[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [XenPPC] Re: [PATCH] Fix BUG in alloc_heap_pages
This is an important find, it may require an audit of uses list_del where its use is not immediately by some form of destruction of the containing object. -JX On Sep 21, 2006, at 6:21 PM, Amos Waterland wrote: I believe it is the case that if the last element of a list is deleted with list_del(), and then the list is scanned with list_empty(), undefined results can occur. The following patch fixes a BUG that triggers on one of my blades that has 8 GB of RAM. I believe that the failing sequence is that when alloc_heap_pages happens to exhaust a zone list and does a list_del on the last element and returns, and then the next call to the same function looks through the same list and decides that it is not empty and tries to do a list_del, which triggers the BUG I am seeing. Thanks to Jimi Xenidis for tracking this down. Signed-off-by: Jimi Xenidis <jimix@xxxxxxxxxxxxxx> Acked-by: Amos Waterland <apw@xxxxxxxxxx> --- page_alloc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff -r 5418062d2da8 xen/common/page_alloc.c --- a/xen/common/page_alloc.c Tue Sep 19 11:26:00 2006 -0500 +++ b/xen/common/page_alloc.c Thu Sep 21 17:38:41 2006 -0400 @@ -313,7 +313,7 @@ struct page_info *alloc_heap_pages(unsig found: pg = list_entry(heap[zone][i].next, struct page_info, list); - list_del(&pg->list); + list_del_init(&pg->list); /* We may have to halve the chunk a number of times. */ while ( i != order ) _______________________________________________ Xen-ppc-devel mailing list Xen-ppc-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-ppc-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |