xen-devel

[Top] [All Lists]

Re: [Xen-devel] [BUG] double fault for sale ;)

from [Keir Fraser]

[Permanent Link][Original]

To:	Gerd Hoffmann <kraxel@xxxxxxx>
Subject:	Re: [Xen-devel] [BUG] double fault for sale ;)
From:	Keir Fraser <Keir.Fraser@xxxxxxxxxxxx>
Date:	Mon, 29 May 2006 16:06:24 +0100
Cc:	Xen devel list <xen-devel@xxxxxxxxxxxxxxxxxxx>
Delivery-date:	Mon, 29 May 2006 08:11:47 -0700
Envelope-to:	www-data@xxxxxxxxxxxxxxxxxx
In-reply-to:	<447B0C8D.2060005@xxxxxxx>
List-help:	<mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id:	Xen developer discussion <xen-devel.lists.xensource.com>
List-post:	<mailto:xen-devel@lists.xensource.com>
List-subscribe:	<http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe:	<http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References:	<447B0C8D.2060005@xxxxxxx>
Sender:	xen-devel-bounces@xxxxxxxxxxxxxxxxxxx


On 29 May 2006, at 16:00, Gerd Hoffmann wrote:

I'm busy rewriting the domain builder code a bit, to restruct the code
and make it better usable for other tasks than directly booting a
domain.  While testing these bits I trapped into that one:

(XEN) CPU:    1
(XEN) EIP:    e008:[<ff137512>] get_page_type+0x12/0x63d
(XEN) EFLAGS: 00010296
(XEN) CR3:    00000000
(XEN) eax: 33030001   ebx: ff1c1080   ecx: ff1d4080   edx: ff1d4080
(XEN) esi: 0000001a   edi: ffbf5fac   ebp: ffbf502c   esp: ffbf4f84
(XEN) ds: e010   es: e010   fs: 0000   gs: 0000   ss: e010
(XEN) ************************************
(XEN) CPU1 DOUBLE FAULT -- system shutdown
(XEN) System needs manual reset.
(XEN) ************************************

I think even Domain-0 shouldn't be able to crash xen like this, no?

Looks like a stack overflow, since the stack pointer is in an "even"page which is guard page when running a debug build of Xen. Maybe youcould hack up some code to get a rough back trace (round the crashingstack pointer up to a page boundary then scan a whole page for textaddresses)?

Either need to fix some large stack frame or make the stack larger.Probably the former.


 -- Keir


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[Xen-devel] [BUG] double fault for sale ;), Gerd Hoffmann Re: [Xen-devel] [BUG] double fault for sale ;), Keir Fraser <= Re: [Xen-devel] [BUG] double fault for sale ;), Gerd Hoffmann Re: [Xen-devel] [BUG] double fault for sale ;), Keir Fraser Re: [Xen-devel] [BUG] double fault for sale ;), Gerd Hoffmann Re: [Xen-devel] [BUG] double fault for sale ;), Keir Fraser Re: [Xen-devel] [BUG] double fault for sale ;), Keir Fraser Re: [Xen-devel] [BUG] double fault for sale ;), Gerd Hoffmann Re: [Xen-devel] [BUG] double fault for sale ;), Jan Beulich

Previous by Date:	Re: [Xen-devel] [PATCH] x86 linux: prevent halted VCPUs from eating up CPU bandwidth, Keir Fraser
Next by Date:	Re: [Xen-devel] [BUG] double fault for sale ;), Jan Beulich
Previous by Thread:	[Xen-devel] [BUG] double fault for sale ;), Gerd Hoffmann
Next by Thread:	Re: [Xen-devel] [BUG] double fault for sale ;), Gerd Hoffmann
Indexes:	[Date] [Thread] [Top] [All Lists]