|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] vfree crash
On 01.07.2019 10:56, Andrew Cooper wrote: > On 01/07/2019 09:45, Petre Ovidiu PIRCALABU wrote: >> The problem lies with vfree because it creates a new list with the >> pages, unmaps the va pointer and then frees the pages. If I do these >> steps manually (without adding them to a new list) it works. > > The problem here is that struct page_info only has a single linked list > pointer, and vfree() blindly assumes it is available for use, which > isn't true once you've called assign_pages() on the vmap area. > > At the moment, it doesn't look like it is possible to set v*alloc()'d > pages up suitably to be mapped by a guest. (Similar corruption will > occur via share_xen_page_with_guest() and the xenheap list). Well, whoever assigns pages to a domain behind vmalloc()'s back has got to make sure to de-assign those pages before freeing them. An alternative _might_ be to leave freeing to the normal cleanup processes (when the last page ref gets put), and just vunmap()-ing the range when the mapping isn't needed anymore. Jan _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxx https://lists.xenproject.org/mailman/listinfo/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |