From: Jan Beulich <jbeulich@suse.com>
Date: Mon, 9 Sep 2013 12:34:12 +0000 (+0200)
Subject: xmalloc: make whole pages xfree() clear the order field (ab)used by xmalloc()
X-Git-Tag: archive/raspbian/4.8.0-1+rpi1~1^2~6410
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=0fbf3208d9c1a568aeeb61d9f4fbca03b1cfa1f8;p=xen.git

xmalloc: make whole pages xfree() clear the order field (ab)used by xmalloc()

Not doing this was found to cause problems with sequences of allocation
(multi-page), freeing, and then again allocation of the same page upon
boot when interrupts are still disabled (causing the owner field to be
non-zero, thus making the allocator attempt a TLB flush and, in its
processing, triggering an assertion).

Reported-by: Tomasz Wroblewski <tomasz.wroblewski@citrix.com>
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Tested-by: Tomasz Wroblewski <tomasz.wroblewski@citrix.com>
Acked-by: Keir Fraser <keir@xen.org>
---

diff --git a/xen/common/xmalloc_tlsf.c b/xen/common/xmalloc_tlsf.c
index f19fb85f1f..d3bdfa7d57 100644
--- a/xen/common/xmalloc_tlsf.c
+++ b/xen/common/xmalloc_tlsf.c
@@ -629,6 +629,7 @@ void xfree(void *p)
         unsigned int i, order = get_order_from_pages(size);
 
         BUG_ON((unsigned long)p & ((PAGE_SIZE << order) - 1));
+        PFN_ORDER(virt_to_page(p)) = 0;
         for ( i = 0; ; ++i )
         {
             if ( !(size & (1 << i)) )