From mboxrd@z Thu Jan 1 00:00:00 1970 From: Ian Campbell Subject: Re: [PATCH for-4.5] libxc: fix mmap leak in xc_unmap_domain_meminfo/xc_map_domain_meminfo Date: Thu, 2 Oct 2014 15:22:18 +0100 Message-ID: <1412259738.17146.23.camel@citrix.com> References: <1412170536-9028-1-git-send-email-vkuznets@redhat.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1XZhH3-00008V-N2 for xen-devel@lists.xenproject.org; Thu, 02 Oct 2014 14:22:29 +0000 In-Reply-To: <1412170536-9028-1-git-send-email-vkuznets@redhat.com> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xen.org Errors-To: xen-devel-bounces@lists.xen.org To: Vitaly Kuznetsov Cc: xen-devel@lists.xenproject.org, Dario Faggioli , Andrew Jones List-Id: xen-devel@lists.xenproject.org On Wed, 2014-10-01 at 15:35 +0200, Vitaly Kuznetsov wrote: > xc_unmap_domain_meminfo uses P2M_FLL_ENTRIES macro instead of P2M_FL_ENTRIES. > Moreover, P2M_FL_ENTRIES macro uses (dinfo->p2m_size) which is always 0 here > as we don't initialize it. The result is that we always unmap just 1 frame. > > xc_map_domain_meminfo uses P2M_FLL_ENTRIES macro instead of P2M_FL_ENTRIES > on failure path. > > The issue went unnoticed mostly because we use unmap_domain_meminfo and > xc_map_domain_meminfo in one-shot xen-mfndump and xen-hptool (through > xc_exchange_page()) tools. When used is long-running apps (e.g. in xl) > domains become zombies after their death. > > Signed-off-by: Vitaly Kuznetsov Good catch. Acked-by: Ian Campbell and applied, thanks!