diff --git a/xen/arch/x86/mm.c b/xen/arch/x86/mm.c --- a/xen/arch/x86/mm.c +++ b/xen/arch/x86/mm.c @@ -3865,6 +3865,16 @@ int page_make_sharable(struct domain *d, spin_lock(&d->page_alloc_lock); + /* Check if the ref count is 2. The first from PGT_allocated, and the second + * from get_page at the top of this function */ + if(page->count_info != (PGC_allocated | (2 + expected_refcnt))) + { + /* Return type count back to zero */ + put_page(page); + spin_unlock(&d->page_alloc_lock); + return -E2BIG; + } + /* Change page type and count atomically */ y = page->u.inuse.type_info; nx = PGT_shared_page | PGT_validated | 1; @@ -3881,16 +3891,6 @@ int page_make_sharable(struct domain *d, y = cmpxchg(&page->u.inuse.type_info, x, nx); } while(x != y); - /* Check if the ref count is 2. The first from PGT_allocated, and the second - * from get_page at the top of this function */ - if(page->count_info != (PGC_allocated | (2 + expected_refcnt))) - { - /* Return type count back to zero */ - put_page_and_type(page); - spin_unlock(&d->page_alloc_lock); - return -E2BIG; - } - page_set_owner(page, dom_cow); d->tot_pages--; page_list_del(page, &d->page_list); diff --git a/xen/arch/x86/mm/mem_sharing.c b/xen/arch/x86/mm/mem_sharing.c --- a/xen/arch/x86/mm/mem_sharing.c +++ b/xen/arch/x86/mm/mem_sharing.c @@ -545,7 +545,7 @@ int mem_sharing_nominate_page(struct dom * it a few lines above. * The mfn needs to revert back to rw type. This should never fail, * since no-one knew that the mfn was temporarily sharable */ - ASSERT(page_make_private(d, page) == 0); + BUG_ON(page_make_private(d, page) != 0); mem_sharing_hash_destroy(hash_entry); mem_sharing_gfn_destroy(gfn_info, 0); shr_unlock(); @@ -699,7 +699,7 @@ gfn_found: unmap_domain_page(s); unmap_domain_page(t); - ASSERT(set_shared_p2m_entry(d, gfn, page_to_mfn(page)) != 0); + BUG_ON(set_shared_p2m_entry(d, gfn, page_to_mfn(page)) == 0); put_page_and_type(old_page); private_page_found: