From: Andrew Cooper <andrew.cooper3@citrix.com>
To: Nathan Studer <nate.studer@dornerworks.com>
Cc: george.dunlap@eu.citrix.com, smartin@milliways.cl,
robert.vanvossen@dornerworks.com, xen-devel@lists.xen.org
Subject: Re: [PATCH 2/2] Fix NULL pointer dereference in ARINC653 free_vdata.
Date: Fri, 1 Nov 2013 13:56:48 +0000 [thread overview]
Message-ID: <5273B320.6070201@citrix.com> (raw)
In-Reply-To: <1383252473-3067-3-git-send-email-nate.studer@dornerworks.com>
On 31/10/13 20:47, Nathan Studer wrote:
> From: Nathan Studer <nate.studer@dornerworks.com>
>
> The ARINC653 scheduler alloc_vdata function does not add the
> idle cpu to its internal vcpu_list, but when the free_vdata
> function is called, the scheduler attempted to remove the vcpu
> from its internal vcpu_list, regardless of whether or not
> the vcpu was the idle vcpu. Since the idle vcpu's list field
> was never initialized, a NULL pointer was passed to list_del.
>
> When using cpupools, this resulted in a crash when moving a cpu
> from an arinc653 scheduler pool.
>
> Signed-off-by: Nathan Studer <nate.studer@dornerworks.com>
This again looks sane, but can't it logically be merged with the
previous patch? Both of the patches are "dont break on
{alloc,free}_vdata when using cpupools"
I guess this is a matter of taste.
~Andrew
> ---
> xen/common/sched_arinc653.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/xen/common/sched_arinc653.c b/xen/common/sched_arinc653.c
> index a1d9443..8a5bd9c 100644
> --- a/xen/common/sched_arinc653.c
> +++ b/xen/common/sched_arinc653.c
> @@ -418,7 +418,9 @@ a653sched_free_vdata(const struct scheduler *ops, void *priv)
> if (av == NULL)
> return;
>
> - list_del(&av->list);
> + if ( !is_idle_vcpu(av->vc) )
> + list_del(&av->list);
> +
> xfree(av);
> update_schedule_vcpus(ops);
> }
next prev parent reply other threads:[~2013-11-01 13:56 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-10-31 20:47 [PATCH 0/2] Fix crashes with arinc653 cpupools Nathan Studer
2013-10-31 20:47 ` [PATCH 1/2] Fix sched_priv corruption in ARINC653 alloc_vdata Nathan Studer
2013-11-01 13:53 ` Andrew Cooper
2013-11-03 23:07 ` Nate Studer
2013-11-04 15:49 ` George Dunlap
2013-10-31 20:47 ` [PATCH 2/2] Fix NULL pointer dereference in ARINC653 free_vdata Nathan Studer
2013-11-01 13:56 ` Andrew Cooper [this message]
2013-11-01 14:13 ` George Dunlap
2013-11-01 14:17 ` Andrew Cooper
2013-11-03 23:01 ` Nate Studer
2013-11-04 10:46 ` George Dunlap
2013-11-04 10:55 ` Ian Campbell
2013-11-04 15:15 ` Jan Beulich
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5273B320.6070201@citrix.com \
--to=andrew.cooper3@citrix.com \
--cc=george.dunlap@eu.citrix.com \
--cc=nate.studer@dornerworks.com \
--cc=robert.vanvossen@dornerworks.com \
--cc=smartin@milliways.cl \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.