[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

domU crash when resuming from suspend - Xen 4.22

  • To: xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • From: Marek Marczykowski-Górecki <marmarek@xxxxxxxxxxxxxxxxxxxxxx>
  • Date: Fri, 19 Jun 2026 13:24:09 +0200
  • Authentication-results: eu.smtp.expurgate.cloud; dkim=pass header.s=fm1 header.d=invisiblethingslab.com header.i="@invisiblethingslab.com" header.h="Content-Type:Date:From:Message-ID:MIME-Version:Subject:To"; dkim=pass header.s=fm1 header.d=messagingengine.com header.i="@messagingengine.com" header.h="Content-Type:Date:Feedback-ID:From:Message-ID:MIME-Version:Subject:To:X-ME-Proxy:X-ME-Sender"
  • Delivery-date: Fri, 19 Jun 2026 11:24:17 +0000
  • Feedback-id: i1568416f:Fastmail
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
Hi,

I'm continuing testing 4.22 and found this:

When a domU is suspended (even without host suspend) it crashes on
resume with:

    [   24.374629] BUG: kernel NULL pointer dereference, address: 
0000000000000020
    [   24.374647] #PF: supervisor read access in kernel mode
    [   24.374657] #PF: error_code(0x0000) - not-present page
    [   24.374668] PGD 0 P4D 0 
    [   24.374675] Oops: Oops: 0000 [#1] SMP NOPTI
    [   24.374685] CPU: 0 UID: 0 PID: 19 Comm: migration/0 Not tainted 
6.18.31-1.qubes.13.fc41.x86_64 #1 PREEMPT(full) 
    [   24.374705] Stopper: multi_cpu_stop+0x0/0x140 <- 
__stop_cpus.constprop.0+0x6f/0xb0
    [   24.374723] RIP: 0010:multi_cpu_stop+0x63/0x140
    [   24.374734] Code: 49 0f a3 1c 24 41 0f 92 c6 c7 44 24 04 00 00 00 00 31 
ed 49 8d 5f 24 eb 2d 41 83 fd 02 74 6e 41 83 fd 03 74 49 f0 ff 0b 75 13 <41> 8b 
47 20 41 8b 77 10 83 c0 01 41 89 77 24 41 89 47 20 41 83 fd
    [   24.374764] RSP: 0018:ffffc900000abe30 EFLAGS: 00010046
    [   24.374775] RAX: 0000000000000000 RBX: ffffc90000a13de4 RCX: 
0000000000000404
    [   24.374790] RDX: 0000000000000040 RSI: ffffffffffffffff RDI: 
0000000000770ef0
    [   24.374801] RBP: 0000000000000002 R08: ffffc900000abc80 R09: 
ffffc900000abc8c
    [   24.374813] R10: 0000000000000000 R11: ffff88801e81cdc0 R12: 
ffffffff81835ac0
    [   24.374825] R13: 0000000000000000 R14: 0000000000000000 R15: 
0000000000000000
    [   24.374837] FS:  0000000000000000(0000) GS:ffff88809b369000(0000) 
knlGS:0000000000000000
    [   24.374850] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
    [   24.374860] CR2: 0000000000000020 CR3: 000000000d6a2002 CR4: 
0000000000770ef0
    [   24.374873] PKRU: 00000000
    [   24.374877] Call Trace:
    [   24.374884]  <TASK>
    [   24.374891]  ? __pfx_multi_cpu_stop+0x10/0x10
    [   24.374900]  cpu_stopper_thread+0xa3/0x170
    [   24.374908]  ? __pfx_smpboot_thread_fn+0x10/0x10
    [   24.374917]  smpboot_thread_fn+0xf3/0x220
    [   24.374925]  kthread+0xfc/0x240
    [   24.374933]  ? __pfx_kthread+0x10/0x10
    [   24.374940]  ? __pfx_kthread+0x10/0x10
    [   24.374949]  ret_from_fork+0x158/0x170
    [   24.374957]  ? __pfx_kthread+0x10/0x10
    [   24.374965]  ret_from_fork_asm+0x1a/0x30
    [   24.374973]  </TASK>
    [   24.374978] Modules linked in: snd_seq_dummy snd_hrtimer snd_seq 
snd_seq_device snd_timer snd soundcore cfg80211 rfkill vfat fat xenfs 
binfmt_misc nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_ct 
nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 nf_tables intel_rapl_msr 
intel_rapl_common intel_uncore_frequency_common intel_pmc_ssram_telemetry 
intel_vsec polyval_clmulni ghash_clmulni_intel xen_netfront xen_privcmd 
xen_gntdev xen_gntalloc xen_blkback xen_evtchn fuse loop nfnetlink ip_tables 
overlay xen_blkfront
    [   24.375064] CR2: 0000000000000020
    [   24.375071] ---[ end trace 0000000000000000 ]---
    [   24.375080] RIP: 0010:multi_cpu_stop+0x63/0x140
    [   24.375089] Code: 49 0f a3 1c 24 41 0f 92 c6 c7 44 24 04 00 00 00 00 31 
ed 49 8d 5f 24 eb 2d 41 83 fd 02 74 6e 41 83 fd 03 74 49 f0 ff 0b 75 13 <41> 8b 
47 20 41 8b 77 10 83 c0 01 41 89 77 24 41 89 47 20 41 83 fd
    [   24.375115] RSP: 0018:ffffc900000abe30 EFLAGS: 00010046
    [   24.375124] RAX: 0000000000000000 RBX: ffffc90000a13de4 RCX: 
0000000000000404
    [   24.375142] RDX: 0000000000000040 RSI: ffffffffffffffff RDI: 
0000000000770ef0
    [   24.375155] RBP: 0000000000000002 R08: ffffc900000abc80 R09: 
ffffc900000abc8c
    [   24.375170] R10: 0000000000000000 R11: ffff88801e81cdc0 R12: 
ffffffff81835ac0
    [   24.375184] R13: 0000000000000000 R14: 0000000000000000 R15: 
0000000000000000
    [   24.375200] FS:  0000000000000000(0000) GS:ffff88809b369000(0000) 
knlGS:0000000000000000
    [   24.375214] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
    [   24.375226] CR2: 0000000000000020 CR3: 000000000d6a2002 CR4: 
0000000000770ef0
    [   24.375241] PKRU: 00000000
    [   24.375247] Kernel panic - not syncing: Fatal exception
    [   25.417403] Shutting down cpus with NMI
    [   25.417447] Kernel Offset: disabled

There is no change on the Linux kernel side (neither dom0 nor domU), the
only change is updating Xen 4.19.4 -> 4.22-rc2 (seems to be already
broken on -rc1 too). This happens for both HVM and PVH domains. Haven't
tried PV domU (but dom0 survives host suspend).


-- 
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab

Attachment: signature.asc
Description: PGP signature

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.