This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


[Xen-changelog] [xen-unstable] x86: fix next->vcpu_dirty_cpumask checkin

To: xen-changelog@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-changelog] [xen-unstable] x86: fix next->vcpu_dirty_cpumask checking in context_switch()
From: Xen patchbot-unstable <patchbot-unstable@xxxxxxxxxxxxxxxxxxx>
Date: Wed, 22 Apr 2009 07:00:21 -0700
Delivery-date: Wed, 22 Apr 2009 07:01:48 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-changelog-request@lists.xensource.com?subject=help>
List-id: BK change log <xen-changelog.lists.xensource.com>
List-post: <mailto:xen-changelog@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-changelog>, <mailto:xen-changelog-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-changelog>, <mailto:xen-changelog-request@lists.xensource.com?subject=unsubscribe>
Reply-to: xen-devel@xxxxxxxxxxxxxxxxxxx
Sender: xen-changelog-bounces@xxxxxxxxxxxxxxxxxxx
# HG changeset patch
# User Keir Fraser <keir.fraser@xxxxxxxxxx>
# Date 1240235791 -3600
# Node ID 423a7f500059751e62c55f2fa5fc23f80c40b9e6
# Parent  cc2267c6d53b3831e160465d4f6959044e094fd1
x86: fix next->vcpu_dirty_cpumask checking in context_switch()

There was a timing window where flush_tlb_mask() could be called with
an empty mask (triggering a WARN_ON() in send_IPI_mask_flat() along
with APIC errors) because rather than using the already taken snapshot
of next's vcpu_dirty_cpumask struct vcpu's field was used directly,
which can get its only bit cleared by remote CPUs.

Replacing the structure field's use by the local variable then made
the inner cpus_empty() check completely redundant with the one in the
surrounding if()'s condition.

Signed-off-by: Jan Beulich <jbeulich@xxxxxxxxxx>
 xen/arch/x86/domain.c |    3 +--
 1 files changed, 1 insertion(+), 2 deletions(-)

diff -r cc2267c6d53b -r 423a7f500059 xen/arch/x86/domain.c
--- a/xen/arch/x86/domain.c     Mon Apr 20 13:48:31 2009 +0100
+++ b/xen/arch/x86/domain.c     Mon Apr 20 14:56:31 2009 +0100
@@ -1308,8 +1308,7 @@ void context_switch(struct vcpu *prev, s
     if ( unlikely(!cpu_isset(cpu, dirty_mask) && !cpus_empty(dirty_mask)) )
         /* Other cpus call __sync_lazy_execstate from flush ipi handler. */
-        if ( !cpus_empty(next->vcpu_dirty_cpumask) )
-            flush_tlb_mask(next->vcpu_dirty_cpumask);
+        flush_tlb_mask(dirty_mask);
     if ( is_hvm_vcpu(prev) && !list_empty(&prev->arch.hvm_vcpu.tm_list) )

Xen-changelog mailing list

<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-changelog] [xen-unstable] x86: fix next->vcpu_dirty_cpumask checking in context_switch(), Xen patchbot-unstable <=