From mboxrd@z Thu Jan 1 00:00:00 1970 From: NISHIGUCHI Naoki Subject: [PATCH] x86: fix NULL function call in timer_softirq_action() Date: Tue, 22 Apr 2008 11:42:18 +0900 Message-ID: <480D508A.6000403@jp.fujitsu.com> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="------------020205020006010707070906" Return-path: List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xensource.com Errors-To: xen-devel-bounces@lists.xensource.com To: xen-devel@lists.xensource.com List-Id: xen-devel@lists.xenproject.org This is a multi-part message in MIME format. --------------020205020006010707070906 Content-Type: text/plain; charset=ISO-2022-JP Content-Transfer-Encoding: 7bit Hi, In VT-d enabled and SMP machine, when start HVM guests that was assigned device such as "pci = ['01:00.0']", sometimes panic happens! This panic occurs because of NULL function call in timer_softirq_action(). Attached patch fixes this problem. This panic's cause was find_first_bit() in vmx_dirq_assist(). In find_first_bit(__find_first_bit) function, "repe; scas" instruction and "bsf" instruction refer addresses of a bitmap. If clear_bit() is called to clear a bit of the bitmap between above instructions, eax register's value is zero after execution of "bsf" instruction. As a result, the return value of find_first_bit() will be 0, 64, 128 or 192(on x86_64 arch). In this case, vmx_dirq_assist() calls set_timer() about the bit not to be set. If hvm_timer(timer structure) about the bit is not initialized, timer_softirq_action() will call zero address. Only in VT-d enabled and SMP machine, clear_bit() is called in pt_irq_time_out() on another cpu. Signed-off-by: Naoki Nishiguchi Regards, Naoki Nishiguchi --------------020205020006010707070906 Content-Type: text/plain; name="bitops.patch" Content-Transfer-Encoding: base64 Content-Disposition: inline; filename="bitops.patch" ZGlmZiAtciAwOGUwMTBjM2YyNTEgeGVuL2FyY2gveDg2L2JpdG9wcy5jCi0tLSBhL3hlbi9h cmNoL3g4Ni9iaXRvcHMuYwlUdWUgQXByIDE1IDE2OjM5OjAwIDIwMDggKzAxMDAKKysrIGIv eGVuL2FyY2gveDg2L2JpdG9wcy5jCVdlZCBBcHIgMTYgMDk6Mzg6MDYgMjAwOCArMDkwMApA QCAtOCwxMiArOCwxNSBAQCB1bnNpZ25lZCBpbnQgX19maW5kX2ZpcnN0X2JpdCgKICAgICB1 bnNpZ25lZCBsb25nIGQwLCBkMSwgcmVzOwogCiAgICAgYXNtIHZvbGF0aWxlICgKLSAgICAg ICAgIiAgIHhvciAlJWVheCwlJWVheFxuXHQiIC8qIGFsc28gZW5zdXJlcyBaRj09MSBpZiBz aXplPT0wICovCisgICAgICAgICIxOiB4b3IgJSVlYXgsJSVlYXhcblx0IiAvKiBhbHNvIGVu c3VyZXMgWkY9PTEgaWYgc2l6ZT09MCAqLwogICAgICAgICAiICAgcmVwZTsgc2NhcyJfX09T IlxuXHQiCi0gICAgICAgICIgICBqZSAxZlxuXHQiCisgICAgICAgICIgICBqZSAyZlxuXHQi CiAgICAgICAgICIgICBsZWEgLSJTVFIoQklUU19QRVJfTE9ORy84KSIoJTIpLCUyXG5cdCIK LSAgICAgICAgIiAgIGJzZiAoJTIpLCUwXG4iCi0gICAgICAgICIxOiBzdWIgJSVlYngsJSVl ZGlcblx0IgorICAgICAgICAiICAgYnNmICglMiksJTBcblx0IgorICAgICAgICAiICAgam56 IDJmXG5cdCIKKyAgICAgICAgIiAgIGxlYSAiU1RSKEJJVFNfUEVSX0xPTkcvOCkiKCUyKSwl MlxuXHQiCisgICAgICAgICIgICBqbXAgMWJcblx0IgorICAgICAgICAiMjogc3ViICUlZWJ4 LCUlZWRpXG5cdCIKICAgICAgICAgIiAgIHNobCAkMywlJWVkaVxuXHQiCiAgICAgICAgICIg ICBhZGQgJSVlZGksJSVlYXgiCiAgICAgICAgIDogIj0mYSIgKHJlcyksICI9JmMiIChkMCks ICI9JkQiIChkMSkK --------------020205020006010707070906 Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel --------------020205020006010707070906--