diff options
| author | Keir Fraser <keir.fraser@citrix.com> | 2009-03-12 11:09:57 +0000 |
|---|---|---|
| committer | Keir Fraser <keir.fraser@citrix.com> | 2009-03-12 11:09:57 +0000 |
| commit | fb0a30b839c4dbe13fafe63c47446485e86668f7 (patch) | |
| tree | 0d17e3ad888417eff852fa72a1673a0b6882013a /tools/libxc/xc_core.c | |
| parent | 51494c865161cd0fe83910e5c00aaafbe34da23b (diff) | |
| download | xen-fb0a30b839c4dbe13fafe63c47446485e86668f7.tar.gz xen-fb0a30b839c4dbe13fafe63c47446485e86668f7.tar.bz2 xen-fb0a30b839c4dbe13fafe63c47446485e86668f7.zip | |
Domain core-dumping fixes
The code was attempting to use the domain's current number of pages
(info.nr_pages) as a maximum index. We then walk the memory map and
can easily over-write past the end of the nr_pages-sized array, if the
domain has more pages mapped in than earlier (live dump). Restrict
ourselves to the current number of pages.
Also fix the dump core method in xend to actually implement the crash
and live options. In particular this means that xend clients other
than xm now get non-live dumps by default.
Signed-off-by: John Levon <john.levon@sun.com>
Diffstat (limited to 'tools/libxc/xc_core.c')
| -rw-r--r-- | tools/libxc/xc_core.c | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/tools/libxc/xc_core.c b/tools/libxc/xc_core.c index a7fd1647f3..ef1e8dd7a1 100644 --- a/tools/libxc/xc_core.c +++ b/tools/libxc/xc_core.c @@ -518,7 +518,17 @@ xc_domain_dumpcore_via_callback(int xc_handle, if ( sts != 0 ) goto out; + /* + * Note: this is the *current* number of pages and may change under + * a live dump-core. We'll just take this value, and if more pages + * exist, we'll skip them. If there's less, then we'll just not use + * all the array... + * + * We don't want to use the total potential size of the memory map + * since that is usually much higher than info.nr_pages. + */ nr_pages = info.nr_pages; + if ( !auto_translated_physmap ) { /* obtain p2m table */ |