From mboxrd@z Thu Jan  1 00:00:00 1970
From: Julien Grall <julien.grall@linaro.org>
Subject: [PATCH v2] xen/arm: vcpu: Correctly release resource
	when the VCPU failed to initialized
Date: Wed, 30 Apr 2014 20:15:55 +0100
Message-ID: <1398885355-13200-1-git-send-email-julien.grall@linaro.org>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xen.org>
Received: from mail6.bemta4.messagelabs.com ([85.158.143.247])
	by lists.xen.org with esmtp (Exim 4.72)
	(envelope-from <julien.grall@linaro.org>) id 1WfZzA-0007bb-6B
	for xen-devel@lists.xenproject.org; Wed, 30 Apr 2014 19:16:04 +0000
Received: by mail-ee0-f43.google.com with SMTP id e51so1717457eek.2
	for <xen-devel@lists.xenproject.org>;
	Wed, 30 Apr 2014 12:16:02 -0700 (PDT)
List-Unsubscribe: <http://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <http://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Sender: xen-devel-bounces@lists.xen.org
Errors-To: xen-devel-bounces@lists.xen.org
To: xen-devel@lists.xenproject.org
Cc: stefano.stabellini@citrix.com, Julien Grall <julien.grall@linaro.org>, tim@xen.org, ian.campbell@citrix.com
List-Id: xen-devel@lists.xenproject.org

While I was adding new failing code at the end of the function, I've noticed
that the vtimers are not freed which mess all the timers and will crash Xen
quickly when the page will be reused.

Currently neither vcpu_vgic_init nor vcpu_vtimer_init fail, so we
are safe for now. With the new GICv3 code, the former function will be able
to fail. This will result to a memory leak.

Call vcpu_destroy if the initialization has failed. We also need to add a
boolean to know if the vtimers are correctly setup as the timer common code
doesn't have safe guard against removing non-initialized timer.

Signed-off-by: Julien Grall <julien.grall@linaro.org>

---
    Changes in v2:
        - Update commit message
---
 xen/arch/arm/domain.c        |    8 ++++++--
 xen/arch/arm/vtimer.c        |    5 +++++
 xen/include/asm-arm/domain.h |    1 +
 3 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/xen/arch/arm/domain.c b/xen/arch/arm/domain.c
index ccccb77..c47db4a 100644
--- a/xen/arch/arm/domain.c
+++ b/xen/arch/arm/domain.c
@@ -468,12 +468,16 @@ int vcpu_initialise(struct vcpu *v)
     processor_vcpu_initialise(v);
 
     if ( (rc = vcpu_vgic_init(v)) != 0 )
-        return rc;
+        goto fail;
 
     if ( (rc = vcpu_vtimer_init(v)) != 0 )
-        return rc;
+        goto fail;
 
     return rc;
+
+fail:
+    vcpu_destroy(v);
+    return rc;
 }
 
 void vcpu_destroy(struct vcpu *v)
diff --git a/xen/arch/arm/vtimer.c b/xen/arch/arm/vtimer.c
index cb690bb..c515e7e 100644
--- a/xen/arch/arm/vtimer.c
+++ b/xen/arch/arm/vtimer.c
@@ -77,11 +77,16 @@ int vcpu_vtimer_init(struct vcpu *v)
         : GUEST_TIMER_VIRT_PPI;
     t->v = v;
 
+    v->arch.vtimer_initialized = 1;
+
     return 0;
 }
 
 void vcpu_timer_destroy(struct vcpu *v)
 {
+    if ( !v->arch.vtimer_initialized )
+        return;
+
     kill_timer(&v->arch.virt_timer.timer);
     kill_timer(&v->arch.phys_timer.timer);
 }
diff --git a/xen/include/asm-arm/domain.h b/xen/include/asm-arm/domain.h
index ec66a4e..1be3da2 100644
--- a/xen/include/asm-arm/domain.h
+++ b/xen/include/asm-arm/domain.h
@@ -285,6 +285,7 @@ struct arch_vcpu
 
     struct vtimer phys_timer;
     struct vtimer virt_timer;
+    bool_t vtimer_initialized;
 }  __cacheline_aligned;
 
 void vcpu_show_execution_state(struct vcpu *);
-- 
1.7.10.4