https://github.com/torvalds/linux
Revision 3366cdb6d350d95466ee430ac50f3c8415ca8f46 authored by Olaf Hering on 07 September 2018, 14:31:35 UTC, committed by Boris Ostrovsky on 14 September 2018, 12:51:10 UTC
The command 'xl vcpu-set 0 0', issued in dom0, will crash dom0: BUG: unable to handle kernel NULL pointer dereference at 00000000000002d8 PGD 0 P4D 0 Oops: 0000 [#1] PREEMPT SMP NOPTI CPU: 7 PID: 65 Comm: xenwatch Not tainted 4.19.0-rc2-1.ga9462db-default #1 openSUSE Tumbleweed (unreleased) Hardware name: Intel Corporation S5520UR/S5520UR, BIOS S5500.86B.01.00.0050.050620101605 05/06/2010 RIP: e030:device_offline+0x9/0xb0 Code: 77 24 00 e9 ce fe ff ff 48 8b 13 e9 68 ff ff ff 48 8b 13 e9 29 ff ff ff 48 8b 13 e9 ea fe ff ff 90 66 66 66 66 90 41 54 55 53 <f6> 87 d8 02 00 00 01 0f 85 88 00 00 00 48 c7 c2 20 09 60 81 31 f6 RSP: e02b:ffffc90040f27e80 EFLAGS: 00010203 RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 RDX: ffff8801f3800000 RSI: ffffc90040f27e70 RDI: 0000000000000000 RBP: 0000000000000000 R08: ffffffff820e47b3 R09: 0000000000000000 R10: 0000000000007ff0 R11: 0000000000000000 R12: ffffffff822e6d30 R13: dead000000000200 R14: dead000000000100 R15: ffffffff8158b4e0 FS: 00007ffa595158c0(0000) GS:ffff8801f39c0000(0000) knlGS:0000000000000000 CS: e033 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00000000000002d8 CR3: 00000001d9602000 CR4: 0000000000002660 Call Trace: handle_vcpu_hotplug_event+0xb5/0xc0 xenwatch_thread+0x80/0x140 ? wait_woken+0x80/0x80 kthread+0x112/0x130 ? kthread_create_worker_on_cpu+0x40/0x40 ret_from_fork+0x3a/0x50 This happens because handle_vcpu_hotplug_event is called twice. In the first iteration cpu_present is still true, in the second iteration cpu_present is false which causes get_cpu_device to return NULL. In case of cpu#0, cpu_online is apparently always true. Fix this crash by checking if the cpu can be hotplugged, which is false for a cpu that was just removed. Also check if the cpu was actually offlined by device_remove, otherwise leave the cpu_present state as it is. Rearrange to code to do all work with device_hotplug_lock held. Signed-off-by: Olaf Hering <olaf@aepfle.de> Reviewed-by: Juergen Gross <jgross@suse.com> Signed-off-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
1 parent 197ecb3
Tip revision: 3366cdb6d350d95466ee430ac50f3c8415ca8f46 authored by Olaf Hering on 07 September 2018, 14:31:35 UTC
xen: avoid crash in disable_hotplug_cpu
xen: avoid crash in disable_hotplug_cpu
Tip revision: 3366cdb
| File | Mode | Size |
|---|---|---|
| basic | ||
| coccinelle | ||
| dtc | ||
| gcc-plugins | ||
| gdb | ||
| genksyms | ||
| kconfig | ||
| ksymoops | ||
| mod | ||
| package | ||
| selinux | ||
| tracing | ||
| .gitignore | -rw-r--r-- | 168 bytes |
| Kbuild.include | -rw-r--r-- | 15.2 KB |
| Kconfig.include | -rw-r--r-- | 871 bytes |
| Lindent | -rwxr-xr-x | 502 bytes |
| Makefile | -rw-r--r-- | 1.6 KB |
| Makefile.asm-generic | -rw-r--r-- | 1.2 KB |
| Makefile.build | -rw-r--r-- | 18.9 KB |
| Makefile.clean | -rw-r--r-- | 2.8 KB |
| Makefile.dtbinst | -rw-r--r-- | 1.1 KB |
| Makefile.extrawarn | -rw-r--r-- | 2.7 KB |
| Makefile.gcc-plugins | -rw-r--r-- | 1.9 KB |
| Makefile.headersinst | -rw-r--r-- | 4.0 KB |
| Makefile.host | -rw-r--r-- | 6.3 KB |
| Makefile.kasan | -rw-r--r-- | 1.4 KB |
| Makefile.kcov | -rw-r--r-- | 319 bytes |
| Makefile.lib | -rw-r--r-- | 14.6 KB |
| Makefile.modbuiltin | -rw-r--r-- | 1.7 KB |
| Makefile.modinst | -rw-r--r-- | 1.1 KB |
| Makefile.modpost | -rw-r--r-- | 5.3 KB |
| Makefile.modsign | -rw-r--r-- | 897 bytes |
| Makefile.ubsan | -rw-r--r-- | 926 bytes |
| adjust_autoksyms.sh | -rwxr-xr-x | 2.9 KB |
| asn1_compiler.c | -rw-r--r-- | 35.5 KB |
| bin2c.c | -rw-r--r-- | 743 bytes |
| bloat-o-meter | -rwxr-xr-x | 3.2 KB |
| bootgraph.pl | -rwxr-xr-x | 6.3 KB |
| bpf_helpers_doc.py | -rwxr-xr-x | 15.5 KB |
| cc-can-link.sh | -rwxr-xr-x | 166 bytes |
| check_00index.sh | -rwxr-xr-x | 1.3 KB |
| check_extable.sh | -rwxr-xr-x | 4.9 KB |
| checkincludes.pl | -rwxr-xr-x | 1.9 KB |
| checkkconfigsymbols.py | -rwxr-xr-x | 15.5 KB |
| checkpatch.pl | -rwxr-xr-x | 195.0 KB |
| checkstack.pl | -rwxr-xr-x | 5.2 KB |
| checksyscalls.sh | -rwxr-xr-x | 5.7 KB |
| checkversion.pl | -rwxr-xr-x | 1.9 KB |
| clang-version.sh | -rwxr-xr-x | 636 bytes |
| cleanfile | -rwxr-xr-x | 3.5 KB |
| cleanpatch | -rwxr-xr-x | 5.1 KB |
| coccicheck | -rwxr-xr-x | 7.2 KB |
| config | -rwxr-xr-x | 4.5 KB |
| conmakehash.c | -rw-r--r-- | 6.0 KB |
| const_structs.checkpatch | -rw-r--r-- | 964 bytes |
| decode_stacktrace.sh | -rwxr-xr-x | 3.7 KB |
| decodecode | -rwxr-xr-x | 2.5 KB |
| depmod.sh | -rwxr-xr-x | 1.3 KB |
| diffconfig | -rwxr-xr-x | 3.7 KB |
| documentation-file-ref-check | -rwxr-xr-x | 3.7 KB |
| export_report.pl | -rwxr-xr-x | 4.5 KB |
| extract-cert.c | -rw-r--r-- | 3.5 KB |
| extract-ikconfig | -rwxr-xr-x | 1.7 KB |
| extract-module-sig.pl | -rwxr-xr-x | 3.7 KB |
| extract-sys-certs.pl | -rwxr-xr-x | 3.7 KB |
| extract-vmlinux | -rwxr-xr-x | 1.7 KB |
| extract_xc3028.pl | -rwxr-xr-x | 44.6 KB |
| faddr2line | -rwxr-xr-x | 6.2 KB |
| file-size.sh | -rwxr-xr-x | 86 bytes |
| find-unused-docs.sh | -rwxr-xr-x | 1.3 KB |
| gcc-goto.sh | -rwxr-xr-x | 530 bytes |
| gcc-ld | -rwxr-xr-x | 711 bytes |
| gcc-plugin.sh | -rwxr-xr-x | 1.1 KB |
| gcc-version.sh | -rwxr-xr-x | 857 bytes |
| gcc-x86_32-has-stack-protector.sh | -rwxr-xr-x | 173 bytes |
| gcc-x86_64-has-stack-protector.sh | -rwxr-xr-x | 198 bytes |
| get_dvb_firmware | -rwxr-xr-x | 25.2 KB |
| get_maintainer.pl | -rwxr-xr-x | 65.8 KB |
| gfp-translate | -rwxr-xr-x | 1.7 KB |
| headerdep.pl | -rwxr-xr-x | 3.5 KB |
| headers.sh | -rwxr-xr-x | 512 bytes |
| headers_check.pl | -rwxr-xr-x | 3.7 KB |
| headers_install.sh | -rwxr-xr-x | 1.4 KB |
| insert-sys-cert.c | -rw-r--r-- | 8.9 KB |
| kallsyms.c | -rw-r--r-- | 18.1 KB |
| kernel-doc | -rwxr-xr-x | 60.6 KB |
| ld-version.sh | -rwxr-xr-x | 269 bytes |
| leaking_addresses.pl | -rwxr-xr-x | 12.9 KB |
| link-vmlinux.sh | -rwxr-xr-x | 6.9 KB |
| makelst | -rwxr-xr-x | 808 bytes |
| markup_oops.pl | -rwxr-xr-x | 8.1 KB |
| mkcompile_h | -rwxr-xr-x | 2.5 KB |
| mkmakefile | -rwxr-xr-x | 1.2 KB |
| mksysmap | -rwxr-xr-x | 1.3 KB |
| mkuboot.sh | -rwxr-xr-x | 414 bytes |
| module-common.lds | -rw-r--r-- | 901 bytes |
| namespace.pl | -rwxr-xr-x | 13.0 KB |
| objdiff | -rwxr-xr-x | 2.8 KB |
| parse-maintainers.pl | -rw-r--r-- | 3.7 KB |
| patch-kernel | -rwxr-xr-x | 9.9 KB |
| pnmtologo.c | -rw-r--r-- | 11.9 KB |
| profile2linkerlist.pl | -rwxr-xr-x | 414 bytes |
| prune-kernel | -rwxr-xr-x | 708 bytes |
| recordmcount.c | -rw-r--r-- | 16.7 KB |
| recordmcount.h | -rw-r--r-- | 16.4 KB |
| recordmcount.pl | -rwxr-xr-x | 18.4 KB |
| setlocalversion | -rwxr-xr-x | 3.9 KB |
| show_delta | -rwxr-xr-x | 3.0 KB |
| sign-file.c | -rw-r--r-- | 9.8 KB |
| sortextable.c | -rw-r--r-- | 8.4 KB |
| sortextable.h | -rw-r--r-- | 5.5 KB |
| spdxcheck.py | -rwxr-xr-x | 9.5 KB |
| spelling.txt | -rw-r--r-- | 26.7 KB |
| sphinx-pre-install | -rwxr-xr-x | 14.0 KB |
| split-man.pl | -rwxr-xr-x | 600 bytes |
| stackdelta | -rwxr-xr-x | 1.8 KB |
| stackusage | -rwxr-xr-x | 794 bytes |
| tags.sh | -rwxr-xr-x | 9.5 KB |
| unifdef.c | -rw-r--r-- | 34.8 KB |
| ver_linux | -rwxr-xr-x | 2.7 KB |
| xen-hypercalls.sh | -rw-r--r-- | 386 bytes |
| xz_wrap.sh | -rwxr-xr-x | 562 bytes |
Computing file changes ...
