From patchwork Fri May 17 09:06:57 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Jason Wang X-Patchwork-Id: 1100900 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=nongnu.org (client-ip=209.51.188.17; helo=lists.gnu.org; envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=redhat.com Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4552Wj3gDlz9s3q for ; Fri, 17 May 2019 19:08:17 +1000 (AEST) Received: from localhost ([127.0.0.1]:44903 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hRYqd-0004d6-Cz for incoming@patchwork.ozlabs.org; Fri, 17 May 2019 05:08:15 -0400 Received: from eggs.gnu.org ([209.51.188.92]:34795) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hRYph-0004bn-Lt for qemu-devel@nongnu.org; Fri, 17 May 2019 05:07:19 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hRYpf-0003rh-Pb for qemu-devel@nongnu.org; Fri, 17 May 2019 05:07:17 -0400 Received: from mx1.redhat.com ([209.132.183.28]:42748) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1hRYpd-0003p3-Rj for qemu-devel@nongnu.org; Fri, 17 May 2019 05:07:14 -0400 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id ED4E130BDE44; Fri, 17 May 2019 09:07:11 +0000 (UTC) Received: from jason-ThinkPad-T430s.redhat.com (ovpn-12-157.pek2.redhat.com [10.72.12.157]) by smtp.corp.redhat.com (Postfix) with ESMTP id 596B860FAF; Fri, 17 May 2019 09:07:09 +0000 (UTC) From: Jason Wang To: qemu-devel@nongnu.org, peter.maydell@linaro.org Date: Fri, 17 May 2019 17:06:57 +0800 Message-Id: <1558084017-15947-5-git-send-email-jasowang@redhat.com> In-Reply-To: <1558084017-15947-1-git-send-email-jasowang@redhat.com> References: <1558084017-15947-1-git-send-email-jasowang@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.46]); Fri, 17 May 2019 09:07:12 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PULL 4/4] net/colo-compare.c: Fix a crash in COLO Primary. X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Jason Wang , Lukas Straub Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: "Qemu-devel" From: Lukas Straub Because event_unhandled_count may be accessed concurrently, it needs to be protected by taking the lock. However the assert is outside the lock, probably causing it to read garbage and aborting Qemu erroneously. The Bug only happens when running Qemu in COLO mode. This Patch fixes the following bug: https://bugs.launchpad.net/qemu/+bug/1824622 Signed-off-by: Lukas Straub Reviewed-by: Philippe Mathieu-Daudé Reviewed-by: Zhang Chen Signed-off-by: Jason Wang --- net/colo-compare.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/net/colo-compare.c b/net/colo-compare.c index bf10526..fcb4911 100644 --- a/net/colo-compare.c +++ b/net/colo-compare.c @@ -813,9 +813,8 @@ static void colo_compare_handle_event(void *opaque) break; } - assert(event_unhandled_count > 0); - qemu_mutex_lock(&event_mtx); + assert(event_unhandled_count > 0); event_unhandled_count--; qemu_cond_broadcast(&event_complete_cond); qemu_mutex_unlock(&event_mtx);