Hi David, On 01/02/2020 00:32, David Woodhouse wrote:
/* * Hand the specified arbitrary page range to the specified heap zone * checking the node_id of the previous page. If they differ and the @@ -1799,18 +1811,23 @@ static void init_heap_pages( { unsigned int nid = phys_to_nid(page_to_maddr(pg+i));+ /* If the (first) page is already marked broken, don't add it. */+ if ( pg[i].count_info & PGC_broken ) + continue; + if ( unlikely(!avail[nid]) ) { + unsigned long contig_nr_pages = contig_avail_pages(pg + i, nr_pages);
I spent the evening chasing a bug due to this change. Xen may give to init_heap_pages() a range that crosses NUMA node.
contig_avail_pages will go through the range [pg + 1, pg + i + nr_pages). As nr_pages corresponds to the number of pages in the original range, we may overrun the frametable and crash.
So I think you want to use contig_avail_pages(pg + i, nr_pages - i). Cheers, -- Julien Grall _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel
