From mboxrd@z Thu Jan  1 00:00:00 1970
From: schumi.han@gmail.com
Subject: question about foreign mapped page
Date: Fri, 12 May 2006 18:44:50 +0800
Message-ID: <44646722.6040405@gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=gb18030; format=flowed
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xensource.com>
List-Unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xensource.com>
List-Help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-Subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
Sender: xen-devel-bounces@lists.xensource.com
Errors-To: xen-devel-bounces@lists.xensource.com
To: Xen-devel@lists.xensource.com
List-Id: xen-devel@lists.xenproject.org

Hi, All!
I met a bug when destroyed the VMX. page_remove_rmap() BUG on
page->_mapcount when QEMU exited. I try to solve this problem but I'm
not familiar with MM code. So I wanna ask you guys several questions and 
hope you can give some clues:
1)If we map a foreign page(DomainU or VMX) to Domain0 through
xc_map_foreign_range, the pfn(in Domain0's memory space)which points to
the mapped mfn should not correlate with any   page structure.  Is  it
right?  I suppose it to be true. The question is when the kernel calls
unmap_page_range, it should try to call vm_normal_page on the related
pte to get the page structure. Which flag will lead vm_normal_page to
return the NULL pointer?
2)IMHO, I expect only the local mapped page, which belongs to the same
domain could be passed to page_remove_rmap and kick out the bug I met!
direct_rmap_pfn_range looks like a suscipious criminal.Is it possible?
But QEMU never used direct_rmap_pfn_range to map local page. So, I'm
really confused!
Thanks for your help!