Re: [Qemu-devel] [PATCH] linux-user: call cpu_copy under clone_lock

[Laurent Vivier]

Le 30/03/2018 à 15:35, Max Filippov a écrit :
> cpu_copy adds newly created CPU object to container/machine/unattached,
> but does it w/o proper locking. As a result when multiple threads are
> created rapidly QEMU may abort with the following message:
> 
>   GLib-CRITICAL **: g_hash_table_iter_next: assertion
>   'ri->version == ri->hash_table->version' failed
> 
>   ERROR:qemu/qom/object.c:1663:object_get_canonical_path_component:
>   code should not be reached

Also reported in https://bugs.launchpad.net/qemu/+bug/1756519

> Move cpu_copy invocation under clone_lock to fix that.
> 
> Signed-off-by: Max Filippov <address@hidden>
> ---
>  linux-user/syscall.c | 7 ++++---
>  1 file changed, 4 insertions(+), 3 deletions(-)
> 
> diff --git a/linux-user/syscall.c b/linux-user/syscall.c
> index 889abbda1e65..18ea79140f16 100644
> --- a/linux-user/syscall.c
> +++ b/linux-user/syscall.c
> @@ -6346,6 +6346,10 @@ static int do_fork(CPUArchState *env, unsigned int 
> flags, abi_ulong newsp,
>  
>          ts = g_new0(TaskState, 1);
>          init_task_state(ts);
> +
> +        /* Grab a mutex so that thread setup appears atomic.  */
> +        pthread_mutex_lock(&clone_lock);
> +
>          /* we create a new CPU instance. */
>          new_env = cpu_copy(env);
>          /* Init regs that differ from the parent.  */
> @@ -6364,9 +6368,6 @@ static int do_fork(CPUArchState *env, unsigned int 
> flags, abi_ulong newsp,
>              cpu_set_tls (new_env, newtls);
>          }
>  
> -        /* Grab a mutex so that thread setup appears atomic.  */
> -        pthread_mutex_lock(&clone_lock);
> -
>          memset(&info, 0, sizeof(info));
>          pthread_mutex_init(&info.mutex, NULL);
>          pthread_mutex_lock(&info.mutex);
> 

Reviewed-by: Laurent Vivier <address@hidden>