From: Peter Xu <peterx@redhat.com>
To: Dmitry Frolov <frolov@swemel.ru>
Cc: Juan Quintela <quintela@redhat.com>,
Fabiano Rosas <farosas@suse.de>,
Leonardo Bras <leobras@redhat.com>,
qemu-devel@nongnu.org, sdl.qemu@linuxtesting.org
Subject: Re: [PATCH v1] migration: fix RAMBlock add NULL check
Date: Tue, 10 Oct 2023 15:23:40 -0400 [thread overview]
Message-ID: <ZSWkvPH0asP8xXSu@x1n> (raw)
In-Reply-To: <20231010104851.802947-1-frolov@swemel.ru>
On Tue, Oct 10, 2023 at 01:48:53PM +0300, Dmitry Frolov wrote:
> qemu_ram_block_from_host() may return NULL, which will be dereferenced w/o
AFAIU this path is only called from trusted sites, so I don't see why it
can be NULL? Do you have any scenario that can trigger this?
> check. Usualy return value is checked for this function.
> Found by Linux Verification Center (linuxtesting.org) with SVACE.
>
> Fixes: c7c0e72408df5e7821c0e995122fb2fe0ac001f1 ("migration/ram: Handle RAM block resizes during precopy")
Normally if we attach Fixes it means we want to backport it to stable.
Here I'd like to double check on above to see whether we'd need a Fixes.
> Signed-off-by: Dmitry Frolov <frolov@swemel.ru>
The patch itself looks all fine; though if I'm going to add some print, I'd
print something more to make it at least try to be more useful (host,
old_size, new_size). I had a feeling that we can already assert.
Thanks,
> ---
> migration/ram.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/migration/ram.c b/migration/ram.c
> index e4bfd39f08..bd4b7574e1 100644
> --- a/migration/ram.c
> +++ b/migration/ram.c
> @@ -4281,6 +4281,11 @@ static void ram_mig_ram_block_resized(RAMBlockNotifier *n, void *host,
> RAMBlock *rb = qemu_ram_block_from_host(host, false, &offset);
> Error *err = NULL;
>
> + if (!rb) {
> + error_report("RAM block not found");
> + return;
> + }
> +
> if (migrate_ram_is_ignored(rb)) {
> return;
> }
> --
> 2.34.1
>
>
--
Peter Xu
next prev parent reply other threads:[~2023-10-10 19:24 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-10-10 10:48 [PATCH v1] migration: fix RAMBlock add NULL check Dmitry Frolov
2023-10-10 13:36 ` Fabiano Rosas
2023-10-10 19:23 ` Peter Xu [this message]
2023-10-11 13:20 ` Дмитрий Фролов
2023-10-11 14:24 ` Peter Xu
2023-10-11 14:33 ` Juan Quintela
2023-10-11 14:36 ` Дмитрий Фролов
2023-10-11 13:07 ` Juan Quintela
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZSWkvPH0asP8xXSu@x1n \
--to=peterx@redhat.com \
--cc=farosas@suse.de \
--cc=frolov@swemel.ru \
--cc=leobras@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=quintela@redhat.com \
--cc=sdl.qemu@linuxtesting.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).