This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


[Xen-devel] Xen dom0 crash in get_phys_to_machine

To: <xen-devel@xxxxxxxxxxxxxxxxxxx>
Subject: [Xen-devel] Xen dom0 crash in get_phys_to_machine
From: "Alan J. Wylie" <NDA5OWUy@xxxxxxxxxxx>
Date: Tue, 12 Oct 2010 08:55:56 +0100
Cc: Jeremy Fitzhardinge <jeremy.fitzhardinge@xxxxxxxxxx>
Delivery-date: Tue, 12 Oct 2010 00:56:56 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
Further to my previous report:

Message-ID: <19629.39326.337589.71778@xxxxxxxxxxx>

I've added some debugging and have tracked down the crash to the
recently modified code in arch/x86/xen/mmu.c

Since the last version of the code that worked for me, mmu.c has been
modified with a lot of P2M changes. It now crashes in

Having tracked down the crash and the offending value of pfn, I then
further modified the code only to print if ( pfn == 0x18C3 ), and also
to print intermediate values.

<7>ALANW get_phys_to_machine pfn 000018C3
<7> topidx 00000000
<7> mididx 0000000C
<7> idx 000000C3
(XEN) d0:v0: unhandled page fault (ec=0000)

If there is any more debugging that I can do, I'll be only too happy to

System: Supermicro SM-SC825TQ-R720LPB, 8GB RAM
Motherboard: X8DTL
Processor: 1 x Intel XEON E5506 quad core
RAID controller: LSI MegaRAID SAS 8708

branch xen/stable-2.6.32.x

commit 179eca50d08fa05d7650fcb8a0d3e6598cf2388a
    Merge commit 'v2.6.32.24' into xen/next-2.6.32

/* initial changes to mmu.c to track down crash */
+static char hex[9];

 unsigned long get_phys_to_machine(unsigned long pfn)
        unsigned topidx, mididx, idx;
+       unsigned long rv;
+       longtohex(pfn);
+       xen_raw_printk(KERN_DEBUG "ALANW get_phys_to_machine %s", hex );

        if (unlikely(pfn >= MAX_P2M_PFN))
                return INVALID_P2M_ENTRY;
@@ -406,7 +432,12 @@ unsigned long get_phys_to_machine(unsigned long pfn)
        mididx = p2m_mid_index(pfn);
        idx = p2m_index(pfn);

-       return p2m_top[topidx][mididx][idx];
+       rv=p2m_top[topidx][mididx][idx];
+       longtohex(rv);
+       xen_raw_printk(KERN_DEBUG " returns %s\n", hex );
+       return rv;

(XEN)  Loaded kernel: ffffffff81000000->ffffffff816b1000
(XEN)  Init. ramdisk: ffffffff816b1000->ffffffff816b1000
(XEN)  Phys-Mach map: ffffffff816b1000->ffffffff818b1000
(XEN)  Start info:    ffffffff818b1000->ffffffff818b14b4
(XEN)  Page tables:   ffffffff818b2000->ffffffff818c3000
(XEN)  Boot stack:    ffffffff818c3000->ffffffff818c4000
(XEN)  TOTAL:         ffffffff80000000->ffffffff81c00000
(XEN)  ENTRY ADDRESS: ffffffff814cc200


<7>ALANW get_phys_to_machine 0003FFFC<7> returns 0017A544
<7>ALANW get_phys_to_machine 0003FFFD<7> returns 0017A545
<7>ALANW get_phys_to_machine 0003FFFE<7> returns 0017A546
<7>ALANW get_phys_to_machine 0003FFFF<7> returns 0017A547
<7>ALANW get_phys_to_machine 000002ED<7> returns 002382ED
<7>ALANW get_phys_to_machine 000002ED<7> returns 002382ED
init_memory_mapping: 0000000100000000-00000002bf780000
 0100000000 - 02bf780000 page 4k
kernel direct mapping tables up to 2bf780000 @ 18c3000-2ecb000
<7>ALANW get_phys_to_machine 000018C3(XEN) d0:v0: unhandled page fault (ec=0000)
(XEN) Pagetable walk from ffffffff816bd618:
(XEN)  L4[0x1ff] = 0000000239003067 0000000000001003
(XEN)  L3[0x1fe] = 0000000239007067 0000000000001007
(XEN)  L2[0x00b] = 0000000000000000 ffffffffffffffff
(XEN) domain_crash_sync called from entry.S
(XEN) Domain 0 (vcpu#0) crashed on cpu#0:
(XEN) ----[ Xen-4.0.2-rc1-pre  x86_64  debug=n  Tainted:    C ]----
(XEN) CPU:    0
(XEN) RIP:    e033:[<ffffffff8100c393>]
(XEN) RFLAGS: 0000000000000206   EM: 1   CONTEXT: pv guest
(XEN) rax: ffffffff816bd000   rbx: 00000000000000c3   rcx: 0000000000000000
(XEN) rdx: ffffffff8158b000   rsi: 0000000000000025   rdi: 0000000000000000
(XEN) rbp: ffffffffffffffff   rsp: ffffffff81445c00   r8:  000000000000000a
(XEN) r9:  ffffffff8157bf90   r10: ffffffff8157bd90   r11: 0000000000000200
(XEN) r12: 00000000018c3000   r13: 8000000000000163   r14: 0000000000000001
(XEN) r15: 00000000000009ff   cr0: 000000008005003b   cr4: 00000000000026f0
(XEN) cr3: 0000000239001000   cr2: ffffffff816bd618
(XEN) ds: 0000   es: 0000   fs: 0000   gs: 0000   ss: e02b   cs: e033
(XEN) Guest stack trace from rsp=ffffffff81445c00:
(XEN)    0000000000000000 0000000000000200 0000000000000000 ffffffff8100c393
(XEN)    000000010000e030 0000000000010006 ffffffff81445c40 000000000000e02b
(XEN)    ffffffff81445de8 80000000018c3063 00000000018c3000 ffffffff8100c657
(XEN)    80000000018c3063 ffffffff8100c72a 0000000000000000 ffffffff8100b789
(XEN)    0000000239002040 ffffffff815553e0 000000000000000f 8000000000000163
(XEN)    80000000018c3063 ffffffffff400000 ffffffff81536000 00000002bf780000
(XEN)    ffffffff814de1a3 0000000000000001 ffffffff814c30a0 ffffffffff400000
(XEN)    0000000139002038 ffffffff815553e0 ffffffff81445d90 00000000018c3000
(XEN)    ffff8802bf780000 00000002bf780000 00000002bf780000 0000000000000005
(XEN)    ffffffff813085a8 ffff880001002048 0000000240000000 ffff8802bf780000
(XEN)    ffffffff814f8091 0000000000000001 ffffffff814c30a0 8000000000000163
(XEN)    0000000000000000 0000000000000004 0000000000000000 0000000000000000
(XEN)    ffff880001002000 ffffffff8100b76b 00000000000003bf ffffffff815553e0
(XEN)    ffffffff81001880 00000002bf780000 ffff8802bf780000 ffffffff813c7fad
(XEN)    ffff8802bf780000 0000000000000000 ffffffff814f823a 00000002bf780000
(XEN)    ffffffff813196e4 0000000000000020 ffff880100000000 ffffffff81445e08
(XEN)    0000000040000000 0000000040000000 ffffffff81445e78 0000000000000001
(XEN)    0000000000000001 ffffffff813c7fad 0000000000000000 00000002bf780000
(XEN)    ffffffff813083d2 0000000000000000 0000000000000000 ffffffff00000000
(XEN)    0000000100000000 ffff880000000000 0000000000000000 0000000100000000
(XEN) Domain 0 crashed: 'noreboot' set - not rebooting.

Alan J. Wylie                                          http://www.wylie.me.uk/

Xen-devel mailing list