Xen project Mailing List

[Xen-devel] [PATCH 0/5] x86: properly propagate errors to hypercall callee

To: "xen-devel@xxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxx>

From: "Jan Beulich" <JBeulich@xxxxxxxxxx>

Date: Wed, 09 Mar 2011 10:53:22 +0000

Delivery-date: Wed, 09 Mar 2011 02:52:58 -0800

List-id: Xen developer discussion <xen-devel.lists.xensource.com>

Xen should not BUG() or crash when processing a hypercall and running out of memory, but currently it does: (XEN) Xen BUG at mm.c:83 (XEN) ----[ Xen-4.0.2_02-3.6 x86_64 debug=n Tainted: M ]---- (XEN) CPU: 0 (XEN) RIP: e008:[<ffff82c4801f0a1b>] alloc_xen_pagetable+0x8b/0xa0 (XEN) RFLAGS: 0000000000010246 CONTEXT: hypervisor (XEN) rax: 0000000000000000 rbx: 0000000000000173 rcx: 0000000000000040 (XEN) rdx: 0000000000000040 rsi: 0000000000000000 rdi: ffff82c48022caa4 (XEN) rbp: ffff830193dd8000 rsp: ffff82c480477908 r8: 0000000000000001 (XEN) r9: 00ff00ff00ff00ff r10: 0f0f0f0f0f0f0f0f r11: 0000000000000000 (XEN) r12: 000ffffffffff000 r13: 0000000000193dd8 r14: ffff8300cbffb4f0 (XEN) r15: 0000000000000001 cr0: 000000008005003b cr4: 00000000000026f0 (XEN) cr3: 0000000024275000 cr2: ffff8800068a1d80 (XEN) ds: 0000 es: 0000 fs: 0000 gs: 0000 ss: 0000 cs: e008 (XEN) Xen stack trace from rsp=ffff82c480477908: (XEN) 000ffffffffff000 ffff82c480161614 0000000000000010 ffff82c48015d631 (XEN) 000ffff830193dd8 ffff8300cba7d030 0000000100000000 0000000000000000 (XEN) 0000000000000000 0000000000000173 0000000000000173 00000000000001f3 (XEN) 0000000000000111 0000000000193dd8 0000000000000010 0000000000000000 (XEN) ffff82c5487d8000 ffff83022fd82000 ffff82f60327bb00 ffff82c480161e0c (XEN) ffff83022fd82000 0000000000000001 0000000000193dd8 8010000193dd8077 (XEN) ffff83022fd82000 ffff82c480165bda ffff83019563f000 ffff82c480164b1f (XEN) ffff83022fd82000 ffff8800507b7728 0000000000801077 0000000000000002 (XEN) ffff83022fd82000 ffff8300cbe8e000 0000000000000008 8010000193dd8077 (XEN) ffff8800068a1d80 ffff8300cbe8e000 0000000000000008 80100002268a1065 (XEN) 0000000000000000 ffff82c480165e06 0000000000000000 0000000000000000 (XEN) ffff83022fd82000 ffff83022fd82000 ffff8800068a1d80 0000000000000005 (XEN) 0000000000000000 ffff82c4801662a1 ffff82c480477e78 0000000000000000 (XEN) ffff82c480477e78 0000000000000089 0000000000000008 ffff82c480233540 (XEN) 0000000000000048 ffff82c480182d43 ffff83022fde0a70 ffff82f6032ad7a0 (XEN) 0000000000000048 0000000000000000 ffff8302000000d6 ffff82c480111007 (XEN) 0000000000000001 0000000000000008 ffff830100000010 000000d680477f28 (XEN) ffff82c480477b98 ffff82c480477ca8 00000008032ad7a0 ffff82c480477e20 (XEN) 0000000000000000 ffff8800068a1d80 00ff82c480121418 0000000100000008 (XEN) ffff82c480269203 0000000000000096 ffff83022fd82000 ffff82c480269200 (XEN) Xen call trace: (XEN) [<ffff82c4801f0a1b>] alloc_xen_pagetable+0x8b/0xa0 (XEN) [<ffff82c480161614>] map_pages_to_xen+0x5e4/0xd10 (XEN) [<ffff82c48015d631>] do_IRQ+0x291/0x600 (XEN) [<ffff82c480161e0c>] update_xen_mappings+0xcc/0x170 (XEN) [<ffff82c480165bda>] get_page_from_l1e+0x3fa/0x520 (XEN) [<ffff82c480164b1f>] free_page_type+0x3af/0x690 (XEN) [<ffff82c480165e06>] ptwr_emulated_update+0x106/0x450 (XEN) [<ffff82c4801662a1>] ptwr_emulated_write+0x71/0xa0 (XEN) [<ffff82c480182d43>] x86_emulate+0x4773/0xff10 (XEN) [<ffff82c480111007>] do_xen_version+0x217/0x520 (XEN) [<ffff82c48015d631>] do_IRQ+0x291/0x600 (XEN) [<ffff82c4801716fc>] flush_area_mask+0x7c/0x130 (XEN) [<ffff82c4801524ec>] context_switch+0x18c/0xec0 (XEN) [<ffff82c480161fad>] get_page+0x2d/0x100 (XEN) [<ffff82c48015bae0>] set_eoi_ready+0x0/0x40 (XEN) [<ffff82c4801622eb>] ptwr_do_page_fault+0x1ab/0x200 (XEN) [<ffff82c48012169a>] timer_softirq_action+0x21a/0x360 (XEN) [<ffff82c48017d764>] do_page_fault+0x114/0x450 (XEN) [<ffff82c4801f0605>] handle_exception_saved+0x2d/0x6b (XEN) (XEN) (XEN) **************************************** (XEN) Panic on CPU 0: (XEN) Xen BUG at mm.c:83 (XEN) **************************************** This patch set makes it so that not only the offending BUG() gets eliminated, but also properly propagates the error to the guest, so that the latter can take action (which will itself require quite some changes to prevent crashing the guest in that situation, particularly where utilizing Xen's writeable page table support). 1: don't BUG() post-boot in alloc_xen_pagetable() 2: run-time callers of map_pages_to_xen() must check for errors 3: make get_page_from_l1e() return a proper error code 4: make mod_l1_entry() return a proper error code 5: make mod_l2_entry() return a proper error code All but the last are clear candidates for backporting to 4.1 and 4.0, albeit for the former perhaps only after 4.1.0. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxxxx> _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.