diff -r 8330198c3240 xen/arch/x86/mm/p2m.c --- a/xen/arch/x86/mm/p2m.c Fri Jul 27 12:24:03 2012 +0200 +++ b/xen/arch/x86/mm/p2m.c Tue Jul 31 16:49:54 2012 +0200 @@ -1582,12 +1582,19 @@ unsigned long paging_gva_to_gfn(struct v struct p2m_domain *p2m; const struct paging_mode *mode; uint64_t ncr3 = nhvm_vcpu_hostcr3(v); + uint32_t pfec1 = *pfec; /* translate l2 guest va into l2 guest gfn */ p2m = p2m_get_nestedp2m(v, ncr3); mode = paging_get_nestedmode(v); gfn = mode->gva_to_gfn(v, p2m, va, pfec); + /* if l1 guest maps its mmio pages into the + * l2 guest then we see this case here. */ + if (gfn == INVALID_GFN) + return INVALID_GFN; + *pfec = pfec1; + /* translate l2 guest gfn into l1 guest gfn */ return hostmode->p2m_ga_to_gfn(v, hostp2m, ncr3, gfn << PAGE_SHIFT, pfec, NULL);