diff mbox series

core/cpu: fix next_ungarded_primary

Message ID 20201127042750.763038-1-npiggin@gmail.com
State Accepted
Headers show
Series core/cpu: fix next_ungarded_primary | expand

Checks

Context Check Description
snowpatch_ozlabs/apply_patch success Successfully applied on branch master (89a32b4930be829f37e6967354a759e38048d01f)
snowpatch_ozlabs/snowpatch_job_snowpatch-skiboot success Test snowpatch/job/snowpatch-skiboot on branch master
snowpatch_ozlabs/snowpatch_job_snowpatch-skiboot-dco success Signed-off-by present

Commit Message

Nicholas Piggin Nov. 27, 2020, 4:27 a.m. UTC 
next_unguarded_primary dereferences NULL CPU -> UB -> infinite loop

Fast reboot works again after this patch.

Fixes: 98f5834253c7e ("cpu: Keep track of the "ec_primary" in big core more")
Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
---
 core/cpu.c | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

Comments

Vasant Hegde Nov. 27, 2020, 11:57 a.m. UTC | #1 
On 11/27/20 9:57 AM, Nicholas Piggin wrote:
> next_unguarded_primary dereferences NULL CPU -> UB -> infinite loop
> 
> Fast reboot works again after this patch.

Thanks! Merged as 3f65437bb36.

-Vasant
diff mbox series

Patch

diff --git a/core/cpu.c b/core/cpu.c
index ff0442a8a..d30bef8e0 100644
--- a/core/cpu.c
+++ b/core/cpu.c
@@ -823,11 +823,9 @@  struct cpu_thread *first_ungarded_cpu(void)
 
 struct cpu_thread *next_ungarded_primary(struct cpu_thread *cpu)
 {
-	bool is_primary;
 	do {
-		cpu = next_cpu(cpu);
-		is_primary = cpu == cpu->primary || cpu == cpu->ec_primary;
-	} while(cpu && (cpu->state == cpu_state_unavailable || !is_primary));
+		cpu = next_ungarded_cpu(cpu);
+	} while (cpu && !(cpu == cpu->primary || cpu == cpu->ec_primary));
 
 	return cpu;
 }