[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH v8.0.1 35/36] 9pfs/xen: Fix segfault on shutdown
From: |
Michael Tokarev |
Subject: |
[PATCH v8.0.1 35/36] 9pfs/xen: Fix segfault on shutdown |
Date: |
Wed, 17 May 2023 11:00:55 +0300 |
From: Jason Andryuk <jandryuk@gmail.com>
xen_9pfs_free can't use gnttabdev since it is already closed and NULL-ed
out when free is called. Do the teardown in _disconnect(). This
matches the setup done in _connect().
trace-events are also added for the XenDevOps functions.
Signed-off-by: Jason Andryuk <jandryuk@gmail.com>
Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>
Message-Id: <20230502143722.15613-1-jandryuk@gmail.com>
[C.S.: - Remove redundant return in xen_9pfs_free().
- Add comment to trace-events. ]
Signed-off-by: Christian Schoenebeck <qemu_oss@crudebyte.com>
(cherry picked from commit 92e667f6fd5806a6a705a2a43e572bd9ec6819da)
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
---
hw/9pfs/trace-events | 6 ++++++
hw/9pfs/xen-9p-backend.c | 35 ++++++++++++++++++++++-------------
2 files changed, 28 insertions(+), 13 deletions(-)
diff --git a/hw/9pfs/trace-events b/hw/9pfs/trace-events
index 6c77966c0b..a12e55c165 100644
--- a/hw/9pfs/trace-events
+++ b/hw/9pfs/trace-events
@@ -48,3 +48,9 @@ v9fs_readlink(uint16_t tag, uint8_t id, int32_t fid) "tag %d
id %d fid %d"
v9fs_readlink_return(uint16_t tag, uint8_t id, char* target) "tag %d id %d
name %s"
v9fs_setattr(uint16_t tag, uint8_t id, int32_t fid, int32_t valid, int32_t
mode, int32_t uid, int32_t gid, int64_t size, int64_t atime_sec, int64_t
mtime_sec) "tag %u id %u fid %d iattr={valid %d mode %d uid %d gid %d size
%"PRId64" atime=%"PRId64" mtime=%"PRId64" }"
v9fs_setattr_return(uint16_t tag, uint8_t id) "tag %u id %u"
+
+# xen-9p-backend.c
+xen_9pfs_alloc(char *name) "name %s"
+xen_9pfs_connect(char *name) "name %s"
+xen_9pfs_disconnect(char *name) "name %s"
+xen_9pfs_free(char *name) "name %s"
diff --git a/hw/9pfs/xen-9p-backend.c b/hw/9pfs/xen-9p-backend.c
index 74f3a05f88..382be1ab11 100644
--- a/hw/9pfs/xen-9p-backend.c
+++ b/hw/9pfs/xen-9p-backend.c
@@ -25,6 +25,8 @@
#include "qemu/iov.h"
#include "fsdev/qemu-fsdev.h"
+#include "trace.h"
+
#define VERSIONS "1"
#define MAX_RINGS 8
#define MAX_RING_ORDER 9
@@ -336,6 +338,8 @@ static void xen_9pfs_disconnect(struct XenLegacyDevice
*xendev)
Xen9pfsDev *xen_9pdev = container_of(xendev, Xen9pfsDev, xendev);
int i;
+ trace_xen_9pfs_disconnect(xendev->name);
+
for (i = 0; i < xen_9pdev->num_rings; i++) {
if (xen_9pdev->rings[i].evtchndev != NULL) {
qemu_set_fd_handler(qemu_xen_evtchn_fd(xen_9pdev->rings[i].evtchndev),
@@ -344,40 +348,41 @@ static void xen_9pfs_disconnect(struct XenLegacyDevice
*xendev)
xen_9pdev->rings[i].local_port);
xen_9pdev->rings[i].evtchndev = NULL;
}
- }
-}
-
-static int xen_9pfs_free(struct XenLegacyDevice *xendev)
-{
- Xen9pfsDev *xen_9pdev = container_of(xendev, Xen9pfsDev, xendev);
- int i;
-
- if (xen_9pdev->rings[0].evtchndev != NULL) {
- xen_9pfs_disconnect(xendev);
- }
-
- for (i = 0; i < xen_9pdev->num_rings; i++) {
if (xen_9pdev->rings[i].data != NULL) {
xen_be_unmap_grant_refs(&xen_9pdev->xendev,
xen_9pdev->rings[i].data,
xen_9pdev->rings[i].intf->ref,
(1 << xen_9pdev->rings[i].ring_order));
+ xen_9pdev->rings[i].data = NULL;
}
if (xen_9pdev->rings[i].intf != NULL) {
xen_be_unmap_grant_ref(&xen_9pdev->xendev,
xen_9pdev->rings[i].intf,
xen_9pdev->rings[i].ref);
+ xen_9pdev->rings[i].intf = NULL;
}
if (xen_9pdev->rings[i].bh != NULL) {
qemu_bh_delete(xen_9pdev->rings[i].bh);
+ xen_9pdev->rings[i].bh = NULL;
}
}
g_free(xen_9pdev->id);
+ xen_9pdev->id = NULL;
g_free(xen_9pdev->tag);
+ xen_9pdev->tag = NULL;
g_free(xen_9pdev->path);
+ xen_9pdev->path = NULL;
g_free(xen_9pdev->security_model);
+ xen_9pdev->security_model = NULL;
g_free(xen_9pdev->rings);
+ xen_9pdev->rings = NULL;
+}
+
+static int xen_9pfs_free(struct XenLegacyDevice *xendev)
+{
+ trace_xen_9pfs_free(xendev->name);
+
return 0;
}
@@ -389,6 +394,8 @@ static int xen_9pfs_connect(struct XenLegacyDevice *xendev)
V9fsState *s = &xen_9pdev->state;
QemuOpts *fsdev;
+ trace_xen_9pfs_connect(xendev->name);
+
if (xenstore_read_fe_int(&xen_9pdev->xendev, "num-rings",
&xen_9pdev->num_rings) == -1 ||
xen_9pdev->num_rings > MAX_RINGS || xen_9pdev->num_rings < 1) {
@@ -496,6 +503,8 @@ out:
static void xen_9pfs_alloc(struct XenLegacyDevice *xendev)
{
+ trace_xen_9pfs_alloc(xendev->name);
+
xenstore_write_be_str(xendev, "versions", VERSIONS);
xenstore_write_be_int(xendev, "max-rings", MAX_RINGS);
xenstore_write_be_int(xendev, "max-ring-page-order", MAX_RING_ORDER);
--
2.39.2
- [PATCH v8.0.1 28/36] accel/tcg: Fix atomic_mmu_lookup for reads, (continued)
- [PATCH v8.0.1 28/36] accel/tcg: Fix atomic_mmu_lookup for reads, Michael Tokarev, 2023/05/17
- [PATCH v8.0.1 27/36] hw/pci-bridge: pci_expander_bridge fix type in pxb_cxl_dev_reset(), Michael Tokarev, 2023/05/17
- [PATCH v8.0.1 26/36] target/riscv: Restore the predicate() NULL check behavior, Michael Tokarev, 2023/05/17
- [PATCH v8.0.1 29/36] target/arm: Fix handling of SW and NSW bits for stage 2 walks, Michael Tokarev, 2023/05/17
- [PATCH v8.0.1 25/36] target/riscv: Fix itrigger when icount is used, Michael Tokarev, 2023/05/17
- [PATCH v8.0.1 30/36] ui: Fix pixel colour channel order for PNG screenshots, Michael Tokarev, 2023/05/17
- [PATCH v8.0.1 31/36] target/arm: Correct AArch64.S2MinTxSZ 32-bit EL1 input size check, Michael Tokarev, 2023/05/17
- [PATCH v8.0.1 32/36] async: Suppress GCC13 false positive in aio_bh_poll(), Michael Tokarev, 2023/05/17
- [PATCH v8.0.1 33/36] tcg: ppc64: Fix mask generation for vextractdm, Michael Tokarev, 2023/05/17
- [PATCH v8.0.1 34/36] target/s390x: Fix EXECUTE of relative branches, Michael Tokarev, 2023/05/17
- [PATCH v8.0.1 35/36] 9pfs/xen: Fix segfault on shutdown,
Michael Tokarev <=
- [PATCH v8.0.1 36/36] tcg/i386: Set P_REXW in tcg_out_addi_ptr, Michael Tokarev, 2023/05/17
- Re: [PATCH v8.0.1 00/36] Patch Round-up for stable 8.0.1, freeze on 2023-05-27, Thomas Huth, 2023/05/17
- Re: [PATCH v8.0.1 00/36] Patch Round-up for stable 8.0.1, freeze on 2023-05-27, Michael Tokarev, 2023/05/17
- Re: [PATCH v8.0.1 00/36] Patch Round-up for stable 8.0.1, freeze on 2023-05-27, Paolo Bonzini, 2023/05/17
- Re: [PATCH v8.0.1 00/36] Patch Round-up for stable 8.0.1, freeze on 2023-05-27, Eric Blake, 2023/05/18