daniel Berrange 2007-07-19 15:13:46 EDT
Description of problem:
Running host on RHEL-5.1 x86_64 platform. Attempt to install a i386 FC6 guest.
When the VNC Viewer program launches the host system will kernel panic.

Jul 19 15:04:29 pumpkin ----------- [cut here ] --------- [please bite here ]
--------- 
Jul 19 15:04:29 pumpkin Kernel BUG at mm/memory.c:2290 
Jul 19 15:04:29 pumpkin invalid opcode: 0000 [1] 
Jul 19 15:04:29 pumpkin SMP 
Jul 19 15:04:29 pumpkin  
Jul 19 15:04:29 pumpkin last sysfs file: /class/misc/evtchn/dev 
Jul 19 15:04:29 pumpkin CPU 0 
Jul 19 15:04:29 pumpkin  
Jul 19 15:04:29 pumpkin Modules linked in:
Jul 19 15:04:29 pumpkin  xt_physdev
Jul 19 15:04:29 pumpkin  iptable_filter
Jul 19 15:04:29 pumpkin  ip_tables
Jul 19 15:04:29 pumpkin  netconsole
Jul 19 15:04:29 pumpkin  i915
Jul 19 15:04:29 pumpkin  drm
Jul 19 15:04:29 pumpkin  netloop
Jul 19 15:04:29 pumpkin  netbk
Jul 19 15:04:29 pumpkin  blktap
Jul 19 15:04:29 pumpkin  blkbk
Jul 19 15:04:29 pumpkin  bridge
Jul 19 15:04:29 pumpkin  autofs4
Jul 19 15:04:29 pumpkin  hidp
Jul 19 15:04:29 pumpkin  rfcomm
Jul 19 15:04:29 pumpkin  l2cap
Jul 19 15:04:29 pumpkin  bluetooth
Jul 19 15:04:29 pumpkin  sunrpc
Jul 19 15:04:29 pumpkin  bonding
Jul 19 15:04:29 pumpkin  ipt_REJECT
Jul 19 15:04:29 pumpkin  ip6t_REJECT
Jul 19 15:04:29 pumpkin  xt_tcpudp
Jul 19 15:04:29 pumpkin  ip6table_filter
Jul 19 15:04:29 pumpkin  ip6_tables
Jul 19 15:04:29 pumpkin  x_tables
Jul 19 15:04:29 pumpkin  dm_multipath
Jul 19 15:04:29 pumpkin  video
Jul 19 15:04:29 pumpkin  sbs
Jul 19 15:04:29 pumpkin  backlight
Jul 19 15:04:29 pumpkin  i2c_ec
Jul 19 15:04:29 pumpkin  button
Jul 19 15:04:29 pumpkin  battery
Jul 19 15:04:29 pumpkin  asus_acpi
Jul 19 15:04:29 pumpkin  ac
Jul 19 15:04:29 pumpkin  ipv6
Jul 19 15:04:29 pumpkin  lp
Jul 19 15:04:29 pumpkin  sr_mod
Jul 19 15:04:29 pumpkin  cdrom
Jul 19 15:04:29 pumpkin  snd_hda_intel
Jul 19 15:04:29 pumpkin  snd_hda_codec
Jul 19 15:04:29 pumpkin  sg
Jul 19 15:04:29 pumpkin  snd_seq_dummy
Jul 19 15:04:29 pumpkin  snd_seq_oss
Jul 19 15:04:29 pumpkin  snd_seq_midi_event
Jul 19 15:04:29 pumpkin  snd_seq
Jul 19 15:04:29 pumpkin  snd_seq_device
Jul 19 15:04:29 pumpkin  snd_pcm_oss
Jul 19 15:04:29 pumpkin  snd_mixer_oss
Jul 19 15:04:29 pumpkin  snd_pcm
Jul 19 15:04:29 pumpkin  snd_timer
Jul 19 15:04:29 pumpkin  snd
Jul 19 15:04:29 pumpkin  serio_raw
Jul 19 15:04:29 pumpkin  soundcore
Jul 19 15:04:29 pumpkin  shpchp
Jul 19 15:04:29 pumpkin  snd_page_alloc
Jul 19 15:04:29 pumpkin  pcspkr
Jul 19 15:04:29 pumpkin  pata_marvell
Jul 19 15:04:29 pumpkin  e1000
Jul 19 15:04:29 pumpkin  parport_pc
Jul 19 15:04:29 pumpkin  parport
Jul 19 15:04:29 pumpkin  i2c_i801
Jul 19 15:04:29 pumpkin  i2c_core
Jul 19 15:04:29 pumpkin  dm_snapshot
Jul 19 15:04:29 pumpkin  dm_zero
Jul 19 15:04:29 pumpkin  dm_mirror
Jul 19 15:04:29 pumpkin  dm_mod
Jul 19 15:04:29 pumpkin  ata_piix
Jul 19 15:04:29 pumpkin  libata
Jul 19 15:04:29 pumpkin  sd_mod
Jul 19 15:04:29 pumpkin  scsi_mod
Jul 19 15:04:29 pumpkin  ext3
Jul 19 15:04:29 pumpkin  jbd
Jul 19 15:04:29 pumpkin  ehci_hcd
Jul 19 15:04:29 pumpkin  ohci_hcd
Jul 19 15:04:29 pumpkin  uhci_hcd
Jul 19 15:04:29 pumpkin  
Jul 19 15:04:29 pumpkin Pid: 4753, comm: xen-vncfbo Not tainted 2.6.18-32.el5xen #1 
Jul 19 15:04:29 pumpkin RIP: e030:[<ffffffff80208b30>] 
Jul 19 15:04:29 pumpkin  [<ffffffff80208b30>] __handle_mm_fault+0x379/0xf46 
Jul 19 15:04:29 pumpkin RSP: e02b:ffff880052bebde8  EFLAGS: 00010202 
Jul 19 15:04:29 pumpkin RAX: ffffffff80514840 RBX: 0000000000000810 RCX:
00003ffffffff000 
Jul 19 15:04:29 pumpkin RDX: 000000003717e810 RSI: 0000000000000067 RDI:
ffff880051cf3080 
Jul 19 15:04:29 pumpkin RBP: ffff880051cf3080 R08: 000000000063e6c0 R09:
0000000000000040 
Jul 19 15:04:30 pumpkin R10: 000000001adbdf58 R11: 00002aaaaaf02000 R12:
0000000000000000 
Jul 19 15:04:30 pumpkin R13: ffff88003717e810 R14: 00002aaaaaf02000 R15:
ffff880052bf31e0 
Jul 19 15:04:30 pumpkin FS:  00002aaaae23c870(0063) GS:ffffffff80599000(0000)
knlGS:0000000000000000 
Jul 19 15:04:30 pumpkin CS:  e033 DS: 0000 ES: 0000 
Jul 19 15:04:30 pumpkin Process xen-vncfbo (pid: 4753, threadinfo
ffff880052bea000, task ffff88005cae8100) 
Jul 19 15:04:30 pumpkin Stack: 
Jul 19 15:04:30 pumpkin  000000000001adbc 
Jul 19 15:04:30 pumpkin  000000001ae0d000 
Jul 19 15:04:30 pumpkin  ffff880051cf3080 
Jul 19 15:04:30 pumpkin  ffff8800372a8ab8 
Jul 19 15:04:30 pumpkin  
Jul 19 15:04:30 pumpkin  0000000000000000 
Jul 19 15:04:30 pumpkin  ffff88003733e518 
Jul 19 15:04:30 pumpkin  ffff880051cf3100 
Jul 19 15:04:30 pumpkin  0000000000000000 
Jul 19 15:04:30 pumpkin  
Jul 19 15:04:30 pumpkin  ffff880052ad2a50 
Jul 19 15:04:30 pumpkin  ffffffff80261889 
Jul 19 15:04:30 pumpkin  
Jul 19 15:04:30 pumpkin Call Trace: 
Jul 19 15:04:30 pumpkin  [<ffffffff80261889>] _spin_lock_irqsave+0x9/0x14 
Jul 19 15:04:30 pumpkin  [<ffffffff802641db>] do_page_fault+0xe48/0x11dc 
Jul 19 15:04:30 pumpkin  [<ffffffff8025d823>] error_exit+0x0/0x6e 
Jul 19 15:04:30 pumpkin  
Jul 19 15:04:30 pumpkin  
Jul 19 15:04:30 pumpkin Code: 
Jul 19 15:04:30 pumpkin 0f 
Jul 19 15:04:30 pumpkin 0b 
Jul 19 15:04:30 pumpkin 68 
Jul 19 15:04:30 pumpkin ee 
Jul 19 15:04:30 pumpkin 50 
Jul 19 15:04:30 pumpkin 47 
Jul 19 15:04:30 pumpkin 80 
Jul 19 15:04:30 pumpkin c2 
Jul 19 15:04:30 pumpkin f2 
Jul 19 15:04:30 pumpkin 08 
Jul 19 15:04:30 pumpkin 49 
Jul 19 15:04:30 pumpkin 8b 
Jul 19 15:04:30 pumpkin 87 
Jul 19 15:04:30 pumpkin 90 
Jul 19 15:04:30 pumpkin 00 
Jul 19 15:04:30 pumpkin last message repeated 2 times
Jul 19 15:04:30 pumpkin 48 
Jul 19 15:04:30 pumpkin c7 
Jul 19 15:04:30 pumpkin 44 
Jul 19 15:04:30 pumpkin  
Jul 19 15:04:30 pumpkin RIP 
Jul 19 15:04:30 pumpkin  [<ffffffff80208b30>] __handle_mm_fault+0x379/0xf46 
Jul 19 15:04:30 pumpkin  RSP <ffff880052bebde8> 
Jul 19 15:04:30 pumpkin  
Jul 19 15:04:30 pumpkin Kernel panic - not syncing: Fatal exception 
Jul 19 15:04:30 pumpkin  


Version-Release number of selected component (if applicable):
2.6.18-32.el5xen

How reproducible:


Steps to Reproduce:
1. Run
/usr/sbin/virt-install --name testdemo --ram 500 --file
/var/lib/xen/images/testdemo.img --file-size 5 --vnc  --location
http://download.fedora.devel.redhat.com/pub/fedora/linux/core/6/i386/os/ --paravirt

2.
3.
  
Actual results:
Kernel panic of host OS

Expected results:
Installer is displayed in VNC viewer

Additional info:
NB, you need the 2 patches in 248192 applied to the Xen userspace before you can
even boot a i386 FC6 domU.

If it is not feasible to make a legacy FC6  PVFB work in a 32-on-64 environment
then we at least need to detect it & refuse to try starting it, rather than
panicing dom0.
Comment 1 Markus Armbruster 2007-07-24 10:27:58 EDT
This is really two bugs:

1. The old PVFB backend lacks 32-on-64 capability.  In the test case, it assumes
a 64 bit frontend, misinterprets the shared page, and maps the wrong guest pages.

2. Xen dies when dom0 user space maps the wrong guest pages.  I'm going to clone
this bug to track that.
Comment 3 Daniel Berrange 2007-08-02 16:56:14 EDT
# brew latest-pkg dist-5E-qu-candidate xen
Build                                     Tag                   Built by
----------------------------------------  --------------------  ----------------
xen-3.0.3-35.el5                          dist-5E-qu-candidate  berrange


* Wed Aug  1 2007 Daniel P. Berrange <berrange@redhat.com> - 3.0.3-35.el5
- Fix legacy PVFB for 32-on-64 (rhbz #248947)
Comment 6 errata-xmlrpc 2007-11-07 12:11:12 EST
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHEA-2007-0635.html

Note You need to log in before you can comment on or make changes to this bug.