WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-devel

[Xen-devel] [PATCH 0/5] x86: properly propagate errors to hypercall call

To: "xen-devel@xxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxx>
Subject: [Xen-devel] [PATCH 0/5] x86: properly propagate errors to hypercall callee
From: "Jan Beulich" <JBeulich@xxxxxxxxxx>
Date: Wed, 09 Mar 2011 10:53:22 +0000
Delivery-date: Wed, 09 Mar 2011 02:52:58 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
Xen should not BUG() or crash when processing a hypercall and running
out of memory, but currently it does:

(XEN) Xen BUG at mm.c:83
(XEN) ----[ Xen-4.0.2_02-3.6  x86_64  debug=n  Tainted:  M   ]----
(XEN) CPU:    0
(XEN) RIP:    e008:[<ffff82c4801f0a1b>] alloc_xen_pagetable+0x8b/0xa0
(XEN) RFLAGS: 0000000000010246   CONTEXT: hypervisor
(XEN) rax: 0000000000000000   rbx: 0000000000000173   rcx: 0000000000000040
(XEN) rdx: 0000000000000040   rsi: 0000000000000000   rdi: ffff82c48022caa4
(XEN) rbp: ffff830193dd8000   rsp: ffff82c480477908   r8:  0000000000000001
(XEN) r9:  00ff00ff00ff00ff   r10: 0f0f0f0f0f0f0f0f   r11: 0000000000000000
(XEN) r12: 000ffffffffff000   r13: 0000000000193dd8   r14: ffff8300cbffb4f0
(XEN) r15: 0000000000000001   cr0: 000000008005003b   cr4: 00000000000026f0
(XEN) cr3: 0000000024275000   cr2: ffff8800068a1d80
(XEN) ds: 0000   es: 0000   fs: 0000   gs: 0000   ss: 0000   cs: e008
(XEN) Xen stack trace from rsp=ffff82c480477908:
(XEN)    000ffffffffff000 ffff82c480161614 0000000000000010 ffff82c48015d631
(XEN)    000ffff830193dd8 ffff8300cba7d030 0000000100000000 0000000000000000
(XEN)    0000000000000000 0000000000000173 0000000000000173 00000000000001f3
(XEN)    0000000000000111 0000000000193dd8 0000000000000010 0000000000000000
(XEN)    ffff82c5487d8000 ffff83022fd82000 ffff82f60327bb00 ffff82c480161e0c
(XEN)    ffff83022fd82000 0000000000000001 0000000000193dd8 8010000193dd8077
(XEN)    ffff83022fd82000 ffff82c480165bda ffff83019563f000 ffff82c480164b1f
(XEN)    ffff83022fd82000 ffff8800507b7728 0000000000801077 0000000000000002
(XEN)    ffff83022fd82000 ffff8300cbe8e000 0000000000000008 8010000193dd8077
(XEN)    ffff8800068a1d80 ffff8300cbe8e000 0000000000000008 80100002268a1065
(XEN)    0000000000000000 ffff82c480165e06 0000000000000000 0000000000000000
(XEN)    ffff83022fd82000 ffff83022fd82000 ffff8800068a1d80 0000000000000005
(XEN)    0000000000000000 ffff82c4801662a1 ffff82c480477e78 0000000000000000
(XEN)    ffff82c480477e78 0000000000000089 0000000000000008 ffff82c480233540
(XEN)    0000000000000048 ffff82c480182d43 ffff83022fde0a70 ffff82f6032ad7a0
(XEN)    0000000000000048 0000000000000000 ffff8302000000d6 ffff82c480111007
(XEN)    0000000000000001 0000000000000008 ffff830100000010 000000d680477f28
(XEN)    ffff82c480477b98 ffff82c480477ca8 00000008032ad7a0 ffff82c480477e20
(XEN)    0000000000000000 ffff8800068a1d80 00ff82c480121418 0000000100000008
(XEN)    ffff82c480269203 0000000000000096 ffff83022fd82000 ffff82c480269200
(XEN) Xen call trace:
(XEN)    [<ffff82c4801f0a1b>] alloc_xen_pagetable+0x8b/0xa0
(XEN)    [<ffff82c480161614>] map_pages_to_xen+0x5e4/0xd10
(XEN)    [<ffff82c48015d631>] do_IRQ+0x291/0x600
(XEN)    [<ffff82c480161e0c>] update_xen_mappings+0xcc/0x170
(XEN)    [<ffff82c480165bda>] get_page_from_l1e+0x3fa/0x520
(XEN)    [<ffff82c480164b1f>] free_page_type+0x3af/0x690
(XEN)    [<ffff82c480165e06>] ptwr_emulated_update+0x106/0x450
(XEN)    [<ffff82c4801662a1>] ptwr_emulated_write+0x71/0xa0
(XEN)    [<ffff82c480182d43>] x86_emulate+0x4773/0xff10
(XEN)    [<ffff82c480111007>] do_xen_version+0x217/0x520
(XEN)    [<ffff82c48015d631>] do_IRQ+0x291/0x600
(XEN)    [<ffff82c4801716fc>] flush_area_mask+0x7c/0x130
(XEN)    [<ffff82c4801524ec>] context_switch+0x18c/0xec0
(XEN)    [<ffff82c480161fad>] get_page+0x2d/0x100
(XEN)    [<ffff82c48015bae0>] set_eoi_ready+0x0/0x40
(XEN)    [<ffff82c4801622eb>] ptwr_do_page_fault+0x1ab/0x200
(XEN)    [<ffff82c48012169a>] timer_softirq_action+0x21a/0x360
(XEN)    [<ffff82c48017d764>] do_page_fault+0x114/0x450
(XEN)    [<ffff82c4801f0605>] handle_exception_saved+0x2d/0x6b
(XEN)    
(XEN) 
(XEN) ****************************************
(XEN) Panic on CPU 0:
(XEN) Xen BUG at mm.c:83
(XEN) ****************************************

This patch set makes it so that not only the offending BUG() gets
eliminated, but also properly propagates the error to the guest,
so that the latter can take action (which will itself require quite
some changes to prevent crashing the guest in that situation,
particularly where utilizing Xen's writeable page table support).

1: don't BUG() post-boot in alloc_xen_pagetable()
2: run-time callers of map_pages_to_xen() must check for errors
3: make get_page_from_l1e() return a proper error code
4: make mod_l1_entry() return a proper error code
5: make mod_l2_entry() return a proper error code

All but the last are clear candidates for backporting to 4.1 and 4.0,
albeit for the former perhaps only after 4.1.0.

Signed-off-by: Jan Beulich <jbeulich@xxxxxxxxxx>


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel