WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-devel] [BUG] double fault for sale ;)

from [Gerd Hoffmann] [Permanent Link][Original]
To: Keir Fraser <Keir.Fraser@xxxxxxxxxxxx>
Subject: Re: [Xen-devel] [BUG] double fault for sale ;)
From: Gerd Hoffmann <kraxel@xxxxxxx>
Date: Tue, 30 May 2006 16:02:22 +0200
Cc: Xen devel list <xen-devel@xxxxxxxxxxxxxxxxxxx>
Delivery-date: Tue, 30 May 2006 07:02:52 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <cbd1957668968d46ab6c568d7cc2ce51@xxxxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <447B0C8D.2060005@xxxxxxx> <6a7498fb08ad39210bd11832f3c32287@xxxxxxxxxxxx> <447B1B41.2000003@xxxxxxx> <cbd1957668968d46ab6c568d7cc2ce51@xxxxxxxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Thunderbird 1.5.0.2 (X11/20060411) 
Keir Fraser wrote:
> The few stack frames you looked at already look quite innocent. They
> don't take up much stack space. OTOH it is somewhat weird to be doing
> writable pagetable work that far down the stack. It'll be interesting to
> see what was going on to cause writable pagetable state to be flushed.

Looks like an endless recursion, trace (and patch) attached.

cheers,

  Gerd

-- 
Gerd Hoffmann <kraxel@xxxxxxx>
http://www.suse.de/~kraxel/julika-dora.jpeg

(XEN) Xen stack trace from esp=ffbf4f84:
(XEN)   stack overflow fixup
(XEN) Xen stack trace from esp=ffbf5000:
(XEN)  stack ffbf5030, text ff135035 <get_page_and_type+0x34/0x57>
(XEN)  stack ffbf5050, text ff135a93 <get_page_from_l1e+0x17c/0x206>, frame 8
(XEN)  stack ffbf5080, text ff183b28 <map_domain_page+0x68/0x3fa>, frame 12
(XEN)  stack ffbf50a0, text ff13c80e <revalidate_l1+0xb2/0x17f>, frame 8
(XEN)  stack ffbf50e0, text ff13cb13 <ptwr_flush+0x238/0x34f>, frame 16
(XEN)  stack ffbf5120, text ff13d89f <cleanup_writable_pagetable+0x64/0x86>, 
frame 16
(XEN)  stack ffbf5130, text ff137766 <get_page_type+0x266/0x63d>, frame 4
(XEN)  stack ffbf51e0, text ff135035 <get_page_and_type+0x34/0x57>, frame 44
(XEN)  stack ffbf5200, text ff135a93 <get_page_from_l1e+0x17c/0x206>, frame 8
(XEN)  stack ffbf5230, text ff183b28 <map_domain_page+0x68/0x3fa>, frame 12
(XEN)  stack ffbf5250, text ff13c80e <revalidate_l1+0xb2/0x17f>, frame 8
(XEN)  stack ffbf5290, text ff13cb13 <ptwr_flush+0x238/0x34f>, frame 16
(XEN)  stack ffbf52d0, text ff13d89f <cleanup_writable_pagetable+0x64/0x86>, 
frame 16
(XEN)  stack ffbf52e0, text ff137766 <get_page_type+0x266/0x63d>, frame 4
(XEN)  stack ffbf5390, text ff135035 <get_page_and_type+0x34/0x57>, frame 44
(XEN)  stack ffbf53b0, text ff135a93 <get_page_from_l1e+0x17c/0x206>, frame 8
(XEN)  stack ffbf53e0, text ff183b28 <map_domain_page+0x68/0x3fa>, frame 12
(XEN)  stack ffbf5400, text ff13c80e <revalidate_l1+0xb2/0x17f>, frame 8
(XEN)  stack ffbf5440, text ff13cb13 <ptwr_flush+0x238/0x34f>, frame 16
(XEN)  stack ffbf5480, text ff13d89f <cleanup_writable_pagetable+0x64/0x86>, 
frame 16
(XEN)  stack ffbf5490, text ff137766 <get_page_type+0x266/0x63d>, frame 4
(XEN)  stack ffbf5540, text ff135035 <get_page_and_type+0x34/0x57>, frame 44
(XEN)  stack ffbf5560, text ff135a93 <get_page_from_l1e+0x17c/0x206>, frame 8
(XEN)  stack ffbf5590, text ff183b28 <map_domain_page+0x68/0x3fa>, frame 12
(XEN)  stack ffbf55b0, text ff13c80e <revalidate_l1+0xb2/0x17f>, frame 8
(XEN)  stack ffbf55f0, text ff13cb13 <ptwr_flush+0x238/0x34f>, frame 16
(XEN)  stack ffbf5630, text ff13d89f <cleanup_writable_pagetable+0x64/0x86>, 
frame 16
(XEN)  stack ffbf5640, text ff137766 <get_page_type+0x266/0x63d>, frame 4
(XEN)  stack ffbf56f0, text ff135035 <get_page_and_type+0x34/0x57>, frame 44
(XEN)  stack ffbf5710, text ff135a93 <get_page_from_l1e+0x17c/0x206>, frame 8
(XEN)  stack ffbf5740, text ff183b28 <map_domain_page+0x68/0x3fa>, frame 12
(XEN)  stack ffbf5760, text ff13c80e <revalidate_l1+0xb2/0x17f>, frame 8
(XEN)  stack ffbf57a0, text ff13cb13 <ptwr_flush+0x238/0x34f>, frame 16
(XEN)  stack ffbf57e0, text ff13d89f <cleanup_writable_pagetable+0x64/0x86>, 
frame 16
(XEN)  stack ffbf57f0, text ff137766 <get_page_type+0x266/0x63d>, frame 4
(XEN)  stack ffbf58a0, text ff135035 <get_page_and_type+0x34/0x57>, frame 44
(XEN)  stack ffbf58c0, text ff135a93 <get_page_from_l1e+0x17c/0x206>, frame 8
(XEN)  stack ffbf58f0, text ff183b28 <map_domain_page+0x68/0x3fa>, frame 12
(XEN)  stack ffbf5910, text ff13c80e <revalidate_l1+0xb2/0x17f>, frame 8
(XEN)  stack ffbf5950, text ff13cb13 <ptwr_flush+0x238/0x34f>, frame 16
(XEN)  stack ffbf597c, text ff137b63 <__cpus_empty+0x18/0x1a>, frame 11
(XEN)  stack ffbf5990, text ff13d89f <cleanup_writable_pagetable+0x64/0x86>, 
frame 5
(XEN)  stack ffbf59a0, text ff137766 <get_page_type+0x266/0x63d>, frame 4
(XEN)  stack ffbf59cc, text ff1233f5 <smp_apic_timer_interrupt+0x17/0x19>, 
frame 11
(XEN)  stack ffbf5a1c, text ff183f8e <mapcache_current_vcpu+0xb/0xc5>, frame 20
(XEN)  stack ffbf5a50, text ff135035 <get_page_and_type+0x34/0x57>, frame 13
(XEN)  stack ffbf5a70, text ff135a93 <get_page_from_l1e+0x17c/0x206>, frame 8
(XEN)  stack ffbf5aa0, text ff183b28 <map_domain_page+0x68/0x3fa>, frame 12
(XEN)  stack ffbf5aac, text ff13d1e7 <ptwr_emulated_update+0x5bd/0x5d6>, frame 3
(XEN)  stack ffbf5ac0, text ff13c80e <revalidate_l1+0xb2/0x17f>, frame 5
(XEN)  stack ffbf5b00, text ff13cb13 <ptwr_flush+0x238/0x34f>, frame 16
(XEN)  stack ffbf5b40, text ff13d89f <cleanup_writable_pagetable+0x64/0x86>, 
frame 16
(XEN)  stack ffbf5b50, text ff137766 <get_page_type+0x266/0x63d>, frame 4
(XEN)  stack ffbf5b70, text ff183f8e <mapcache_current_vcpu+0xb/0xc5>, frame 8
(XEN)  stack ffbf5b80, text ff183e85 <map_domain_page+0x3c5/0x3fa>, frame 4
(XEN)  stack ffbf5c00, text ff135035 <get_page_and_type+0x34/0x57>, frame 32
(XEN)  stack ffbf5c20, text ff135a93 <get_page_from_l1e+0x17c/0x206>, frame 8
(XEN)  stack ffbf5c50, text ff183b28 <map_domain_page+0x68/0x3fa>, frame 12
(XEN)  stack ffbf5c70, text ff13c80e <revalidate_l1+0xb2/0x17f>, frame 8
(XEN)  stack ffbf5cb0, text ff13cb13 <ptwr_flush+0x238/0x34f>, frame 16
(XEN)  stack ffbf5cc0, text ff135637 <get_page_from_pagenr+0x43/0x93>, frame 4
(XEN)  stack ffbf5cf0, text ff13d89f <cleanup_writable_pagetable+0x64/0x86>, 
frame 12
(XEN)  stack ffbf5d00, text ff137766 <get_page_type+0x266/0x63d>, frame 4
(XEN)  stack ffbf5d10, text ff12341c <raise_softirq+0x25/0x27>, frame 4
(XEN)  stack ffbf5d20, text ff135c12 <get_page_from_l2e+0xf5/0x131>, frame 4
(XEN)  stack ffbf5d30, text ff137c01 <__next_cpu+0x26/0x48>, frame 4
(XEN)  stack ffbf5db0, text ff135035 <get_page_and_type+0x34/0x57>, frame 32
(XEN)  stack ffbf5dd0, text ff135a93 <get_page_from_l1e+0x17c/0x206>, frame 8
(XEN)  stack ffbf5e00, text ff183b28 <map_domain_page+0x68/0x3fa>, frame 12
(XEN)  stack ffbf5e20, text ff13c80e <revalidate_l1+0xb2/0x17f>, frame 8
(XEN)  stack ffbf5e60, text ff13cb13 <ptwr_flush+0x238/0x34f>, frame 16
(XEN)  stack ffbf5e70, text ff138731 <set_foreigndom+0x13/0x228>, frame 4
(XEN)  stack ffbf5e8c, text ff184169 <unmap_domain_page+0x107/0x33c>, frame 7
(XEN)  stack ffbf5ea0, text ff13d89f <cleanup_writable_pagetable+0x64/0x86>, 
frame 5
(XEN)  stack ffbf5eb0, text ff1389df <do_mmuext_op+0x99/0xa2f>, frame 4
(XEN)  stack ffbf5ecc, text ff13d5e6 <ptwr_do_page_fault+0x37b/0x483>, frame 7
(XEN)  stack ffbf5f3c, text ff144dba <fixup_page_fault+0x39e/0x3ec>, frame 28
(XEN)  stack ffbf5f6c, text ff144fe1 <do_page_fault+0x9f/0x334>, frame 12
(XEN)  stack ffbf5f80, text ff11c5f5 <do_softirq+0xa1/0xb8>, frame 5
(XEN)  stack ffbf5f90, text ff1847df <hypercall+0x8f/0xaf>, frame 4

diff -r 14717dedba02 xen/arch/x86/x86_32/traps.c
--- a/xen/arch/x86/x86_32/traps.c       Sun May 21 19:15:58 2006
+++ b/xen/arch/x86/x86_32/traps.c       Tue May 30 15:59:30 2006
@@ -173,6 +173,51 @@
            tss->esi, tss->edi, tss->ebp, tss->esp);
     printk("ds: %04x   es: %04x   fs: %04x   gs: %04x   ss: %04x\n",
            tss->ds, tss->es, tss->fs, tss->gs, tss->ss);
+
+    {
+#define stack_words_per_line  8
+
+       unsigned long *stack, addr, *lstack;
+       int words;
+
+       addr = tss->esp;
+       stack = (void*)addr;
+       printk("Xen stack trace from "__OP"sp=%p:\n  ", stack);
+
+       if ((addr & 0xfff) > 0xf00) {
+               printk("stack overflow fixup\n");
+               while ((addr & 0xfff) > 0xf00)
+                       addr += 4;
+               stack = (void*)addr;
+               printk("Xen stack trace from "__OP"sp=%p:\n  ", stack);
+       }
+
+       lstack = NULL;
+       for (;; stack++) {
+           if (((long)stack & (STACK_SIZE-BYTES_PER_LONG)) == 0)
+               break;
+           addr = *stack;
+           if (is_kernel_text(addr)) {
+               printk("\n stack %p, text %p <", stack, _p(addr));
+               print_symbol("%s",addr);
+               printk(">");
+               if (lstack)
+                       printk(", frame %d", stack - lstack);
+               lstack = stack;
+               printk("\n");
+               words = 0;
+           } else {
+               if (stack_words_per_line == words) {
+                   printk("\n");
+                   words = 0;
+               }
+               printk(" %p", _p(addr));
+               words++;
+           }
+       }
+       printk("\n");
+    }
+
     printk("************************************\n");
     printk("CPU%d DOUBLE FAULT -- system shutdown\n", cpu);
     printk("System needs manual reset.\n");

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: [Xen-devel] dom0 hang when "xm mem-set 0 16", Puthiyaparambil, Aravindh
Next by Date:  Re: [Xen-devel] [BUG] double fault for sale ;), Keir Fraser
Previous by Thread:  Re: [Xen-devel] [BUG] double fault for sale ;), Keir Fraser
Next by Thread:  Re: [Xen-devel] [BUG] double fault for sale ;), Keir Fraser
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy