http://bugzilla.xensource.com/bugzilla/show_bug.cgi?id=1038

Summary: windows 2003 domU crash by large disk operations on dom0 (qemu-dm segfault) Product: Xen Version: unstable Platform: x86-64 OS/Version: Linux Status: NEW Severity: critical Priority: P2 Component: HVM AssignedTo: xen-...@lists.xensource.com ReportedBy: sp...@abma.de CC: sp...@abma.de

i've installed xen 3.1 as dom0 and windows 2003 as domU. While dom0 does big file operations, qemu-dm crashes with a segfault:

qemu-dm[18802]: segfault at 0000000000000000 rip 0000000000000000 rsp 0000000041000c08 error 14

This happened while dom0 was cloning a snapshot from the partion, where domU lives. I can reproduce the bug, so i made a backtrace:

Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 1090525504 (LWP 7085)] 0x0000000000000000 in ?? () (gdb) bt #0 0x0000000000000000 in ?? () #1 0x000000000042b2e3 in dma_thread_func (opaque=<value optimized out>) at /var/tmp/portage/app-emulation/xen-tools-3.1.0/work/xen-3.1.0-src/tools/ioemu/hw/ide.c:2402 #2 0x00002b044f6e1135 in start_thread () from /lib/libpthread.so.0 #3 0x00002b044fd1562d in clone () from /lib/libc.so.6 #4 0x0000000000000000 in ?? ()

to reproduce the bug: start domU, create a snapshot from the lvm partition where domU lives, kpartx the snap, ntfsclone. sometimes it needs a few tries, but most the time, the crash of qemu-dm occurs.

config-file: kernel = "/usr/lib/xen/boot/hvmloader" builder = "hvm" memory = "993" device_model= "/usr/lib/xen/bin/qemu-dm" disk = [ 'phy:/dev/vg1/windows2003,ioemu:hda,w' , 'file:/images/Windows2003-CD1.iso,ioemu:hdb:cdrom,r' ]

name = "windows2003" vif = [ "type=ioemu, bridge=xenbr0" ] boot='d' vnc=1 vncviewer=0 sdl=0 vnclisten='192.168.1.1'

xm dmesg: (XEN) Command line: /xen.gz dom0_mem=1024M (XEN) 0000000000000000 - 000000000009f000 (usable) (XEN) 0000000000100000 - 000000007ffd0000 (usable) (XEN) System RAM: 2047MB (2096572kB) (XEN) Xen heap: 13MB (14224kB) (XEN) Domain heap initialised: DMA width 32 bits (XEN) Processor #0 15:11 APIC version 16 (XEN) Processor #1 15:11 APIC version 16 (XEN) IOAPIC[0]: apic_id 2, version 17, address 0xfec00000, GSI 0-23 (XEN) Enabling APIC mode: Flat. Using 1 I/O APICs (XEN) Using scheduler: SMP Credit Scheduler (credit) (XEN) Detected 2200.012 MHz processor. (XEN) HVM: SVM enabled (XEN) CPU0: AMD Athlon(tm) 64 X2 Dual Core Processor 4200+ stepping 02 (XEN) Mapping cpu 0 to node 255 (XEN) Booting processor 1/1 eip 90000 (XEN) Mapping cpu 1 to node 255 (XEN) AMD: Disabling C1 Clock Ramping Node #0 (XEN) CPU1: AMD Athlon(tm) 64 X2 Dual Core Processor 4200+ stepping 02 (XEN) Total of 2 processors activated. (XEN) ENABLING IO-APIC IRQs (XEN) -> Using new ACK method (XEN) ..MP-BIOS bug: 8254 timer not connected to IO-APIC (XEN) works. (XEN) Platform timer is 1.193MHz PIT (XEN) Brought up 2 CPUs (XEN) *** LOADING DOMAIN 0 *** (XEN) Xen kernel: 64-bit, lsb, compat32

(XEN) Dom0 kernel: 64-bit, lsb, paddr 0xffffffff80100000 -> 0xffffffff80523ca8

(XEN) PHYSICAL MEMORY ARRANGEMENT:

(XEN) Dom0 alloc.: 000000007d000000->000000007e000000 (258048 pages to be allocated)

(XEN) VIRTUAL MEMORY ARRANGEMENT: (XEN) Loaded kernel: ffffffff80100000->ffffffff80523ca8 (XEN) Init. ramdisk: ffffffff80524000->ffffffff80b10600 (XEN) Phys-Mach map: ffffffff80b11000->ffffffff80d11000 (XEN) Start info: ffffffff80d11000->ffffffff80d1149c (XEN) Page tables: ffffffff80d12000->ffffffff80d1d000 (XEN) Boot stack: ffffffff80d1d000->ffffffff80d1e000 (XEN) TOTAL: ffffffff80000000->ffffffff81000000 (XEN) ENTRY ADDRESS: ffffffff80100000 (XEN) Dom0 has maximum 2 VCPUs (XEN) Initrd len 0x5ec600, start at 0xffffffff80524000 (XEN) Scrubbing Free RAM: .........done. (XEN) Xen trace buffers: disabled (XEN) Std. Loglevel: Errors and warnings (XEN) Guest Loglevel: Nothing (Rate-limited: Errors and warnings) (XEN) Xen is relinquishing VGA console.

(XEN) *** Serial input -> DOM0 (type 'CTRL-a' three times to switch input to Xen).

(XEN) ioapic_guest_write: apic=0, pin=2, old_irq=-1, new_irq=0 (XEN) ioapic_guest_write: old_entry=00010000, new_entry=000009f0 (XEN) ioapic_guest_write: Installing bogus unmasked IO-APIC entry!

xm info: host : xen0 release : 2.6.16.49-xen version : #20 SMP Sun Jul 15 02:18:46 CEST 2007 machine : x86_64 nr_cpus : 2 nr_nodes : 1 sockets_per_node : 1 cores_per_socket : 2 threads_per_core : 1 cpu_mhz : 2200

hw_caps : 178bfbff:ebd3fbff:00000000:00000010:00002001:00000000:0000001f

total_memory : 2047 free_memory : 1 xen_major : 3 xen_minor : 1 xen_extra : .0

xen_caps : xen-3.0-x86_64 xen-3.0-x86_32p hvm-3.0-x86_32 hvm-3.0-x86_32p hvm-3.0-x86_64

xen_scheduler : credit xen_pagesize : 4096 platform_params : virt_start=0xffff800000000000 xen_changeset : unavailable cc_compiler : gcc version 4.1.1 (Gentoo 4.1.1-r3) cc_compile_by : root cc_compile_domain : cc_compile_date : Fri Jul 13 23:44:36 Local time xend_config_format : 4

more info see also: http://lists.xensource.com/archives/html/xen-users/2007-08/msg00074.html http://lists.xensource.com/archives/html/xen-devel/2007-08/msg00105.html

I've created a new bugreport, because it seems to be a different bug as http://bugzilla.xensource.com/bugzilla/show_bug.cgi?id=542 and i've searched for open bugs before i installed xen, but found none.

I hope i've done right to add this report and this is no duplicate. (found nothing