From: Julien Grall <julien.grall@linaro.org>
To: Jan Beulich <JBeulich@suse.com>
Cc: George Dunlap <george.dunlap@eu.citrix.com>,
xen-devel <xen-devel@lists.xen.org>,
Ian Campbell <ian.campbell@citrix.com>,
Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Subject: Re: Hit ASSERT in kill_timer function
Date: Wed, 30 Apr 2014 17:09:35 +0100 [thread overview]
Message-ID: <5361203F.3060102@linaro.org> (raw)
In-Reply-To: <536137A4020000780000DED1@mail.emea.novell.com>
On 04/30/2014 04:49 PM, Jan Beulich wrote:
>>>> On 30.04.14 at 16:40, <julien.grall@linaro.org> wrote:
>> I played a bit with the function vcpu_initialize on ARM.
>> If it fails, it will likely crash Xen with the following stack trace:
>>
>> (XEN) Xen BUG at /local/home/julien/works/arndale/xen/xen/include/xen/list.h:175
>> ...
>> (XEN) Xen call trace:
>> (XEN) [<002457e0>] __bug+0x2c/0x44 (PC)
>> (XEN) [<002457e0>] __bug+0x2c/0x44 (LR)
>> (XEN) [<00231cb0>] kill_timer+0x1bc/0x364
>> (XEN) [<002296e4>] sched_destroy_vcpu+0x1c/0x14c
>> (XEN) [<002081d8>] alloc_vcpu+0x17c/0x270
>> (XEN) [<00206a10>] do_domctl+0xa74/0x11f4
>> (XEN) [<00254698>] do_trap_hypervisor+0x7f0/0xb44
>> (XEN) [<00257110>] return_from_trap+0/0x4
>>
>> It's easily reproductible on ARM with this small patch:
>>
>> diff --git a/xen/arch/arm/domain.c b/xen/arch/arm/domain.c
>> index ccccb77..7ada03f 100644
>> --- a/xen/arch/arm/domain.c
>> +++ b/xen/arch/arm/domain.c
>> @@ -473,6 +473,9 @@ int vcpu_initialise(struct vcpu *v)
>> if ( (rc = vcpu_vtimer_init(v)) != 0 )
>> return rc;
>>
>> + if ( v->domain->domain_id != 0 )
>> + return -EFAULT;
>> +
>> return rc;
>> }
>>
>> I guess we forget to take a lock or smth like that, but I don't know
>> enough this code.
>
> I definitely can't reproduce this on x86 - I tried three different
> variations of which vCPU(s) to fail this function on. Are you sure
> you didn't corrupt something with your experiments?
Yes, I've checkout xengit/staging (commit 9f2f129) and applied tiny patch above.
Usually the first iteration I get:
Parsing config from dom1.xl
libxl: error: libxl_dom.c:239:libxl__build_pre: Couldn't set max vcpu count
libxl: error: libxl_create.c:1036:domcreate_rebuild_done: cannot (re-)build domain: -3
And then Xen will crash as soon as I try to create another domain.
I will investigate in ARM side to see what happen.
Regards,
--
Julien Grall
prev parent reply other threads:[~2014-04-30 16:09 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-04-30 14:40 Hit ASSERT in kill_timer function Julien Grall
2014-04-30 15:49 ` Jan Beulich
2014-04-30 16:09 ` Julien Grall [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5361203F.3060102@linaro.org \
--to=julien.grall@linaro.org \
--cc=JBeulich@suse.com \
--cc=george.dunlap@eu.citrix.com \
--cc=ian.campbell@citrix.com \
--cc=stefano.stabellini@eu.citrix.com \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.