ia64/xen-unstable

changeset 17526:f2457c7aff8d

[IA64] fix GNTTABOP_replace_and_unmap

This patch fixes the following xen panic repored by Akio Takebe.
> When we tested network between domU <-> dom0 with FTP load tools,
> we hitted BUG() in hypervisor. It is always reproducible for a few minutes.
> At that time, we got the following message.
> vmi15.sky.yk.fujitsu.co.jp login: (XEN) Xen BUG at mm.c:1254
>
> (XEN) FIXME: implement ia64 dump_execution_state()
> (XEN)
> (XEN) ****************************************
> (XEN) Panic on CPU 0:
> (XEN) Xen BUG at mm.c:1254
> (XEN) ****************************************
> (XEN)
> (XEN) Manual reset required ('noreboot' specified)
> (XEN) machine_halt called. spinning...

GNTTABOP_replace_and_unmap must updates both the p2m table and m2p
table. However the m2p table update was missing so that
the above BUG_ON() was triggered detecting the inconsistency
between the p2m table and the m2p table.
This patch adds the missing the m2p table updates.
This patch also fixes the error path of the function. It may
return before completing the page table manipulation.

Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
author Isaku Yamahata <yamahata@valinux.co.jp>
date Fri Apr 25 20:13:52 2008 +0900 (2008-04-25)
parents dc510776dd59
children 611787b6ca35
files xen/arch/ia64/xen/mm.c
line diff
     1.1 --- a/xen/arch/ia64/xen/mm.c	Thu Apr 24 14:08:29 2008 -0600
     1.2 +++ b/xen/arch/ia64/xen/mm.c	Fri Apr 25 20:13:52 2008 +0900
     1.3 @@ -2187,6 +2187,7 @@ replace_grant_host_mapping(unsigned long
     1.4      struct page_info* page = mfn_to_page(mfn);
     1.5      struct page_info* new_page = NULL;
     1.6      volatile pte_t* new_page_pte = NULL;
     1.7 +    unsigned long new_page_mfn;
     1.8  
     1.9      if (new_gpaddr) {
    1.10          new_page_pte = lookup_noalloc_domain_pte_none(d, new_gpaddr);
    1.11 @@ -2194,7 +2195,6 @@ replace_grant_host_mapping(unsigned long
    1.12              new_pte = ptep_get_and_clear(&d->arch.mm,
    1.13                                           new_gpaddr, new_page_pte);
    1.14              if (likely(pte_present(new_pte))) {
    1.15 -                unsigned long new_page_mfn;
    1.16                  struct domain* page_owner;
    1.17  
    1.18                  new_page_mfn = pte_pfn(new_pte);
    1.19 @@ -2255,22 +2255,24 @@ replace_grant_host_mapping(unsigned long
    1.20          goto out;
    1.21      }
    1.22  
    1.23 +    if (new_page) {
    1.24 +        set_gpfn_from_mfn(new_page_mfn, gpfn);
    1.25 +        /* smp_mb() isn't needed because assign_domain_pge_cmpxchg_rel()
    1.26 +           has release semantics. */
    1.27 +    }
    1.28      old_pte = ptep_cmpxchg_rel(&d->arch.mm, gpaddr, pte, cur_pte, new_pte);
    1.29 -    if (unlikely(!pte_present(old_pte))) {
    1.30 -        gdprintk(XENLOG_INFO, "%s: gpaddr 0x%lx mfn 0x%lx"
    1.31 -                         " cur_pte 0x%lx old_pte 0x%lx\n",
    1.32 -                __func__, gpaddr, mfn, pte_val(cur_pte), pte_val(old_pte));
    1.33 -        goto out;
    1.34 -    }
    1.35      if (unlikely(pte_val(cur_pte) != pte_val(old_pte))) {
    1.36          if (pte_pfn(old_pte) == mfn) {
    1.37              goto again;
    1.38          }
    1.39 -        gdprintk(XENLOG_INFO, "%s gpaddr 0x%lx mfn 0x%lx cur_pte "
    1.40 -                "0x%lx old_pte 0x%lx\n",
    1.41 -                __func__, gpaddr, mfn, pte_val(cur_pte), pte_val(old_pte));
    1.42 +        if (new_page) {
    1.43 +            set_gpfn_from_mfn(new_page_mfn, INVALID_M2P_ENTRY);
    1.44 +            domain_put_page(d, new_gpaddr, new_page_pte, new_pte, 1);
    1.45 +        }
    1.46          goto out;
    1.47      }
    1.48 +    if (unlikely(!pte_present(old_pte)))
    1.49 +        goto out;
    1.50      BUG_ON(pte_pfn(old_pte) != mfn);
    1.51  
    1.52      /* try_to_clear_PGC_allocate(d, page) is not needed. */
    1.53 @@ -2283,8 +2285,9 @@ replace_grant_host_mapping(unsigned long
    1.54      return GNTST_okay;
    1.55  
    1.56   out:
    1.57 -    if (new_page)
    1.58 -        domain_put_page(d, new_gpaddr, new_page_pte, new_pte, 1);
    1.59 +    gdprintk(XENLOG_INFO, "%s gpaddr 0x%lx mfn 0x%lx cur_pte "
    1.60 +             "0x%lx old_pte 0x%lx\n",
    1.61 +             __func__, gpaddr, mfn, pte_val(cur_pte), pte_val(old_pte));
    1.62      return GNTST_general_error;
    1.63  }
    1.64