From mboxrd@z Thu Jan  1 00:00:00 1970
From: Julien Grall <julien.grall@linaro.org>
Subject: Re: [PATCH V2] xen: Check if the range is valid in
	init_domheap_pages
Date: Wed, 13 Nov 2013 13:34:36 +0000
Message-ID: <52837FEC.9000001@linaro.org>
References: <1384348525-3230-1-git-send-email-julien.grall@linaro.org>
	<1384348984.5406.107.camel@kazak.uk.xensource.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xen.org>
Received: from mail6.bemta5.messagelabs.com ([195.245.231.135])
	by lists.xen.org with esmtp (Exim 4.72)
	(envelope-from <julien.grall@linaro.org>) id 1Vgaag-00009R-Sl
	for xen-devel@lists.xenproject.org; Wed, 13 Nov 2013 13:34:43 +0000
Received: by mail-la0-f41.google.com with SMTP id hp15so352365lab.28
	for <xen-devel@lists.xenproject.org>;
	Wed, 13 Nov 2013 05:34:39 -0800 (PST)
In-Reply-To: <1384348984.5406.107.camel@kazak.uk.xensource.com>
List-Unsubscribe: <http://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <http://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Sender: xen-devel-bounces@lists.xen.org
Errors-To: xen-devel-bounces@lists.xen.org
To: Ian Campbell <Ian.Campbell@citrix.com>
Cc: Keir Fraser <keir@xen.org>, stefano.stabellini@eu.citrix.com, patches@linaro.org, tim@xen.org, Jan Beulich <jbeulich@suse.com>, xen-devel@lists.xenproject.org
List-Id: xen-devel@lists.xenproject.org



On 11/13/2013 01:23 PM, Ian Campbell wrote:
> On Wed, 2013-11-13 at 13:15 +0000, Julien Grall wrote:
>> On ARM, when an initrd is given to xen by U-boot, it will reserve the memory in
>> the device tree.
>> In this case, when xen decides to free unused memory, dt_unreserved_regions
>> will call init_domheap_pages with the start and the end of range equals. But
>> the latter assumes that (start > end), if not Xen will hang because the
>> number of pages is equals to (unsigned)-1.
>>
>> Signed-off-by: Julien Grall <julien.grall@linaro.org>
>> CC: Keir Fraser <keir@xen.org>
>> CC: Jan Beulich <jbeulich@suse.com>
>>
>> ---
>>      Changes in v2:
>>          - Change commit title
>>          - Move the check in init_domheap_pages
>> ---
>>   xen/common/page_alloc.c | 3 +++
>>   1 file changed, 3 insertions(+)
>>
>> diff --git a/xen/common/page_alloc.c b/xen/common/page_alloc.c
>> index 4c17fbd..10f67a1 100644
>> --- a/xen/common/page_alloc.c
>> +++ b/xen/common/page_alloc.c
>> @@ -1429,6 +1429,9 @@ void init_domheap_pages(paddr_t ps, paddr_t pe)
>>       smfn = round_pgup(ps) >> PAGE_SHIFT;
>>       emfn = round_pgdown(pe) >> PAGE_SHIFT;
>>
>> +    if ( smfn <= emfn )
>
> You've got this backwards I think.

Oh right, I will fix it in the next version.

>
>> +        return;
>> +
>>       init_heap_pages(mfn_to_page(smfn), emfn - smfn);
>>   }
>>
>
>

-- 
Julien Grall