Fwd: New Defects reported by Coverity Scan for XenProject

Wed, 28 Feb 2024 04:18:23 -0800 

Not sure how well this is going to be formatted, but there's one new and
potentially interesting issue found by Coverity.

~Andrew

----8<----

New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 1592633: (LOCK_EVASION)
/xen/drivers/vpci/header.c: 229 in vpci_process_pending()
/xen/drivers/vpci/header.c: 189 in vpci_process_pending()
/xen/drivers/vpci/header.c: 239 in vpci_process_pending()


________________________________________________________________________________________________________
*** CID 1592633: (LOCK_EVASION)
/xen/drivers/vpci/header.c: 229 in vpci_process_pending()
223 224 /* Clean all the rangesets */
225 for ( i = 0; i < ARRAY_SIZE(header->bars); i++ )
226 if ( !rangeset_is_empty(header->bars[i].mem) )
227 rangeset_purge(header->bars[i].mem);
228
>>> CID 1592633: (LOCK_EVASION)
>>> Thread1 sets "pdev" to a new value. Now the two threads have an
>>> inconsistent view of "pdev" and updates to fields of "pdev" or
>>> fields correlated with "pdev" may be lost.
229 v->vpci.pdev = NULL;
230 231 read_unlock(&v->domain->pci_lock);
232 233 if ( !is_hardware_domain(v->domain) )
234 domain_crash(v->domain);
/xen/drivers/vpci/header.c: 189 in vpci_process_pending()
183 return false;
184 185 read_lock(&v->domain->pci_lock);
186 187 if ( !pdev->vpci || (v->domain != pdev->domain) )
188 {
>>> CID 1592633: (LOCK_EVASION)
>>> Thread1 sets "pdev" to a new value. Now the two threads have an
>>> inconsistent view of "pdev" and updates to fields of "pdev" or
>>> fields correlated with "pdev" may be lost.
189 v->vpci.pdev = NULL;
190 read_unlock(&v->domain->pci_lock);
191 return false;
192 }
193 194 header = &pdev->vpci->header;
/xen/drivers/vpci/header.c: 239 in vpci_process_pending()
233 if ( !is_hardware_domain(v->domain) )
234 domain_crash(v->domain);
235 236 return false;
237 }
238 }
>>> CID 1592633: (LOCK_EVASION)
>>> Thread1 sets "pdev" to a new value. Now the two threads have an
>>> inconsistent view of "pdev" and updates to fields of "pdev" or
>>> fields correlated with "pdev" may be lost.
239 v->vpci.pdev = NULL;
240 241 spin_lock(&pdev->vpci->lock);
242 modify_decoding(pdev, v->vpci.cmd, v->vpci.rom_only);
243 spin_unlock(&pdev->vpci->lock);
244

Reply via email to