On Tue, 2024-06-25 at 13:43 +0800, Yan Zhao wrote: > > > > I was originally suspicious of the asymmetry of the tear down of mirror > > > > and > > > > direct roots vs the allocation. Do you see a concrete problem, or just > > > > advocating for safety? > > IMO it's a concrete problem, though rare up to now. e.g. > > > > After repeatedly hot-plugping and hot-unplugping memory, which increases > > memslots generation, kvm_mmu_zap_all_fast() will be called to invalidate > > > direct > > roots when the memslots generation wraps around. Hmm, yes. I'm not sure about putting the check there though. It adds even more confusion to the lifecycle. - mirror_root_hpa != INVALID_PAGE check in a different placed than root.hpa != INVALID_PAGE check. - they get allocated in the same place - they are torn down in the different places. Can you think of clearer fix for it. Maybe we can just move the mirror root allocation such that it's not subjected to the reload path? Like something that matches the tear down in kvm_mmu_destroy()?
