From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <dev-bounces@dpdk.org>
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id E7EB7433D7;
	Mon, 27 Nov 2023 02:31:13 +0100 (CET)
Received: from mails.dpdk.org (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id 41FA5402A3;
	Mon, 27 Nov 2023 02:31:13 +0100 (CET)
Received: from mgamail.intel.com (mgamail.intel.com [134.134.136.31])
 by mails.dpdk.org (Postfix) with ESMTP id CDB264025E
 for <dev@dpdk.org>; Mon, 27 Nov 2023 02:31:11 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
 d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
 t=1701048672; x=1732584672;
 h=from:cc:subject:date:message-id:references:in-reply-to:
 content-transfer-encoding:mime-version;
 bh=GL9tuhmRmStQXnZDXZp287Fnf0XGcvrJpPNjAj4Vfyw=;
 b=JjCnN+VnwIR72vBd//mOQ6TvvNs1/Sw1r/N53YimH6pPydUejtDEqJaz
 yin0jM0SRcVYXlzY1Kx3gxbhUybV5HTnf6j88GZdJMTl6b286bv5v6ScR
 bjsVOeWhQaoHFbbl5QNXwkwewSDmUMr5+LaTT6sXjmDFX9/ieNYMUXUFi
 QaFTfiiM6rx8XvO9iL8OVzhWzZCnVjgQK0jEKLePRUWdeTxpZwagRV/dy
 GRCdr9VwY0yDC0fBZRX/26Icjto6DCKGBDYcevtcHMch3jfzlw+kexaOu
 vDOcNlioOKtCk8hyZZ447t0NnPxTHNXfeQicxKJ8BoJc4lsJiz5NQbI5N Q==;
X-IronPort-AV: E=McAfee;i="6600,9927,10906"; a="456951995"
X-IronPort-AV: E=Sophos;i="6.04,229,1695711600"; d="scan'208";a="456951995"
Received: from orsmga002.jf.intel.com ([10.7.209.21])
 by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 26 Nov 2023 17:31:10 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=McAfee;i="6600,9927,10906"; a="768016558"
X-IronPort-AV: E=Sophos;i="6.04,229,1695711600"; d="scan'208";a="768016558"
Received: from fmsmsx601.amr.corp.intel.com ([10.18.126.81])
 by orsmga002.jf.intel.com with ESMTP/TLS/AES256-GCM-SHA384;
 26 Nov 2023 17:31:09 -0800
Received: from fmsmsx611.amr.corp.intel.com (10.18.126.91) by
 fmsmsx601.amr.corp.intel.com (10.18.126.81) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.2507.34; Sun, 26 Nov 2023 17:31:08 -0800
Received: from fmsmsx601.amr.corp.intel.com (10.18.126.81) by
 fmsmsx611.amr.corp.intel.com (10.18.126.91) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.2507.34; Sun, 26 Nov 2023 17:31:08 -0800
Received: from fmsedg602.ED.cps.intel.com (10.1.192.136) by
 fmsmsx601.amr.corp.intel.com (10.18.126.81) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.2507.34 via Frontend Transport; Sun, 26 Nov 2023 17:31:08 -0800
Received: from NAM10-DM6-obe.outbound.protection.outlook.com (104.47.58.101)
 by edgegateway.intel.com (192.55.55.71) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.1.2507.34; Sun, 26 Nov 2023 17:31:07 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=RYlWYKhatneNiGfb64KQj83moQpTEvAZx4JpGRNqePrshH1HHrLPdkoxO/nvUh2N4bBDEyx7Y0XU8+kQG/kGHABAFx2LMUohWmVaPzeoN5sI2XKybMa7TjNq4RQzevJfUY/nHggezpJbS54vl7Yqpfh8xNtGiyeBEcz5NNZDXHkIwUAiZOQW/0IHRjvxkqIAuA9Bqt4+JIwo6TYNfQ5OyZNRxKOzFTTCAJ5Ta7L6oidHdAT3nDVGneLDXG4GRzeFDnpAdSua5527VQNyjPDE16nv5epqDE3Fhxw4nPvpQoQWRcdXfzRduCCnk3joEJCWGGMXYbz3lTEvO42NVp/h+Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; 
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=863DlZ/jU1RMs343NwzJE25Y7I+oU8FDZGzn+/QIzgc=;
 b=QN6QiTAMLhjiEWVhCZpqTZS32V73e0E0q9RK/+drcxJuOIb3hfCs5ndtXRwWN9omnNLO91RUKVpKgx1gaBuGa0lZ9V8EP75Rb9ZykG/7ZLQkjQF3IelYBT+Z2FCnhPcnykoSJPvrCadiSfq+xRXWnMgf6DaYeE5sl4o08eT9yFy8dDtzbFQH0kHOTQf/ge6RE2pI6tYbLmLOX5IZTKRtHu8QCkZRvp+Wj0NeYuGK4qFGStdYryFcaqtksaswFhkhb8xzwG/64mliyyFUc/bvhDgq5qu8do6jRFRVvIVuD0Vx+3EK8d6m9G0BszJEjwxx42c2jjF6+mfnrvQNl55boQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com;
 dkim=pass header.d=intel.com; arc=none
Received: from PH7PR11MB5818.namprd11.prod.outlook.com (2603:10b6:510:132::11)
 by PH0PR11MB4871.namprd11.prod.outlook.com (2603:10b6:510:30::12)
 with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7025.27; Mon, 27 Nov
 2023 01:31:06 +0000
Received: from PH7PR11MB5818.namprd11.prod.outlook.com
 ([fe80::6c68:24a4:cb2f:1b29]) by PH7PR11MB5818.namprd11.prod.outlook.com
 ([fe80::6c68:24a4:cb2f:1b29%7]) with mapi id 15.20.7025.022; Mon, 27 Nov 2023
 01:31:06 +0000
From: "Li, Ming3" <ming3.li@intel.com>
CC: "dev@dpdk.org" <dev@dpdk.org>, "dmitry.kozliuk@gmail.com"
 <dmitry.kozliuk@gmail.com>, "roretzla@linux.microsoft.com"
 <roretzla@linux.microsoft.com>
Subject: RE: [PATCH v3] windows/virt2phys: fix block MDL not updated
Thread-Topic: [PATCH v3] windows/virt2phys: fix block MDL not updated
Thread-Index: AQHZ5WsF4dzJTgW/3UyF7r0YfuaZk7CN1wiA
Date: Mon, 27 Nov 2023 01:31:05 +0000
Message-ID: <PH7PR11MB5818803C0AB322C6B959D3B9DABDA@PH7PR11MB5818.namprd11.prod.outlook.com>
References: <SJ0PR11MB58144B9E5CF684570A75EE30DAF1A@SJ0PR11MB5814.namprd11.prod.outlook.com>
 <20230912111759.1502806-1-ming3.li@intel.com>
In-Reply-To: <20230912111759.1502806-1-ming3.li@intel.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
authentication-results: dkim=none (message not signed)
 header.d=none;dmarc=none action=none header.from=intel.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: PH7PR11MB5818:EE_|PH0PR11MB4871:EE_
x-ms-office365-filtering-correlation-id: f2e0729a-1471-4e52-73a2-08dbeee8866e
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: Bz9scDq3Wf4rsSELcM0w9uPHUfL2EJudx2dXksv3tu5D6QNFmyL7YB0eKN47znhnAV3B0b/+5MTyEnYDoAMRPJxN/poUAz4pxkuQN5NZKhjKcKFLFhipjz1rN+hQ1ay6pPrtixNIgyaqNE+/1V8vPmJgugn6NCd+i/b34Fgv0O+N2Wslka+Qo/QbsNhGIfSLgY0DU2gl6pJ+AQ3AiwvTO5yq6C5H7lB9kHpMam38tqSWi7i32z2786ecyYM8RInb0Lbko1ICkysjJ+EfWuaClxhXT14y6heYIucuZgpAY7cxDseJAbysDN7S05g3ad9hyoWHw3I0JT8xhivGd0MgafLDYUZj+cmg/Jf/ZMoyEgvu39oj02CYxJAu7jJtg7MyxPxHGd8bL9FYxApeY2eG8BOQtcQtFwzyBHWcyukXZ5dbIVPpyjqqP2HxMyuRetINcD4iMdIYHFU382Xd0W9NDvMMSq09mNHS1lvYXoiylw5Nookrid8c23jcD6miNHcjRcFjFjCvqC9d04gJEUSfl3RliiTqAXZBieF4ZbYsRG1TqfmUTU8fAhbxRIeeX0AE5pxrOrom3+iKSi5j5Glh+mm/VuYnJMIWuIgUIuflxEy3xwasmUQg+NiQDerPn2Sl6rIywDj5ZqRct7LUeh9duc+0Q5mAzgahfj5doDdBLmM=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:;
 IPV:NLI; SFV:NSPM; H:PH7PR11MB5818.namprd11.prod.outlook.com; PTR:; CAT:NONE;
 SFS:(13230031)(136003)(366004)(39860400002)(376002)(346002)(396003)(230273577357003)(230173577357003)(230922051799003)(1800799012)(186009)(109986022)(451199024)(64100799003)(8936002)(8676002)(4326008)(52536014)(5660300002)(76116006)(64756008)(316002)(66946007)(41300700001)(54906003)(66446008)(66476007)(66556008)(15650500001)(53546011)(9686003)(478600001)(6506007)(7696005)(71200400001)(55016003)(26005)(83380400001)(2906002)(38100700002)(86362001)(122000001)(82960400001)(38070700009)(33656002);
 DIR:OUT; SFP:1102; 
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?I3wP/8ZoBIs50cp+A8hJxmkBoQ6Sot/vP5VGyGJ+TGb0yQHHoQwkIg9TOKwV?=
 =?us-ascii?Q?xP/Kh8RvGNGFEzu2psJu/yS1lUDdEefOSPaRc2KAJILHa5FLyYazvrR5MHfN?=
 =?us-ascii?Q?rz2AFrXLoI4RVwD9YAqJ1nAfcNBbamMBouPGyYln1eraKywE60w7OOguufPN?=
 =?us-ascii?Q?KmfcP3XVx9W0i6ROmTeM/t0vu4OH2htt1rxW8GkFbc2Lg8XbjuieP7kavaDM?=
 =?us-ascii?Q?J4J0nZS8NANBWPCFFfghjdbCr0TdW1BQswhRGVzSBP/Dk0rqVKOP7402MRIY?=
 =?us-ascii?Q?5YKo4rx1iJLHItgYxdnxqENEEvCdeZPk8UXvi1SndZC+fIqS1LeZ1/NxKkOE?=
 =?us-ascii?Q?RQ3aYip6/KvX71aERyfZwbSMk8lcDoJil7WrXjgxz4UAzq6Z3vCXjfwYHeyk?=
 =?us-ascii?Q?do4nNaVYA8tF1egtqG7t1jbls++flk7LSey50XeEiObl2aGrSrOtEuMYjq2D?=
 =?us-ascii?Q?gWgmOvZPWawYgBzWiwF9kNpX01/T9/xMyP3ppnzHaTRU+m7epjz7yuwt2oNo?=
 =?us-ascii?Q?8UyrbLiWIqrbWaza8bsZDt7JJU/nvA9cGDoERMCFpCexaOzT5e+uW/JY6fOD?=
 =?us-ascii?Q?xju4xnpo9WcotsBdcyIyAEtcMJwUVWoeJn2Qpe9tzZeZ7gC5/7X1dLCMU7/V?=
 =?us-ascii?Q?IQeUz54zTXgbPpKxu8o5jFO9f/IZHmlRhMn2KvnRbNaLERpO/YnB8zOxs7Xf?=
 =?us-ascii?Q?QK9MKkMrQGVcGhW+Qy4M0vZ4WDIRWSXbc/PQL9R30gxXxhJdncIg4flFJkIS?=
 =?us-ascii?Q?2auI7r+OTntuOjDzyjf7y4lJrx/RHw3rpZO63oGyTDFTeIlD3KkXjM2dfzP1?=
 =?us-ascii?Q?/ovlSdN3Pe8hYVVAoDunA4uhf/R2yB5k/PU93mOyRCfGSUklKTmZYEF1pHSv?=
 =?us-ascii?Q?g/9gcJ1+ECsMBSiDhXctx4GG0MaZ0XJLKoWM0oKji7beau5MaNoLdg/CfI0n?=
 =?us-ascii?Q?T8d0NqYBpQk5qPWR8wOtCTWA+YBpycDOlVNoFEfYLdbOi9xJz7aZGoENEdiK?=
 =?us-ascii?Q?CKGg9LpEKFHTAEyVUxeDSHmKbhQkDTKpJOpHYFSZl3ilf3kdRc1fQiVDay6q?=
 =?us-ascii?Q?IU7JNm8WnPbRDyT9ENSXuR7CpokCWoZqvdX63C6MRsy28lgiHwJnQyFY87e4?=
 =?us-ascii?Q?ilaeBuiBBHXANQHdhX0okPEC5ogP6t6CHhcQ+YeipMBZBR3LtRAEhTR4p3UA?=
 =?us-ascii?Q?rDQIb20LliUMq3lSTUyGyGsRS2dvereTgJ7TS63cMs+pNFRhdfEzgElQ/Ubo?=
 =?us-ascii?Q?fYRgYF50VAHsssc96nOTlfyq2cYzUmpu4Z1XjRKg7zjbjJCpPLgP8M/X8VMX?=
 =?us-ascii?Q?bT9bK84whiFZw3HCKuOPj3SsP/kQ7+sO7jlbFrCtkXEl9E2IHLLNV8cpUVin?=
 =?us-ascii?Q?EDsn2g9PjAz4i5X8EuN6uAkDSjPIASU5+y/0JHcdtAi5UyYx3+lNM3yZVGvB?=
 =?us-ascii?Q?Fh29wGvj41Kbey7VKfnJWQn3QrznwMaxxeDwAkr8MsQqj5qj5oIkzc+5TGn+?=
 =?us-ascii?Q?v3ykPwOK5JQz7QReIV1rkdPuWGPoTFou1RrEm+HQqMJ72zddX0AGyRQ0sSgP?=
 =?us-ascii?Q?D/dEZyRzyB2JNXfUG+g=3D?=
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: PH7PR11MB5818.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: f2e0729a-1471-4e52-73a2-08dbeee8866e
X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Nov 2023 01:31:05.7899 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: OO0+wLDUWUiGYOpv7goLimHar+B33VvOSSaStXhQLiu0g/fKf3sO9gh38FG7sF33e/jADlaMSYdGxl+HH84LKQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR11MB4871
X-OriginatorOrg: intel.com
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

Hello,

Any update on the patch review?

Best regards,
Ming

> -----Original Message-----
> From: Li, Ming3 <ming3.li@intel.com>
> Sent: Tuesday, September 12, 2023 7:18 PM
> To: Li, Ming3 <ming3.li@intel.com>
> Cc: dev@dpdk.org; dmitry.kozliuk@gmail.com; roretzla@linux.microsoft.com
> Subject: [PATCH v3] windows/virt2phys: fix block MDL not updated
>=20
> The virt2phys_translate function previously scanned existing blocks, retu=
rning
> the physical address from the stored MDL info if present.
> This method was problematic when a virtual address pointed to a freed and
> reallocated memory segment, potentially changing the physical address
> mapping. Yet, virt2phys_translate would consistently return the originall=
y
> stored physical address, which could be invalid.
>=20
> This issue surfaced when allocating a memory region larger than 2MB using
> rte_malloc. This action would allocate a new memory segment and use virt2=
phy
> to set the IOVA. The driver would store the MDL and lock the pages initia=
lly.
> When this region was freed, the memory segment used as a whole page could
> be freed, invalidating the virtual to physical mapping. Before this fix, =
the driver
> would only return the initial physical address, leading to illegal IOVA f=
or some
> pages when allocating a new memory region larger than the hugepage size
> (2MB).
>=20
> To address this, a function to check block physical address has been adde=
d. If a
> block with the same base address is detected in the driver's context, the=
 MDL's
> physical address is compared with the real physical address. If they don'=
t
> match, the block is removed and a new one is created to store the correct
> mapping. To make the removal action clear, the list to store MDL blocks i=
s
> chenged to a double linked list.
>=20
> Also fix the printing of PVOID type.
>=20
> Bugzilla ID: 1201
> Bugzilla ID: 1213
>=20
> Signed-off-by: Ric Li <ming3.li@intel.com>
> ---
> v3:
> * Change refresh action to block removal
> * Change block list to double linked list
>=20
> v2:
> * Revert wrong usage of MmGetMdlStartVa
>=20
>  windows/virt2phys/virt2phys.c       |  7 +--
>  windows/virt2phys/virt2phys_logic.c | 70 ++++++++++++++++++++++-------
>  2 files changed, 57 insertions(+), 20 deletions(-)
>=20
> diff --git a/windows/virt2phys/virt2phys.c b/windows/virt2phys/virt2phys.=
c
> index f4d5298..b64a13d 100644
> --- a/windows/virt2phys/virt2phys.c
> +++ b/windows/virt2phys/virt2phys.c
> @@ -182,7 +182,7 @@ virt2phys_device_EvtIoInCallerContext(WDFDEVICE
> device, WDFREQUEST request)  {
>  	WDF_REQUEST_PARAMETERS params;
>  	ULONG code;
> -	PVOID *virt;
> +	PVOID *pvirt, virt;
>  	PHYSICAL_ADDRESS *phys;
>  	size_t size;
>  	NTSTATUS status;
> @@ -207,12 +207,13 @@ virt2phys_device_EvtIoInCallerContext(WDFDEVICE
> device, WDFREQUEST request)
>  	}
>=20
>  	status =3D WdfRequestRetrieveInputBuffer(
> -			request, sizeof(*virt), (PVOID *)&virt, &size);
> +			request, sizeof(*pvirt), (PVOID *)&pvirt, &size);
>  	if (!NT_SUCCESS(status)) {
>  		TraceWarning("Retrieving input buffer: %!STATUS!", status);
>  		WdfRequestComplete(request, status);
>  		return;
>  	}
> +	virt =3D *pvirt;
>=20
>  	status =3D WdfRequestRetrieveOutputBuffer(
>  		request, sizeof(*phys), (PVOID *)&phys, &size); @@ -222,7
> +223,7 @@ virt2phys_device_EvtIoInCallerContext(WDFDEVICE device,
> WDFREQUEST request)
>  		return;
>  	}
>=20
> -	status =3D virt2phys_translate(*virt, phys);
> +	status =3D virt2phys_translate(virt, phys);
>  	if (NT_SUCCESS(status))
>  		WdfRequestSetInformation(request, sizeof(*phys));
>=20
> diff --git a/windows/virt2phys/virt2phys_logic.c
> b/windows/virt2phys/virt2phys_logic.c
> index e3ff293..531f08c 100644
> --- a/windows/virt2phys/virt2phys_logic.c
> +++ b/windows/virt2phys/virt2phys_logic.c
> @@ -12,13 +12,13 @@
>  struct virt2phys_process {
>  	HANDLE id;
>  	LIST_ENTRY next;
> -	SINGLE_LIST_ENTRY blocks;
> +	LIST_ENTRY blocks;
>  	ULONG64 memory;
>  };
>=20
>  struct virt2phys_block {
>  	PMDL mdl;
> -	SINGLE_LIST_ENTRY next;
> +	LIST_ENTRY next;
>  };
>=20
>  static struct virt2phys_params g_params; @@ -69,24 +69,28 @@
> virt2phys_process_create(HANDLE process_id)
>  	struct virt2phys_process *process;
>=20
>  	process =3D ExAllocatePoolZero(NonPagedPool, sizeof(*process), 'pp2v');
> -	if (process !=3D NULL)
> +	if (process !=3D NULL) {
>  		process->id =3D process_id;
> +		InitializeListHead(&process->blocks);
> +	}
> +
>  	return process;
>  }
>=20
>  static void
>  virt2phys_process_free(struct virt2phys_process *process, BOOLEAN unmap)=
  {
> -	PSINGLE_LIST_ENTRY node;
> +	PLIST_ENTRY node, next;
>  	struct virt2phys_block *block;
>=20
>  	TraceInfo("ID =3D %p, unmap =3D %!bool!", process->id, unmap);
>=20
> -	node =3D process->blocks.Next;
> -	while (node !=3D NULL) {
> +	for (node =3D process->blocks.Flink; node !=3D &process->blocks; node =
=3D
> next) {
> +		next =3D node->Flink;
>  		block =3D CONTAINING_RECORD(node, struct virt2phys_block,
> next);
> -		node =3D node->Next;
> -		virt2phys_block_free(block, unmap);
> +		RemoveEntryList(&block->next);
> +
> +		virt2phys_block_free(block, TRUE);
>  	}
>=20
>  	ExFreePool(process);
> @@ -109,10 +113,10 @@ virt2phys_process_find(HANDLE process_id)  static
> struct virt2phys_block *  virt2phys_process_find_block(struct virt2phys_p=
rocess
> *process, PVOID virt)  {
> -	PSINGLE_LIST_ENTRY node;
> +	PLIST_ENTRY node;
>  	struct virt2phys_block *cur;
>=20
> -	for (node =3D process->blocks.Next; node !=3D NULL; node =3D node->Next=
) {
> +	for (node =3D process->blocks.Flink; node !=3D &process->blocks; node =
=3D
> +node->Flink) {
>  		cur =3D CONTAINING_RECORD(node, struct virt2phys_block,
> next);
>  		if (cur->mdl->StartVa =3D=3D virt)
>  			return cur;
> @@ -182,7 +186,7 @@ virt2phys_process_cleanup(HANDLE process_id)  }
>=20
>  static struct virt2phys_block *
> -virt2phys_find_block(HANDLE process_id, void *virt,
> +virt2phys_find_block(HANDLE process_id, PVOID virt,
>  	struct virt2phys_process **process)
>  {
>  	PLIST_ENTRY node;
> @@ -244,13 +248,13 @@ virt2phys_add_block(struct virt2phys_process
> *process,
>  		return STATUS_QUOTA_EXCEEDED;
>  	}
>=20
> -	PushEntryList(&process->blocks, &block->next);
> +	InsertHeadList(&process->blocks, &block->next);
>  	process->memory +=3D size;
>  	return STATUS_SUCCESS;
>  }
>=20
>  static NTSTATUS
> -virt2phys_query_memory(void *virt, void **base, size_t *size)
> +virt2phys_query_memory(PVOID virt, PVOID *base, size_t *size)
>  {
>  	MEMORY_BASIC_INFORMATION info;
>  	SIZE_T info_size;
> @@ -321,7 +325,7 @@ virt2phys_check_memory(PMDL mdl)  }
>=20
>  static NTSTATUS
> -virt2phys_lock_memory(void *virt, size_t size, PMDL *mdl)
> +virt2phys_lock_memory(PVOID virt, size_t size, PMDL *mdl)
>  {
>  	*mdl =3D IoAllocateMdl(virt, (ULONG)size, FALSE, FALSE, NULL);
>  	if (*mdl =3D=3D NULL)
> @@ -346,12 +350,35 @@ virt2phys_unlock_memory(PMDL mdl)
>  	IoFreeMdl(mdl);
>  }
>=20
> +static BOOLEAN
> +virt2phys_is_valid_block(struct virt2phys_block *block, PVOID base) {
> +	/*
> +	 * Check if MDL in block stores the valid physical address.
> +	 * The virtual to physical memory mapping may be changed when the
> +	 * virtual memory region is freed by the user process and malloc again,
> +	 * then we need to remove the block and create a new one.
> +	 */
> +	PHYSICAL_ADDRESS block_phys, real_phys;
> +
> +	block_phys =3D virt2phys_block_translate(block, base);
> +	real_phys =3D MmGetPhysicalAddress(base);
> +
> +	if (block_phys.QuadPart =3D=3D real_phys.QuadPart)
> +		return TRUE;
> +
> +	TraceWarning("VA =3D %p, invalid block physical address %llx, valid
> address %llx",
> +		base, block_phys.QuadPart, real_phys.QuadPart);
> +
> +	return FALSE;
> +}
> +
>  NTSTATUS
>  virt2phys_translate(PVOID virt, PHYSICAL_ADDRESS *phys)  {
>  	PMDL mdl;
>  	HANDLE process_id;
> -	void *base;
> +	PVOID base;
>  	size_t size;
>  	struct virt2phys_process *process;
>  	struct virt2phys_block *block;
> @@ -371,8 +398,17 @@ virt2phys_translate(PVOID virt, PHYSICAL_ADDRESS
> *phys)
>=20
>  	/* Don't lock the same memory twice. */
>  	if (block !=3D NULL) {
> -		*phys =3D virt2phys_block_translate(block, virt);
> -		return STATUS_SUCCESS;
> +		if (virt2phys_is_valid_block(block, base)) {
> +			*phys =3D virt2phys_block_translate(block, virt);
> +			return STATUS_SUCCESS;
> +		}
> +		/* Remove the invalid block. */
> +		KeAcquireSpinLock(g_lock, &irql);
> +		RemoveEntryList(&block->next);
> +		process->memory -=3D MmGetMdlByteCount(block->mdl);
> +		KeReleaseSpinLock(g_lock, irql);
> +
> +		virt2phys_block_free(block, TRUE);
>  	}
>=20
>  	status =3D virt2phys_lock_memory(base, size, &mdl);
> --
> 2.40.1.windows.1