[Xen-devel] A random bug introduced in C/S 10918

["Li, Xin B" <xin.b.li@xxxxxxxxx>]

Hi Keir,
After C/S 10918, we often encountered a bug when creating HVM guests:
(XEN) Can not find E820 memory map page for HVM domain.
(XEN) domain_crash_sync called from hvm.c:98
(XEN) Domain 1 (vcpu#0) crashed on cpu#1:
(XEN) ----[ Xen-3.0-unstable    Not tainted ]----
(XEN) CPU:    1
(XEN) RIP:    0010:[<0000000000100000>]
(XEN) RFLAGS: 0000000000000002   CONTEXT: hvm
(XEN) rax: 0000000000000000   rbx: 0000000000000000   rcx:
0000000000000000
(XEN) rdx: 0000000000000000   rsi: 0000000000000000   rdi:
0000000000000000
(XEN) rbp: 0000000000000000   rsp: 0000000000000000   r8:
0000000000000000
(XEN) r9:  0000000000000000   r10: 0000000000000000   r11:
0000000000000000
(XEN) r12: 0000000000000000   r13: 0000000000000000   r14:
0000000000000000
(XEN) r15: 0000000000000000   cr0: 0000000000000000   cr3:
0000000000000000
(XEN) ds: 0008   es: 0008   fs: 0008   gs: 0008   ss: 0008   cs: 0010

But it doesn't always happen, and more investigation shows that
get_mfn_from_gpfn sometimes works fine while sometimes returns invalid
mfn.  Actually it's caused by the removing of "local_flush_tlb_pge()" in
e820_foreach(), and the following patch fixes it.

diff -r 7ff6020e4758 xen/arch/x86/hvm/hvm.c
--- a/xen/arch/x86/hvm/hvm.c    Thu Aug 03 15:02:34 2006 +0100
+++ b/xen/arch/x86/hvm/hvm.c    Tue Aug 15 18:07:15 2006 +0800
@@ -91,6 +91,8 @@ static void e820_foreach(struct domain *
     unsigned char *p;
     unsigned long mfn;
 
+    local_flush_tlb_pge();
+
     mfn = gmfn_to_mfn(d, E820_MAP_PAGE >> PAGE_SHIFT);
     if ( mfn == INVALID_MFN )
     {

I don't think this is a clean fix, but how can this happen? Seems p2m
table TLB entries sometimes are not flushed when loading a new cr3
value.  Can you help to take a look?

-Xin

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel