From mboxrd@z Thu Jan  1 00:00:00 1970
From: Tim Deegan <tim@xen.org>
Subject: [PATCH] Re:  Shadow domains left zombie
Date: Thu, 19 Apr 2012 18:08:40 +0100
Message-ID: <20120419170840.GD23663@ocelot.phlegethon.org>
References: <b5856216c6c888126d40e9b32781ee52.squirrel@webmail.lagarcavilla.org>
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="zx4FCpZtqtKETZ7O"
Return-path: <xen-devel-bounces@lists.xen.org>
Content-Disposition: inline
In-Reply-To: <b5856216c6c888126d40e9b32781ee52.squirrel@webmail.lagarcavilla.org>
List-Unsubscribe: <http://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <http://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Sender: xen-devel-bounces@lists.xen.org
Errors-To: xen-devel-bounces@lists.xen.org
To: Andres Lagar-Cavilla <andres@lagarcavilla.org>
Cc: Gianluca Guida <glguida@gmail.com>, Jan Beulich <jbeulich@suse.com>, xen-devel@lists.xen.org
List-Id: xen-devel@lists.xenproject.org


--zx4FCpZtqtKETZ7O
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline

At 09:19 -0700 on 13 Apr (1334308772), Andres Lagar-Cavilla wrote:
> After a hvm+shadow domain dies (either clean shutdown or merciless
> destroy), the domain is left in a zombie state with 1 (one) page left
> dangling with a single reference.

The reference is to the top-level pagetable that was pointed to by CR3
when the domain was killed.  This bug came in with:

 changeset:   23142:f5e8d152a565
 user:        Jan Beulich <jbeulich@novell.com>
 date:        Tue Apr 05 13:01:25 2011 +0100
 description: x86: split struct vcpu

where HVM domains no longer have vcpu_destroy_pagetables(v) called on
their VCPUs as they die.  Proposed fix attached.

Cheers,

Tim.

--zx4FCpZtqtKETZ7O
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: attachment; filename=guest-table-ref

x86: restore vcpu_destroy_pagetables() call on HVM domain teardown.

HVM vcpus that are using shadow pagetables have valid guest_table fields,
which need to be tidied up on domain teardown.

Signed-off-by: Tim Deegan <tim@xen.org>

diff -r 29e4f8cefc5a -r e67b344afe8e xen/arch/x86/domain.c
--- a/xen/arch/x86/domain.c	Thu Apr 19 15:48:30 2012 +0100
+++ b/xen/arch/x86/domain.c	Thu Apr 19 18:04:29 2012 +0100
@@ -2105,13 +2105,14 @@ int domain_relinquish_resources(struct d
         /* Tear down paging-assistance stuff. */
         paging_teardown(d);
 
+        /* Drop the in-use references to page-table bases. */
+        for_each_vcpu ( d, v )
+            vcpu_destroy_pagetables(v);
+
         if ( !is_hvm_domain(d) )
         {
             for_each_vcpu ( d, v )
             {
-                /* Drop the in-use references to page-table bases. */
-                vcpu_destroy_pagetables(v);
-
                 /*
                  * Relinquish GDT mappings. No need for explicit unmapping of
                  * the LDT as it automatically gets squashed with the guest

--zx4FCpZtqtKETZ7O
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel

--zx4FCpZtqtKETZ7O--