[Pkg-xen-devel] Bug#665433: hypervisor fault in move_masked_irq
Andrew Cooper
andrew.cooper3 at citrix.com
Mon Jul 16 10:01:46 UTC 2012
On 14/07/12 21:46, Ian Campbell wrote:
> tags 665433 +upstream
> thanks
>
> Hi Andrew,
>
> This [0] Debian bug report (against 4.0) looks like the sort of thing
> you might have fixed (or perhaps worked around) in one of your many
> fixes to the IRQ stuff in 4.1/unstable. Does it look at all familiar?
Unfortunately it doesn't look too familiar.
Judging by the fact that Xen has jumped outside of its code space, I
would say that Xen has made a function call off an invalid function pointer.
Given that desc->handler->set_affinity() is the only function pointer
call in the function, this is possibly a race condition between dom0
dying (which the upper stack trace indicates), Xen cleaning up after
dom0, and Xen receiving an interrupt which was midway through being
migrated.
Furthermore, it appears that unstable might be vulnerable to the same
race condition.
~Andrew
>
> Cheers,
> Ian.
>
> [0] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=665433
>
--
Andrew Cooper - Dom0 Kernel Engineer, Citrix XenServer
T: +44 (0)1223 225 900, http://www.citrix.com
More information about the Pkg-xen-devel
mailing list