From mboxrd@z Thu Jan  1 00:00:00 1970
From: Keir Fraser <keir.fraser@eu.citrix.com>
Subject: Re: Sixth (and final?) release candidate for Xen 3.4.3
Date: Wed, 12 May 2010 20:21:20 +0100
Message-ID: <C810BE40.14148%keir.fraser@eu.citrix.com>
References: <C872CBF75AC4BE4093DF425DEA49BA08061FFF370A@sausexmbp02.amd.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xensource.com>
In-Reply-To: <C872CBF75AC4BE4093DF425DEA49BA08061FFF370A@sausexmbp02.amd.com>
List-Unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xensource.com>
List-Help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-Subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
Sender: xen-devel-bounces@lists.xensource.com
Errors-To: xen-devel-bounces@lists.xensource.com
To: "Langsdorf, Mark" <mark.langsdorf@amd.com>
Cc: "xen-devel@lists.xensource.com" <xen-devel@lists.xensource.com>
List-Id: xen-devel@lists.xenproject.org

On 12/05/2010 18:50, "Langsdorf, Mark" <mark.langsdorf@amd.com> wrote:

> Sometimes, on the new 6-core processors, the powernow.c
> driver call:
> 
>     on_selected_cpus(&cmd.mask, transition_pstate, &cmd, 0);

Since you specify '0' for the final 'wait' parameter of on_selected_cpus(),
the call can return before transition_pstate() has finished executing on all
the requested CPUs. Hence the calling function (powernow_cpufreq_target) can
exit early, and 'cmd' becomes invalid as it is allocated in the function's
stack frame.

The fix is simply to specify '1' for the final parameter of
on_selected_cpus(). I will apply the fix to all trees and also have a quick
audit that all other callers who specify '0' really mean to.

 -- Keir