Re: [Xen-devel] 3.1/2 live migration panic

On Thu, Jan 17, 2008 at 10:53:12AM +0000, Tim Deegan wrote:

> Hmm.  Yes, it's a pointer into the (shadow) linear PT, and we've just
> checked that it's valid or made it so.  Code inspection has lead to a
> lot of dead ends so far; can you try the attached patch?

I haven't reproduced the same panic yet, but I did get the one below instead.
I'm still trying to get it to go down the path where you added the debugging.

This one looks pretty similar though.


(XEN) ----[ Xen-3.1.2-xvm  x86_64  debug=y  Not tainted ]----
(XEN) CPU:    0
(XEN) RIP:    e008:[<ffff828c801b26ba>] shadow_set_l1e+0x4f/0x14c
(XEN) RFLAGS: 0000000000010286   CONTEXT: hypervisor
(XEN) rax: ffff81ff80d64ff0   rbx: ffff8300e2ed8100   rcx: 000000000015c505
(XEN) rdx: 00000001c96ef065   rsi: ffff81ff80d64ff0   rdi: ffff8300e2e56100
(XEN) rbp: ffff828c80267c58   rsp: ffff828c80267c08   r8:  0000000000000002
(XEN) r9:  0000000000000002   r10: ffff8300e2e56100   r11: ffffff015cdaa808
(XEN) r12: ffffff01ac9fe3c0   r13: ffffff02bdbb1648   r14: ffffff02bdbb1540
(XEN) r15: ffffff014e4db008   cr0: 000000008005003b   cr4: 00000000000006f0
(XEN) cr3: 00000001cb03f000   cr2: ffff81ff80d64ff0
(XEN) ds: 004b   es: 004b   fs: 0000   gs: 01c3   ss: 0000   cs: e008
(XEN) Xen stack trace from rsp=ffff828c80267c08:
(XEN)    00000000001686df ffff828c80267c18 ffff8301686dfff0
(XEN)    ffff8300e2e56100 ffff8300e2ed8100 0000000080267d98
(XEN)    000000000015c505 00000001c96ef065 ffff81ff80d64ff0
(XEN)    ffff8300e2e56100 ffff828c80267e58 ffff828c801b5efe
(XEN)    0000000800000000 0000000000000004 ffff8301686dfff0
(XEN)    00000000001686df 00000000001c96ef ffff828c80267d98
(XEN)    0000000000000002 0000000100000002 ffff828c80144306
(XEN)    ffff828c8023d2b8 0000027b0000027a ffff828c80267cf0
(XEN)    0000000000000082 00000002e2e56248 0000000100000000
(XEN)    ffff8300e2e02248 00000000cb03f000 ffff828c80267d10
(XEN)    ffff828c80141ad3 ffff8300e2e02248 00000000e2e56100
(XEN)    ffff828c80267db0 ffff828c80141a95 820000060000efff
(XEN)    000000000000ffff ffff828c80267d70 ffff828c8023d2a0
(XEN)    ffff8300e2e56488 00000000000000a8 ffff828c80267f28
(XEN)    0000000000000000 0000002000000000 0000002000000020
(XEN)    ffff828c80267e40 0000000180142209 0000000000000000
(XEN)    0000000000000008 ffff81ff80d64ff0 00000001c96ef065
(XEN)    000000088013c486 000000000015c505 ffff828c80267e58
(XEN)    00000000001c96ef ffff828c8014e5e2 00000000001c96ef
(XEN)    0000002780267e00 ffffff01ac9fe3c8 ffff8140a0502ff0
(XEN) Xen call trace:
(XEN)    [<ffff828c801b26ba>] shadow_set_l1e+0x4f/0x14c
(XEN)    [<ffff828c801b5efe>] sh_page_fault__shadow_4_guest_4+0x6fe/0xb9e
(XEN)    [<ffff828c8016234f>] paging_fault+0x3c/0x3e
(XEN)    [<ffff828c801622f9>] fixup_page_fault+0x22b/0x245
(XEN)    [<ffff828c80162391>] do_page_fault+0x40/0x15c
(XEN) Pagetable walk from ffff81ff80d64ff0:
(XEN)  L4[0x103] = 00000001cb03f063 000000000000063b
(XEN)  L3[0x1fe] = 00000001d358e067 00000000000005d4
(XEN)  L2[0x006] = 0000000000000000 ffffffffffffffff 
(XEN) ****************************************
(XEN) Panic on CPU 0:
(XEN) [error_code=0000]
(XEN) Faulting linear address: ffff81ff80d64ff0
(XEN) ****************************************

