I installed vmware-server-1.0.5 as ebuild on a quad-opteron machine. I have a guest that is running a hardened-sources installation that was working fine with vmware-server 1.0.0 on host-os-kernel 2.6.17 (no I am running 2.6.24-r8). A screenshot of the panic in vmware-server-console is attached Reproducible: Always Steps to Reproduce: 1.boot 2. 3. Actual Results: panic Expected Results: booting system Portage 2.1.4.4 (default-linux/amd64/2007.0, gcc-3.4.6, glibc-2.6.1-r0, 2.6.24-gentoo-r8 x86_64) ================================================================= System uname: 2.6.24-gentoo-r8 x86_64 Dual Core AMD Opteron(tm) Processor 270 Timestamp of tree: Fri, 30 May 2008 22:03:01 +0000 distcc 2.18.3 x86_64-pc-linux-gnu (protocols 1 and 2) (default port 3632) [disabled] app-shells/bash: 3.2_p33 dev-lang/python: 2.4.4-r13 dev-python/pycrypto: 2.0.1-r6 sys-apps/baselayout: 1.12.11.1 sys-apps/sandbox: 1.2.18.1-r2 sys-devel/autoconf: 2.13, 2.61-r1 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10.1 sys-devel/binutils: 2.18-r1 sys-devel/gcc-config: 1.4.0-r4 sys-devel/libtool: 1.5.26 virtual/os-headers: 2.6.23-r3 ACCEPT_KEYWORDS="amd64" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-O2 -march=athlon64" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc" CONFIG_PROTECT_MASK="/etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/revdep-rebuild /etc/terminfo /etc/udev/rules.d" CXXFLAGS="-O2 -march=athlon64" DISTDIR="/usr/portage/distfiles" FEATURES="ccache distlocks metadata-transfer sandbox sfperms strict unmerge-orphans userfetch" GENTOO_MIRRORS="http://distfiles.gentoo.org http://distro.ibiblio.org/pub/linux/distributions/gentoo" MAKEOPTS="-j5" PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" SYNC="rsync://crom/portage" USE="3dnow 3dnowext acl acpi amd64 berkdb caps cli cracklib crypt cups dri fortran gdbm gpm iconv ipv6 isdnlog ldap lm_sensors mail mbox midi mmx mmxext mudflap ncurses nls noaudio nptl nptlonly openmp pam pcre perl pppd python readline reflection session slang snmp spl sse sse2 ssl tcpd unicode xorg zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic auth_digest authn_anon authn_dbd authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock dbd deflate dir disk_cache env expires ext_filter file_cache filter headers ident imagemap include info log_config logio mem_cache mime mime_magic negotiation proxy proxy_ajp proxy_balancer proxy_connect proxy_http rewrite setenvif so speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" USERLAND="GNU" VIDEO_CARDS="apm ark chips cirrus cyrix dummy fbdev glint i128 i810 mach64 mga neomagic nv r128 radeon rendition s3 s3virge savage siliconmotion sis sisusb tdfx tga trident tseng v4l vesa vga via vmware voodoo" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LANG, LC_ALL, LDFLAGS, LINGUAS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, PORTDIR_OVERLAY
Created attachment 154983 [details] screenshot of the panic
Please turn off GRKERNSEC_HIDESYM on the guest and post a new panic screenshot. Please also attach the guests' kernel config.
Created attachment 155075 [details] Kernel config of the nonbooting guest
Created attachment 155077 [details] Screenshot of panic with requested option removed
The new screenshot still only shows addresses in the call trace rather than symbol names. Further, the guest kernel config still shows CONFIG_GRKERNSEC_HIDESYM=y. Please disable this option on the guest, reproduce the crash and post a new screenshot. Thanks.
Created attachment 155151 [details] Now the correct screenshot Sorry about the last one don't know what i did wrong in building the kernel the last time
The oops doesn't appear to be hardened related, so will probably happen with gentoo-sources as well. For that reason I am re-assigning to kernel@g.o and CCing hardened. I could use the practice/experience however, so I'm giving it a try. According to the oops, looks like kfree() is being called by the ACPI-PnP code on an invalid/non-existant resource or perhaps being double freed. The slab allocator should probably handle this better, but the source of the problem should lie in the ACPI-PnP code. The pnpacpi_add_device() call leads to drivers/pnp/acpipnp/core.c where we find: .... if (dev->active) { /* parse allocated resource */ status = pnpacpi_parse_allocated_resource(device->handle, &dev->res); if (ACPI_FAILURE(status) && (status != AE_NOT_FOUND)) { pnp_err("PnPACPI: METHOD_NAME__CRS failure for %s", dev_id->id); goto err1; } } .... err1: kfree(dev_id); When I get more time I'll browse mainline git and see if this hasn't already been fixed or otherwise see if I can't come up with a patch for you to try.
Created attachment 155313 [details, diff] PnP-ACPI: Continue despite _CRS or _PRS parse errors Ok, looks like its already taken care of in mainline 2.6.26-rcX: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=4a490498643ea37520c315769b293085b6018ddd git seems to be having trouble producing the raw patch at the moment, I've attached one against kernel 2.6.23 here. Please try the attached patch and report back. Looks like it will still be a problem even in 2.6.25.x. Disabling PNPACPI or maybe switching to the new slub allocator may work around the problem. Since there is not going to be a hardened-sources kernel in the tree that will work with your existing config until 2.6.26, I'd be willing to add the patch to upcoming hardened-sources-2.6.2{3,4,5} releases if it fixes your problem and does not cause any other problems during our hardened-sources RC testing (I doubt it will).
Created attachment 155385 [details] Still no luck I am not sure, if I compiled it the right way. I patched the file and did an make oldconfig && make installed the kernel and called lilo.
I think we progressed further, but this latest crash is beyond my ability to track down and figure out how to fix. I'm afraid I must resort to asking you to try the following: Use hardened-sources-2.6.24-r2 - seems to be a better kernel than 2.6.23 was anyway. Try w/o applying the patch. Preferably switch to SLUB (CONFIG_SLUB) instead of SLAB (CONFIG_SLAB) for your allocator. Slub is simpler/cleaner and is the replacement for SLAB. Turn off CONFIG_RELOCATABLE if you don't absolutely need it. This has caused me some problems with non-booting kernels on a few machines (might be an interference with PaX). Turn off CONFIG_PAX_MEMORY_UDEREF for now as it can cause problems on a virtualized guest. Mainly just a massive slowdown under certain circumstances, but that could be exposing some race problem, etc. You can try adding it back later. Perhaps turn off CONFIG_VIRTUALIZATION - should not matter but does nothing to help a guest under vmware-server.
OK I tried all of the above... meaning 2.6.24-hardened-r2 and the changes in the config. It is booting now. One odd thing was that at the moment after the SLUB-Message during boot the system took a pause before continuing the boot. There was a pause like that in the boot on vmware 1.0.0 with the old kernel as well but I do not know at what point. Regards and thanks for the quick help, Konstantin
Closing as this appears to be fixed from comment #11
