[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2] xen: rework error handling in vcpu_create

  • To: Jan Beulich <jbeulich@xxxxxxxx>, Stewart Hildebrand <stewart.hildebrand@xxxxxxx>
  • From: Jürgen Groß <jgross@xxxxxxxx>
  • Date: Fri, 15 Aug 2025 11:39:36 +0200
  • Autocrypt: addr=jgross@xxxxxxxx; keydata= xsBNBFOMcBYBCACgGjqjoGvbEouQZw/ToiBg9W98AlM2QHV+iNHsEs7kxWhKMjrioyspZKOB ycWxw3ie3j9uvg9EOB3aN4xiTv4qbnGiTr3oJhkB1gsb6ToJQZ8uxGq2kaV2KL9650I1SJve dYm8Of8Zd621lSmoKOwlNClALZNew72NjJLEzTalU1OdT7/i1TXkH09XSSI8mEQ/ouNcMvIJ NwQpd369y9bfIhWUiVXEK7MlRgUG6MvIj6Y3Am/BBLUVbDa4+gmzDC9ezlZkTZG2t14zWPvx XP3FAp2pkW0xqG7/377qptDmrk42GlSKN4z76ELnLxussxc7I2hx18NUcbP8+uty4bMxABEB AAHNH0p1ZXJnZW4gR3Jvc3MgPGpncm9zc0BzdXNlLmNvbT7CwHkEEwECACMFAlOMcK8CGwMH CwkIBwMCAQYVCAIJCgsEFgIDAQIeAQIXgAAKCRCw3p3WKL8TL8eZB/9G0juS/kDY9LhEXseh mE9U+iA1VsLhgDqVbsOtZ/S14LRFHczNd/Lqkn7souCSoyWsBs3/wO+OjPvxf7m+Ef+sMtr0 G5lCWEWa9wa0IXx5HRPW/ScL+e4AVUbL7rurYMfwCzco+7TfjhMEOkC+va5gzi1KrErgNRHH kg3PhlnRY0Udyqx++UYkAsN4TQuEhNN32MvN0Np3WlBJOgKcuXpIElmMM5f1BBzJSKBkW0Jc Wy3h2Wy912vHKpPV/Xv7ZwVJ27v7KcuZcErtptDevAljxJtE7aJG6WiBzm+v9EswyWxwMCIO RoVBYuiocc51872tRGywc03xaQydB+9R7BHPzsBNBFOMcBYBCADLMfoA44MwGOB9YT1V4KCy vAfd7E0BTfaAurbG+Olacciz3yd09QOmejFZC6AnoykydyvTFLAWYcSCdISMr88COmmCbJzn sHAogjexXiif6ANUUlHpjxlHCCcELmZUzomNDnEOTxZFeWMTFF9Rf2k2F0Tl4E5kmsNGgtSa aMO0rNZoOEiD/7UfPP3dfh8JCQ1VtUUsQtT1sxos8Eb/HmriJhnaTZ7Hp3jtgTVkV0ybpgFg w6WMaRkrBh17mV0z2ajjmabB7SJxcouSkR0hcpNl4oM74d2/VqoW4BxxxOD1FcNCObCELfIS auZx+XT6s+CE7Qi/c44ibBMR7hyjdzWbABEBAAHCwF8EGAECAAkFAlOMcBYCGwwACgkQsN6d 1ii/Ey9D+Af/WFr3q+bg/8v5tCknCtn92d5lyYTBNt7xgWzDZX8G6/pngzKyWfedArllp0Pn fgIXtMNV+3t8Li1Tg843EXkP7+2+CQ98MB8XvvPLYAfW8nNDV85TyVgWlldNcgdv7nn1Sq8g HwB2BHdIAkYce3hEoDQXt/mKlgEGsLpzJcnLKimtPXQQy9TxUaLBe9PInPd+Ohix0XOlY+Uk QFEx50Ki3rSDl2Zt2tnkNYKUCvTJq7jvOlaPd6d/W0tZqpyy7KVay+K4aMobDsodB3dvEAs6 ScCnh03dDAFgIq5nsB11j3KPKdVoPlfucX2c7kGNH+LUMbzqV6beIENfNexkOfxHfw==
  • Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Anthony PERARD <anthony.perard@xxxxxxxxxx>, Michal Orzel <michal.orzel@xxxxxxx>, Julien Grall <julien@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Dario Faggioli <dfaggioli@xxxxxxxx>, George Dunlap <gwd@xxxxxxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
  • Delivery-date: Fri, 15 Aug 2025 09:39:46 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 05.08.25 11:49, Jan Beulich wrote:

On 05.08.2025 11:33, Stewart Hildebrand wrote:

On 8/5/25 05:17, Jan Beulich wrote:

On 05.08.2025 11:06, Stewart Hildebrand wrote:

On 8/5/25 03:44, Jan Beulich wrote:

On 04.08.2025 18:57, Stewart Hildebrand wrote:

On 8/4/25 03:57, Jan Beulich wrote:

On 01.08.2025 22:24, Stewart Hildebrand wrote:

@@ -839,6 +839,9 @@ void sched_destroy_vcpu(struct vcpu *v)
  {
      struct sched_unit *unit = v->sched_unit;
+ if ( !unit ) 
+        return;
+
      kill_timer(&v->periodic_timer);
      kill_timer(&v->singleshot_timer);
      kill_timer(&v->poll_timer);


What if it's the 2nd error path in sched_init_vcpu() that is taken?


^^ This ^^ is what I'm confused about


If sched_init_vcpu() took the indicated path,


What path? In the one I'm looking at, sched_free_unit() gets called,


Oh, I see - that wasn't quite obvious, though. Yet of course ...


setting v->sched_unit = NULL, and in that case ...


the if() you add here won't
help, and ...


... the condition is true, and ...


Then we
might take this path (just out of context here)

     if ( unit->vcpu_list == v )
     {
         rcu_read_lock(&sched_res_rculock);

         sched_remove_unit(vcpu_scheduler(v), unit);
         sched_free_udata(vcpu_scheduler(v), unit->priv);

and at least Credit1's hook doesn't look to be safe against being passed NULL.
(Not to speak of the risk of unit->priv being used elsewhere while cleaning
up.)


... this latter part of my remark still applies. IOW I continue to think
that discussing the correctness of this change needs to be extended.
Unless of course a scheduler maintainer wants to ack it as is.


It doesn't apply.

vcpus of normal domains (i.e. not the idle domain) are created in sequential
order. If the 2nd error path of sched_init_vcpu() is taken, this means we
are handling the first vcpu of the unit. In this case sched_free_unit() will
free the unit itself completely, so the path you are referring to can't be
reached.

I think only Andrew's comments need to be worked on.


Juergen

Attachment: OpenPGP_0xB0DE9DD628BF132F.asc
Description: OpenPGP public key

Attachment: OpenPGP_signature.asc
Description: OpenPGP digital signature

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.