Xen project Mailing List

Re: [Xen-devel] vfree crash

To: Paul Durrant <Paul.Durrant@xxxxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>

From: Petre Ovidiu PIRCALABU <ppircalabu@xxxxxxxxxxxxxxx>

Date: Mon, 1 Jul 2019 09:26:36 +0000

Accept-language: ro-RO, en-US

Authentication-results: spf=none (sender IP is ) smtp.mailfrom=ppircalabu@xxxxxxxxxxxxxxx;

Cc: Alexandru Stefan ISAILA <aisaila@xxxxxxxxxxxxxxx>, "rcojocaru@xxxxxxxxxxxxxxx" <rcojocaru@xxxxxxxxxxxxxxx>

Delivery-date: Mon, 01 Jul 2019 09:26:49 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

Thread-index: AQHVLdtKR3tMnDvHzU6ntSjZrlUsUaa1cLWAgAAGYACAAAF2gIAACeQA

Thread-topic: vfree crash

On Mon, 2019-07-01 at 08:55 +0000, Paul Durrant wrote: > > -----Original Message----- > > From: Petre Ovidiu PIRCALABU <ppircalabu@xxxxxxxxxxxxxxx> > > Sent: 01 July 2019 09:46 > > To: Paul Durrant <Paul.Durrant@xxxxxxxxxx>; > > xen-devel@xxxxxxxxxxxxxxxxxxxx; Andrew Cooper > > <Andrew.Cooper3@xxxxxxxxxx> > > Cc: Alexandru Stefan ISAILA <aisaila@xxxxxxxxxxxxxxx>; > > rcojocaru@xxxxxxxxxxxxxxx > > Subject: Re: vfree crash > > > > On Mon, 2019-07-01 at 08:29 +0000, Paul Durrant wrote: > > > > -----Original Message----- > > > > From: Xen-devel <xen-devel-bounces@xxxxxxxxxxxxxxxxxxxx> On > > > > Behalf > > > > Of Petre Ovidiu PIRCALABU > > > > Sent: 28 June 2019 19:00 > > > > To: xen-devel@xxxxxxxxxxxxxxxxxxxx; Andrew Cooper < > > > > Andrew.Cooper3@xxxxxxxxxx> > > > > Cc: Alexandru Stefan ISAILA <aisaila@xxxxxxxxxxxxxxx>; > > > > rcojocaru@xxxxxxxxxxxxxxx > > > > Subject: [Xen-devel] vfree crash > > > > > > > > Hello, > > > > > > > > I need your help to pinpoint the root cause of a problem. To my > > > > understanding vfree should be used when allocating memory with > > > > vmalloc. > > > > > > > > But, I have the following scenario which results in a XEN > > > > crash: > > > > - allocate a number of frames using vmalloc (vzalloc) (e.g. > > > > using a > > > > domctl) and assign them to the calling domain > > > > - map the frames using xenforeignmemory_map_resource > > > > > > Do you really mean xenforeignmemory_map_resource()? If the memory > > > is > > > assigned to the calling domain then this is quite likely not to > > > work. > > > There were reference counting problems with that code, which is > > > why > > > caller assigned resources were dropped. > > > > > > Paul > > > > > > > The problem lies with vfree because it creates a new list with the > > pages, unmaps the va pointer and then frees the pages. If I do > > these > > steps manually (without adding them to a new list) it works. > > So, looking at the code, I don't think it is intended that > v[m|z]alloced pages get assigned to a domain. Could you point at > where the assignment is happening? > > Paul > > > > > Many thanks, > > Petre > > I'm doing it locally in my test (mock_enable domctl) by calling assign_pages for each one allocated by vzalloc. https://gitlab.com/xen-project/people/bitdefender/xen/blob/vfree_crash/xen/common/mock.c (line 55) Many thanks, Petre _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxx https://lists.xenproject.org/mailman/listinfo/xen-devel

Follow-Ups:

Re: [Xen-devel] vfree crash
- From: Paul Durrant

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.