ia64/xen-unstable

changeset 8282:29055c5ad51d

Fixed a get/put_page mismatch for guest L2 pages. Sometimes, when you
destroy an OS when it is in real mode, there is an extra put_page in
domain_relinquish_resource. This causes the page be freed with
non-zero type count. With ASSERT enabled, hypervisor will crash; with
debug=n, on some machines, the system will hang in
alloc_domheap_pages, due to type_info being a union with cpumask and
not equal to 0.

Signed-off-by: Xiaofeng Ling <xiaofeng.ling@intel.com>
author kaf24@firebug.cl.cam.ac.uk
date Thu Dec 08 15:18:13 2005 +0100 (2005-12-08)
parents 37e19db6ecc3
children 5f7398785e02
files xen/arch/x86/vmx.c
line diff
     1.1 --- a/xen/arch/x86/vmx.c	Thu Dec 08 15:13:38 2005 +0100
     1.2 +++ b/xen/arch/x86/vmx.c	Thu Dec 08 15:18:13 2005 +0100
     1.3 @@ -905,7 +905,7 @@ vmx_world_save(struct vcpu *v, struct vm
     1.4  int
     1.5  vmx_world_restore(struct vcpu *v, struct vmx_assist_context *c)
     1.6  {
     1.7 -    unsigned long mfn, old_cr4;
     1.8 +    unsigned long mfn, old_cr4, old_base_mfn;
     1.9      int error = 0;
    1.10  
    1.11      error |= __vmwrite(GUEST_RIP, c->eip);
    1.12 @@ -945,7 +945,12 @@ vmx_world_restore(struct vcpu *v, struct
    1.13              return 0;
    1.14          }
    1.15          mfn = get_mfn_from_pfn(c->cr3 >> PAGE_SHIFT);
    1.16 +        if(!get_page(pfn_to_page(mfn), v->domain))
    1.17 +                return 0;
    1.18 +        old_base_mfn = pagetable_get_pfn(v->arch.guest_table);
    1.19          v->arch.guest_table = mk_pagetable(mfn << PAGE_SHIFT);
    1.20 +        if (old_base_mfn)
    1.21 +             put_page(pfn_to_page(old_base_mfn));
    1.22          update_pagetables(v);
    1.23          /*
    1.24           * arch.shadow_table should now hold the next CR3 for shadow
    1.25 @@ -1174,9 +1179,11 @@ static int vmx_set_cr0(unsigned long val
    1.26      }
    1.27  
    1.28      if(!((value & X86_CR0_PE) && (value & X86_CR0_PG)) && paging_enabled)
    1.29 -        if(v->arch.arch_vmx.cpu_cr3)
    1.30 +        if(v->arch.arch_vmx.cpu_cr3){
    1.31              put_page(pfn_to_page(get_mfn_from_pfn(
    1.32                        v->arch.arch_vmx.cpu_cr3 >> PAGE_SHIFT)));
    1.33 +            v->arch.guest_table = mk_pagetable(0);
    1.34 +        }
    1.35  
    1.36      /*
    1.37       * VMX does not implement real-mode virtualization. We emulate