Description of problem: XENMEM_add_to_physmap hypercall on HVM is SMP-unsafe and may cause a xen crash. This means that a driver for Guest OS can crash Dom0. This has been observed on a Windows Guest. It has not been reproduced on a Linux HVM guest. Version-Release number of selected component (if applicable): xen-3.0.3-64.el5 How reproducible: 1/100 Steps to Reproduce: 1. Create/Destroy the domain(Windows/IA64+Driver(which uses XENMEM_add_to_physmap)). Actual results: dom0 hangs Expected results: Guest OS start/stop works properly without Dom0 hang. Additional info: This has been fixed upstream in Cset #17943: http://xenbits.xensource.com/ext/ia64/xen-unstable.hg?rev/eb0fc71cfc72 Discussion thread can be found at: http://lists.xensource.com/archives/html/xen-ia64-devel/2008-07/msg00058.html
Created attachment 312930 [details] Proposed patch. Same as upstream, but renumbered to match xen-3.0.3-68.el5.
The patch should be applied to kernel-xen.
Created attachment 314114 [details] proposed patch. revised to apply to kernel.
in kernel-2.6.18-105.el5 You can download this test kernel from http://people.redhat.com/dzickus/el5
This bug has been marked for inclusion in the Red Hat Enterprise Linux 5.3 Release Notes. To aid in the development of relevant and accurate release notes, please fill out the "Release Notes" field above with the following 4 pieces of information: Cause: What actions or circumstances cause this bug to present. Consequence: What happens when the bug presents. Fix: What was done to fix the bug. Result: What now happens when the actions or circumstances above occur. (NB: this is not the same as 'the bug doesn't present anymore')
release note added.
Release note added. If any revisions are required, please set the "requires_release_notes" flag to "?" and edit the "Release Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. New Contents: Cause: XENMEM_add_to_physmap hypercall on HVM was SMP-unsafe. Consequence: Repeat to create/destroy a Windows guest could cause Dom0 crash. Fix: Fixed SMP-unsafe with XENMEM_add_to_physmap on HVM Result: Repeat to create/destroy a Windows guest does not cause Dom0 crash.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2009-0225.html