From mboxrd@z Thu Jan  1 00:00:00 1970
From: Marcelo Tosatti <mtosatti@redhat.com>
Subject: Re: [PATCH] do not free active mmu pages in free_mmu_pages()
Date: Mon, 16 Mar 2009 18:01:52 -0300
Message-ID: <20090316210152.GA5077@amt.cnet>
References: <20090311100755.GA19724@redhat.com> <20090316201533.GA4477@amt.cnet> <20090316203401.GB7898@redhat.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Cc: avi@redhat.com, marcelo@redhat.com, kvm@vger.kernel.org
To: Gleb Natapov <gleb@redhat.com>
Return-path: <kvm-owner@vger.kernel.org>
Received: from mx2.redhat.com ([66.187.237.31]:55467 "EHLO mx2.redhat.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1754109AbZCPVC6 (ORCPT <rfc822;kvm@vger.kernel.org>);
	Mon, 16 Mar 2009 17:02:58 -0400
Received: from int-mx2.corp.redhat.com (int-mx2.corp.redhat.com [172.16.27.26])
	by mx2.redhat.com (8.13.8/8.13.8) with ESMTP id n2GL2vOx027220
	for <kvm@vger.kernel.org>; Mon, 16 Mar 2009 17:02:57 -0400
Content-Disposition: inline
In-Reply-To: <20090316203401.GB7898@redhat.com>
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

On Mon, Mar 16, 2009 at 10:34:01PM +0200, Gleb Natapov wrote:
> > Doesnt the vm shutdown path rely on the while loop you removed to free
> > all shadow pages before freeing the mmu kmem caches, if mmu notifiers
> > is disabled?
> > 
> Shouldn't mmu_free_roots() on all vcpus clear all mmu pages?

No. It only zaps the present root on every vcpu, but not 
the children.

> > And how harmful is that loop? Zaps the entire cache on cpu hotunplug?
> > 
> KVM doesn't support vcpu destruction, but destruction is called anyway
> on various error conditions. The one that easy to trigger is to create
> vcpu with the same id simultaneously from two threads. The result is
> OOPs in random places.

mmu_lock should be held there, and apparently it is not.