Bug #236389 “xen kernel crashes in domU NX-protected page” : Bugs : xen-source package : Ubuntu

Revision history for this message

mattsteven (matthew-matts) wrote on 2008-06-01:

#1

Download full text (27.1 KiB)

Additional crash info including the CPU soft lock that it degrades into. This is a pretty effective DoS in any case.

[27790.285754] kernel tried to execute NX-protected page - exploit attempt? (uid: 33)
[27790.285768] BUG: unable to handle kernel paging request at virtual address c1d7f160
[27790.285776] printing eip: c1d7f160
[27790.285784] 017bb000 -> *pde = 00000001:676f3001
[27790.285787] 017bc000 -> *pme = 00000001:435aa067
[27790.285791] 00000000 -> *pte = 80000001:67130063
[27790.285798] Oops: 0011 [#1] SMP
[27790.285804] Modules linked in: nf_conntrack_ftp nf_conntrack_ipv4 xt_state nf_conntrack xt_multiport iptable_filter ip_tables x_tables quota_v1 ipv6 evdev ext3 jbd mbcache dm_mirror dm_snapshot dm_mod fuse
[27790.285838]
[27790.285843] Pid: 21030, comm: apache2 Not tainted (2.6.24-19-xen #2)
[27790.285849] EIP: 0061:[<c1d7f160>] EFLAGS: 00010206 CPU: 0
[27790.285856] EIP is at 0xc1d7f160
[27790.285860] EAX: c1db96a0 EBX: c1db96a0 ECX: 00000004 EDX: 00000000
[27790.285864] ESI: 00000005 EDI: 40040000 EBP: 00000000 ESP: ea567e94
[27790.285868] DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0069
[27790.285872] Process apache2 (pid: 21030, ti=ea566000 task=dffbd190 task.ti=ea566000)
[27790.285876] Stack: c01623a5 00000000 c03fef80 ea567ef8 00000005 0000000d ea567ed0 c0162456
[27790.285893] c1d7b6e0 c15bd2f8 c03fef80 0000000e c0165997 0000000e 00000000 0000000d
[27790.285911] 00000000 c1e6f780 c1fcc660 c2187c60 c1fad920 c1fabbe0 c1d89aa0 c1fa9500
[27790.285928] Call Trace:
[27790.285932] [<c01623a5>] free_hot_cold_page+0x195/0x220
[27790.285948] [<c0162456>] __pagevec_free+0x26/0x30
[27790.285956] [<c0165997>] release_pages+0x137/0x160
[27790.285963] [<c017a5f4>] free_pages_and_swap_cache+0x74/0xa0
[27790.285972] [<c01737b7>] exit_mmap+0xe7/0x100
[27790.285979] [<c0124303>] mmput+0x23/0x80
[27790.285987] [<c0129d95>] do_exit+0x165/0x8b0
[27790.285995] [<c0183649>] filp_close+0x49/0x80
[27790.286002] [<c012a50a>] do_group_exit+0x2a/0xa0
[27790.286009] [<c0105832>] syscall_call+0x7/0xb
[27790.286016] [<c0320000>] vcc_def_wakeup+0x10/0x60
[27790.286024] =======================
[27790.286027] Code: 00 00 00 c0 08 40 ed 20 84 de e7 80 00 00 40 01 00 00 00 ff ff ff ff 00 00 00 00 00 00 00 00 00 00 00 00 c0 3c 40 ed 00 a0 70 ea <00> 20 00 40 01 00 00 00 ff ff ff ff b4 96 db c1 00 00 00 00 c0
[27790.286125] EIP: [<c1d7f160>] 0xc1d7f160 SS:ESP 0069:ea567e94
[27790.286137] ---[ end trace 1f3ceb0e275558e5 ]---
[27790.286142] Fixing recursive fault but reboot is needed!
[27873.920667] kernel tried to execute NX-protected page - exploit attempt? (uid: 33)
[27873.920681] BUG: unable to handle kernel paging request at virtual address c1db8f60
[27873.920689] printing eip: c1db8f60
[27873.920696] 017bb000 -> *pde = 00000001:676f3001
[27873.920700] 017bc000 -> *pme = 00000001:435aa067
[27873.920704] 00000000 -> *pte = 80000001:670f7063
[27873.920710] Oops: 0011 [#2] SMP
[27873.920717] Modules linked in: nf_conntrack_ftp nf_conntrack_ipv4 xt_state nf_conntrack xt_multiport iptable_filter ip_tables x_tables quota_v1 ipv6 evdev ext3 jbd mbcache dm_mirror dm_snapshot dm_mod fuse
[27873.920750]
[27873.920755] Pid: 21305, comm:...

Additional crash info including the CPU soft lock that it degrades into.  This is a pretty effective DoS in any case.

[27790.285754] kernel tried to execute NX-protected page - exploit attempt? (uid: 33)
[27790.285768] BUG: unable to handle kernel paging request at virtual address c1d7f160
[27790.285776] printing eip: c1d7f160
[27790.285784] 017bb000 -> *pde = 00000001:676f3001
[27790.285787] 017bc000 -> *pme = 00000001:435aa067
[27790.285791] 00000000 -> *pte = 80000001:67130063
[27790.285798] Oops: 0011 [#1] SMP 
[27790.285804] Modules linked in: nf_conntrack_ftp nf_conntrack_ipv4 xt_state nf_conntrack xt_multiport iptable_filter ip_tables x_tables quota_v1 ipv6 evdev ext3 jbd mbcache dm_mirror dm_snapshot dm_mod fuse
[27790.285838] 
[27790.285843] Pid: 21030, comm: apache2 Not tainted (2.6.24-19-xen #2)
[27790.285849] EIP: 0061:[<c1d7f160>] EFLAGS: 00010206 CPU: 0
[27790.285856] EIP is at 0xc1d7f160
[27790.285860] EAX: c1db96a0 EBX: c1db96a0 ECX: 00000004 EDX: 00000000
[27790.285864] ESI: 00000005 EDI: 40040000 EBP: 00000000 ESP: ea567e94
[27790.285868]  DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0069
[27790.285872] Process apache2 (pid: 21030, ti=ea566000 task=dffbd190 task.ti=ea566000)
[27790.285876] Stack: c01623a5 00000000 c03fef80 ea567ef8 00000005 0000000d ea567ed0 c0162456 
[27790.285893]        c1d7b6e0 c15bd2f8 c03fef80 0000000e c0165997 0000000e 00000000 0000000d 
[27790.285911]        00000000 c1e6f780 c1fcc660 c2187c60 c1fad920 c1fabbe0 c1d89aa0 c1fa9500 
[27790.285928] Call Trace:
[27790.285932]  [<c01623a5>] free_hot_cold_page+0x195/0x220
[27790.285948]  [<c0162456>] __pagevec_free+0x26/0x30
[27790.285956]  [<c0165997>] release_pages+0x137/0x160
[27790.285963]  [<c017a5f4>] free_pages_and_swap_cache+0x74/0xa0
[27790.285972]  [<c01737b7>] exit_mmap+0xe7/0x100
[27790.285979]  [<c0124303>] mmput+0x23/0x80
[27790.285987]  [<c0129d95>] do_exit+0x165/0x8b0
[27790.285995]  [<c0183649>] filp_close+0x49/0x80
[27790.286002]  [<c012a50a>] do_group_exit+0x2a/0xa0
[27790.286009]  [<c0105832>] syscall_call+0x7/0xb
[27790.286016]  [<c0320000>] vcc_def_wakeup+0x10/0x60
[27790.286024]  =======================
[27790.286027] Code: 00 00 00 c0 08 40 ed 20 84 de e7 80 00 00 40 01 00 00 00 ff ff ff ff 00 00 00 00 00 00 00 00 00 00 00 00 c0 3c 40 ed 00 a0 70 ea <00> 20 00 40 01 00 00 00 ff ff ff ff b4 96 db c1 00 00 00 00 c0 
[27790.286125] EIP: [<c1d7f160>] 0xc1d7f160 SS:ESP 0069:ea567e94
[27790.286137] ---[ end trace 1f3ceb0e275558e5 ]---
[27790.286142] Fixing recursive fault but reboot is needed!
[27873.920667] kernel tried to execute NX-protected page - exploit attempt? (uid: 33)
[27873.920681] BUG: unable to handle kernel paging request at virtual address c1db8f60
[27873.920689] printing eip: c1db8f60
[27873.920696] 017bb000 -> *pde = 00000001:676f3001
[27873.920700] 017bc000 -> *pme = 00000001:435aa067
[27873.920704] 00000000 -> *pte = 80000001:670f7063
[27873.920710] Oops: 0011 [#2] SMP 
[27873.920717] Modules linked in: nf_conntrack_ftp nf_conntrack_ipv4 xt_state nf_conntrack xt_multiport iptable_filter ip_tables x_tables quota_v1 ipv6 evdev ext3 jbd mbcache dm_mirror dm_snapshot dm_mod fuse
[27873.920750] 
[27873.920755] Pid: 21305, comm: apache2 Tainted: G      D (2.6.24-19-xen #2)
[27873.920759] EIP: 0061:[<c1db8f60>] EFLAGS: 00010206 CPU: 2
[27873.920764] EIP is at 0xc1db8f60
[27873.920768] EAX: c1c2a500 EBX: c1c2a500 ECX: 00000004 EDX: 00000000
[27873.920772] ESI: 0000000d EDI: 40040000 EBP: 00000000 ESP: ea44fe94
[27873.920776]  DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0069
[27873.920781] Process apache2 (pid: 21305, ti=ea44e000 task=e7c3f190 task.ti=ea44e000)
[27873.920784] Stack: c01623a5 c1d8f880 c1db9ca0 ea44fedc 0000000d 0000000e ea44fed0 c0162456 
[27873.920801]        c1d7a740 c15cb1a4 0000000e 0000000d c01658c8 0000000e c1d8b9a0 0000000e 
[27873.920818]        00000000 c2187360 c1c2a500 c1db5300 c1d80f20 c1d8b9c0 c1d2e400 c1d7f3a0 
[27873.920836] Call Trace:
[27873.920841]  [<c01623a5>] free_hot_cold_page+0x195/0x220
[27873.920857]  [<c0162456>] __pagevec_free+0x26/0x30
[27873.920865]  [<c01658c8>] release_pages+0x68/0x160
[27873.920873]  [<c017a5f4>] free_pages_and_swap_cache+0x74/0xa0
[27873.920882]  [<c01737b7>] exit_mmap+0xe7/0x100
[27873.920891]  [<c0124303>] mmput+0x23/0x80
[27873.920899]  [<c0129d95>] do_exit+0x165/0x8b0
[27873.920906]  [<c0174250>] do_munmap+0x180/0x1f0
[27873.920914]  [<c0183649>] filp_close+0x49/0x80
[27873.920922]  [<c012a50a>] do_group_exit+0x2a/0xa0
[27873.920929]  [<c0105832>] syscall_call+0x7/0xb
[27873.920937]  [<c0320000>] vcc_def_wakeup+0x10/0x60
[27873.920945]  =======================
[27873.920948] Code: 00 00 00 40 3a 40 ed 80 f8 d2 e7 80 00 00 40 01 00 00 00 ff ff ff ff 00 00 00 00 00 00 00 00 00 00 00 00 c0 3c 40 ed 40 a0 3f ec <00> 00 08 40 00 00 00 00 ff ff ff ff 00 00 00 00 00 00 00 00 e0 
[27873.921051] EIP: [<c1db8f60>] 0xc1db8f60 SS:ESP 0069:ea44fe94
[27873.921060] ---[ end trace 1f3ceb0e275558e5 ]---
[27873.921065] Fixing recursive fault but reboot is needed!
[30983.505649] BUG: soft lockup - CPU#0 stuck for 11s! [formail:26314]
[30983.505660] 
[30983.505667] Pid: 26314, comm: formail Tainted: G      D (2.6.24-19-xen #2)
[30983.505674] EIP: 0061:[<c0327697>] EFLAGS: 00200282 CPU: 0
[30983.505689] EIP is at _spin_lock+0x7/0x10
[30983.505696] EAX: c1dbf5cc EBX: 00000000 ECX: c1dbf5c0 EDX: 00000260
[30983.505702] ESI: 5cd60067 EDI: 00000000 EBP: c0477158 ESP: eafb5ddc
[30983.505708]  DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0069
[30983.505720] CR0: 8005003b CR2: 0804cd30 CR3: 2c28a000 CR4: 00000660
[30983.505729] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
[30983.505736] DR6: ffff0ff0 DR7: 00000400
[30983.505742]  [<c016bd18>] __do_fault+0x3b8/0x6b0
[30983.505763]  [<c017885d>] anon_vma_prepare+0x1d/0xe0
[30983.505777]  [<c0170c69>] handle_mm_fault+0x249/0x1350
[30983.505797]  [<c0329236>] do_page_fault+0x366/0xe90
[30983.505810]  [<c020a427>] _atomic_dec_and_lock+0x47/0x70
[30983.505824]  [<c0197bd1>] dput+0x91/0x100
[30983.505836]  [<c018673a>] __fput+0x12a/0x190
[30983.505849]  [<c0174250>] do_munmap+0x180/0x1f0
[30983.505862]  [<c0328ed0>] do_page_fault+0x0/0xe90
[30983.505875]  [<c0327b75>] error_code+0x35/0x40
[30983.505887]  [<c0320000>] vcc_def_wakeup+0x10/0x60
[30983.505901]  =======================
[30995.270911] BUG: soft lockup - CPU#0 stuck for 11s! [formail:26314]
[30995.270923] 
[30995.270930] Pid: 26314, comm: formail Tainted: G      D (2.6.24-19-xen #2)
[30995.270937] EIP: 0061:[<c0327697>] EFLAGS: 00200282 CPU: 0
[30995.270951] EIP is at _spin_lock+0x7/0x10
[30995.270957] EAX: c1dbf5cc EBX: 00000000 ECX: c1dbf5c0 EDX: 00000260
[30995.270963] ESI: 5cd60067 EDI: 00000000 EBP: c0477158 ESP: eafb5ddc
[30995.270969]  DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0069
[30995.270982] CR0: 8005003b CR2: 0804cd30 CR3: 2c28a000 CR4: 00000660
[30995.270991] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
[30995.270999] DR6: ffff0ff0 DR7: 00000400
[30995.271006]  [<c016bd18>] __do_fault+0x3b8/0x6b0
[30995.271027]  [<c017885d>] anon_vma_prepare+0x1d/0xe0
[30995.271041]  [<c0170c69>] handle_mm_fault+0x249/0x1350
[30995.271061]  [<c0329236>] do_page_fault+0x366/0xe90
[30995.271074]  [<c020a427>] _atomic_dec_and_lock+0x47/0x70
[30995.271089]  [<c0197bd1>] dput+0x91/0x100
[30995.271100]  [<c018673a>] __fput+0x12a/0x190
[30995.271112]  [<c0174250>] do_munmap+0x180/0x1f0
[30995.271126]  [<c0328ed0>] do_page_fault+0x0/0xe90
[30995.271138]  [<c0327b75>] error_code+0x35/0x40
[30995.271151]  [<c0320000>] vcc_def_wakeup+0x10/0x60
[30995.271163]  =======================
[31007.050389] BUG: soft lockup - CPU#0 stuck for 11s! [formail:26314]
[31007.050402] 
[31007.050407] Pid: 26314, comm: formail Tainted: G      D (2.6.24-19-xen #2)
[31007.050412] EIP: 0061:[<c0327697>] EFLAGS: 00200282 CPU: 0
[31007.050424] EIP is at _spin_lock+0x7/0x10
[31007.050429] EAX: c1dbf5cc EBX: 00000000 ECX: c1dbf5c0 EDX: 00000260
[31007.050433] ESI: 5cd60067 EDI: 00000000 EBP: c0477158 ESP: eafb5ddc
[31007.050437]  DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0069
[31007.050447] CR0: 8005003b CR2: 0804cd30 CR3: 2c28a000 CR4: 00000660
[31007.050453] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
[31007.050459] DR6: ffff0ff0 DR7: 00000400
[31007.050464]  [<c016bd18>] __do_fault+0x3b8/0x6b0
[31007.050480]  [<c017885d>] anon_vma_prepare+0x1d/0xe0
[31007.050489]  [<c0170c69>] handle_mm_fault+0x249/0x1350
[31007.050501]  [<c0329236>] do_page_fault+0x366/0xe90
[31007.050509]  [<c020a427>] _atomic_dec_and_lock+0x47/0x70
[31007.050518]  [<c0197bd1>] dput+0x91/0x100
[31007.050525]  [<c018673a>] __fput+0x12a/0x190
[31007.050533]  [<c0174250>] do_munmap+0x180/0x1f0
[31007.050541]  [<c0328ed0>] do_page_fault+0x0/0xe90
[31007.050548]  [<c0327b75>] error_code+0x35/0x40
[31007.050556]  [<c0320000>] vcc_def_wakeup+0x10/0x60
[31007.050563]  =======================
[31018.858020] BUG: soft lockup - CPU#0 stuck for 11s! [formail:26314]
[31018.858032] 
[31018.858039] Pid: 26314, comm: formail Tainted: G      D (2.6.24-19-xen #2)
[31018.858044] EIP: 0061:[<c0327697>] EFLAGS: 00200282 CPU: 0
[31018.858056] EIP is at _spin_lock+0x7/0x10
[31018.858060] EAX: c1dbf5cc EBX: 00000000 ECX: c1dbf5c0 EDX: 00000260
[31018.858064] ESI: 5cd60067 EDI: 00000000 EBP: c0477158 ESP: eafb5ddc
[31018.858068]  DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0069
[31018.858077] CR0: 8005003b CR2: 0804cd30 CR3: 2c28a000 CR4: 00000660
[31018.858083] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
[31018.858088] DR6: ffff0ff0 DR7: 00000400
[31018.858092]  [<c016bd18>] __do_fault+0x3b8/0x6b0
[31018.858110]  [<c017885d>] anon_vma_prepare+0x1d/0xe0
[31018.858120]  [<c0170c69>] handle_mm_fault+0x249/0x1350
[31018.858132]  [<c0329236>] do_page_fault+0x366/0xe90
[31018.858139]  [<c020a427>] _atomic_dec_and_lock+0x47/0x70
[31018.858148]  [<c0197bd1>] dput+0x91/0x100
[31018.858155]  [<c018673a>] __fput+0x12a/0x190
[31018.858163]  [<c0174250>] do_munmap+0x180/0x1f0
[31018.858171]  [<c0328ed0>] do_page_fault+0x0/0xe90
[31018.858179]  [<c0327b75>] error_code+0x35/0x40
[31018.858186]  [<c0320000>] vcc_def_wakeup+0x10/0x60
[31018.858193]  =======================
[31031.098622] kernel tried to execute NX-protected page - exploit attempt? (uid: 33)
[31031.098636] BUG: unable to handle kernel paging request at virtual address c1db66e0
[31031.098646] printing eip: c1db66e0
[31031.098655] 017bb000 -> *pde = 00000001:676f3001
[31031.098661] 017bc000 -> *pme = 00000001:435aa067
[31031.098666] 00000000 -> *pte = 80000001:670f9063
[31031.098675] Oops: 0011 [#3] SMP 
[31031.098684] Modules linked in: nf_conntrack_ftp nf_conntrack_ipv4 xt_state nf_conntrack xt_multiport iptable_filter ip_tables x_tables quota_v1 ipv6 evdev ext3 jbd mbcache dm_mirror dm_snapshot dm_mod fuse
[31031.098734] 
[31031.098742] Pid: 26262, comm: apache2 Tainted: G      D (2.6.24-19-xen #2)
[31031.098749] EIP: 0061:[<c1db66e0>] EFLAGS: 00010206 CPU: 1
[31031.098758] EIP is at 0xc1db66e0
[31031.098764] EAX: c1c3a220 EBX: c1c3a220 ECX: 00000004 EDX: 00000000
[31031.098770] ESI: 00000004 EDI: 40040000 EBP: 00000000 ESP: ea4ebe94
[31031.098777]  DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0069
[31031.098785] Process apache2 (pid: 26262, ti=ea4ea000 task=ea5bc170 task.ti=ea4ea000)
[31031.098792] Stack: c01623a5 00000000 c03fe800 ea4ebefc 00000004 0000000d ea4ebed0 c0162456 
[31031.098818]        c1facb80 c15c4250 c03fe800 0000000e c0165997 0000000e 00000000 0000000d 
[31031.098843]        00000000 c19e2f00 c19c7e40 c19be280 c19a88c0 c1d8c200 c1d8c220 c1d2b800 
[31031.098868] Call Trace:
[31031.098875]  [<c01623a5>] free_hot_cold_page+0x195/0x220
[31031.098897]  [<c0162456>] __pagevec_free+0x26/0x30
[31031.098911]  [<c0165997>] release_pages+0x137/0x160
[31031.098925]  [<c017a5f4>] free_pages_and_swap_cache+0x74/0xa0
[31031.098939]  [<c01737b7>] exit_mmap+0xe7/0x100
[31031.098954]  [<c0124303>] mmput+0x23/0x80
[31031.098967]  [<c0129d95>] do_exit+0x165/0x8b0
[31031.098980]  [<c0174250>] do_munmap+0x180/0x1f0
[31031.098993]  [<c0183649>] filp_close+0x49/0x80
[31031.099007]  [<c012a50a>] do_group_exit+0x2a/0xa0
[31031.099020]  [<c0105832>] syscall_call+0x7/0xb
[31031.099034]  [<c0320000>] vcc_def_wakeup+0x10/0x60
[31031.099048]  =======================
[31031.099054] Code: 00 00 00 40 3a 40 ed 00 3b d4 df 00 20 00 40 01 00 00 00 ff ff ff ff 54 f2 d8 c1 00 00 00 00 60 b6 d7 c1 00 01 10 00 00 02 20 00 <00> 20 00 40 01 00 00 00 ff ff ff ff 78 71 47 c0 00 00 00 00 00 
[31031.099198] EIP: [<c1db66e0>] 0xc1db66e0 SS:ESP 0069:ea4ebe94
[31031.099217] ---[ end trace 1f3ceb0e275558e5 ]---
[31031.099224] Fixing recursive fault but reboot is needed!
[31030.655064] BUG: soft lockup - CPU#0 stuck for 11s! [formail:26314]
[31030.655083] 
[31030.655097] Pid: 26314, comm: formail Tainted: G      D (2.6.24-19-xen #2)
[31030.655109] EIP: 0061:[<c0327697>] EFLAGS: 00200282 CPU: 0
[31030.655127] EIP is at _spin_lock+0x7/0x10
[31030.655139] EAX: c1dbf5cc EBX: 00000000 ECX: c1dbf5c0 EDX: 00000260
[31030.655150] ESI: 5cd60067 EDI: 00000000 EBP: c0477158 ESP: eafb5ddc
[31030.655161]  DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0069
[31030.655177] CR0: 8005003b CR2: 0804cd30 CR3: 2c28a000 CR4: 00000660
[31030.655189] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
[31030.655202] DR6: ffff0ff0 DR7: 00000400
[31030.655214]  [<c016bd18>] __do_fault+0x3b8/0x6b0
[31030.655243]  [<c017885d>] anon_vma_prepare+0x1d/0xe0
[31030.655281]  [<c0170c69>] handle_mm_fault+0x249/0x1350
[31030.655305]  [<c0329236>] do_page_fault+0x366/0xe90
[31030.655319]  [<c020a427>] _atomic_dec_and_lock+0x47/0x70
[31030.655334]  [<c0197bd1>] dput+0x91/0x100
[31030.655347]  [<c018673a>] __fput+0x12a/0x190
[31030.655360]  [<c0174250>] do_munmap+0x180/0x1f0
[31030.655375]  [<c0328ed0>] do_page_fault+0x0/0xe90
[31030.655387]  [<c0327b75>] error_code+0x35/0x40
[31030.655400]  [<c0320000>] vcc_def_wakeup+0x10/0x60
[31030.655413]  =======================
[31042.441939] BUG: soft lockup - CPU#0 stuck for 11s! [formail:26314]
[31042.441950] 
[31042.441955] Pid: 26314, comm: formail Tainted: G      D (2.6.24-19-xen #2)
[31042.441962] EIP: 0061:[<c0327697>] EFLAGS: 00200282 CPU: 0
[31042.441974] EIP is at _spin_lock+0x7/0x10
[31042.441978] EAX: c1dbf5cc EBX: 00000000 ECX: c1dbf5c0 EDX: 00000260
[31042.441982] ESI: 5cd60067 EDI: 00000000 EBP: c0477158 ESP: eafb5ddc
[31042.441986]  DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0069
[31042.441995] CR0: 8005003b CR2: 0804cd30 CR3: 2c28a000 CR4: 00000660
[31042.442002] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
[31042.442008] DR6: ffff0ff0 DR7: 00000400
[31042.442012]  [<c016bd18>] __do_fault+0x3b8/0x6b0
[31042.442027]  [<c017885d>] anon_vma_prepare+0x1d/0xe0
[31042.442036]  [<c0170c69>] handle_mm_fault+0x249/0x1350
[31042.442048]  [<c0329236>] do_page_fault+0x366/0xe90
[31042.442056]  [<c020a427>] _atomic_dec_and_lock+0x47/0x70
[31042.442065]  [<c0197bd1>] dput+0x91/0x100
[31042.442072]  [<c018673a>] __fput+0x12a/0x190
[31042.442079]  [<c0174250>] do_munmap+0x180/0x1f0
[31042.442087]  [<c0328ed0>] do_page_fault+0x0/0xe90
[31042.442095]  [<c0327b75>] error_code+0x35/0x40
[31042.442102]  [<c0320000>] vcc_def_wakeup+0x10/0x60
[31042.442109]  =======================
[31054.227104] BUG: soft lockup - CPU#0 stuck for 11s! [formail:26314]
[31054.227115] 
[31054.227122] Pid: 26314, comm: formail Tainted: G      D (2.6.24-19-xen #2)
[31054.227130] EIP: 0061:[<c0327697>] EFLAGS: 00200282 CPU: 0
[31054.227144] EIP is at _spin_lock+0x7/0x10
[31054.227150] EAX: c1dbf5cc EBX: 00000000 ECX: c1dbf5c0 EDX: 00000260
[31054.227155] ESI: 5cd60067 EDI: 00000000 EBP: c0477158 ESP: eafb5ddc
[31054.227161]  DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0069
[31054.227174] CR0: 8005003b CR2: 0804cd30 CR3: 2c28a000 CR4: 00000660
[31054.227183] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
[31054.227190] DR6: ffff0ff0 DR7: 00000400
[31054.227197]  [<c016bd18>] __do_fault+0x3b8/0x6b0
[31054.227217]  [<c017885d>] anon_vma_prepare+0x1d/0xe0
[31054.227231]  [<c0170c69>] handle_mm_fault+0x249/0x1350
[31054.227251]  [<c0329236>] do_page_fault+0x366/0xe90
[31054.227265]  [<c020a427>] _atomic_dec_and_lock+0x47/0x70
[31054.227279]  [<c0197bd1>] dput+0x91/0x100
[31054.227291]  [<c018673a>] __fput+0x12a/0x190
[31054.227303]  [<c0174250>] do_munmap+0x180/0x1f0
[31054.227318]  [<c0328ed0>] do_page_fault+0x0/0xe90
[31054.227330]  [<c0327b75>] error_code+0x35/0x40
[31054.227343]  [<c0320000>] vcc_def_wakeup+0x10/0x60
[31054.227355]  =======================
[31066.041242] BUG: soft lockup - CPU#0 stuck for 11s! [formail:26314]
[31066.041253] 
[31066.041258] Pid: 26314, comm: formail Tainted: G      D (2.6.24-19-xen #2)
[31066.041264] EIP: 0061:[<c0327697>] EFLAGS: 00200282 CPU: 0
[31066.041277] EIP is at _spin_lock+0x7/0x10
[31066.041280] EAX: c1dbf5cc EBX: 00000000 ECX: c1dbf5c0 EDX: 00000260
[31066.041284] ESI: 5cd60067 EDI: 00000000 EBP: c0477158 ESP: eafb5ddc
[31066.041288]  DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0069
[31066.041298] CR0: 8005003b CR2: 0804cd30 CR3: 2c28a000 CR4: 00000660
[31066.041305] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
[31066.041310] DR6: ffff0ff0 DR7: 00000400
[31066.041314]  [<c016bd18>] __do_fault+0x3b8/0x6b0
[31066.041330]  [<c017885d>] anon_vma_prepare+0x1d/0xe0
[31066.041339]  [<c0170c69>] handle_mm_fault+0x249/0x1350
[31066.041351]  [<c0329236>] do_page_fault+0x366/0xe90
[31066.041359]  [<c020a427>] _atomic_dec_and_lock+0x47/0x70
[31066.041368]  [<c0197bd1>] dput+0x91/0x100
[31066.041375]  [<c018673a>] __fput+0x12a/0x190
[31066.041382]  [<c0174250>] do_munmap+0x180/0x1f0
[31066.041390]  [<c0328ed0>] do_page_fault+0x0/0xe90
[31066.041397]  [<c0327b75>] error_code+0x35/0x40
[31066.041405]  [<c0320000>] vcc_def_wakeup+0x10/0x60
[31066.041411]  =======================
[31077.849909] BUG: soft lockup - CPU#0 stuck for 11s! [formail:26314]
[31077.849920] 
[31077.849925] Pid: 26314, comm: formail Tainted: G      D (2.6.24-19-xen #2)
[31077.849930] EIP: 0061:[<c0327697>] EFLAGS: 00200282 CPU: 0
[31077.849943] EIP is at _spin_lock+0x7/0x10
[31077.849948] EAX: c1dbf5cc EBX: 00000000 ECX: c1dbf5c0 EDX: 00000260
[31077.849952] ESI: 5cd60067 EDI: 00000000 EBP: c0477158 ESP: eafb5ddc
[31077.849956]  DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0069
[31077.849966] CR0: 8005003b CR2: 0804cd30 CR3: 2c28a000 CR4: 00000660
[31077.849973] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
[31077.849979] DR6: ffff0ff0 DR7: 00000400
[31077.849983]  [<c016bd18>] __do_fault+0x3b8/0x6b0
[31077.849999]  [<c017885d>] anon_vma_prepare+0x1d/0xe0
[31077.850008]  [<c0170c69>] handle_mm_fault+0x249/0x1350
[31077.850019]  [<c0329236>] do_page_fault+0x366/0xe90
[31077.850027]  [<c020a427>] _atomic_dec_and_lock+0x47/0x70
[31077.850035]  [<c0197bd1>] dput+0x91/0x100
[31077.850042]  [<c018673a>] __fput+0x12a/0x190
[31077.850049]  [<c0174250>] do_munmap+0x180/0x1f0
[31077.850057]  [<c0328ed0>] do_page_fault+0x0/0xe90
[31077.850064]  [<c0327b75>] error_code+0x35/0x40
[31077.850072]  [<c0320000>] vcc_def_wakeup+0x10/0x60
[31077.850078]  =======================
[31089.637006] BUG: soft lockup - CPU#0 stuck for 11s! [formail:26314]
[31089.637018] 
[31089.637024] Pid: 26314, comm: formail Tainted: G      D (2.6.24-19-xen #2)
[31089.637029] EIP: 0061:[<c0327697>] EFLAGS: 00200282 CPU: 0
[31089.637041] EIP is at _spin_lock+0x7/0x10
[31089.637045] EAX: c1dbf5cc EBX: 00000000 ECX: c1dbf5c0 EDX: 00000260
[31089.637049] ESI: 5cd60067 EDI: 00000000 EBP: c0477158 ESP: eafb5ddc
[31089.637053]  DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0069
[31089.637063] CR0: 8005003b CR2: 0804cd30 CR3: 2c28a000 CR4: 00000660
[31089.637070] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
[31089.637076] DR6: ffff0ff0 DR7: 00000400
[31089.637080]  [<c016bd18>] __do_fault+0x3b8/0x6b0
[31089.637095]  [<c017885d>] anon_vma_prepare+0x1d/0xe0
[31089.637104]  [<c0170c69>] handle_mm_fault+0x249/0x1350
[31089.637115]  [<c0329236>] do_page_fault+0x366/0xe90
[31089.637123]  [<c020a427>] _atomic_dec_and_lock+0x47/0x70
[31089.637132]  [<c0197bd1>] dput+0x91/0x100
[31089.637139]  [<c018673a>] __fput+0x12a/0x190
[31089.637146]  [<c0174250>] do_munmap+0x180/0x1f0
[31089.637154]  [<c0328ed0>] do_page_fault+0x0/0xe90
[31089.637161]  [<c0327b75>] error_code+0x35/0x40
[31089.637169]  [<c0320000>] vcc_def_wakeup+0x10/0x60
[31089.637177]  =======================
[31101.453695] BUG: soft lockup - CPU#0 stuck for 11s! [formail:26314]
[31101.453706] 
[31101.453716] Pid: 26314, comm: formail Tainted: G      D (2.6.24-19-xen #2)
[31101.453723] EIP: 0061:[<c0327697>] EFLAGS: 00200282 CPU: 0
[31101.453737] EIP is at _spin_lock+0x7/0x10
[31101.453743] EAX: c1dbf5cc EBX: 00000000 ECX: c1dbf5c0 EDX: 00000260
[31101.453748] ESI: 5cd60067 EDI: 00000000 EBP: c0477158 ESP: eafb5ddc
[31101.453754]  DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0069
[31101.453769] CR0: 8005003b CR2: 0804cd30 CR3: 2c28a000 CR4: 00000660
[31101.453778] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
[31101.453785] DR6: ffff0ff0 DR7: 00000400
[31101.453792]  [<c016bd18>] __do_fault+0x3b8/0x6b0
[31101.453812]  [<c017885d>] anon_vma_prepare+0x1d/0xe0
[31101.453825]  [<c0170c69>] handle_mm_fault+0x249/0x1350
[31101.453845]  [<c0329236>] do_page_fault+0x366/0xe90
[31101.453858]  [<c020a427>] _atomic_dec_and_lock+0x47/0x70
[31101.453871]  [<c0197bd1>] dput+0x91/0x100
[31101.453882]  [<c018673a>] __fput+0x12a/0x190
[31101.453895]  [<c0174250>] do_munmap+0x180/0x1f0
[31101.453909]  [<c0328ed0>] do_page_fault+0x0/0xe90
[31101.453921]  [<c0327b75>] error_code+0x35/0x40
[31101.453933]  [<c0320000>] vcc_def_wakeup+0x10/0x60
[31101.453945]  =======================
[31117.159224] BUG: soft lockup - CPU#2 stuck for 11s! [w:26485]
[31117.159236] 
[31117.159243] Pid: 26485, comm: w Tainted: G      D (2.6.24-19-xen #2)
[31117.159248] EIP: 0061:[<c0327697>] EFLAGS: 00000282 CPU: 2
[31117.159260] EIP is at _spin_lock+0x7/0x10
[31117.159263] EAX: c1d7ffec EBX: c0477158 ECX: c1d7ffe0 EDX: 00000f70
[31117.159269] ESI: 00000000 EDI: ea77ff70 EBP: bfbeed92 ESP: eb7b7e5c
[31117.159276]  DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0069
[31117.159291] CR0: 80050033 CR2: b7d05000 CR3: 2043f000 CR4: 00000660
[31117.159300] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
[31117.159305] DR6: ffff0ff0 DR7: 00000400
[31117.159310]  [<c016cc4d>] follow_page+0x1dd/0x410
[31117.159325]  [<c0171ed3>] get_user_pages+0x163/0x540
[31117.159334]  [<c0172372>] access_process_vm+0xc2/0x150
[31117.159343]  [<c01bd448>] proc_pid_cmdline+0x78/0xf0
[31117.159351]  [<c01bee27>] proc_info_read+0x87/0xc0
[31117.159359]  [<c01beda0>] proc_info_read+0x0/0xc0
[31117.159364]  [<c0185d57>] vfs_read+0xb7/0x170
[31117.159371]  [<c01862b1>] sys_read+0x41/0x70
[31117.159378]  [<c0105832>] syscall_call+0x7/0xb
[31117.159386]  [<c0320000>] vcc_def_wakeup+0x10/0x60
[31117.159393]  =======================
[31113.266172] BUG: soft lockup - CPU#0 stuck for 11s! [formail:26314]
[31113.266186] 
[31113.266193] Pid: 26314, comm: formail Tainted: G      D (2.6.24-19-xen #2)
[31113.266201] EIP: 0061:[<c0327697>] EFLAGS: 00200282 CPU: 0
[31113.266216] EIP is at _spin_lock+0x7/0x10
[31113.266222] EAX: c1dbf5cc EBX: 00000000 ECX: c1dbf5c0 EDX: 00000260
[31113.266229] ESI: 5cd60067 EDI: 00000000 EBP: c0477158 ESP: eafb5ddc
[31113.266237]  DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0069
[31113.266251] CR0: 8005003b CR2: 0804cd30 CR3: 2c28a000 CR4: 00000660
[31113.266260] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
[31113.266267] DR6: ffff0ff0 DR7: 00000400
[31113.266274]  [<c016bd18>] __do_fault+0x3b8/0x6b0
[31113.266295]  [<c017885d>] anon_vma_prepare+0x1d/0xe0
[31113.266308]  [<c0170c69>] handle_mm_fault+0x249/0x1350
[31113.266328]  [<c0329236>] do_page_fault+0x366/0xe90
[31113.266341]  [<c020a427>] _atomic_dec_and_lock+0x47/0x70
[31113.266355]  [<c0197bd1>] dput+0x91/0x100
[31113.266367]  [<c018673a>] __fput+0x12a/0x190
[31113.266379]  [<c0174250>] do_munmap+0x180/0x1f0
[31113.266392]  [<c0328ed0>] do_page_fault+0x0/0xe90
[31113.266403]  [<c0327b75>] error_code+0x35/0x40
[31113.266416]  [<c0320000>] vcc_def_wakeup+0x10/0x60
[31113.266428]  =======================
[31128.971835] BUG: soft lockup - CPU#2 stuck for 11s! [w:26485]
[31128.971848] 
[31128.971854] Pid: 26485, comm: w Tainted: G      D (2.6.24-19-xen #2)
[31128.971859] EIP: 0061:[<c0327697>] EFLAGS: 00000282 CPU: 2
[31128.971873] EIP is at _spin_lock+0x7/0x10
[31128.971876] EAX: c1d7ffec EBX: c0477158 ECX: c1d7ffe0 EDX: 00000f70
[31128.971880] ESI: 00000000 EDI: ea77ff70 EBP: bfbeed92 ESP: eb7b7e5c
[31128.971884]  DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0069
[31128.971894] CR0: 80050033 CR2: b7d05000 CR3: 2043f000 CR4: 00000660
[31128.971899] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
[31128.971904] DR6: ffff0ff0 DR7: 00000400
[31128.971910]  [<c016cc4d>] follow_page+0x1dd/0x410
[31128.971925]  [<c0171ed3>] get_user_pages+0x163/0x540
[31128.971934]  [<c0172372>] access_process_vm+0xc2/0x150
[31128.971942]  [<c01bd448>] proc_pid_cmdline+0x78/0xf0
[31128.971951]  [<c01bee27>] proc_info_read+0x87/0xc0
[31128.971957]  [<c01beda0>] proc_info_read+0x0/0xc0
[31128.971964]  [<c0185d57>] vfs_read+0xb7/0x170
[31128.971971]  [<c01862b1>] sys_read+0x41/0x70
[31128.971978]  [<c0105832>] syscall_call+0x7/0xb
[31128.971986]  [<c0320000>] vcc_def_wakeup+0x10/0x60
[31128.971993]  =======================
[31125.082470] BUG: soft lockup - CPU#0 stuck for 11s! [formail:26314]
[31125.082481] 
[31125.082488] Pid: 26314, comm: formail Tainted: G      D (2.6.24-19-xen #2)
[31125.082495] EIP: 0061:[<c0327697>] EFLAGS: 00200282 CPU: 0
[31125.082509] EIP is at _spin_lock+0x7/0x10
[31125.082515] EAX: c1dbf5cc EBX: 00000000 ECX: c1dbf5c0 EDX: 00000260
[31125.082520] ESI: 5cd60067 EDI: 00000000 EBP: c0477158 ESP: eafb5ddc
[31125.082527]  DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0069
[31125.082541] CR0: 8005003b CR2: 0804cd30 CR3: 2c28a000 CR4: 00000660
[31125.082550] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
[31125.082557] DR6: ffff0ff0 DR7: 00000400
[31125.082563]  [<c016bd18>] __do_fault+0x3b8/0x6b0
[31125.082583]  [<c017885d>] anon_vma_prepare+0x1d/0xe0
[31125.082597]  [<c0170c69>] handle_mm_fault+0x249/0x1350
[31125.082616]  [<c0329236>] do_page_fault+0x366/0xe90
[31125.082629]  [<c020a427>] _atomic_dec_and_lock+0x47/0x70
[31125.082643]  [<c0197bd1>] dput+0x91/0x100
[31125.082654]  [<c018673a>] __fput+0x12a/0x190
[31125.082666]  [<c0174250>] do_munmap+0x180/0x1f0
[31125.082679]  [<c0328ed0>] do_page_fault+0x0/0xe90
[31125.082691]  [<c0327b75>] error_code+0x35/0x40
[31125.082703]  [<c0320000>] vcc_def_wakeup+0x10/0x60
[31125.082715]  =======================
[31140.788824] BUG: soft lockup - CPU#2 stuck for 11s! [w:26485]
[31140.788835] 
[31140.788843] Pid: 26485, comm: w Tainted: G      D (2.6.24-19-xen #2)
[31140.788850] EIP: 0061:[<c0327697>] EFLAGS: 00000282 CPU: 2
[31140.788863] EIP is at _spin_lock+0x7/0x10
[31140.788869] EAX: c1d7ffec EBX: c0477158 ECX: c1d7ffe0 EDX: 00000f70
[31140.788875] ESI: 00000000 EDI: ea77ff70 EBP: bfbeed92 ESP: eb7b7e5c
[31140.788881]  DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0069
[31140.788893] CR0: 80050033 CR2: b7d05000 CR3: 2043f000 CR4: 00000660
[31140.788902] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
[31140.788910] DR6: ffff0ff0 DR7: 00000400
[31140.788916]  [<c016cc4d>] follow_page+0x1dd/0x410
[31140.788937]  [<c0171ed3>] get_user_pages+0x163/0x540
[31140.788952]  [<c0172372>] access_process_vm+0xc2/0x150
[31140.788967]  [<c01bd448>] proc_pid_cmdline+0x78/0xf0
[31140.788982]  [<c01bee27>] proc_info_read+0x87/0xc0
[31140.788995]  [<c01beda0>] proc_info_read+0x0/0xc0
[31140.789006]  [<c0185d57>] vfs_read+0xb7/0x170
[31140.789018]  [<c01862b1>] sys_read+0x41/0x70
[31140.789030]  [<c0105832>] syscall_call+0x7/0xb
[31140.789043]  [<c0320

Revision history for this message

mattsteven (matthew-matts) wrote on 2008-07-01:

#2

I can't duplicate this on another nearly identical machine, the only difference being the machine that doesn't crash has 1G of RAM while the one that does crash has 5G. Both are 32 bit, so I wonder if this is a high memory related bug.

Revision history for this message

a.polli (a-polli) wrote on 2008-07-10:

#3

Download full text (4.1 KiB)

I have a similar problem with vmlinuz-2.6.22-15-xen: in that moment I see many attempt to log in via ssh; then the server is blocked and I can't even ping it.
it have 9 GB of RAM

-------------------
Jul 10 01:32:48 hypervisor kernel: [1075570.401200] kernel tried to execute NX-protected page - exploit attempt? (uid: 0)
Jul 10 01:32:48 hypervisor kernel: [1075570.401262] BUG: unable to handle kernel paging request at virtual address c210a680
Jul 10 01:32:48 hypervisor kernel: [1075570.401317] printing eip:
Jul 10 01:32:48 hypervisor kernel: [1075570.401342] c210a680
Jul 10 01:32:48 hypervisor kernel: [1075570.401345] 01d2c000 -> *pde = 00000000:7fd30001
Jul 10 01:32:48 hypervisor kernel: [1075570.401375] 01d30000 -> *pme = 00000000:7e001067
Jul 10 01:32:48 hypervisor kernel: [1075570.401404] 00001000 -> *pte = 80000002:7b90a063
Jul 10 01:32:48 hypervisor kernel: [1075570.401436] Oops: 0011 [#1]
Jul 10 01:32:48 hypervisor kernel: [1075570.401461] SMP
Jul 10 01:32:48 hypervisor kernel: [1075570.401493] Modules linked in: xt_tcpudp xt_physdev iptable_filter ip_tables x_tables af_packet bridge lp loop sr_mod cdrom s erial_core pc spkr parport_pc parport shpchp pci_hotplug ipv6 evdev ext3 jbd mbcache sg sd_mod ata_piix floppy tg3 ata_generic libata ehci_hcd uhci_hcd usbcore mptsas mptscsih mptbase scsi_tra nsport_sas scsi_mod thermal processor fan fuse apparmor commoncap
Jul 10 01:32:48 hypervisor kernel: [1075570.401822] CPU: 0
Jul 10 01:32:48 hypervisor kernel: [1075570.401823] EIP: 0061:[<c210a680>] Not tainted VLI
Jul 10 01:32:48 hypervisor kernel: [1075570.401824] EFLAGS: 00210206 (2.6.22-15-xen #1)
Jul 10 01:32:48 hypervisor kernel: [1075570.401907] EIP is at 0xc210a680
Jul 10 01:32:48 hypervisor kernel: [1075570.401934] eax: c201a660 ebx: c201a660 ecx: c03c0c00 edx: 00000000
Jul 10 01:32:48 hypervisor kernel: [1075570.401968] esi: d356dec4 edi: 00040000 ebp: 00000000 esp: d356de94
Jul 10 01:32:48 hypervisor kernel: [1075570.402012] ds: 007b es: 007b fs: 00d8 gs: 0000 ss: 0069
Jul 10 01:32:48 hypervisor kernel: [1075570.402051] Process sshd (pid: 25153, ti=d356c000 task=dabf6000 task.ti=d356c000)
Jul 10 01:32:48 hypervisor kernel: [1075570.402085] Stack: c01569b9 00000000 c03c0c00 00000004 d356dec4 c14662a4 00000007 c0156a4f
Jul 10 01:32:48 hypervisor kernel: [1075570.402176] c201a180 c03c0c00 c01598e6 00000007 00000007 00000000 c2142300 c2018540
Jul 10 01:32:48 hypervisor kernel: [1075570.402261] c201bda0 c2018260 c20f05c0 c201a660 c201a180 c201ba60 d3474ff8 bffaafff
Jul 10 01:32:48 hypervisor kernel: [1075570.402347] Call Trace:
Jul 10 01:32:48 hypervisor kernel: [1075570.402392] [free_hot_cold_page+393/512] free_hot_cold_page+0x189/0x200
Jul 10 01:32:48 hypervisor kernel: [1075570.402433] [__pagevec_free+31/48] __pagevec_free+0x1f/0x30
Jul 10 01:32:48 hypervisor kernel: [1075570.402468] [release_pages+390/496] release_pages+0x186/0x1f0
Jul 10 01:32:48 hypervisor kernel: [1075570.402508] [free_pages_and_swap_cache+116/160] free_pages_and_swap_cache+0x74/0xa0
Jul 10 01:32:48 hypervisor kernel: [1075570.402546] [exit_mmap+225/240] exit_mmap+0xe1/0xf0
Jul 10 01:32:48 hypervisor kernel: [107...

Ubuntu
xen-source package

xen kernel crashes in domU NX-protected page

Bug Description

Other bug subscribers

Remote bug watches

Changed in xen-source (Ubuntu):
status:	New → Incomplete

Changed in xen-source (Ubuntu):
status:	Incomplete → Invalid

Ubuntuxen-source package

xen kernel crashes in domU NX-protected page

Bug Description

Other bug subscribers

Remote bug watches

Ubuntu
xen-source package