I've just reproduced this crash using the stock 3.2.0-24-39 kernel on VirtualBox on OS X (Lion).
I created a 2-CPU VM using the latest VirtualBox (4.1.16 r78094), for Ubuntu 64-bit, default 8GB disk. The steps I followed were:
* Install 64-bit 12.04 Server LTS, minimal install from ISO downloaded from ubuntu.com/download/server
* apt-get dist-upgrade and reboot
* apt-get install ruby1.9.3 screen
* gem install chef
* In a screen session:
* while true; do ohai; done
After a while (less than an hour) I had reproduced the stack trace from this bug. I added "console=ttyS0" to the startup parameters and had VirtualBox log the serial output to a file so I could capture the stack trace (below).
This means this bug is nothing to do with Xen, and hopefully can be reproduced by developers more easily.
Stefan: If you could build a regular kernel I would be happy to try and capture more info for you.
I've just reproduced this crash using the stock 3.2.0-24-39 kernel on VirtualBox on OS X (Lion).
I created a 2-CPU VM using the latest VirtualBox (4.1.16 r78094), for Ubuntu 64-bit, default 8GB disk. The steps I followed were:
* Install 64-bit 12.04 Server LTS, minimal install from ISO downloaded from ubuntu. com/download/ server
* apt-get dist-upgrade and reboot
* apt-get install ruby1.9.3 screen
* gem install chef
* In a screen session:
* while true; do ohai; done
After a while (less than an hour) I had reproduced the stack trace from this bug. I added "console=ttyS0" to the startup parameters and had VirtualBox log the serial output to a file so I could capture the stack trace (below).
This means this bug is nothing to do with Xen, and hopefully can be reproduced by developers more easily.
Stefan: If you could build a regular kernel I would be happy to try and capture more info for you.
Thanks,
Gavin.
[ 1119.141743] BUG: unable to handle kernel NULL pointer dereference at 0000000000000010 c81>] rb_next+0x1/0x50 ffffffff81311c8 1>] [<ffffffff81311 c81>] rb_next+0x1/0x50 d8dc18 EFLAGS: 00010046 0(0000) GS:ffff88001fc0 0000(0000) knlGS:000000000 0000000 f39>] ? pick_next_ entity+ 0xb9/0xe0 1d8>] pick_next_ task_fair+ 0x38/0x70 fbc>] __schedule+ 0x14c/0x6f0 d18>] ? flush_tlb_ page+0x48/ 0xb0 88f>] schedule+0x3f/0x60 1f9>] pipe_wait+0x59/0x80 ff0>] ? add_wait_ queue+0x60/ 0x60 96a>] pipe_read+ 0x1da/0x330 562>] do_sync_ read+0xd2/ 0x110 db3>] ? security_ file_permission +0x93/0xb0 9e1>] ? rw_verify_ area+0x61/ 0xf0 ec0>] vfs_read+0xb0/0x180 fda>] sys_read+0x4a/0x90 d82>] system_ call_fastpath+ 0x16/0x1b c81>] rb_next+0x1/0x50
[ 1119.145307] IP: [<ffffffff81311
[ 1119.145307] PGD 1be80067 PUD 1f17d067 PMD 0
[ 1119.145307] Oops: 0000 [#1] SMP
[ 1119.145307] CPU 0
[ 1119.145307] Modules linked in: vesafb ext2 snd_intel8x0 psmouse snd_ac97_codec ac97_bus snd_pcm snd_timer ppdev snd soundcore joydev snd_page_alloc serio_raw i2c_piix4 parport_pc mac_hid lp parport usbhid hid e1000
[ 1119.145307]
[ 1119.145307] Pid: 6768, comm: ohai Not tainted 3.2.0-24-generic #39-Ubuntu innotek GmbH VirtualBox
[ 1119.145307] RIP: 0010:[<
[ 1119.145307] RSP: 0018:ffff88001b
[ 1119.145307] RAX: 0000000000000000 RBX: ffff88001f232400 RCX: 0000000000000000
[ 1119.145307] RDX: fffffffffffffff0 RSI: 0000000000000000 RDI: 0000000000000010
[ 1119.145307] RBP: ffff88001bd8dc48 R08: 0000000000000001 R09: 0000000000000000
[ 1119.145307] R10: ffff88001fd13780 R11: 0000000000000001 R12: 0000000000000000
[ 1119.145307] R13: 0000000000000000 R14: 0000000000000000 R15: 00000000015010f8
[ 1119.145307] FS: 00007f6a721d770
[ 1119.145307] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1119.145307] CR2: 0000000000000010 CR3: 000000001ce72000 CR4: 00000000000006f0
[ 1119.145307] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1119.145307] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 1119.145307] Process ohai (pid: 6768, threadinfo ffff88001bd8c000, task ffff88001cafdbc0)
[ 1119.145307] Stack:
[ 1119.145307] ffff88001bd8dc48 ffffffff8104ff39 ffff88001f232400 ffff88001fc13780
[ 1119.145307] ffff88001f233a00 0000000000000000 ffff88001bd8dc78 ffffffff810561d8
[ 1119.145307] ffff88001bd8dc78 ffff88001fc13780 0000000000000000 ffff88001cafdf80
[ 1119.145307] Call Trace:
[ 1119.145307] [<ffffffff8104f
[ 1119.145307] [<ffffffff81056
[ 1119.145307] [<ffffffff81659
[ 1119.145307] [<ffffffff81045
[ 1119.145307] [<ffffffff8165a
[ 1119.145307] [<ffffffff81181
[ 1119.145307] [<ffffffff8108a
[ 1119.145307] [<ffffffff81181
[ 1119.145307] [<ffffffff81177
[ 1119.145307] [<ffffffff8129c
[ 1119.145307] [<ffffffff81177
[ 1119.145307] [<ffffffff81177
[ 1119.145307] [<ffffffff81177
[ 1119.145307] [<ffffffff81664
[ 1119.145307] Code: 89 06 48 8b 47 08 48 89 46 08 48 8b 47 10 48 89 46 10 c3 0f 1f 80 00 00 00 00 48 89 32 eb b2 0f 1f 00 48 89 70 10 eb a9 66 90 55 <48> 8b 17 48 89 e5 48 89 d0 48 83 e0 fc 48 39 c7 74 34 48 8b 47
[ 1119.145307] RIP [<ffffffff81311
[ 1119.145307] RSP <ffff88001bd8dc18>
[ 1119.145307] CR2: 0000000000000010
[ 1119.145307] ---[ end trace 787431227c69a127 ]---