[Skiboot] [PATCH] core/cpu: Fix theoretical use-after-free if no_return job returns
Stewart Smith
stewart at linux.ibm.com
Mon Jun 3 17:55:15 AEST 2019
Practically speaking this should/would never happen, but static analysis
caught it, and just *maybe* at some time in the future, someone will
have less of a terrible day debugging something terrible if we fix it.
Signed-off-by: Stewart Smith <stewart at linux.ibm.com>
---
core/cpu.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/core/cpu.c b/core/cpu.c
index 62c020174683..641a5d0b7066 100644
--- a/core/cpu.c
+++ b/core/cpu.c
@@ -361,8 +361,12 @@ void cpu_process_jobs(void)
free(job);
func(data);
if (!list_empty(&cpu->locks_held)) {
- prlog(PR_ERR, "OPAL job %s returning with locks held\n",
- job->name);
+ if (no_return)
+ prlog(PR_ERR, "OPAL no-return job returned with"
+ "locks held!\n");
+ else
+ prlog(PR_ERR, "OPAL job %s returning with locks held\n",
+ job->name);
drop_my_locks(true);
}
lock(&cpu->job_lock);
--
2.21.0
More information about the Skiboot
mailing list