Bug 434556 - kernel-xen.x86 broken in rawhide
kernel-xen.x86 broken in rawhide
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: kernel-xen-2.6 (Show other bugs)
rawhide
All Linux
low Severity low
: ---
: ---
Assigned To: Mark McLoughlin
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-02-22 13:18 EST by Mark McLoughlin
Modified: 2008-02-25 05:09 EST (History)
3 users (show)

See Also:
Fixed In Version: kernel-xen-2.6-2.6.21.7-2897.fc9
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-02-25 05:09:58 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Mark McLoughlin 2008-02-22 13:18:27 EST
kernel-xen-2.6.21.7-2895.fc9xen fails to boot on x86_64, but is fine on x86_32

Boot stops here:

Memory: 499968k/532480k available (2297k kernel code, 23664k reserved, 1335k
data, 200k init)
Calibrating delay using timer specific routine.. 5323.19 BogoMIPS (lpj=2661595)
Security Framework v1.0.0 initialized
SELinux:  Initializing.
SELinux:  Starting in permissive mode
selinux_register_security:  Registering secondary module capability
Capability LSM initialized as secondary
Mount-cache hash table entries: 256
CPU: L1 I cache: 32K, L1 D cache: 32K
CPU: L2 cache: 6144K
CPU: Physical Processor ID: 0
CPU: Processor Core ID: 1
SMP alternatives: switching to UP code
Freeing SMP alternatives: 28k freed


Stack trace as follows:

rip: ffffffff802063aa hypercall_page+0x3aa flags: 00001292 i s nz a
rsp: ffffffff805ecb20
rax: 00000000   rbx: ffffffff805489b0   rcx: ffffffff802063aa   rdx: 00000002
rsi: ffffffff805ecb38   rdi: 00000002   rbp: ffffffff80603940
 r8: 000000dc    r9: ffffffff805415d0   r10: 0000003e   r11: 00000292
r12: 00000000   r13: 00000000   r14: ffffffff805ecdb8   r15: ffffffff805415d0
 cs:     e033    ds:     0000    fs:     0000    gs:     0000

Stack:
 0000000000000033 ffffffff80543750 ffffffff8026bb62 ffffffff00000003
 0000000000000001 ffffffff805415d0 ffffffff80262829 ffffffff804e8c31
 ffffffff805415d0 0000000000000068 ffffffff802840dd 0000003000000008
 ffffffff805ecc68 ffffffff805ecb98 ffffffff805ecbc8 0000000000000068

Code:
cc cc cc cc cc cc cc cc cc cc cc 51 41 53 b8 1d 00 00 00 0f 05 <41> 5b 59 c3 cc
cc cc cc cc cc cc 

Call Trace:
  [<ffffffff802063aa>] hypercall_page+0x3aa  <--
  [<ffffffff8026bb62>] xen_panic_event+0x1b 
  [<ffffffff80262829>] atomic_notifier_call_chain+0x21 
  [<ffffffff802840dd>] panic+0xa2 
  [<ffffffff8020622a>] hypercall_page+0x22a 
  [<ffffffff80214e85>] do_exit+0x8e 
  [<ffffffff8026279c>] do_page_fault+0x1192 
  [<ffffffff8027ff7d>] enqueue_task+0x44 
  [<ffffffff8025fed7>] error_call_handler+0x18 
  [<ffffffff80291402>] __rcu_process_callbacks+0x1db 
  [<ffffffff802914fb>] rcu_process_callbacks+0x27 
  [<ffffffff80286cdd>] tasklet_action+0x9d 
  [<ffffffff80211945>] __do_softirq+0x80 
  [<ffffffff8025bbac>] call_softirq+0x1c 
  [<ffffffff80268c0e>] do_softirq+0x4c 
  [<ffffffff80268eb0>] do_IRQ+0x11c 
  [<ffffffff80394de8>] evtchn_do_upcall+0xef 
  [<ffffffff8025b68e>] do_hypervisor_callback+0x1e
Comment 1 Mark McLoughlin 2008-02-22 13:24:35 EST
Looks like it affects Dom0, but with a stack trace like:

Unable to handle kernel NULL pointer dereference at 0000000000000000 RIP: 
 [<ffffffff80291402>] __rcu_process_callbacks+0x1db/0x2ad
PGD 0 
Oops: 0000 [1] SMP 
last sysfs file: 
CPU 0 
Modules linked in:
Pid: 1, comm: swapper Not tainted 2.6.21.7-2895.fc9xen #1
RIP: e030:[<ffffffff80291402>]  [<ffffffff80291402>]
__rcu_process_callbacks+0x1db/0x2ad
RSP: e02b:ffffffff805ece60  EFLAGS: 00010293
RAX: 0000000000000000 RBX: ffff880001006650 RCX: 0000000000000005
RDX: ffffffffff578000 RSI: 0000000000000005 RDI: ffff880001617ef8
RBP: 0000000000000006 R08: ffff880001616000 R09: ffff880001617e98
R10: 0000000000000000 R11: 00ff880000000002 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
FS:  0000000000000000(0000) GS:ffffffff8058d000(0000) knlGS:0000000000000000
CS:  e033 DS: 0000 ES: 0000 CR0: 000000008005003b
CR2: 0000000000000000 CR3: 0000000000201000 CR4: 0000000000002620
Process swapper (pid: 1, threadinfo ffff880000034000, task ffff880000eeb7a0)
Stack:  0000000000000009 ffff880001006730 ffffffff805e6628 ffffffff802914fb
 ffff880001006738 ffffffff80286cdd 0000000000000011 ffffffff8058f150
 0000000000000001 ffffffff805e66c0 0000000000000004 ffffffff80211945
Call Trace:
 <IRQ>  [<ffffffff802914fb>] rcu_process_callbacks+0x27/0x47
 [<ffffffff80286cdd>] tasklet_action+0x9d/0x12c
 [<ffffffff80211945>] __do_softirq+0x80/0x103
 [<ffffffff8025bbac>] call_softirq+0x1c/0x28
 [<ffffffff80268c0e>] do_softirq+0x4c/0xe8
 [<ffffffff80268eb0>] do_IRQ+0x11c/0x13a
 [<ffffffff80394de8>] evtchn_do_upcall+0xef/0x174
 [<ffffffff8025b68e>] do_hypervisor_callback+0x1e/0x30
 <EOI>  [<ffffffff8035dd4f>] acpi_ns_get_next_node+0x11/0x3c
 [<ffffffff8035ca0c>] acpi_ns_delete_namespace_by_owner+0x4d/0xeb
 [<ffffffff803505e2>] acpi_ds_terminate_control_method+0x73/0xc6
 [<ffffffff8035e942>] acpi_ps_parse_aml+0x179/0x254
 [<ffffffff8035fc1c>] acpi_ps_execute_method+0x14e/0x21d
 [<ffffffff8035cb9d>] acpi_ns_evaluate+0xae/0x111
 [<ffffffff80362535>] acpi_ut_evaluate_object+0x72/0x19e
 [<ffffffff803626e7>] acpi_ut_execute_STA+0x1f/0x4f
 [<ffffffff8035d551>] acpi_get_object_info+0x146/0x1da
 [<ffffffff80365f72>] acpi_add_single_object+0x290/0xbd0
 [<ffffffff803669f0>] acpi_bus_scan+0x13e/0x1c4
 [<ffffffff805cb378>] acpi_scan_init+0xec/0x10f
 [<ffffffff805b64ca>] init+0x215/0x34f
 [<ffffffff8025b8f8>] child_rip+0xa/0x12
 [<ffffffff803524ae>] acpi_ds_init_one_object+0x0/0x7c
 [<ffffffff805b62b5>] init+0x0/0x34f
 [<ffffffff8025b8ee>] child_rip+0x0/0x12


Code: 4c 8b 20 41 0f 18 0c 24 48 89 c7 ff 50 08 48 89 e8 89 e9 48 
RIP  [<ffffffff80291402>] __rcu_process_callbacks+0x1db/0x2ad
 RSP <ffffffff805ece60>
CR2: 0000000000000000

Note You need to log in before you can comment on or make changes to this bug.