[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [xen-4.4-testing baseline-only test] 38236: tolerable FAIL

This run is configured for baseline tests only.

flight 38236 xen-4.4-testing real [real]

Failures :-/ but no regressions.

Tests which did not succeed, but are not blocking:
 test-amd64-i386-rumpuserxen-i386  1 build-check(1)               blocked  n/a
 test-amd64-amd64-rumpuserxen-amd64  1 build-check(1)               blocked n/a
 build-i386-rumpuserxen        6 xen-build                    fail   never pass
 test-armhf-armhf-libvirt-raw  9 debian-di-install            fail   never pass
 test-armhf-armhf-libvirt     11 guest-start                  fail   never pass
 test-armhf-armhf-xl-vhd       9 debian-di-install            fail   never pass
 test-armhf-armhf-libvirt-qcow2  9 debian-di-install            fail never pass
 build-amd64-rumpuserxen       6 xen-build                    fail   never pass
 test-armhf-armhf-xl-multivcpu 13 saverestore-support-check    fail  never pass
 test-armhf-armhf-xl-multivcpu 12 migrate-support-check        fail  never pass
 test-armhf-armhf-xl-credit2  12 migrate-support-check        fail   never pass
 test-armhf-armhf-xl-credit2  13 saverestore-support-check    fail   never pass
 test-armhf-armhf-xl          13 saverestore-support-check    fail   never pass
 test-armhf-armhf-xl          12 migrate-support-check        fail   never pass
 test-armhf-armhf-xl-midway   12 migrate-support-check        fail   never pass
 test-armhf-armhf-xl-midway   13 saverestore-support-check    fail   never pass
 test-amd64-amd64-libvirt     12 migrate-support-check        fail   never pass
 test-amd64-i386-libvirt      12 migrate-support-check        fail   never pass
 test-amd64-amd64-libvirt-vhd 11 migrate-support-check        fail   never pass
 test-amd64-amd64-xl-qemuu-win7-amd64 17 guest-stop             fail never pass
 test-amd64-i386-xl-qemut-win7-amd64 17 guest-stop              fail never pass
 test-amd64-i386-xl-qemuu-win7-amd64 17 guest-stop              fail never pass
 test-amd64-amd64-xl-qemut-win7-amd64 17 guest-stop             fail never pass
 test-amd64-i386-xend-qemut-winxpsp3 21 leak-check/check        fail never pass

version targeted for testing:
 xen                  73b70e3c5d59e63126c890068ee0cbf8a2a3b640
baseline version:
 xen                  e321898a39222ad1feef352d65f71cef362b4a16

Last test of basis    38198  2015-10-22 13:55:20 Z   10 days
Testing same since    38236  2015-11-01 15:50:10 Z    0 days    1 attempts

People who touched revisions under test:
  Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
  Ian Campbell <ian.campbell@xxxxxxxxxx>
  Ian Jackson <ian.jackson@xxxxxxxxxxxxx>
  Jan Beulich <jbeulich@xxxxxxxx>
  Julien Grall <julien.grall@xxxxxxxxxx>

 build-amd64-xend                                             pass
 build-i386-xend                                              pass
 build-amd64                                                  pass
 build-armhf                                                  pass
 build-i386                                                   pass
 build-amd64-libvirt                                          pass
 build-armhf-libvirt                                          pass
 build-i386-libvirt                                           pass
 build-amd64-prev                                             pass
 build-i386-prev                                              pass
 build-amd64-pvops                                            pass
 build-armhf-pvops                                            pass
 build-i386-pvops                                             pass
 build-amd64-rumpuserxen                                      fail
 build-i386-rumpuserxen                                       fail
 test-amd64-amd64-xl                                          pass
 test-armhf-armhf-xl                                          pass
 test-amd64-i386-xl                                           pass
 test-amd64-i386-qemut-rhel6hvm-amd                           pass
 test-amd64-i386-qemuu-rhel6hvm-amd                           pass
 test-amd64-amd64-xl-qemut-debianhvm-amd64                    pass
 test-amd64-i386-xl-qemut-debianhvm-amd64                     pass
 test-amd64-amd64-xl-qemuu-debianhvm-amd64                    pass
 test-amd64-i386-xl-qemuu-debianhvm-amd64                     pass
 test-amd64-i386-freebsd10-amd64                              pass
 test-amd64-amd64-xl-qemuu-ovmf-amd64                         pass
 test-amd64-i386-xl-qemuu-ovmf-amd64                          pass
 test-amd64-amd64-rumpuserxen-amd64                           blocked
 test-amd64-amd64-xl-qemut-win7-amd64                         fail
 test-amd64-i386-xl-qemut-win7-amd64                          fail
 test-amd64-amd64-xl-qemuu-win7-amd64                         fail
 test-amd64-i386-xl-qemuu-win7-amd64                          fail
 test-amd64-amd64-xl-credit2                                  pass
 test-armhf-armhf-xl-credit2                                  pass
 test-amd64-i386-freebsd10-i386                               pass
 test-amd64-i386-rumpuserxen-i386                             blocked
 test-amd64-i386-qemut-rhel6hvm-intel                         pass
 test-amd64-i386-qemuu-rhel6hvm-intel                         pass
 test-amd64-amd64-libvirt                                     pass
 test-armhf-armhf-libvirt                                     fail
 test-amd64-i386-libvirt                                      pass
 test-armhf-armhf-xl-midway                                   pass
 test-amd64-amd64-migrupgrade                                 pass
 test-amd64-i386-migrupgrade                                  pass
 test-amd64-amd64-xl-multivcpu                                pass
 test-armhf-armhf-xl-multivcpu                                pass
 test-amd64-amd64-pair                                        pass
 test-amd64-i386-pair                                         pass
 test-amd64-amd64-libvirt-pair                                pass
 test-amd64-i386-libvirt-pair                                 pass
 test-amd64-amd64-pv                                          pass
 test-amd64-i386-pv                                           pass
 test-amd64-amd64-amd64-pvgrub                                pass
 test-amd64-amd64-i386-pvgrub                                 pass
 test-amd64-amd64-pygrub                                      pass
 test-armhf-armhf-libvirt-qcow2                               fail
 test-amd64-amd64-xl-qcow2                                    pass
 test-armhf-armhf-libvirt-raw                                 fail
 test-amd64-i386-xl-raw                                       pass
 test-amd64-i386-xl-qemut-winxpsp3-vcpus1                     pass
 test-amd64-i386-xl-qemuu-winxpsp3-vcpus1                     pass
 test-amd64-amd64-libvirt-vhd                                 pass
 test-armhf-armhf-xl-vhd                                      fail
 test-amd64-i386-xend-qemut-winxpsp3                          fail
 test-amd64-amd64-xl-qemut-winxpsp3                           pass
 test-amd64-amd64-xl-qemuu-winxpsp3                           pass

sg-report-flight on osstest.xs.citrite.net
logs: /home/osstest/logs
images: /home/osstest/images

Logs, config files, etc. are available at

Test harness code can be found at

Push not applicable.

commit 73b70e3c5d59e63126c890068ee0cbf8a2a3b640
Author: Ian Jackson <ian.jackson@xxxxxxxxxxxxx>
Date:   Wed Oct 21 16:18:30 2015 +0100

    libxl: adjust PoD target by memory fudge, too

    PoD guests need to balloon at least as far as required by PoD, or risk
    crashing.  Currently they don't necessarily know what the right value
    is, because our memory accounting is (at the very least) confusing.

    Apply the memory limit fudge factor to the in-hypervisor PoD memory
    target, too.  This will increase the size of the guest's PoD cache by
    the fudge factor LIBXL_MAXMEM_CONSTANT (currently 1Mby).  This ensures
    that even with a slightly-off balloon driver, the guest will be
    stable even under memory pressure.

    There are two call sites of xc_domain_set_pod_target that need fixing:

    The one in libxl_set_memory_target is straightforward.

    The one in xc_hvm_build_x86.c:setup_guest is more awkward.  Simply
    setting the PoD target differently does not work because the various
    amounts of memory during domain construction no longer match up.
    Instead, we adjust the guest memory target in xenstore (but only for
    PoD guests).

    This introduces a 1Mby discrepancy between the balloon target of a PoD
    guest at boot, and the target set by an apparently-equivalent `xl
    mem-set' (or similar) later.  This approach is low-risk for a security
    fix but we need to fix this up properly in xen.git#staging and
    probably also in stable trees.

    This is XSA-153.

    Signed-off-by: Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx>
    (cherry picked from commit 56fb5fd62320eb40a7517206f9706aa9188d6f7b)
    (cherry picked from commit 423d2cd814e8460d5ea8bd191a770f3c48b3947c)

    Signed-off-by: Ian Jackson <ian.jackson@xxxxxxxxxxxxx>

commit 0613780df68c4a35a0bde1584daea0697666ef01
Author: Jan Beulich <jbeulich@xxxxxxxx>
Date:   Thu Oct 29 14:15:22 2015 +0100

    x86: rate-limit logging in do_xen{oprof,pmu}_op()

    Some of the sub-ops are acessible to all guests, and hence should be
    rate-limited. In the xenoprof case, just like for XSA-146, include them
    only in debug builds. Since the vPMU code is rather new, allow them to
    be always present, but downgrade them to (rate limited) guest messages.

    This is CVE-2015-7971 / XSA-152.

    Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
    Reviewed-by: Ian Campbell <ian.campbell@xxxxxxxxxx>
    master commit: 95e7415843b94c346e5ba8682665f508f220e04b
    master date: 2015-10-29 13:37:19 +0100

commit 76782e03f49d0ac79451db92a11877d2add8e811
Author: Jan Beulich <jbeulich@xxxxxxxx>
Date:   Thu Oct 29 14:14:55 2015 +0100

    xenoprof: free domain's vcpu array

    This was overlooked in fb442e2171 ("x86_64: allow more vCPU-s per

    This is CVE-2015-7969 / XSA-151.

    Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
    Reviewed-by: Ian Campbell <ian.campbell@xxxxxxxxxx>
    master commit: 6e97c4b37386c2d09e09e9b5d5d232e37728b960
    master date: 2015-10-29 13:36:52 +0100

commit 3638ff0e711e1a2bcb1ad8f3706d5ea079a54e79
Author: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
Date:   Thu Oct 29 14:14:30 2015 +0100

    x86/PoD: Eager sweep for zeroed pages

    Based on the contents of a guests physical address space,
    p2m_pod_emergency_sweep() could degrade into a linear memcmp() from 0 to
    max_gfn, which runs non-preemptibly.

    As p2m_pod_emergency_sweep() runs behind the scenes in a number of contexts,
    making it preemptible is not feasible.

    Instead, a different approach is taken.  Recently-populated pages are 
    checked for reclaimation, which amortises the p2m_pod_emergency_sweep()
    operation across each p2m_pod_demand_populate() operation.

    Note that in the case that a 2M superpage can't be reclaimed as a superpage,
    it is shattered if 4K pages of zeros can be reclaimed.  This is unfortunate
    but matches the previous behaviour, and is required to avoid regressions
    (domain crash from PoD exhaustion) with VMs configured close to the limit.

    This is CVE-2015-7970 / XSA-150.

    Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
    Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx>
    Reviewed-by: George Dunlap <george.dunlap@xxxxxxxxxx>
    master commit: 101ce53266866144e724ed593173bc4098b300b9
    master date: 2015-10-29 13:36:25 +0100

commit 63c4744f4eef34af1cd77a2abb3edaf46c0d9fd1
Author: Jan Beulich <jbeulich@xxxxxxxx>
Date:   Thu Oct 29 14:13:30 2015 +0100

    free domain's vcpu array

    This was overlooked in fb442e2171 ("x86_64: allow more vCPU-s per

    This is CVE-2015-7969 / XSA-149.

    Reported-by: Ian Campbell <ian.campbell@xxxxxxxxxx>
    Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
    Reviewed-by: Ian Campbell <ian.campbell@xxxxxxxxxx>

commit 477bc9b11964414aa6f6bf3733c6868c712fb5f1
Author: Ian Campbell <ian.campbell@xxxxxxxxxx>
Date:   Thu Oct 29 14:09:45 2015 +0100

    xen: common: Use unbounded array for symbols_offset.

    Using a singleton array causes gcc5 to report:
    symbols.c: In function 'symbols_lookup':
    symbols.c:128:359: error: array subscript is above array bounds 
    symbols.c:136:176: error: array subscript is above array bounds 

    Signed-off-by: Ian Campbell <ian.campbell@xxxxxxxxxx>
    Acked-by: Jan Beulich <jbeulich@xxxxxxxx>
    master commit: 3f82ea62826d4eb06002d8dba475bafcc454b845
    master date: 2015-03-20 12:02:03 +0000

commit a6646a52fd7aad00c6d50668f7ae362288ec9a98
Author: Jan Beulich <jbeulich@xxxxxxxx>
Date:   Thu Oct 29 14:07:01 2015 +0100

    x86: guard against undue super page PTE creation

    When optional super page support got added (commit bd1cd81d64 "x86: PV
    support for hugepages"), two adjustments were missed: mod_l2_entry()
    needs to consider the PSE and RW bits when deciding whether to use the
    fast path, and the PSE bit must not be removed from L2_DISALLOW_MASK

    This is CVE-2015-7835 / XSA-148.

    Reported-by: "栾��(好�)" <shangcong.lsc@xxxxxxxxxxxxxxx>
    Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
    Reviewed-by: Tim Deegan <tim@xxxxxxx>
    master commit: fe360c90ea13f309ef78810f1a2b92f2ae3b30b8
    master date: 2015-10-29 13:35:07 +0100

commit d889704e1bc0b2d6b2b92adc2c54ac5db17f51ea
Author: Ian Campbell <ian.campbell@xxxxxxxxxx>
Date:   Thu Oct 29 14:06:35 2015 +0100

    arm: handle races between relinquish_memory and free_domheap_pages

    Primarily this means XENMEM_decrease_reservation from a toolstack

    Unlike x86 we have no requirement right now to queue such pages onto
    a separate list, if we hit this race then the other code has already
    fully accepted responsibility for freeing this page and therefore
    there is no more for relinquish_memory to do.

    This is CVE-2015-7814 / XSA-147.

    Signed-off-by: Ian Campbell <ian.campbell@xxxxxxxxxx>
    Reviewed-by: Julien Grall <julien.grall@xxxxxxxxxx>
    Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx>
    master commit: 1ef01396fdff88b1c3331a09ca5c69619b90f4ea
    master date: 2015-10-29 13:34:17 +0100

commit e6e24d73697dd127a31554c88d3d66bda5c89ee6
Author: Ian Campbell <ian.campbell@xxxxxxxxxx>
Date:   Thu Oct 29 14:05:25 2015 +0100

    arm: rate-limit logging from unimplemented PHYSDEVOP and HVMOP.

    These are guest accessible and should therefore be rate-limited.
    Moreover, include them only in debug builds.

    This is CVE-2015-7813 / XSA-146.

    Signed-off-by: Ian Campbell <ian.campbell@xxxxxxxxxx>
    Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx>
    master commit: 1c0e59ff15764e7b0c59282365974f5b8924ce83
    master date: 2015-10-29 13:33:38 +0100

commit 16486fc03070f678e3a5266ca53907e2862e9e6b
Author: Julien Grall <julien.grall@xxxxxxxxxx>
Date:   Thu Oct 29 14:05:07 2015 +0100

    arm: Support hypercall_create_continuation for multicall

    Multicall for ARM has been supported since commit f0dbdc6 "xen: arm: fully
    implement multicall interface.". Although, if an hypercall in multicall
    requires preemption, it will crash the host:

    (XEN) Xen BUG at domain.c:347
    (XEN) ----[ Xen-4.7-unstable  arm64  debug=y  Tainted:    C ]----
    (XEN) Xen call trace:
    (XEN)    [<00000000002420cc>] hypercall_create_continuation+0x64/0x380 (PC)
    (XEN)    [<0000000000217274>] do_memory_op+0x1b00/0x2334 (LR)
    (XEN)    [<0000000000250d2c>] do_multicall_call+0x114/0x124
    (XEN)    [<0000000000217ff0>] do_multicall+0x17c/0x23c
    (XEN)    [<000000000024f97c>] do_trap_hypercall+0x90/0x12c
    (XEN)    [<0000000000251ca8>] do_trap_hypervisor+0xd2c/0x1ba4
    (XEN)    [<00000000002582cc>] guest_sync+0x88/0xb8
    (XEN) ****************************************
    (XEN) Panic on CPU 5:
    (XEN) Xen BUG at domain.c:347
    (XEN) ****************************************
    (XEN) Manual reset required ('noreboot' specified)

    Looking to the code, the support of multicall looks valid to me, as we only
    need to fill call.args[...]. So drop the BUG();

    This is CVE-2015-7812 / XSA-145.

    Signed-off-by: Julien Grall <julien.grall@xxxxxxxxxx>
    Acked-by: Ian Campbell <ian.campbell@xxxxxxxxxx>
    master commit: 29bcf64ce8bc0b1b7aacd00c8668f255c4f0686c
    master date: 2015-10-29 13:31:10 +0100

Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.