# HG changeset patch
# User Tim Deegan <Tim.Deegan@xxxxxxxxxx>
# Date 1274798626 -3600
# Node ID 7b11ebe91a678090fee7aee6c74e3dd09df27eb7
# Parent  0b3b2b31e962561390cac4896a4a70841990f0e6
If dom0 alters the p2m of a domain that's being destroyed, we can end up
doing a remove-all-shadows after the shadow hash table has been freed.
Since no hash table implies no shadows, just return immediately.

Signed-off-by: Tim Deegan <Tim.Deegan@xxxxxxxxxx>

diff -r 0b3b2b31e962 -r 7b11ebe91a67 xen/arch/x86/mm/shadow/common.c
--- a/xen/arch/x86/mm/shadow/common.c	Tue May 25 15:43:41 2010 +0100
+++ b/xen/arch/x86/mm/shadow/common.c	Tue May 25 15:43:46 2010 +0100
@@ -2173,8 +2173,13 @@
     struct domain *d = v->domain;
     struct page_info *x;
 
+    ASSERT(shadow_locked_by_me(d));
+
+    /* Can be called via p2m code &c after shadow teardown. */
+    if ( unlikely(!d->arch.paging.shadow.hash_table) )
+        return;
+
     /* Say we're here, to stop hash-lookups reordering the chains */
-    ASSERT(shadow_locked_by_me(d));
     ASSERT(d->arch.paging.shadow.hash_walking == 0);
     d->arch.paging.shadow.hash_walking = 1;