From nobody Wed Nov 27 07:33:30 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1700560740; cv=none; d=zohomail.com; s=zohoarc; b=M2tMpvG27j9asMbrtQtomXRKiTPkNg9DVpfMwTWQ2I3+WwAT7vgyR/tAYwtxbelU6V+4VYkDz7v21RNSSLmo4LQS/Bqgc4wHHgIDG4w3i1ljgjZhkgryJMIb279f/kA+c5BjYPSBp76TE76Y9+iAL23xkXQAPz/TT59nqNd6uW0= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1700560740; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=h0NkkCZLBjfuB5HIuMxZbeDi6CbZrn5cFBtwvrBEFus=; b=D+WgxjQCL5XnHp1uKxpsTwC8VPcM29FxEE5Vw7e4MKRX45gFmJbBIB1TWQ8zSqxXjZm2a1q/KZ7Srhiwir/3oeiieW+jB/Gdwi6mLxGXpabtuYsYB52dQ6whTxxjn3EChFZlRHfUNgQZsp8PBEJBscm2hv6t+Ic9+Z1oyJ+MsFA= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 17005607405158.84367303342242; Tue, 21 Nov 2023 01:59:00 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1r5NW2-0000pB-Jb; Tue, 21 Nov 2023 04:57:58 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1r5NW1-0000ol-4h for qemu-devel@nongnu.org; Tue, 21 Nov 2023 04:57:57 -0500 Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1r5NVz-0001CF-He for qemu-devel@nongnu.org; Tue, 21 Nov 2023 04:57:56 -0500 Received: from mimecast-mx02.redhat.com (mx-ext.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-247-fenempAOOneLhZ0fZl0wIA-1; Tue, 21 Nov 2023 04:57:50 -0500 Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com [10.11.54.9]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 5126538143C2; Tue, 21 Nov 2023 09:57:50 +0000 (UTC) Received: from localhost.localdomain (unknown [10.72.112.89]) by smtp.corp.redhat.com (Postfix) with ESMTP id 44E07492BE0; Tue, 21 Nov 2023 09:57:47 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1700560674; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=h0NkkCZLBjfuB5HIuMxZbeDi6CbZrn5cFBtwvrBEFus=; b=Sl2JZLb/b/JS02RY68uG3OlOzwLxzeFA0QX1U0ff5KSMRCmGvvE02AnLFkW+9gLEWonJo5 Qg7asgYkIV/j5CDxTtnaDCOwnkIakv/5MO1sxdI2hV3VAmf6t033xCUXyoen3kwIzppJ6+ tRACIHPOHs33NFA/USB5qOIeOFg03VY= X-MC-Unique: fenempAOOneLhZ0fZl0wIA-1 From: Jason Wang To: qemu-devel@nongnu.org Cc: David Woodhouse , Paul Durrant , Jason Wang Subject: [PULL 3/3] net: do not delete nics in net_cleanup() Date: Tue, 21 Nov 2023 17:57:37 +0800 Message-ID: <20231121095737.31438-4-jasowang@redhat.com> In-Reply-To: <20231121095737.31438-1-jasowang@redhat.com> References: <20231121095737.31438-1-jasowang@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.9 Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.129.124; envelope-from=jasowang@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.035, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1700560740950100001 Content-Type: text/plain; charset="utf-8" From: David Woodhouse In net_cleanup() we only need to delete the netdevs, as those may have state which outlives Qemu when it exits, and thus may actually need to be cleaned up on exit. The nics, on the other hand, are owned by the device which created them. Most devices don't bother to clean up on exit because they don't have any state which will outlive Qemu... but XenBus devices do need to clean up their nodes in XenStore, and do have an exit handler to delete them. When the XenBus exit handler destroys the xen-net-device, it attempts to delete its nic after net_cleanup() had already done so. And crashes. Fix this by only deleting netdevs as we walk the list. As the comment notes, we can't use QTAILQ_FOREACH_SAFE() as each deletion may remove *multiple* entries, including the "safely" saved 'next' pointer. But we can store the *previous* entry, since nics are safe. Signed-off-by: David Woodhouse Reviewed-by: Paul Durrant Signed-off-by: Jason Wang --- net/net.c | 28 ++++++++++++++++++++++------ 1 file changed, 22 insertions(+), 6 deletions(-) diff --git a/net/net.c b/net/net.c index 4d1ff7a..0520bc1 100644 --- a/net/net.c +++ b/net/net.c @@ -1514,18 +1514,34 @@ static void net_vm_change_state_handler(void *opaqu= e, bool running, =20 void net_cleanup(void) { - NetClientState *nc; + NetClientState *nc, **p =3D &QTAILQ_FIRST(&net_clients); =20 /*cleanup colo compare module for COLO*/ colo_compare_cleanup(); =20 - /* We may del multiple entries during qemu_del_net_client(), - * so QTAILQ_FOREACH_SAFE() is also not safe here. + /* + * Walk the net_clients list and remove the netdevs but *not* any + * NET_CLIENT_DRIVER_NIC entries. The latter are owned by the device + * model which created them, and in some cases (e.g. xen-net-device) + * the device itself may do cleanup at exit and will be upset if we + * just delete its NIC from underneath it. + * + * Since qemu_del_net_client() may delete multiple entries, using + * QTAILQ_FOREACH_SAFE() is not safe here. The only safe pointer + * to keep as a bookmark is a NET_CLIENT_DRIVER_NIC entry, so keep + * 'p' pointing to either the head of the list, or the 'next' field + * of the latest NET_CLIENT_DRIVER_NIC, and operate on *p as we walk + * the list. + * + * The 'nc' variable isn't part of the list traversal; it's purely + * for convenience as too much '(*p)->' has a tendency to make the + * readers' eyes bleed. */ - while (!QTAILQ_EMPTY(&net_clients)) { - nc =3D QTAILQ_FIRST(&net_clients); + while (*p) { + nc =3D *p; if (nc->info->type =3D=3D NET_CLIENT_DRIVER_NIC) { - qemu_del_nic(qemu_get_nic(nc)); + /* Skip NET_CLIENT_DRIVER_NIC entries */ + p =3D &QTAILQ_NEXT(nc, next); } else { qemu_del_net_client(nc); } --=20 2.7.4