[PATCH] hw/vfio-user: wait for proxy close correctly

qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed

* [PATCH] hw/vfio-user: wait for proxy close correctly
@ 2025-07-10 15:47 John Levon
  2025-07-11 11:38 ` Mark Cave-Ayland
  0 siblings, 1 reply; 5+ messages in thread
From: John Levon @ 2025-07-10 15:47 UTC (permalink / raw)
  To: qemu-devel; +Cc: Thanos Makatos, John Levon

Coverity reported:

CID 1611806: Concurrent data access violations (BAD_CHECK_OF_WAIT_COND)

A wait is performed without a loop. If there is a spurious wakeup, the
condition may not be satisfied.

Fix this by checking ->state for VFIO_PROXY_CLOSED in a loop.

Signed-off-by: John Levon <john.levon@nutanix.com>
---
 hw/vfio-user/proxy.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/hw/vfio-user/proxy.c b/hw/vfio-user/proxy.c
index c418954440..2275d3fe39 100644
--- a/hw/vfio-user/proxy.c
+++ b/hw/vfio-user/proxy.c
@@ -32,7 +32,6 @@ static void vfio_user_recycle(VFIOUserProxy *proxy, VFIOUserMsg *msg);
 
 static void vfio_user_recv(void *opaque);
 static void vfio_user_send(void *opaque);
-static void vfio_user_cb(void *opaque);
 
 static void vfio_user_request(void *opaque);
 
@@ -492,7 +491,7 @@ static void vfio_user_send(void *opaque)
     }
 }
 
-static void vfio_user_cb(void *opaque)
+static void vfio_user_close_cb(void *opaque)
 {
     VFIOUserProxy *proxy = opaque;
 
@@ -984,8 +983,11 @@ void vfio_user_disconnect(VFIOUserProxy *proxy)
      * handler to run after the proxy fd handlers were
      * deleted above.
      */
-    aio_bh_schedule_oneshot(proxy->ctx, vfio_user_cb, proxy);
-    qemu_cond_wait(&proxy->close_cv, &proxy->lock);
+    aio_bh_schedule_oneshot(proxy->ctx, vfio_user_close_cb, proxy);
+
+    while (proxy->state != VFIO_PROXY_CLOSED) {
+        qemu_cond_wait(&proxy->close_cv, &proxy->lock);
+    }
 
     /* we now hold the only ref to proxy */
     qemu_mutex_unlock(&proxy->lock);
-- 
2.43.0



^ permalink raw reply related	[flat|nested] 5+ messages in thread

* Re: [PATCH] hw/vfio-user: wait for proxy close correctly
  2025-07-10 15:47 [PATCH] hw/vfio-user: wait for proxy close correctly John Levon
@ 2025-07-11 11:38 ` Mark Cave-Ayland
  2025-07-15  5:49   ` Cédric Le Goater
  0 siblings, 1 reply; 5+ messages in thread
From: Mark Cave-Ayland @ 2025-07-11 11:38 UTC (permalink / raw)
  To: John Levon, qemu-devel, Cedric Le Goater; +Cc: Thanos Makatos

On 10/07/2025 16:47, John Levon wrote:

(added Cedric)

> Coverity reported:
> 
> CID 1611806: Concurrent data access violations (BAD_CHECK_OF_WAIT_COND)
> 
> A wait is performed without a loop. If there is a spurious wakeup, the
> condition may not be satisfied.
> 
> Fix this by checking ->state for VFIO_PROXY_CLOSED in a loop.
> 
> Signed-off-by: John Levon <john.levon@nutanix.com>
> ---
>   hw/vfio-user/proxy.c | 10 ++++++----
>   1 file changed, 6 insertions(+), 4 deletions(-)
> 
> diff --git a/hw/vfio-user/proxy.c b/hw/vfio-user/proxy.c
> index c418954440..2275d3fe39 100644
> --- a/hw/vfio-user/proxy.c
> +++ b/hw/vfio-user/proxy.c
> @@ -32,7 +32,6 @@ static void vfio_user_recycle(VFIOUserProxy *proxy, VFIOUserMsg *msg);
>   
>   static void vfio_user_recv(void *opaque);
>   static void vfio_user_send(void *opaque);
> -static void vfio_user_cb(void *opaque);
>   
>   static void vfio_user_request(void *opaque);
>   
> @@ -492,7 +491,7 @@ static void vfio_user_send(void *opaque)
>       }
>   }
>   
> -static void vfio_user_cb(void *opaque)
> +static void vfio_user_close_cb(void *opaque)
>   {
>       VFIOUserProxy *proxy = opaque;
>   
> @@ -984,8 +983,11 @@ void vfio_user_disconnect(VFIOUserProxy *proxy)
>        * handler to run after the proxy fd handlers were
>        * deleted above.
>        */
> -    aio_bh_schedule_oneshot(proxy->ctx, vfio_user_cb, proxy);
> -    qemu_cond_wait(&proxy->close_cv, &proxy->lock);
> +    aio_bh_schedule_oneshot(proxy->ctx, vfio_user_close_cb, proxy);
> +
> +    while (proxy->state != VFIO_PROXY_CLOSED) {
> +        qemu_cond_wait(&proxy->close_cv, &proxy->lock);
> +    }
>   
>       /* we now hold the only ref to proxy */
>       qemu_mutex_unlock(&proxy->lock);

It think it is worth mentioning the function rename in the commit 
message, otherwise looks good to me:

Reviewed-by: Mark Cave-Ayland <markcaveayland@nutanix.com>


ATB,

Mark.



^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH] hw/vfio-user: wait for proxy close correctly
  2025-07-11 11:38 ` Mark Cave-Ayland
@ 2025-07-15  5:49   ` Cédric Le Goater
  2025-07-15  8:56     ` Mark Cave-Ayland
  0 siblings, 1 reply; 5+ messages in thread
From: Cédric Le Goater @ 2025-07-15  5:49 UTC (permalink / raw)
  To: Mark Cave-Ayland, John Levon, qemu-devel; +Cc: Thanos Makatos

On 7/11/25 13:38, Mark Cave-Ayland wrote:
> On 10/07/2025 16:47, John Levon wrote:
> 
> (added Cedric)

ah. Thanks Mark.

This reminds me that we should have maintainers/reviewers
that can send PRs for the vfio-user component.

John,

Could you please send a patch adding me and Mark may be ?

> 
>> Coverity reported:
>>
>> CID 1611806: Concurrent data access violations (BAD_CHECK_OF_WAIT_COND)

Please prefer :

   Resolves: Coverity CID 1611805

>>
>> A wait is performed without a loop. If there is a spurious wakeup, the
>> condition may not be satisfied.
>>
>> Fix this by checking ->state for VFIO_PROXY_CLOSED in a loop.
>>
>> Signed-off-by: John Levon <john.levon@nutanix.com>
>> ---
>>   hw/vfio-user/proxy.c | 10 ++++++----
>>   1 file changed, 6 insertions(+), 4 deletions(-)
>>
>> diff --git a/hw/vfio-user/proxy.c b/hw/vfio-user/proxy.c
>> index c418954440..2275d3fe39 100644
>> --- a/hw/vfio-user/proxy.c
>> +++ b/hw/vfio-user/proxy.c
>> @@ -32,7 +32,6 @@ static void vfio_user_recycle(VFIOUserProxy *proxy, VFIOUserMsg *msg);
>>   static void vfio_user_recv(void *opaque);
>>   static void vfio_user_send(void *opaque);
>> -static void vfio_user_cb(void *opaque);
>>   static void vfio_user_request(void *opaque);
>> @@ -492,7 +491,7 @@ static void vfio_user_send(void *opaque)
>>       }
>>   }
>> -static void vfio_user_cb(void *opaque)
>> +static void vfio_user_close_cb(void *opaque)
>>   {
>>       VFIOUserProxy *proxy = opaque;
>> @@ -984,8 +983,11 @@ void vfio_user_disconnect(VFIOUserProxy *proxy)
>>        * handler to run after the proxy fd handlers were
>>        * deleted above.
>>        */
>> -    aio_bh_schedule_oneshot(proxy->ctx, vfio_user_cb, proxy);
>> -    qemu_cond_wait(&proxy->close_cv, &proxy->lock);
>> +    aio_bh_schedule_oneshot(proxy->ctx, vfio_user_close_cb, proxy);
>> +
>> +    while (proxy->state != VFIO_PROXY_CLOSED) {
>> +        qemu_cond_wait(&proxy->close_cv, &proxy->lock);
>> +    }
>>       /* we now hold the only ref to proxy */
>>       qemu_mutex_unlock(&proxy->lock);
> 
> It think it is worth mentioning the function rename in the commit message, otherwise looks good to me:
> 
> Reviewed-by: Mark Cave-Ayland <markcaveayland@nutanix.com>



Reviewed-by: Cédric Le Goater <clg@redhat.com>

Thanks,

C.




^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH] hw/vfio-user: wait for proxy close correctly
  2025-07-15  5:49   ` Cédric Le Goater
@ 2025-07-15  8:56     ` Mark Cave-Ayland
  2025-07-15  9:06       ` Cédric Le Goater
  0 siblings, 1 reply; 5+ messages in thread
From: Mark Cave-Ayland @ 2025-07-15  8:56 UTC (permalink / raw)
  To: Cédric Le Goater, John Levon, qemu-devel; +Cc: Thanos Makatos

On 15/07/2025 06:49, Cédric Le Goater wrote:

> On 7/11/25 13:38, Mark Cave-Ayland wrote:
>> On 10/07/2025 16:47, John Levon wrote:
>>
>> (added Cedric)
> 
> ah. Thanks Mark.
> 
> This reminds me that we should have maintainers/reviewers
> that can send PRs for the vfio-user component.
> 
> John,
> 
> Could you please send a patch adding me and Mark may be ?

I'm still coming up to speed with the internals of QEMU's vfio 
implementation, so this might be a bit premature. But I'd like to think 
I will get there soon :)

BTW I have a series here that fixes up some of the QOM issues with vfio, 
but I'm guessing it's a little too close to freeze for this?

ATB,

Mark.

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH] hw/vfio-user: wait for proxy close correctly
  2025-07-15  8:56     ` Mark Cave-Ayland
@ 2025-07-15  9:06       ` Cédric Le Goater
  0 siblings, 0 replies; 5+ messages in thread
From: Cédric Le Goater @ 2025-07-15  9:06 UTC (permalink / raw)
  To: Mark Cave-Ayland, John Levon, qemu-devel; +Cc: Thanos Makatos

> BTW I have a series here that fixes up some of the QOM issues with vfio, but I'm guessing it's a little too close to freeze for this?

Please send and we'll see.

Thanks,

C.






^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2025-07-15  9:06 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-07-10 15:47 [PATCH] hw/vfio-user: wait for proxy close correctly John Levon
2025-07-11 11:38 ` Mark Cave-Ayland
2025-07-15  5:49   ` Cédric Le Goater
2025-07-15  8:56     ` Mark Cave-Ayland
2025-07-15  9:06       ` Cédric Le Goater

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).