lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Wed, 23 Apr 2008 16:58:43 -0700
From:	Jeremy Fitzhardinge <jeremy@...p.org>
To:	"Christopher S. Aker" <caker@...shore.net>
CC:	linux-kernel@...r.kernel.org
Subject: Re: pvops - xen - unable to handle kernel paging request

Christopher S. Aker wrote:
> Xen: 3.2.1-rc5 64bit
> dom0: 2.6.16.38 PAE
> domU: 2.6.25 PAE   
>
> BUG: unable to handle kernel paging request at 15c38554
> IP: [<c0103195>] xen_make_pte+0x45/0x50
> Oops: 0000 [#1] SMP
> Modules linked in:

Hi Chris,

How easy is this to reproduce?  Is this immediate or under load?

How much memory does the host machine have?  How much allocated to the 
domain?

And to be clear, this is plain 2.6.25, not 2.6.25+mergewindow, right?

(BTW, it would help if you cc: me on Xen bug reports, since I don't 
necessarily catch up on lkml traffic very quickly.)

Thanks,
    J

>
> Pid: 3105, comm: java Not tainted (2.6.25-linode9 #1)
> EIP: 0061:[<c0103195>] EFLAGS: 00010246 CPU: 0
> EIP is at xen_make_pte+0x45/0x50
> EAX: c06e3000 EBX: 80000555 ECX: 55555555 EDX: 55555555
> ESI: 00000065 EDI: 00000555 EBP: 00000000 ESP: d4fadef0
>  DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0069
> Process java (pid: 3105, ti=d4fac000 task=d4f04ef0 task.ti=d4fac000)
> Stack: 80000555 55555060 c01620da b7f0d000 00000071 d4d51ff0 00000000 
> 000b7f0c
>        00000000 c051c60a c012c3e0 c06b4574 05633ebe b7f0c000 d5f4d85c 
> 03dfa0e0
>        00000000 d4e40900 00000070 00000001 00000000 d4f9d010 d4fa4df8 
> c129f26c
> Call Trace:
>  [<c01620da>] mprotect_fixup+0x3da/0x600
>  [<c051c60a>] _spin_lock_irq+0xa/0x30
>  [<c012c3e0>] run_timer_softirq+0x130/0x190
>  [<c0162489>] sys_mprotect+0x189/0x240
>  [<c0106bce>] syscall_call+0x7/0xb
>  =======================
> Code: 3d 82 e3 63 c0 00 89 ca 74 1c 89 d0 31 d2 0f a4 c2 0c c1 e0 0c 
> 89 d3 09 f0 89 c1 83 e1 e7 89 da 89 c8 5b 5e c3 90 a1 9c 8a 6a c0 <8b> 
> 14 88 81 e2 ff ff ff 7f eb d4 83 ec 0c 89 74 24 04 89 c6 83
> EIP: [<c0103195>] xen_make_pte+0x45/0x50 SS:ESP 0069:d4fadef0
> ---[ end trace d31c003629c776dd ]---
> ------------[ cut here ]------------
> Kernel BUG at c0113a9b [verbose debug info unavailable]
> invalid opcode: 0000 [#2] SMP
> Modules linked in:
>
> Pid: 3105, comm: java Tainted: G      D  (2.6.25-linode9 #1)
> EIP: 0061:[<c0113a9b>] EFLAGS: 00010002 CPU: 0
> EIP is at paravirt_enter_lazy_cpu+0x1b/0x20
> EAX: c069e16c EBX: d4e40900 ECX: 00000001 EDX: 00c37000
> ESI: c060c200 EDI: 00000000 EBP: d4f04ef0 ESP: d4fadc0c
>  DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0069
> Process java (pid: 3105, ti=d4fac000 task=d4f04ef0 task.ti=d4fac000)
> Stack: c051ac80 00000002 d4fadc3c d4fadc34 00000000 d4f05050 d4f05050 
> c12d8e80
>        00000000 05633e7e 0000ffff 00000000 00000000 00000000 d4e40934 
> 00000002
>        d4f04ef0 d4fadc7c c051c0c5 d4e4093c c051c69c 00000000 00000000 
> d4e40934
> Call Trace:
>  [<c051ac80>] schedule+0x150/0x5f0
>  [<c051c0c5>] rwsem_down_failed_common+0x95/0x1a0
>  [<c051c69c>] _spin_unlock_irqrestore+0xc/0x10
>  [<c051c21d>] rwsem_down_read_failed+0x1d/0x24
>  [<c051c287>] call_rwsem_down_read_failed+0x7/0xc
>  [<c051b91a>] down_read+0xa/0x10
>  [<c0140bfe>] futex_wake+0x2e/0x100
>  [<c0141bdc>] do_futex+0xdc/0xb90
>  [<c03728a6>] memmove+0x36/0x50
>  [<c039412b>] scrup+0x8b/0x110
>  [<c013a807>] atomic_notifier_call_chain+0x17/0x20
>  [<c039407d>] notify_update+0x1d/0x30
>  [<c039518d>] vt_console_print+0x1ed/0x2d0
>  [<c0394fa0>] vt_console_print+0x0/0x2d0
>  [<c0122dee>] __call_console_drivers+0x5e/0x70
>  [<c051c69c>] _spin_unlock_irqrestore+0xc/0x10
>  [<c014272d>] sys_futex+0x9d/0x130
>  [<c0123830>] vprintk+0x1c0/0x390
>  [<c012073f>] mm_release+0x7f/0x90
>  [<c01248d2>] exit_mm+0x12/0xe0
>  [<c012636c>] do_exit+0x14c/0x6d0
>  [<c0123a1b>] printk+0x1b/0x20
>  [<c010857f>] die+0x17f/0x180
>  [<c0115624>] do_page_fault+0x564/0xa20
>  [<c015a70b>] __do_fault+0x1ab/0x4d0
>  [<c01150c0>] do_page_fault+0x0/0xa20
>  [<c051c932>] error_code+0x72/0x78
>  [<c0103195>] xen_make_pte+0x45/0x50
>  [<c01620da>] mprotect_fixup+0x3da/0x600
>  [<c051c60a>] _spin_lock_irq+0xa/0x30
>  [<c012c3e0>] run_timer_softirq+0x130/0x190
>  [<c0162489>] sys_mprotect+0x189/0x240
>  [<c0106bce>] syscall_call+0x7/0xb
>  =======================
> Code: b8 01 00 00 00 e9 d6 ff ff ff 8d b6 00 00 00 00 64 8b 15 10 e1 
> 69 c0 b8 6c e1 69 c0 8b 0c 10 85 c9 75 08 c7 04 10 02 00 00 00 c3 <0f> 
> 0b eb fe 90 b8 02 00 00 00 e9 a6 ff ff ff 8d b6 00 00 00 00
> EIP: [<c0113a9b>] paravirt_enter_lazy_cpu+0x1b/0x20 SS:ESP 0069:d4fadc0c
> ---[ end trace d31c003629c776dd ]---
> Fixing recursive fault but reboot is needed!
>
> -Chris
> -- 
> To unsubscribe from this list: send the line "unsubscribe 
> linux-kernel" in
> the body of a message to majordomo@...r.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at  http://www.tux.org/lkml/

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ