As the previous commit shows it's quite easy to confuse the transaction reference counting by ending a transaction twice. So at least try to detect and report it.
Signed-off-by: Simon Gaiser <si...@invisiblethingslab.com> --- drivers/xen/xenbus/xenbus_xs.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/drivers/xen/xenbus/xenbus_xs.c b/drivers/xen/xenbus/xenbus_xs.c index 3e59590c7254..aed954b09b9b 100644 --- a/drivers/xen/xenbus/xenbus_xs.c +++ b/drivers/xen/xenbus/xenbus_xs.c @@ -137,11 +137,20 @@ static uint32_t xs_request_enter(struct xb_req_data *req) void xs_request_exit(struct xb_req_data *req) { + unsigned int users_old; + spin_lock(&xs_state_lock); + users_old = xs_state_users; xs_state_users--; if ((req->type == XS_TRANSACTION_START && req->msg.type == XS_ERROR) || req->type == XS_TRANSACTION_END) xs_state_users--; + if (WARN_ON(xs_state_users > users_old)) + /* + * Someone misused XS_TRANSACTION_{START,END}. Reset the + * reference counter so we might survive. + */ + xs_state_users = 0; spin_unlock(&xs_state_lock); if (xs_suspend_active && !xs_state_users) -- 2.15.1 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel