From c8c7c6a0005f7f08b1eafa245c54d87bd2ebfc2f Mon Sep 17 00:00:00 2001 From: Sean McBride Date: Sun, 23 Aug 2020 10:59:12 -0400 Subject: [PATCH] feat: check for accidental sandbox returns --- runtime/src/local_runqueue_minheap.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/runtime/src/local_runqueue_minheap.c b/runtime/src/local_runqueue_minheap.c index 057da30..5132b2a 100644 --- a/runtime/src/local_runqueue_minheap.c +++ b/runtime/src/local_runqueue_minheap.c @@ -84,7 +84,11 @@ local_runqueue_minheap_get_next() if (sandbox_rc == -ENOENT && global_request_scheduler_peek() < ULONG_MAX) { /* local runqueue empty, try to pull a sandbox request */ - if (global_request_scheduler_remove(&sandbox_request) < 0) goto done; + if (global_request_scheduler_remove(&sandbox_request) < 0) { + /* Assumption: Sandbox request should not be set in case of an error */ + assert(sandbox_request == NULL); + goto done; + } /* Try to allocate a sandbox, returning the request on failure */ sandbox = sandbox_allocate(sandbox_request); @@ -135,7 +139,7 @@ local_runqueue_minheap_preempt(ucontext_t *user_context) uint64_t global_deadline = global_request_scheduler_peek(); /* If we're able to get a sandbox request with a tighter deadline, preempt the current context and run it */ - struct sandbox_request *sandbox_request; + struct sandbox_request *sandbox_request = NULL; if (global_deadline < local_deadline) { #ifdef LOG_PREEMPTION debuglog("Sandbox %lu has deadline of %lu. Trying to preempt for request with %lu\n", @@ -149,6 +153,8 @@ local_runqueue_minheap_preempt(ucontext_t *user_context) #ifdef LOG_PREEMPTION debuglog("Preemption aborted. Another thread took the request\n"); #endif + /* Assumption: Sandbox request should not be set in case of an error */ + assert(sandbox_request == NULL); goto done; }