[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH] tests/vhost-user-test: Fix potential use-after-
|
From: |
David Gibson |
|
Subject: |
Re: [Qemu-devel] [PATCH] tests/vhost-user-test: Fix potential use-after-free |
|
Date: |
Fri, 4 Dec 2015 20:05:47 +1100 |
|
User-agent: |
Mutt/1.5.24 (2015-08-30) |
On Wed, Dec 02, 2015 at 05:36:49AM -0500, Marc-André Lureau wrote:
> Hi
>
> ----- Original Message -----
> > ae31fb5 "vhost-user-test: wrap server in TestServer struct" cleaned up
> > the handling of the test server in vhost-user-test. Unfortunately it
> > introduced a subtle use-after-free if a race goes the wrong way.
> >
> > When the server structure is freed inside test_server_free() the GThread
> > started earlier is still running inside g_main_loop_run(). That GMainLoop
> > still has handlers active which reference the server structure, so if those
> > trip before the program exits there's a use-after-free.
> >
> > I've had difficulty reproducing this locally, but for some reason it seems
> > to trip every time on Travis builds - this has been breaking all my test
> > builds there, which is why I notced it.
> >
> > This patch prevents the use after free. Unfortunately it looks like there
> > are additional problems still breaking my Travis builds, but one problem
> > at a time.
> >
> > Signed-off-by: David Gibson <address@hidden>
>
> The fix is on the ML for a few days, see "vhost-user-test: fix chardriver
> race"
> The last series of fixes is "[PATCH for-2.5 v4 0/4] vhost-user-test
> fixes"
Drat, wish I'd spotted it. Oh well.
--
David Gibson | I'll have my music baroque, and my code
david AT gibson.dropbear.id.au | minimalist, thank you. NOT _the_ _other_
| _way_ _around_!
http://www.ozlabs.org/~dgibson
signature.asc
Description: PGP signature