On Thu, Jul 05, 2012 at 11:06:07PM +0200, Olaf Hering wrote: > > During kexec in a Xen PVonHVM guest the new kernel crashes most of the > time in secondary_startup_64 because the content of phys_base is > corrupted. Its not zero as expected but has some random other values. > While debugging that crash I came up with the change below to inspect > the memory around phys_base. > > It turned out that the globales are not in the expected memory location. > An expected value such as phys_base_plus1 is shifted, but by a different > amount during repeated kexec attempts. Up to now I havent figured out > where this happens. > > My question is: were to put additional debug to trace the copying of the > data section to its final destination? Is this a task of kexec -l or > does that happen during decompressing? I suspect the latter. This is the > console output before the crash (the crash happens in 'movq %rax, %cr3'): Copy is done a few times durnig kexec/kdump but the most important in this case, I think, is in relocate_kernel() function (look for rep movsl or rep movsq and code around it). But I am a bit surprised that kernel is decompressing itself. I always thought that it is done during kexec/kdump load phase but maybe I am wrong. Could you send me more info about your Linux Kernel version, kexec-tools version and exact commands which you are using to load/exececute kernel? Daniel