[Qemu-devel] [PATCH v2] net/colo-compare.c: Fix a crash in COLO Primary.

qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed

* [Qemu-devel] [PATCH v2] net/colo-compare.c: Fix a crash in COLO Primary.
@ 2019-04-20 17:14 Lukas Straub
  2019-04-20 17:14 ` Lukas Straub
                   ` (4 more replies)
  0 siblings, 5 replies; 9+ messages in thread
From: Lukas Straub @ 2019-04-20 17:14 UTC (permalink / raw)
  To: qemu-devel; +Cc: Zhang, Chen

From: Lukas Straub <lukasstraub2@web.de>
Because event_unhandled_count may be accessed concurrently, it needs
to be protected by taking the lock. However the assert is outside the
lock, probably causing it to read garbage and aborting Qemu erroneously.

The Bug only happens when running Qemu in COLO mode.

This Patch fixes the following bug: https://bugs.launchpad.net/qemu/+bug/1824622

Signed-off-by: Lukas Straub <lukasstraub2@web.de>
---
 net/colo-compare.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/net/colo-compare.c b/net/colo-compare.c
index bf10526f05..fcb491121b 100644
--- a/net/colo-compare.c
+++ b/net/colo-compare.c
@@ -813,9 +813,8 @@ static void colo_compare_handle_event(void *opaque)
         break;
     }

-    assert(event_unhandled_count > 0);
-
     qemu_mutex_lock(&event_mtx);
+    assert(event_unhandled_count > 0);
     event_unhandled_count--;
     qemu_cond_broadcast(&event_complete_cond);
     qemu_mutex_unlock(&event_mtx);
--
2.20.1

^ permalink raw reply related	[flat|nested] 9+ messages in thread

* [Qemu-devel] [PATCH v2] net/colo-compare.c: Fix a crash in COLO Primary.
  2019-04-20 17:14 [Qemu-devel] [PATCH v2] net/colo-compare.c: Fix a crash in COLO Primary Lukas Straub
@ 2019-04-20 17:14 ` Lukas Straub
  2019-04-21 10:13 ` Philippe Mathieu-Daudé
                   ` (3 subsequent siblings)
  4 siblings, 0 replies; 9+ messages in thread
From: Lukas Straub @ 2019-04-20 17:14 UTC (permalink / raw)
  To: qemu-devel; +Cc: Zhang, Chen

From: Lukas Straub <lukasstraub2@web.de>
Because event_unhandled_count may be accessed concurrently, it needs
to be protected by taking the lock. However the assert is outside the
lock, probably causing it to read garbage and aborting Qemu erroneously.

The Bug only happens when running Qemu in COLO mode.

This Patch fixes the following bug: https://bugs.launchpad.net/qemu/+bug/1824622

Signed-off-by: Lukas Straub <lukasstraub2@web.de>
---
 net/colo-compare.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/net/colo-compare.c b/net/colo-compare.c
index bf10526f05..fcb491121b 100644
--- a/net/colo-compare.c
+++ b/net/colo-compare.c
@@ -813,9 +813,8 @@ static void colo_compare_handle_event(void *opaque)
         break;
     }

-    assert(event_unhandled_count > 0);
-
     qemu_mutex_lock(&event_mtx);
+    assert(event_unhandled_count > 0);
     event_unhandled_count--;
     qemu_cond_broadcast(&event_complete_cond);
     qemu_mutex_unlock(&event_mtx);
--
2.20.1



^ permalink raw reply related	[flat|nested] 9+ messages in thread

* Re: [Qemu-devel] [PATCH v2] net/colo-compare.c: Fix a crash in COLO Primary.
  2019-04-20 17:14 [Qemu-devel] [PATCH v2] net/colo-compare.c: Fix a crash in COLO Primary Lukas Straub
  2019-04-20 17:14 ` Lukas Straub
@ 2019-04-21 10:13 ` Philippe Mathieu-Daudé
  2019-04-21 10:13   ` Philippe Mathieu-Daudé
  2019-04-23  6:58 ` Zhang, Chen
                   ` (2 subsequent siblings)
  4 siblings, 1 reply; 9+ messages in thread
From: Philippe Mathieu-Daudé @ 2019-04-21 10:13 UTC (permalink / raw)
  To: Lukas Straub, qemu-devel; +Cc: Zhang, Chen

On 4/20/19 7:14 PM, Lukas Straub wrote:
> From: Lukas Straub <lukasstraub2@web.de>
> Because event_unhandled_count may be accessed concurrently, it needs
> to be protected by taking the lock. However the assert is outside the
> lock, probably causing it to read garbage and aborting Qemu erroneously.
> 
> The Bug only happens when running Qemu in COLO mode.
> 
> This Patch fixes the following bug: https://bugs.launchpad.net/qemu/+bug/1824622
> 
> Signed-off-by: Lukas Straub <lukasstraub2@web.de>
> ---
>  net/colo-compare.c | 3 +--
>  1 file changed, 1 insertion(+), 2 deletions(-)
> 
> diff --git a/net/colo-compare.c b/net/colo-compare.c
> index bf10526f05..fcb491121b 100644
> --- a/net/colo-compare.c
> +++ b/net/colo-compare.c
> @@ -813,9 +813,8 @@ static void colo_compare_handle_event(void *opaque)
>          break;
>      }
> 
> -    assert(event_unhandled_count > 0);
> -
>      qemu_mutex_lock(&event_mtx);
> +    assert(event_unhandled_count > 0);
>      event_unhandled_count--;
>      qemu_cond_broadcast(&event_complete_cond);
>      qemu_mutex_unlock(&event_mtx);
> --
> 2.20.1
> 
> 

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>

^ permalink raw reply	[flat|nested] 9+ messages in thread

* Re: [Qemu-devel] [PATCH v2] net/colo-compare.c: Fix a crash in COLO Primary.
  2019-04-21 10:13 ` Philippe Mathieu-Daudé
@ 2019-04-21 10:13   ` Philippe Mathieu-Daudé
  0 siblings, 0 replies; 9+ messages in thread
From: Philippe Mathieu-Daudé @ 2019-04-21 10:13 UTC (permalink / raw)
  To: Lukas Straub, qemu-devel; +Cc: Zhang, Chen

On 4/20/19 7:14 PM, Lukas Straub wrote:
> From: Lukas Straub <lukasstraub2@web.de>
> Because event_unhandled_count may be accessed concurrently, it needs
> to be protected by taking the lock. However the assert is outside the
> lock, probably causing it to read garbage and aborting Qemu erroneously.
> 
> The Bug only happens when running Qemu in COLO mode.
> 
> This Patch fixes the following bug: https://bugs.launchpad.net/qemu/+bug/1824622
> 
> Signed-off-by: Lukas Straub <lukasstraub2@web.de>
> ---
>  net/colo-compare.c | 3 +--
>  1 file changed, 1 insertion(+), 2 deletions(-)
> 
> diff --git a/net/colo-compare.c b/net/colo-compare.c
> index bf10526f05..fcb491121b 100644
> --- a/net/colo-compare.c
> +++ b/net/colo-compare.c
> @@ -813,9 +813,8 @@ static void colo_compare_handle_event(void *opaque)
>          break;
>      }
> 
> -    assert(event_unhandled_count > 0);
> -
>      qemu_mutex_lock(&event_mtx);
> +    assert(event_unhandled_count > 0);
>      event_unhandled_count--;
>      qemu_cond_broadcast(&event_complete_cond);
>      qemu_mutex_unlock(&event_mtx);
> --
> 2.20.1
> 
> 

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>


^ permalink raw reply	[flat|nested] 9+ messages in thread

* Re: [Qemu-devel] [PATCH v2] net/colo-compare.c: Fix a crash in COLO Primary.
  2019-04-20 17:14 [Qemu-devel] [PATCH v2] net/colo-compare.c: Fix a crash in COLO Primary Lukas Straub
  2019-04-20 17:14 ` Lukas Straub
  2019-04-21 10:13 ` Philippe Mathieu-Daudé
@ 2019-04-23  6:58 ` Zhang, Chen
  2019-04-23  6:58   ` Zhang, Chen
  2019-05-06 10:32 ` Lukas Straub
  2019-05-06 11:13 ` Philippe Mathieu-Daudé
  4 siblings, 1 reply; 9+ messages in thread
From: Zhang, Chen @ 2019-04-23  6:58 UTC (permalink / raw)
  To: Lukas Straub, qemu-devel@nongnu.org


> -----Original Message-----
> From: Lukas Straub [mailto:lukasstraub2@web.de]
> Sent: Sunday, April 21, 2019 1:14 AM
> To: qemu-devel@nongnu.org
> Cc: Zhang, Chen <chen.zhang@intel.com>
> Subject: [PATCH v2] net/colo-compare.c: Fix a crash in COLO Primary.
> 
> From: Lukas Straub <lukasstraub2@web.de> Because event_unhandled_count
> may be accessed concurrently, it needs to be protected by taking the lock.
> However the assert is outside the lock, probably causing it to read garbage and
> aborting Qemu erroneously.
> 
> The Bug only happens when running Qemu in COLO mode.
> 
> This Patch fixes the following bug:
> https://bugs.launchpad.net/qemu/+bug/1824622
> 
> Signed-off-by: Lukas Straub <lukasstraub2@web.de>

Looks good for me.

Reviewed-by: Zhang Chen <chen.zhang@intel.com>

Thanks
Zhang Chen

> ---
>  net/colo-compare.c | 3 +--
>  1 file changed, 1 insertion(+), 2 deletions(-)
> 
> diff --git a/net/colo-compare.c b/net/colo-compare.c index
> bf10526f05..fcb491121b 100644
> --- a/net/colo-compare.c
> +++ b/net/colo-compare.c
> @@ -813,9 +813,8 @@ static void colo_compare_handle_event(void *opaque)
>          break;
>      }
> 
> -    assert(event_unhandled_count > 0);
> -
>      qemu_mutex_lock(&event_mtx);
> +    assert(event_unhandled_count > 0);
>      event_unhandled_count--;
>      qemu_cond_broadcast(&event_complete_cond);
>      qemu_mutex_unlock(&event_mtx);
> --
> 2.20.1

^ permalink raw reply	[flat|nested] 9+ messages in thread

* Re: [Qemu-devel] [PATCH v2] net/colo-compare.c: Fix a crash in COLO Primary.
  2019-04-23  6:58 ` Zhang, Chen
@ 2019-04-23  6:58   ` Zhang, Chen
  0 siblings, 0 replies; 9+ messages in thread
From: Zhang, Chen @ 2019-04-23  6:58 UTC (permalink / raw)
  To: Lukas Straub, qemu-devel@nongnu.org


> -----Original Message-----
> From: Lukas Straub [mailto:lukasstraub2@web.de]
> Sent: Sunday, April 21, 2019 1:14 AM
> To: qemu-devel@nongnu.org
> Cc: Zhang, Chen <chen.zhang@intel.com>
> Subject: [PATCH v2] net/colo-compare.c: Fix a crash in COLO Primary.
> 
> From: Lukas Straub <lukasstraub2@web.de> Because event_unhandled_count
> may be accessed concurrently, it needs to be protected by taking the lock.
> However the assert is outside the lock, probably causing it to read garbage and
> aborting Qemu erroneously.
> 
> The Bug only happens when running Qemu in COLO mode.
> 
> This Patch fixes the following bug:
> https://bugs.launchpad.net/qemu/+bug/1824622
> 
> Signed-off-by: Lukas Straub <lukasstraub2@web.de>

Looks good for me.

Reviewed-by: Zhang Chen <chen.zhang@intel.com>

Thanks
Zhang Chen

> ---
>  net/colo-compare.c | 3 +--
>  1 file changed, 1 insertion(+), 2 deletions(-)
> 
> diff --git a/net/colo-compare.c b/net/colo-compare.c index
> bf10526f05..fcb491121b 100644
> --- a/net/colo-compare.c
> +++ b/net/colo-compare.c
> @@ -813,9 +813,8 @@ static void colo_compare_handle_event(void *opaque)
>          break;
>      }
> 
> -    assert(event_unhandled_count > 0);
> -
>      qemu_mutex_lock(&event_mtx);
> +    assert(event_unhandled_count > 0);
>      event_unhandled_count--;
>      qemu_cond_broadcast(&event_complete_cond);
>      qemu_mutex_unlock(&event_mtx);
> --
> 2.20.1



^ permalink raw reply	[flat|nested] 9+ messages in thread

* Re: [Qemu-devel] [PATCH v2] net/colo-compare.c: Fix a crash in COLO Primary.
  2019-04-20 17:14 [Qemu-devel] [PATCH v2] net/colo-compare.c: Fix a crash in COLO Primary Lukas Straub
                   ` (2 preceding siblings ...)
  2019-04-23  6:58 ` Zhang, Chen
@ 2019-05-06 10:32 ` Lukas Straub
  2019-05-07  0:07   ` Jason Wang
  2019-05-06 11:13 ` Philippe Mathieu-Daudé
  4 siblings, 1 reply; 9+ messages in thread
From: Lukas Straub @ 2019-05-06 10:32 UTC (permalink / raw)
  To: qemu-devel; +Cc: Zhang, Chen, Jason Wang

On Sat, 20 Apr 2019 19:14:25 +0200
Lukas Straub <lukasstraub2@web.de> wrote:

> From: Lukas Straub <lukasstraub2@web.de>
> Because event_unhandled_count may be accessed concurrently, it needs
> to be protected by taking the lock. However the assert is outside the
> lock, probably causing it to read garbage and aborting Qemu
> erroneously.
>
> The Bug only happens when running Qemu in COLO mode.
>
> This Patch fixes the following bug:
> https://bugs.launchpad.net/qemu/+bug/1824622
>
> Signed-off-by: Lukas Straub <lukasstraub2@web.de>
> ---
>  net/colo-compare.c | 3 +--
>  1 file changed, 1 insertion(+), 2 deletions(-)
>
> diff --git a/net/colo-compare.c b/net/colo-compare.c
> index bf10526f05..fcb491121b 100644
> --- a/net/colo-compare.c
> +++ b/net/colo-compare.c
> @@ -813,9 +813,8 @@ static void colo_compare_handle_event(void
> *opaque) break;
>      }
>
> -    assert(event_unhandled_count > 0);
> -
>      qemu_mutex_lock(&event_mtx);
> +    assert(event_unhandled_count > 0);
>      event_unhandled_count--;
>      qemu_cond_broadcast(&event_complete_cond);
>      qemu_mutex_unlock(&event_mtx);

Ping.

Regards,
Lukas Straub


^ permalink raw reply	[flat|nested] 9+ messages in thread

* Re: [Qemu-devel] [PATCH v2] net/colo-compare.c: Fix a crash in COLO Primary.
  2019-05-06 10:32 ` Lukas Straub
@ 2019-05-07  0:07   ` Jason Wang
  0 siblings, 0 replies; 9+ messages in thread
From: Jason Wang @ 2019-05-07  0:07 UTC (permalink / raw)
  To: Lukas Straub, qemu-devel; +Cc: Zhang, Chen


On 2019/5/6 下午6:32, Lukas Straub wrote:
> On Sat, 20 Apr 2019 19:14:25 +0200
> Lukas Straub <lukasstraub2@web.de> wrote:
>
>> From: Lukas Straub <lukasstraub2@web.de>
>> Because event_unhandled_count may be accessed concurrently, it needs
>> to be protected by taking the lock. However the assert is outside the
>> lock, probably causing it to read garbage and aborting Qemu
>> erroneously.
>>
>> The Bug only happens when running Qemu in COLO mode.
>>
>> This Patch fixes the following bug:
>> https://bugs.launchpad.net/qemu/+bug/1824622
>>
>> Signed-off-by: Lukas Straub <lukasstraub2@web.de>
>> ---
>>   net/colo-compare.c | 3 +--
>>   1 file changed, 1 insertion(+), 2 deletions(-)
>>
>> diff --git a/net/colo-compare.c b/net/colo-compare.c
>> index bf10526f05..fcb491121b 100644
>> --- a/net/colo-compare.c
>> +++ b/net/colo-compare.c
>> @@ -813,9 +813,8 @@ static void colo_compare_handle_event(void
>> *opaque) break;
>>       }
>>
>> -    assert(event_unhandled_count > 0);
>> -
>>       qemu_mutex_lock(&event_mtx);
>> +    assert(event_unhandled_count > 0);
>>       event_unhandled_count--;
>>       qemu_cond_broadcast(&event_complete_cond);
>>       qemu_mutex_unlock(&event_mtx);
> Ping.
>
> Regards,
> Lukas Straub


Applied.

Thanks

>


^ permalink raw reply	[flat|nested] 9+ messages in thread

* Re: [Qemu-devel] [PATCH v2] net/colo-compare.c: Fix a crash in COLO Primary.
  2019-04-20 17:14 [Qemu-devel] [PATCH v2] net/colo-compare.c: Fix a crash in COLO Primary Lukas Straub
                   ` (3 preceding siblings ...)
  2019-05-06 10:32 ` Lukas Straub
@ 2019-05-06 11:13 ` Philippe Mathieu-Daudé
  4 siblings, 0 replies; 9+ messages in thread
From: Philippe Mathieu-Daudé @ 2019-05-06 11:13 UTC (permalink / raw)
  To: Lukas Straub, qemu-devel, zhanghailiang, Paolo Bonzini,
	Stefan Hajnoczi
  Cc: Zhang, Chen

Cc'ing Paolo & Stefan

On 4/20/19 7:14 PM, Lukas Straub wrote:
> From: Lukas Straub <lukasstraub2@web.de>
> Because event_unhandled_count may be accessed concurrently, it needs
> to be protected by taking the lock. However the assert is outside the
> lock, probably causing it to read garbage and aborting Qemu erroneously.
> 
> The Bug only happens when running Qemu in COLO mode.
> 
> This Patch fixes the following bug: https://bugs.launchpad.net/qemu/+bug/1824622
> 
> Signed-off-by: Lukas Straub <lukasstraub2@web.de>
> ---
>  net/colo-compare.c | 3 +--
>  1 file changed, 1 insertion(+), 2 deletions(-)
> 
> diff --git a/net/colo-compare.c b/net/colo-compare.c
> index bf10526f05..fcb491121b 100644
> --- a/net/colo-compare.c
> +++ b/net/colo-compare.c
> @@ -813,9 +813,8 @@ static void colo_compare_handle_event(void *opaque)
>          break;
>      }
> 
> -    assert(event_unhandled_count > 0);
> -
>      qemu_mutex_lock(&event_mtx);
> +    assert(event_unhandled_count > 0);
>      event_unhandled_count--;
>      qemu_cond_broadcast(&event_complete_cond);
>      qemu_mutex_unlock(&event_mtx);
> --
> 2.20.1
> 
> 


^ permalink raw reply	[flat|nested] 9+ messages in thread

end of thread, other threads:[~2019-05-07  0:08 UTC | newest]

Thread overview: 9+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2019-04-20 17:14 [Qemu-devel] [PATCH v2] net/colo-compare.c: Fix a crash in COLO Primary Lukas Straub
2019-04-20 17:14 ` Lukas Straub
2019-04-21 10:13 ` Philippe Mathieu-Daudé
2019-04-21 10:13   ` Philippe Mathieu-Daudé
2019-04-23  6:58 ` Zhang, Chen
2019-04-23  6:58   ` Zhang, Chen
2019-05-06 10:32 ` Lukas Straub
2019-05-07  0:07   ` Jason Wang
2019-05-06 11:13 ` Philippe Mathieu-Daudé

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).