xen: Do not BUG_ON page count_info in free_domheap_pages().

Signed-off-by: Keir Fraser <keir@xensource.com>

diff --git a/xen/arch/x86/mm/shadow/common.c b/xen/arch/x86/mm/shadow/common.c
index 8ef8b55b025b1be5b1b6d7292f726531960835ed..2d57d53c07d2a44495c9fb74e72a455fd41e1e75 100644 (file)
--- a/xen/arch/x86/mm/shadow/common.c
+++ b/xen/arch/x86/mm/shadow/common.c
@@ -1245,9 +1245,6 @@ static unsigned int sh_set_allocation(struct domain *d,
             list_del(&sp->list);
             d->arch.paging.shadow.free_pages -= 1<<SHADOW_MAX_ORDER;
             d->arch.paging.shadow.total_pages -= 1<<SHADOW_MAX_ORDER;
-            for ( j = 0; j < 1<<SHADOW_MAX_ORDER; j++ ) 
-                /* Keep the page allocator happy */
-                ((struct page_info *)sp)[j].count_info = 0;
             free_domheap_pages((struct page_info *)sp, SHADOW_MAX_ORDER);
         }
 

diff --git a/xen/common/page_alloc.c b/xen/common/page_alloc.c
index bda9931e921e8ade6ec8cfe060bf1cdba1e19cd2..9963692b5161c2f6ee0644a16cc43bd05847ecca 100644 (file)
--- a/xen/common/page_alloc.c
+++ b/xen/common/page_alloc.c
@@ -445,7 +445,19 @@ static void free_heap_pages(
 
     for ( i = 0; i < (1 << order); i++ )
     {
-        BUG_ON(pg[i].count_info != 0);
+        /*
+         * Cannot assume that count_info == 0, as there are some corner cases
+         * where it isn't the case and yet it isn't a bug:
+         *  1. page_get_owner() is NULL
+         *  2. page_get_owner() is a domain that was never accessible by
+         *     its domid (e.g., failed to fully construct the domain).
+         *  3. page was never addressable by the guest (e.g., it's an
+         *     auto-translate-physmap guest and the page was never included
+         *     in its pseudophysical address space).
+         * In all the above cases there can be no guest mappings of this page.
+         */
+        pg[i].count_info = 0;
+
         if ( (d = page_get_owner(&pg[i])) != NULL )
         {
             pg[i].tlbflush_timestamp = tlbflush_current_time();