IA64: fix panic caused by daccess fault.

While fpswa emulation, Xen VMM access guest virtual address space
which may cause daccess fault resulting in panic.
This patch make daccess fault handler handle such cases properly.

(XEN) Xen BUG at faults.c:583
(XEN) FIXME: implement ia64 dump_execution_state()
(XEN)
(XEN) Call Trace:
(XEN)  [<f4000000040fe360>] show_stack+0x90/0xb0
(XEN)                                 sp=f0000002b6067940 bsp=f0000002b6061860
(XEN)  [<f4000000040fee70>] dump_stack+0x30/0x50
(XEN)                                 sp=f0000002b6067b10 bsp=f0000002b6061840
(XEN)  [<f4000000040640d0>] __bug+0x70/0xa0
(XEN)                                 sp=f0000002b6067b10 bsp=f0000002b6061810
(XEN)  [<f4000000040b53b0>] ia64_handle_reflection+0x60/0x13b0
(XEN)                                 sp=f0000002b6067b10 bsp=f0000002b60617b8
(XEN)  [<f4000000040f5b40>] ia64_leave_kernel+0x0/0x300
(XEN)                                 sp=f0000002b6067b20 bsp=f0000002b60617b8
(XEN)  [<f4000000040c3a20>] __get_domain_bundle+0x0/0x40
(XEN)                                 sp=f0000002b6067d20 bsp=f0000002b6061778
(XEN)  [<f4000000040bee20>] vcpu_get_domain_bundle+0xb0/0xa10
(XEN)                                 sp=f0000002b6067d20 bsp=f0000002b60616e8
(XEN)  [<f4000000040b3f20>] handle_fpu_swa+0x360/0x4a0
(XEN)                                 sp=f0000002b6067d60 bsp=f0000002b6061660
(XEN) vcpu.c:1371: vcpu_get_domain_bundle gip 0x40000000000008a0
(XEN)  [<f4000000040b5e90>] ia64_handle_reflection+0xb40/0x13b0
(XEN)                                 sp=f0000002b6067df0 bsp=f0000002b6061610
(XEN) vcpu.c:1371: vcpu_get_domain_bundle gip 0x4000000000000730
(XEN) faults.c:343:d6 handle_fpu_swa(fault): floating-point bundle at 0x4000000000000730 not mapped
(XEN)  [<f4000000040f5b40>] ia64_leave_kernel+0x0/0x300
(XEN)                                 sp=f0000002b6067e00 bsp=f0000002b6061610
(XEN) vcpu.c:1371: vcpu_get_domain_bundle gip 0x40000000000008a0
(XEN) faults.c:343:d6 handle_fpu_swa(fault): floating-point bundle at 0x40000000000008a0 not mapped
(XEN)
(XEN) ****************************************
(XEN) Panic on CPU 15:
(XEN) Xen BUG at faults.c:583
(XEN) ****************************************

Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>

diff --git a/xen/arch/ia64/xen/faults.c b/xen/arch/ia64/xen/faults.c
index 7aec52d3b0c07e0cbd33510f9c1018fcb20d130d..1e93c194937a9c0b42cd03f1d140e29657675a48 100644 (file)
--- a/xen/arch/ia64/xen/faults.c
+++ b/xen/arch/ia64/xen/faults.c
@@ -412,6 +412,13 @@ ia64_fault(unsigned long vector, unsigned long isr, unsigned long ifa,
                printk("Dirty-bit.\n");
                break;
 
+       case 10:
+               /* __domain_get_bundle() may cause fault. */
+               if (ia64_done_with_exception(regs))
+                       return;
+               printk("Data Access-bit.\n");
+               break;
+
        case 20:
                printk("Page Not Found.\n");
                break;

diff --git a/xen/arch/ia64/xen/ivt.S b/xen/arch/ia64/xen/ivt.S
index 71c779207eeadde5226097a14615d4e4446a11fd..7c5ac5f04c811183ec52f6325016322ee68209a9 100644 (file)
--- a/xen/arch/ia64/xen/ivt.S
+++ b/xen/arch/ia64/xen/ivt.S
@@ -471,10 +471,17 @@ ENTRY(daccess_bit)
        DBG_FAULT(10)
        mov r16=cr.isr
        mov r17=cr.ifa
+       mov r18=cr.ipsr
        mov r31=pr
        mov r19=10
+       ;;
        mov r20=0x2800
-       br.sptk.many fast_access_reflect
+       extr.u r18=r18,IA64_PSR_CPL0_BIT,2
+       ;;
+       cmp.ne p6,p0=r0,r18     /* cpl != 0? */
+(p6)   br.sptk.many fast_access_reflect
+       /* __domain_get_bundle() may cause this fault. */
+       br.sptk.few dispatch_to_fault_handler
        ;;
 END(daccess_bit)