Hitting the fail path with err = 0 causes callers to dereference a NULL pointer, as 0 fails an IS_ERR() check.
All of the paths appear to be fine, but leave some logic to help catch stray misuses. Signed-off-by: Andrew Cooper <[email protected]> --- CC: George Dunlap <[email protected]> CC: Jan Beulich <[email protected]> CC: Konrad Rzeszutek Wilk <[email protected]> CC: Stefano Stabellini <[email protected]> CC: Tim Deegan <[email protected]> CC: Wei Liu <[email protected]> v2: * Completely different implementation --- xen/common/domain.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/xen/common/domain.c b/xen/common/domain.c index 3cefe76..fd054db 100644 --- a/xen/common/domain.c +++ b/xen/common/domain.c @@ -399,6 +399,9 @@ struct domain *domain_create(domid_t domid, unsigned int domcr_flags, return d; fail: + ASSERT(err < 0); /* Sanity check paths leading here. */ + err = err ?: -EINVAL; /* Release build safety. */ + d->is_dying = DOMDYING_dead; if ( hardware_domain == d ) hardware_domain = old_hwdom; -- 2.1.4 _______________________________________________ Xen-devel mailing list [email protected] https://lists.xenproject.org/mailman/listinfo/xen-devel
