x86: Fix fatal page fault when vram dirty logic handles MMIO of passthrough devices.

Signed-off-by: Qing He <qing.he@intel.com>

diff --git a/xen/arch/x86/mm/shadow/multi.c b/xen/arch/x86/mm/shadow/multi.c
index f9f88d6ad4e43e6d36c32955b5d3e838fc013f3d..d8fdf1c8168da65b32d97369557935d30664cee9 100644 (file)
--- a/xen/arch/x86/mm/shadow/multi.c
+++ b/xen/arch/x86/mm/shadow/multi.c
@@ -1268,6 +1268,9 @@ static inline void shadow_vram_get_l1e(shadow_l1e_t new_sl1e,
     if ( !d->dirty_vram ) return;
 
     mfn = shadow_l1e_get_mfn(new_sl1e);
+
+    if ( !mfn_valid(mfn) ) return; /* m2p for mmio_direct may not exist */
+
     gfn = mfn_to_gfn(d, mfn);
 
     if ( (gfn >= d->dirty_vram->begin_pfn) && (gfn < d->dirty_vram->end_pfn) ) {
@@ -1293,6 +1296,9 @@ static inline void shadow_vram_put_l1e(shadow_l1e_t old_sl1e,
     if ( !d->dirty_vram ) return;
 
     mfn = shadow_l1e_get_mfn(old_sl1e);
+
+    if ( !mfn_valid(mfn) ) return;
+
     gfn = mfn_to_gfn(d, mfn);
 
     if ( (gfn >= d->dirty_vram->begin_pfn) && (gfn < d->dirty_vram->end_pfn) ) {