[Qemu-devel] [PATCH] dvs services stop then qemu may be accesse null address case core

indiffPig@126.com posted 1 patch 6 years, 8 months ago
Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/qemu tags/patchew/1500031677-2362-1-git-send-email-indiffPig@126.com
Test FreeBSD passed
Test checkpatch passed
Test docker passed
Test s390x passed
chardev/char-fe.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
[Qemu-devel] [PATCH] dvs services stop then qemu may be accesse null address case core
Posted by indiffPig@126.com 6 years, 8 months ago
From: "yin.zuowei" <indiffPig@126.com>

Signed-off-by: yin.zuowei <indiffPig@126.com>
---
 chardev/char-fe.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/chardev/char-fe.c b/chardev/char-fe.c
index 3f90f05..82f7e2b 100644
--- a/chardev/char-fe.c
+++ b/chardev/char-fe.c
@@ -353,7 +353,13 @@ guint qemu_chr_fe_add_watch(CharBackend *be, GIOCondition cond,
 
 void qemu_chr_fe_disconnect(CharBackend *be)
 {
-    Chardev *chr = be->chr;
+    Chardev *chr = NULL;
+
+    if (be) {
+        chr = be->chr;
+    } else {
+        return ;
+    }
 
     if (chr && CHARDEV_GET_CLASS(chr)->chr_disconnect) {
         CHARDEV_GET_CLASS(chr)->chr_disconnect(chr);
-- 
1.8.3.1



Re: [Qemu-devel] [PATCH] dvs services stop then qemu may be accesse null address case core
Posted by indiffpig 6 years, 8 months ago
No one replied to my mail. Someone might think I was talking nonsense. When the DVS service stopped, all our QEMU processes exited. DVS users complain that even if their DVS services are stopped, vhost-user networks should not be blocked, but virtual machines should not be allowed to exit. I found the segdefault error in the host's log about QEMU, and all errors are pointing to the null pointer referred to in the patch. What does open source maintenance staff think about?







At 2017-07-14 19:27:57, indiffPig@126.com wrote:
>From: "yin.zuowei" <indiffPig@126.com>
>
>Signed-off-by: yin.zuowei <indiffPig@126.com>
>---
> chardev/char-fe.c | 8 +++++++-
> 1 file changed, 7 insertions(+), 1 deletion(-)
>
>diff --git a/chardev/char-fe.c b/chardev/char-fe.c
>index 3f90f05..82f7e2b 100644
>--- a/chardev/char-fe.c
>+++ b/chardev/char-fe.c
>@@ -353,7 +353,13 @@ guint qemu_chr_fe_add_watch(CharBackend *be, GIOCondition cond,
> 
> void qemu_chr_fe_disconnect(CharBackend *be)
> {
>-    Chardev *chr = be->chr;
>+    Chardev *chr = NULL;
>+
>+    if (be) {
>+        chr = be->chr;
>+    } else {
>+        return ;
>+    }
> 
>     if (chr && CHARDEV_GET_CLASS(chr)->chr_disconnect) {
>         CHARDEV_GET_CLASS(chr)->chr_disconnect(chr);
>-- 
>1.8.3.1
>
Re: [Qemu-devel] [PATCH] dvs services stop then qemu may be accesse null address case core
Posted by Marc-André Lureau 6 years, 8 months ago
Hi

----- Original Message -----
> 
> No one replied to my mail. Someone might think I was talking nonsense. When
> the DVS service stopped, all our QEMU processes exited. DVS users complain
> that even if their DVS services are stopped, vhost-user networks should not
> be blocked, but virtual machines should not be allowed to exit. I found the
> segdefault error in the host's log about QEMU, and all errors are pointing
> to the null pointer referred to in the patch. What does open source
> maintenance staff think about?
> 

You don't explain well how the crash happen. I don't even know what dvs service is.

Could you provide a description of how to reproduce the crash?

When there is a crash, it's good to also provide the backtrace.

Your patch may solve your problem, but there might be different (better) solutions, and we should try to cover this case in our tests.

thanks

> 
> At 2017-07-14 19:27:57, indiffPig@126.com wrote:
> >From: "yin.zuowei" <indiffPig@126.com>
> >
> >Signed-off-by: yin.zuowei <indiffPig@126.com>
> >---
> > chardev/char-fe.c | 8 +++++++-
> > 1 file changed, 7 insertions(+), 1 deletion(-)
> >
> >diff --git a/chardev/char-fe.c b/chardev/char-fe.c
> >index 3f90f05..82f7e2b 100644
> >--- a/chardev/char-fe.c
> >+++ b/chardev/char-fe.c
> >@@ -353,7 +353,13 @@ guint qemu_chr_fe_add_watch(CharBackend *be,
> >GIOCondition cond,
> > 
> > void qemu_chr_fe_disconnect(CharBackend *be)
> > {
> >-    Chardev *chr = be->chr;
> >+    Chardev *chr = NULL;
> >+
> >+    if (be) {
> >+        chr = be->chr;
> >+    } else {
> >+        return ;
> >+    }
> > 
> >     if (chr && CHARDEV_GET_CLASS(chr)->chr_disconnect) {
> >         CHARDEV_GET_CLASS(chr)->chr_disconnect(chr);
> >--
> >1.8.3.1
> >
>