Re: [Qemu-devel] [PATCH] filter-buffer: fix segfault while start qemu wi

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH] filter-buffer: fix segfault while start qemu wi

From:	Jason Wang
Subject:	Re: [Qemu-devel] [PATCH] filter-buffer: fix segfault while start qemu with status=off property
Date:	Tue, 5 Apr 2016 08:53:22 +0800
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.6.0


On 04/01/2016 05:33 PM, Hailiang Zhang wrote:
> On 2016/4/1 17:10, Wen Congyang wrote:
>> On 04/01/2016 04:24 PM, Hailiang Zhang wrote:
>>> On 2016/4/1 15:39, Jason Wang wrote:
>>>>
>>>>
>>>> On 04/01/2016 03:08 PM, zhanghailiang wrote:
>>>>> After commit 338d3f, we support 'status' property for filter object.
>>>>> The segfault can be triggered by starting qemu with 'status=off'
>>>>> property
>>>>> for filter, when the s->incoming_queue is NULL, we reference it
>>>>> directly
>>>>> in qemu_net_queue_flush().
>>>>>
>>>>> Let's check the value of 's->incoming_queue' before calling
>>>>> qemu_net_queue_flush().
>>>>>
>>>>> Signed-off-by: zhanghailiang <address@hidden>
>>>>> ---
>>>>>    net/filter-buffer.c | 2 +-
>>>>>    1 file changed, 1 insertion(+), 1 deletion(-)
>>>>>
>>>>> diff --git a/net/filter-buffer.c b/net/filter-buffer.c
>>>>> index cc6bd94..79e2ce3 100644
>>>>> --- a/net/filter-buffer.c
>>>>> +++ b/net/filter-buffer.c
>>>>> @@ -34,7 +34,7 @@ static void filter_buffer_flush(NetFilterState *nf)
>>>>>    {
>>>>>        FilterBufferState *s = FILTER_BUFFER(nf);
>>>>>
>>>>> -    if (!qemu_net_queue_flush(s->incoming_queue)) {
>>>>> +    if (s->incoming_queue &&
>>>>> !qemu_net_queue_flush(s->incoming_queue)) {
>>>>>            /* Unable to empty the queue, purge remaining packets */
>>>>>            qemu_net_queue_purge(s->incoming_queue, nf->netdev);
>>>>>        }
>>>>
>>>> We'd better handle this at generic layer and don't let a specific net
>>>> filter need to worry about this.
>>>>
>>>> Looks like the issue is we may trigger status_changed() too early
>>>> (even
>>>> before the the filter was initialized).
>>>>
>>>
>>> Yes ~
>>>
>>>> How about not call status_changed() if the initialization is not done?
>>>>
>>>
>>> But seems that it is difficult to confirm if the filter is initialized
>>> or not ...
>>
>> If nfc->setup() is not called, nf->netdev is NULL.
>>
>
> Yes, you right, Jason, what's opinion ?
>
> Thanks,
> hailiang

Looks good. Please also add a comment of this in the patch.

Thanks

>
>> Thanks
>> Wen Congyang
>>
>>>
>>>> .
>>>>
>>>
>>>
>>>
>>>
>>>
>>
>>
>>
>>
>> .
>>
>
>

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] [PATCH] filter-buffer: fix segfault while start qemu with status=off property, zhanghailiang, 2016/04/01
- Re: [Qemu-devel] [PATCH] filter-buffer: fix segfault while start qemu with status=off property, Jason Wang, 2016/04/01
  - Re: [Qemu-devel] [PATCH] filter-buffer: fix segfault while start qemu with status=off property, Hailiang Zhang, 2016/04/01
    - Re: [Qemu-devel] [PATCH] filter-buffer: fix segfault while start qemu with status=off property, Wen Congyang, 2016/04/01
    - Re: [Qemu-devel] [PATCH] filter-buffer: fix segfault while start qemu with status=off property, Hailiang Zhang, 2016/04/01
    - Re: [Qemu-devel] [PATCH] filter-buffer: fix segfault while start qemu with status=off property, Jason Wang <=

Prev by Date: Re: [Qemu-devel] [Nbd] [PATCH v2] doc: Add NBD_CMD_BLOCK_STATUS extension
Next by Date: Re: [Qemu-devel] [PATCH] rtl8139: using CP_TX_OWN for ownership transferring during tx
Previous by thread: Re: [Qemu-devel] [PATCH] filter-buffer: fix segfault while start qemu with status=off property
Next by thread: Re: [Qemu-devel] [Qemu-stable] [ANNOUNCE] QEMU 2.5.1 Stable released
Index(es):
- Date
- Thread