[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] Xen 4.11.1 panic

On Wed, Dec 19, 2018 at 04:05:57AM -0700, Jan Beulich wrote:
> >>> On 18.12.18 at 23:19, <bouyer@xxxxxxxxxxxxxxx> wrote:
> > I tried updating my NetBSD dom0 to 4.11.1 (from 4.11.0 with security 
> > patches),
> 
> Hmm, the issue stems from the XSA-273 changes, so did you perhaps
> mean "with some security patches", and you didn't have those ones
> applied?

Yes, for some reason XSA-273 isn't in the list of patches I had for
Xen 4.11.0. I guess I forgot it ...

> 
> > and on a 32bits PV domU shutdown I get (100% reproductible):
> > (XEN) Assertion 'preemptible' failed at mm.c:2493                           
> [...]
> 
> The line number above doesn't match any one with a respective
> ASSERT() in plain 4.11.1. There are a few nearby ones, and hence
> I can only guess that it's the one that was recently added (in
> PGT_l2_page_table handling of free_page_type()). Can you confirm
> this please with the exact sources you've used for your build?

Here's what I have in xen/arch/x86/mm.c:
  2486      switch ( type & PGT_type_mask )  
  2487      {
  2488      case PGT_l1_page_table:
  2489          free_l1_table(page);
  2490          rc = 0; 
  2491          break;
  2492      case PGT_l2_page_table:
  2493          ASSERT(preemptible);
  2494          rc = free_l2_table(page); 
  2495          break; 
  2496      case PGT_l3_page_table:
  2497          ASSERT(preemptible);
  2498          rc = free_l3_table(page);
  2499          break;
  2500      case PGT_l4_page_table: 
  2501          ASSERT(preemptible);
  2502          rc = free_l4_table(page);
  2503          break;
  2504      default:

This is in free_page_type()

> 
> In any event, both Andrew and I must have overlooked the one
> crucial place due to which the assertion is indeed wrong from
> put_page_from_l2e():
> 
>         int rc = _put_page_type(pg, false, mfn_to_page(_mfn(pfn)));
> 
> Not allowing for preemption there is fine if the L2E is pointing to
> an L1 table, but is now wrong if the L2E points to another L2,
> which surely is the case when you see the assertion trigger.

Should we just change false to true here, or should the cases above be handled
differently ?

-- 
Manuel Bouyer <bouyer@xxxxxxxxxxxxxxx>
     NetBSD: 26 ans d'experience feront toujours la difference
--

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.