[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [xen-4.3-testing test] 22359: regressions - FAIL



flight 22359 xen-4.3-testing real [real]
http://www.chiark.greenend.org.uk/~xensrcts/logs/22359/

Regressions :-(

Tests which did not succeed and are blocking,
including tests which could not be run:
 test-armhf-armhf-xl           4 xen-install               fail REGR. vs. 22298

Tests which did not succeed, but are not blocking:
 test-amd64-amd64-xl-pcipt-intel  9 guest-start                 fail never pass
 test-amd64-amd64-xl-qemuu-win7-amd64 13 guest-stop             fail never pass
 test-amd64-i386-xend-winxpsp3 16 leak-check/check             fail  never pass
 test-amd64-i386-xl-win7-amd64 13 guest-stop                   fail  never pass
 test-amd64-i386-xl-qemut-win7-amd64 13 guest-stop              fail never pass
 test-amd64-amd64-xl-win7-amd64 13 guest-stop                   fail never pass
 test-amd64-i386-xl-winxpsp3-vcpus1 13 guest-stop               fail never pass
 test-amd64-i386-xl-qemut-winxpsp3-vcpus1 13 guest-stop         fail never pass
 test-amd64-i386-xend-qemut-winxpsp3 16 leak-check/check        fail never pass
 test-amd64-amd64-xl-qemut-winxpsp3 13 guest-stop               fail never pass
 test-amd64-amd64-xl-qemut-win7-amd64 13 guest-stop             fail never pass
 test-amd64-amd64-xl-qemuu-winxpsp3 13 guest-stop               fail never pass
 test-amd64-amd64-xl-winxpsp3 13 guest-stop                   fail   never pass

version targeted for testing:
 xen                  68903c912ebf25843bae8ce372f4c875681be824
baseline version:
 xen                  922dc04b354fdf45dfd176552098853c79e3033a

------------------------------------------------------------
People who touched revisions under test:
  Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
  Daniel Kiper <daniel.kiper@xxxxxxxxxx>
  Eddie Dong <eddie.dong@xxxxxxxxx>
  Feng Wu <feng.wu@xxxxxxxxx>
  Ian Campbell <ian.campbell@xxxxxxxxxx>
  Jan Beulich <jbeulich@xxxxxxxx>
  Jean-Yves Migeon <jym@xxxxxxxxxx>
  Jun Nakajima <jun.nakajima@xxxxxxxxx>
  Keir Fraser <keir@xxxxxxx>
  Liu Jinsong <jinsong.liu@xxxxxxxxx>
  Matthew Daley <mattd@xxxxxxxxxxx>
  Tim Deegan <tim@xxxxxxx>
  Yang Zhang <yang.z.zhang@xxxxxxxxx>
------------------------------------------------------------

jobs:
 build-amd64                                                  pass    
 build-armhf                                                  pass    
 build-i386                                                   pass    
 build-amd64-oldkern                                          pass    
 build-i386-oldkern                                           pass    
 build-amd64-pvops                                            pass    
 build-armhf-pvops                                            pass    
 build-i386-pvops                                             pass    
 test-amd64-amd64-xl                                          pass    
 test-armhf-armhf-xl                                          fail    
 test-amd64-i386-xl                                           pass    
 test-amd64-i386-rhel6hvm-amd                                 pass    
 test-amd64-i386-qemut-rhel6hvm-amd                           pass    
 test-amd64-i386-qemuu-rhel6hvm-amd                           pass    
 test-amd64-i386-freebsd10-amd64                              pass    
 test-amd64-amd64-xl-qemut-win7-amd64                         fail    
 test-amd64-i386-xl-qemut-win7-amd64                          fail    
 test-amd64-amd64-xl-qemuu-win7-amd64                         fail    
 test-amd64-amd64-xl-win7-amd64                               fail    
 test-amd64-i386-xl-win7-amd64                                fail    
 test-amd64-i386-xl-credit2                                   pass    
 test-amd64-i386-freebsd10-i386                               pass    
 test-amd64-amd64-xl-pcipt-intel                              fail    
 test-amd64-i386-rhel6hvm-intel                               pass    
 test-amd64-i386-qemut-rhel6hvm-intel                         pass    
 test-amd64-i386-qemuu-rhel6hvm-intel                         pass    
 test-amd64-i386-xl-multivcpu                                 pass    
 test-amd64-amd64-pair                                        pass    
 test-amd64-i386-pair                                         pass    
 test-amd64-amd64-xl-sedf-pin                                 pass    
 test-amd64-amd64-pv                                          pass    
 test-amd64-i386-pv                                           pass    
 test-amd64-amd64-xl-sedf                                     pass    
 test-amd64-i386-xl-qemut-winxpsp3-vcpus1                     fail    
 test-amd64-i386-xl-winxpsp3-vcpus1                           fail    
 test-amd64-i386-xend-qemut-winxpsp3                          fail    
 test-amd64-amd64-xl-qemut-winxpsp3                           fail    
 test-amd64-amd64-xl-qemuu-winxpsp3                           fail    
 test-amd64-i386-xend-winxpsp3                                fail    
 test-amd64-amd64-xl-winxpsp3                                 fail    


------------------------------------------------------------
sg-report-flight on woking.cam.xci-test.com
logs: /home/xc_osstest/logs
images: /home/xc_osstest/images

Logs, config files, etc. are available at
    http://www.chiark.greenend.org.uk/~xensrcts/logs

Test harness code can be found at
    http://xenbits.xensource.com/gitweb?p=osstest.git;a=summary


Not pushing.

------------------------------------------------------------
commit 68903c912ebf25843bae8ce372f4c875681be824
Author: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
Date:   Mon Dec 9 14:34:24 2013 +0100

    x86/boot: fix BIOS memory corruption on certain IBM systems
    
    IBM System x3530 M4 BIOSes (including the latest available at the time of 
this
    patch) will corrupt a byte at physical address 0x105ff1 to the value of 0x86
    if %esp has the value 0x00080000 when issuing an `int $0x15 (ax=0xec00)` to
    inform the system about our intended operating mode.
    
    Xen gets unhappy when the bootloader has placed it's .text section in over
    this specific region of RAM.
    
    After dropping into 16bit mode, clear all 32 bits of %esp, and for the BIOS
    call already documented to be affected by BIOS bugs clear all GPRs.
    
    Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
    Acked-by: Keir Fraser <keir@xxxxxxx>
    Release-acked-by: George Dunlap <george.dunlap@xxxxxxxxxxxxx>
    Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx>
    master commit: 1ed76797439e384de18fcd6810bd4743d4f38b1e
    master date: 2013-12-06 11:28:00 +0100

commit 6a64987e1176e69eadfa91b9be23479991e6aeb5
Author: Yang Zhang <yang.z.zhang@xxxxxxxxx>
Date:   Mon Dec 9 14:33:33 2013 +0100

    Nested VMX: CR emulation fix up
    
    This patch fixs two issues:
    1. The CR_READ_SHADOW should only cover the value that L2 wirtes to
    CR when L2 is running. But currently, L0 wirtes wrong value to
    it during virtual vmentry and L2's CR access emualtion.
    
    2. L2 changed cr[0/4] in a way that did not change any of L1's shadowed
    bits, but did change L0 shadowed bits. In this case, the effective cr[0/4]
    value that L1 would like to write into the hardware is consist of
    the L2-owned bits from the new value combined with the L1-owned bits
    from L1's guest cr[0/4].
    
    Signed-off-by: Yang Zhang <yang.z.zhang@xxxxxxxxx>
    Acked-by: Eddie Dong <eddie.dong@xxxxxxxxx>
    master commit: ef17e127c4111d8e01fe208495d83d15e8834cce
    master date: 2013-12-06 11:08:20 +0100

commit cd279948564daedb4e19673f50e71729e01f39c2
Author: Daniel Kiper <daniel.kiper@xxxxxxxxxx>
Date:   Mon Dec 9 14:32:54 2013 +0100

    x86: fix early boot command line parsing
    
    There is no reliable way to encode NUL character as a character so encode
    it as a number. Read: 
http://sourceware.org/binutils/docs/as/Characters.html.
    Octal and hex encoding do not work on at least one system (GNU assembler
    version 2.22 (x86_64-linux-gnu) using BFD version (GNU Binutils for Debian) 
2.22).
    Without this fix e.g. no-real-mode option at the end of xen.gz command line
    is not detected.
    
    Signed-off-by: Daniel Kiper <daniel.kiper@xxxxxxxxxx>
    Reviewed-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
    Acked-by: Keir Fraser <keir@xxxxxxx>
    master commit: dc37e0bfffc673f4bdce1d69ad86098bfb0ab531
    master date: 2013-12-04 13:26:37 +0100

commit 5fff433162d9b48c3bb94f2b453f45176a39eb5f
Author: Jan Beulich <jbeulich@xxxxxxxx>
Date:   Mon Dec 9 14:32:16 2013 +0100

    nested VMX: fix I/O port exit emulation
    
    For multi-byte operations all affected ports' bits in the bitmap need
    to be checked, not just the first port's one.
    
    Reported-by: Matthew Daley <mattd@xxxxxxxxxxx>
    Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
    Reviewed-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
    Acked-by: Eddie Dong <eddie.dong@xxxxxxxxx>
    master commit: e1978480c76e36bc22ec12657121ac91d08aca6b
    master date: 2013-12-04 13:23:27 +0100

commit 82008c842e6fb015606541e92bff7b0db5537591
Author: Jan Beulich <jbeulich@xxxxxxxx>
Date:   Mon Dec 9 14:31:40 2013 +0100

    fix locking in offline_page()
    
    Coverity ID 1055655
    
    Apart from the Coverity-detected lock order reversal (a domain's
    page_alloc_lock taken with the heap lock already held), calling
    put_page() with heap_lock is a bad idea too (as a possible descendant
    from put_page() is free_heap_pages(), which wants to take this very
    lock).
    
    From all I can tell the region over which heap_lock was held was far
    too large: All we need to protect are the call to mark_page_offline()
    and reserve_heap_page() (and I'd even put under question the need for
    the former). Hence by slightly re-arranging the if/else-if chain we
    can drop the lock much earlier, at once no longer covering the two
    put_page() invocations.
    
    Once at it, do a little bit of other cleanup: Put the "pod_replace"
    code path inline rather than at its own label, and drop the effectively
    unused variable "ret".
    
    Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
    Reviewed-by: Tim Deegan <tim@xxxxxxx>
    Acked-by: Keir Fraser <keir@xxxxxxx>
    master commit: d4837a56da4a59259dd0cf9f3bdc073159d81d7a
    master date: 2013-12-03 12:40:57 +0100

commit e45bf29ad84a6cb4a0a8f47f5efaaff61a288211
Author: Matthew Daley <mattd@xxxxxxxxxxx>
Date:   Mon Dec 9 14:31:02 2013 +0100

    nested vmx: fix I/O port bitmap indexing arithmetic
    
    The I/O port bitmap holds 8 ports per element, and hence the port number
    used when indexing into it should be shifted right by 3 bits, not 4.
    
    Signed-off-by: Matthew Daley <mattd@xxxxxxxxxxx>
    Reviewed-by: Yang Zhang <yang.z.zhang@xxxxxxxxx>
    Acked-by: Eddie Dong <eddie.dong@xxxxxxxxx>
    master commit: b80e4583501904297d2ff5b0f905e68f81f8f2c9
    master date: 2013-12-03 09:51:54 +0100

commit b3a75d8a744a01200c4dff2e46b69595d80bb496
Author: Jean-Yves Migeon <jym@xxxxxxxxxx>
Date:   Mon Dec 9 14:30:29 2013 +0100

    Fix ptr calculation when converting from a VA
    
    The ptr calculation shall take the offset into the page into account
    when ptr is valid.
    
    Reported regression on NetBSD's port-xen with last known working libxen
    being rev 2.9. This corrupts the kernel symbol table when the table is
    not loaded on a page boundary.
    
    Issue was tracked down by FastIce and Jeff Rizzo. See also
    http://mail-index.netbsd.org/port-xen/2013/10/16/msg008088.html
    
    Signed-off-by: Jean-Yves Migeon <jym@xxxxxxxxxx>
    Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx>
    Acked-by: Ian Campbell <ian.campbell@xxxxxxxxxx>
    master commit: cb08944a482a5e80a3ff1113f0735761cc4c6cb8
    master date: 2013-11-29 11:07:01 +0000

commit 3014b79dcd8d6c9e75bf4918fb916bf89954c779
Author: Feng Wu <feng.wu@xxxxxxxxx>
Date:   Mon Dec 9 14:29:39 2013 +0100

    x86: properly handle MSI-X unmask operation from guests
    
    For a pass-through device with MSI-x capability, when guest tries
    to unmask the MSI-x interrupt for the passed through device, xen
    doesn't clear the mask bit for MSI-x in hardware in the following
    scenario, which will cause network disconnection:
    
    1. Guest masks the MSI-x interrupt
    2. Guest updates the address and data for it
    3. Guest unmasks the MSI-x interrupt (This is the problematic step)
    
    In the step #3 above, Xen doesn't handle it well. When guest tries
    to unmask MSI-X interrupt, it traps to Xen, Xen just returns to Qemu
    if it notices that address or data has been modified by guest before,
    then Qemu will update Xen with the latest value of address/data by
    hypercall. However, in this whole process, the MSI-X interrupt unmask
    operation is missing, which means Xen doesn't clear the mask bit in
    hardware for the MSI-X interrupt, so it remains disabled, that is why
    it loses the network connection.
    
    This patch fixes this issue.
    
    Signed-off-by: Feng Wu <feng.wu@xxxxxxxxx>
    
    Only latch the address if the guest really is unmasking the entry.
    
    Clean up the entire change.
    
    Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
    Reviewed-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
    master commit: 74fd0036deb585a139b63b26db025805ecedc37a
    master date: 2013-11-27 15:15:43 +0100

commit 32abacd714b04e6167450b76341966d48187e4ad
Author: Tim Deegan <tim@xxxxxxx>
Date:   Mon Dec 9 14:28:06 2013 +0100

    x86/hvm: fix segment validation
    
    Also Coverity CID 1055180.
    
    Reported-by: David Binderman <dcb314@xxxxxxxxxxx>
    Signed-off-by: Tim Deegan <tim@xxxxxxx>
    
    Use _SEGMENT_* instead of plain numbers and adjust a comment.
    
    Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
    Reviewed-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
    master commit: 6ed4bfbabd487b41021caa7ed03cee1f00ecbabf
    master date: 2013-11-26 09:54:21 +0100

commit 064275dcfb6002dc4327ba94b6bd758806735538
Author: Liu Jinsong <jinsong.liu@xxxxxxxxx>
Date:   Mon Dec 9 14:27:04 2013 +0100

    VMX: fix cr0.cd handling
    
    This patch solves XSA-60 security hole:
    1. For guest w/o VT-d, and for guest with VT-d but snooped, Xen need
    do nothing, since hardware snoop mechanism has ensured cache coherency.
    
    2. For guest with VT-d but non-snooped, cache coherency can not be
    guaranteed by h/w snoop, therefore it need emulate UC type to guest:
    2.1). if it works w/ Intel EPT, set guest IA32_PAT fields as UC so that
    guest memory type are all UC.
    2.2). if it works w/ shadow, drop all shadows so that any new ones would
    be created on demand w/ UC.
    
    This patch also fix a bug of shadow cr0.cd setting. Current shadow has a
    small window between cache flush and TLB invalidation, resulting in possilbe
    cache pollution. This patch pause vcpus so that no vcpus context involved
    into the window.
    
    This is CVE-2013-2212 / XSA-60.
    
    Signed-off-by: Liu Jinsong <jinsong.liu@xxxxxxxxx>
    Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx>
    Reviewed-by: Tim Deegan <tim@xxxxxxx>
    Reviewed-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
    Acked-by: Jun Nakajima <jun.nakajima@xxxxxxxxx>
    Acked-by: Keir Fraser <keir@xxxxxxx>
    master commit: 62652c00efa55fb45374bcc92f7d96fc411aebb2
    master date: 2013-11-06 10:12:36 +0100

commit e81d0ac25464825b3828cff5dc9e8285612992c4
Author: Liu Jinsong <jinsong.liu@xxxxxxxxx>
Date:   Mon Dec 9 14:26:03 2013 +0100

    VMX: remove the problematic set_uc_mode logic
    
    XSA-60 security hole comes from the problematic vmx_set_uc_mode.
    This patch remove vmx_set_uc_mode logic, which will be replaced by
    PAT approach at later patch.
    
    This is CVE-2013-2212 / XSA-60.
    
    Signed-off-by: Liu Jinsong <jinsong.liu@xxxxxxxxx>
    Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx>
    Reviewed-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
    Reviewed-by: Tim Deegan <tim@xxxxxxx>
    Acked-by: Jun Nakajima <jun.nakajima@xxxxxxxxx>
    master commit: 1c84d046735102e02d2df454ab07f14ac51f235d
    master date: 2013-11-06 10:12:00 +0100

commit 72380ecbcd9f870db1c60e698c9df71bdea6d819
Author: Liu Jinsong <jinsong.liu@xxxxxxxxx>
Date:   Mon Dec 9 14:24:20 2013 +0100

    VMX: disable EPT when !cpu_has_vmx_pat
    
    Recently Oracle developers found a Xen security issue as DOS affecting,
    named as XSA-60. Please refer http://xenbits.xen.org/xsa/advisory-60.html
    Basically it involves how to handle guest cr0.cd setting, which under
    some environment it consumes much time resulting in DOS-like behavior.
    
    This is a preparing patch for fixing XSA-60. Later patch will fix XSA-60
    via PAT under Intel EPT case, which depends on cpu_has_vmx_pat.
    
    This is CVE-2013-2212 / XSA-60.
    
    Signed-off-by: Liu Jinsong <jinsong.liu@xxxxxxxxx>
    Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx>
    Reviewed-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
    Reviewed-by: Tim Deegan <tim@xxxxxxx>
    Acked-by: Jun Nakajima <jun.nakajima@xxxxxxxxx>
    master commit: c13b0d65ddedd74508edef5cd66defffe30468fc
    master date: 2013-11-06 10:11:18 +0100
(qemu changes not included)

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.