From e4a1897ed12f699aadb40970438fe4e39404e086 Mon Sep 17 00:00:00 2001 From: Keir Fraser Date: Wed, 26 May 2010 08:01:21 +0100 Subject: [PATCH] x86 shadow: Avoid remove-all-shadows after shadow teardown If dom0 alters the p2m of a domain that's being destroyed, we can end up doing a remove-all-shadows after the shadow hash table has been freed. Since no hash table implies no shadows, just return immediately. Signed-off-by: Tim Deegan --- xen/arch/x86/mm/shadow/common.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/xen/arch/x86/mm/shadow/common.c b/xen/arch/x86/mm/shadow/common.c index 6c49134fe0..36f5839c66 100644 --- a/xen/arch/x86/mm/shadow/common.c +++ b/xen/arch/x86/mm/shadow/common.c @@ -2173,8 +2173,13 @@ static void hash_foreach(struct vcpu *v, struct domain *d = v->domain; struct page_info *x; - /* Say we're here, to stop hash-lookups reordering the chains */ ASSERT(shadow_locked_by_me(d)); + + /* Can be called via p2m code &c after shadow teardown. */ + if ( unlikely(!d->arch.paging.shadow.hash_table) ) + return; + + /* Say we're here, to stop hash-lookups reordering the chains */ ASSERT(d->arch.paging.shadow.hash_walking == 0); d->arch.paging.shadow.hash_walking = 1; -- 2.30.2