|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] Possible bug in tools/libxl/libxl.c -- Variable passed by reference not set in one possible case
On Fri, Oct 10, 2014 at 10:30:06AM +0100, Ian Campbell wrote: [...] > > > > The way the callers use it prevents the issue you described from > > happening -- they only call this function when they can't read those > > values from xenstore -- if those values are already in xenstore this > > function won't get called. > > At least the callers in libxl__get_free_memory_slack and > libxl__get_memory_target look to be racy with someone else writing these > nodes to me. > libxl__fill_dom0_memory_info uses transaction already, that should avoid race? > libxl_set_memory_target is a bit unclear but the fact that it ends the > transaction right before it calls libxl__fill_dom0_memory_info seems > suspicious. > To avoid having a transaction inside another transaction? > libxl__get_free_memory_slack is also separately suspicious because it > never uses the values anyway. I suppose just because > libxl__fill_dom0_memory_info doesn't tolerate NULL arguments like I > think it should. > *free_mem_slask is populated with that value, after libxl__fill_dom0_memory_info successfully writes that value into xenstore (oddly it's not returned with an out parameter). TBH I have no idea why libxl__fill_dom0_memory_info is used in such convoluted way... Wei. _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |