[Xen-devel] [PATCH 2/2] xen: xenbus: WARN_ON XS_TRANSACTION_{START, END} misuse

Simon Gaiser Wed, 07 Feb 2018 14:25:36 -0800

As the previous commit shows it's quite easy to confuse the transaction
reference counting by ending a transaction twice. So at least try to
detect and report it.


Signed-off-by: Simon Gaiser <si...@invisiblethingslab.com>
---
 drivers/xen/xenbus/xenbus_xs.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/drivers/xen/xenbus/xenbus_xs.c b/drivers/xen/xenbus/xenbus_xs.c
index 3e59590c7254..aed954b09b9b 100644
--- a/drivers/xen/xenbus/xenbus_xs.c
+++ b/drivers/xen/xenbus/xenbus_xs.c
@@ -137,11 +137,20 @@ static uint32_t xs_request_enter(struct xb_req_data *req)
 
 void xs_request_exit(struct xb_req_data *req)
 {
+       unsigned int users_old;
+
        spin_lock(&xs_state_lock);
+       users_old = xs_state_users;
        xs_state_users--;
        if ((req->type == XS_TRANSACTION_START && req->msg.type == XS_ERROR) ||
            req->type == XS_TRANSACTION_END)
                xs_state_users--;
+       if (WARN_ON(xs_state_users > users_old))
+               /*
+                * Someone misused XS_TRANSACTION_{START,END}. Reset the
+                * reference counter so we might survive.
+                */
+               xs_state_users = 0;
        spin_unlock(&xs_state_lock);
 
        if (xs_suspend_active && !xs_state_users)
-- 
2.15.1


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel

[Xen-devel] [PATCH 2/2] xen: xenbus: WARN_ON XS_TRANSACTION_{START, END} misuse

Reply via email to