From nobody Mon May 6 10:18:39 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1528343089336852.2368116447236; Wed, 6 Jun 2018 20:44:49 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.phx2.redhat.com [10.5.11.24]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 83E1185541; Thu, 7 Jun 2018 03:44:46 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id AB494308BDA9; Thu, 7 Jun 2018 03:44:44 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 6CAAC4CA80; Thu, 7 Jun 2018 03:44:41 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w573icci007541 for ; Wed, 6 Jun 2018 23:44:38 -0400 Received: by smtp.corp.redhat.com (Postfix) id CF33460F82; Thu, 7 Jun 2018 03:44:38 +0000 (UTC) Received: from mx1.redhat.com (ext-mx16.extmail.prod.ext.phx2.redhat.com [10.5.110.45]) by smtp.corp.redhat.com (Postfix) with ESMTPS id C0A9D60E37 for ; Thu, 7 Jun 2018 03:44:29 +0000 (UTC) Received: from huawei.com (szxga05-in.huawei.com [45.249.212.191]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 73FA13082A2A for ; Thu, 7 Jun 2018 03:44:28 +0000 (UTC) Received: from DGGEMS413-HUB.china.huawei.com (unknown [172.30.72.58]) by Forcepoint Email with ESMTP id 0B45D9CCECBA4 for ; Thu, 7 Jun 2018 11:44:13 +0800 (CST) Received: from localhost (10.175.105.35) by DGGEMS413-HUB.china.huawei.com (10.3.19.213) with Microsoft SMTP Server id 14.3.382.0; Thu, 7 Jun 2018 11:44:06 +0800 From: Weilun Zhu To: Date: Thu, 7 Jun 2018 11:42:06 +0800 Message-ID: <20180607034206.4270-1-zhuweilun@huawei.com> MIME-Version: 1.0 X-Originating-IP: [10.175.105.35] X-CFilter-Loop: Reflected X-Greylist: Sender passed SPF test, Sender IP whitelisted by DNSRBL, ACL 207 matched, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.45]); Thu, 07 Jun 2018 03:44:28 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.45]); Thu, 07 Jun 2018 03:44:28 +0000 (UTC) for IP:'45.249.212.191' DOMAIN:'szxga05-in.huawei.com' HELO:'huawei.com' FROM:'zhuweilun@huawei.com' RCPT:'' X-RedHat-Spam-Score: -0.012 (RCVD_IN_DNSWL_NONE, SPF_HELO_PASS, SPF_PASS) 45.249.212.191 szxga05-in.huawei.com 45.249.212.191 szxga05-in.huawei.com X-Scanned-By: MIMEDefang 2.84 on 10.5.110.45 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-loop: libvir-list@redhat.com Cc: Weilun Zhu , king.wang@huawei.com Subject: [libvirt] [PATCH v2] As qemuMonitorJSONIOProcess() will unlock the qemu monitor, there is some extreme situation, eg qemu send message to monitor twice in a short time, where the local viriable 'msg' of qemuMonitorIOProcess() could be a wild point: X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.24 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]); Thu, 07 Jun 2018 03:44:47 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" 1. qemuMonitorSend() assign mon->msg to parameter 'msg', which is alse a local variable of its caller qemuMonitorJSONCommandWithFd(), cause eventloop to send message to monitor, then wait condition. 2. qemu send message to monitor for the first time immediately. 3. qemuMonitorIOProcess() is called, then wake up the qemuMonitorSend() thread, but the qemuMonitorSend() thread stuck for a while as cpu pressure or some other reasons,, which means the qemu monitor is still unlocked. 4. qemu send event message to monitor for the second time, such as RTC_CHANGE event 5. qemuMonitorIOProcess() is called, the local viriable 'msg' is assigned to mon->msg. 6. qemuMonitorIOProcess() call qemuMonitorJSONIOProcess() to deal with the qemu event. 7. qemuMonitorJSONIOProcess() unlock the qemu monitor in the macro 'QEMU_MONITOR_CALLBACK', then qemuMonitorSend() thread get the mutex and free the mon->msg, assign mon->msg to NULL. so the local viriable 'msg' of qemuMonitorIOProcess() is a wild pointer now. AFAIK, it is not harmful to call again virCondBroadcast() while msg is a wild pointer, but just in case, we fix it in this patch. --- src/qemu/qemu_monitor.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/src/qemu/qemu_monitor.c b/src/qemu/qemu_monitor.c index 43f1d2f816..4a7013367d 100644 --- a/src/qemu/qemu_monitor.c +++ b/src/qemu/qemu_monitor.c @@ -454,6 +454,14 @@ qemuMonitorIOProcess(qemuMonitorPtr mon) #if DEBUG_IO VIR_DEBUG("Process done %d used %d", (int)mon->bufferOffset, len); #endif + + /* As the monitor mutex was unlocked in qemuMonitorJSONIOProcess() + * while dealing with qemu event, mon->msg could be changed, + * thus we re-acquire the msg here */ + msg =3D NULL; + if (mon->msg && mon->msg->txOffset =3D=3D mon->msg->txLength) { + msg =3D mon->msg; + if (msg && msg->finished) virCondBroadcast(&mon->notify); return len; --=20 2.18.0.rc1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list