Bug 434556 - kernel-xen.x86 broken in rawhide
kernel-xen.x86 broken in rawhide
Product: Fedora
Classification: Fedora
Component: kernel-xen-2.6 (Show other bugs)
All Linux
low Severity low
: ---
: ---
Assigned To: Mark McLoughlin
Fedora Extras Quality Assurance
Depends On:
  Show dependency treegraph
Reported: 2008-02-22 13:18 EST by Mark McLoughlin
Modified: 2008-02-25 05:09 EST (History)
3 users (show)

See Also:
Fixed In Version: kernel-xen-2.6-
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2008-02-25 05:09:58 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Mark McLoughlin 2008-02-22 13:18:27 EST
kernel-xen- fails to boot on x86_64, but is fine on x86_32

Boot stops here:

Memory: 499968k/532480k available (2297k kernel code, 23664k reserved, 1335k
data, 200k init)
Calibrating delay using timer specific routine.. 5323.19 BogoMIPS (lpj=2661595)
Security Framework v1.0.0 initialized
SELinux:  Initializing.
SELinux:  Starting in permissive mode
selinux_register_security:  Registering secondary module capability
Capability LSM initialized as secondary
Mount-cache hash table entries: 256
CPU: L1 I cache: 32K, L1 D cache: 32K
CPU: L2 cache: 6144K
CPU: Physical Processor ID: 0
CPU: Processor Core ID: 1
SMP alternatives: switching to UP code
Freeing SMP alternatives: 28k freed

Stack trace as follows:

rip: ffffffff802063aa hypercall_page+0x3aa flags: 00001292 i s nz a
rsp: ffffffff805ecb20
rax: 00000000   rbx: ffffffff805489b0   rcx: ffffffff802063aa   rdx: 00000002
rsi: ffffffff805ecb38   rdi: 00000002   rbp: ffffffff80603940
 r8: 000000dc    r9: ffffffff805415d0   r10: 0000003e   r11: 00000292
r12: 00000000   r13: 00000000   r14: ffffffff805ecdb8   r15: ffffffff805415d0
 cs:     e033    ds:     0000    fs:     0000    gs:     0000

 0000000000000033 ffffffff80543750 ffffffff8026bb62 ffffffff00000003
 0000000000000001 ffffffff805415d0 ffffffff80262829 ffffffff804e8c31
 ffffffff805415d0 0000000000000068 ffffffff802840dd 0000003000000008
 ffffffff805ecc68 ffffffff805ecb98 ffffffff805ecbc8 0000000000000068

cc cc cc cc cc cc cc cc cc cc cc 51 41 53 b8 1d 00 00 00 0f 05 <41> 5b 59 c3 cc
cc cc cc cc cc cc 

Call Trace:
  [<ffffffff802063aa>] hypercall_page+0x3aa  <--
  [<ffffffff8026bb62>] xen_panic_event+0x1b 
  [<ffffffff80262829>] atomic_notifier_call_chain+0x21 
  [<ffffffff802840dd>] panic+0xa2 
  [<ffffffff8020622a>] hypercall_page+0x22a 
  [<ffffffff80214e85>] do_exit+0x8e 
  [<ffffffff8026279c>] do_page_fault+0x1192 
  [<ffffffff8027ff7d>] enqueue_task+0x44 
  [<ffffffff8025fed7>] error_call_handler+0x18 
  [<ffffffff80291402>] __rcu_process_callbacks+0x1db 
  [<ffffffff802914fb>] rcu_process_callbacks+0x27 
  [<ffffffff80286cdd>] tasklet_action+0x9d 
  [<ffffffff80211945>] __do_softirq+0x80 
  [<ffffffff8025bbac>] call_softirq+0x1c 
  [<ffffffff80268c0e>] do_softirq+0x4c 
  [<ffffffff80268eb0>] do_IRQ+0x11c 
  [<ffffffff80394de8>] evtchn_do_upcall+0xef 
  [<ffffffff8025b68e>] do_hypervisor_callback+0x1e
Comment 1 Mark McLoughlin 2008-02-22 13:24:35 EST
Looks like it affects Dom0, but with a stack trace like:

Unable to handle kernel NULL pointer dereference at 0000000000000000 RIP: 
 [<ffffffff80291402>] __rcu_process_callbacks+0x1db/0x2ad
PGD 0 
Oops: 0000 [1] SMP 
last sysfs file: 
CPU 0 
Modules linked in:
Pid: 1, comm: swapper Not tainted #1
RIP: e030:[<ffffffff80291402>]  [<ffffffff80291402>]
RSP: e02b:ffffffff805ece60  EFLAGS: 00010293
RAX: 0000000000000000 RBX: ffff880001006650 RCX: 0000000000000005
RDX: ffffffffff578000 RSI: 0000000000000005 RDI: ffff880001617ef8
RBP: 0000000000000006 R08: ffff880001616000 R09: ffff880001617e98
R10: 0000000000000000 R11: 00ff880000000002 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
FS:  0000000000000000(0000) GS:ffffffff8058d000(0000) knlGS:0000000000000000
CS:  e033 DS: 0000 ES: 0000 CR0: 000000008005003b
CR2: 0000000000000000 CR3: 0000000000201000 CR4: 0000000000002620
Process swapper (pid: 1, threadinfo ffff880000034000, task ffff880000eeb7a0)
Stack:  0000000000000009 ffff880001006730 ffffffff805e6628 ffffffff802914fb
 ffff880001006738 ffffffff80286cdd 0000000000000011 ffffffff8058f150
 0000000000000001 ffffffff805e66c0 0000000000000004 ffffffff80211945
Call Trace:
 <IRQ>  [<ffffffff802914fb>] rcu_process_callbacks+0x27/0x47
 [<ffffffff80286cdd>] tasklet_action+0x9d/0x12c
 [<ffffffff80211945>] __do_softirq+0x80/0x103
 [<ffffffff8025bbac>] call_softirq+0x1c/0x28
 [<ffffffff80268c0e>] do_softirq+0x4c/0xe8
 [<ffffffff80268eb0>] do_IRQ+0x11c/0x13a
 [<ffffffff80394de8>] evtchn_do_upcall+0xef/0x174
 [<ffffffff8025b68e>] do_hypervisor_callback+0x1e/0x30
 <EOI>  [<ffffffff8035dd4f>] acpi_ns_get_next_node+0x11/0x3c
 [<ffffffff8035ca0c>] acpi_ns_delete_namespace_by_owner+0x4d/0xeb
 [<ffffffff803505e2>] acpi_ds_terminate_control_method+0x73/0xc6
 [<ffffffff8035e942>] acpi_ps_parse_aml+0x179/0x254
 [<ffffffff8035fc1c>] acpi_ps_execute_method+0x14e/0x21d
 [<ffffffff8035cb9d>] acpi_ns_evaluate+0xae/0x111
 [<ffffffff80362535>] acpi_ut_evaluate_object+0x72/0x19e
 [<ffffffff803626e7>] acpi_ut_execute_STA+0x1f/0x4f
 [<ffffffff8035d551>] acpi_get_object_info+0x146/0x1da
 [<ffffffff80365f72>] acpi_add_single_object+0x290/0xbd0
 [<ffffffff803669f0>] acpi_bus_scan+0x13e/0x1c4
 [<ffffffff805cb378>] acpi_scan_init+0xec/0x10f
 [<ffffffff805b64ca>] init+0x215/0x34f
 [<ffffffff8025b8f8>] child_rip+0xa/0x12
 [<ffffffff803524ae>] acpi_ds_init_one_object+0x0/0x7c
 [<ffffffff805b62b5>] init+0x0/0x34f
 [<ffffffff8025b8ee>] child_rip+0x0/0x12

Code: 4c 8b 20 41 0f 18 0c 24 48 89 c7 ff 50 08 48 89 e8 89 e9 48 
RIP  [<ffffffff80291402>] __rcu_process_callbacks+0x1db/0x2ad
 RSP <ffffffff805ece60>
CR2: 0000000000000000

Note You need to log in before you can comment on or make changes to this bug.