All of lore.kernel.org
 help / color / mirror / Atom feed
From: Li Feng <fengli@smartx.com>
To: kyle@smartx.com, "Kevin Wolf" <kwolf@redhat.com>,
	"Marc-André Lureau" <marcandre.lureau@redhat.com>,
	"Max Reitz" <mreitz@redhat.com>,
	"Michael S. Tsirkin" <mst@redhat.com>,
	"Paolo Bonzini" <pbonzini@redhat.com>,
	qemu-block@nongnu.org (open list:Block layer core),
	qemu-devel@nongnu.org (open list:All patches CC here),
	"Raphael Norwitz" <raphael.norwitz@nutanix.com>
Cc: Li Feng <fengli@smartx.com>
Subject: [PATCH 0/4] fix crashes when inject errors to vhost-user-blk chardev
Date: Wed, 15 Apr 2020 11:28:22 +0800	[thread overview]
Message-ID: <20200415032826.16701-1-fengli@smartx.com> (raw)

The following patches fix various crashes happened when injecting errors to
chardev unix domain socket.

The crashes are encountered when the socket is from connected to disconnected at
vhost-user-blk realize routine.

These crashes could be reproduced like this:
1. gdb break at vhost_user_write;
2. add a vhost-user-blk device through qmp;
3. when stop at vhost_user_write, kill the vhost-user-blk target;
3. let qemu continue running;
4. start vhost-user-blk;
5. see crash!

The 'CLOSE' event path is core trouble maker.

qemu_chr_fe_set_handlers
   -> vhost_user_blk_event(OPEN)
       -> vhost_user_blk_connect
            -> vhost_dev_init
                -> vhost_user_blk_event(CLOSE)
                -> vhost_dev_cleanup


Li Feng (4):
  vhost-user-blk: delay vhost_user_blk_disconnect
  vhost-user-blk: fix invalid memory access
  char-socket: avoid double call tcp_chr_free_connection
  vhost-user-blk: fix crash in realize process

 chardev/char-socket.c     |  5 ++++
 hw/block/vhost-user-blk.c | 75 ++++++++++++++++++++++++++++++++---------------
 hw/virtio/vhost.c         |  2 +-
 3 files changed, 58 insertions(+), 24 deletions(-)

-- 
2.11.0


-- 
The SmartX email address is only for business purpose. Any sent message 
that is not related to the business is not authorized or permitted by 
SmartX.
本邮箱为北京志凌海纳科技有限公司(SmartX)工作邮箱. 如本邮箱发出的邮件与工作无关,该邮件未得到本公司任何的明示或默示的授权.




             reply	other threads:[~2020-04-15  3:29 UTC|newest]

Thread overview: 32+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-04-15  3:28 Li Feng [this message]
2020-04-15  3:28 ` [PATCH 1/4] vhost-user-blk: delay vhost_user_blk_disconnect Li Feng
2020-04-14  1:24   ` Raphael Norwitz
2020-04-20 11:18     ` Li Feng
2020-04-15  3:28 ` [PATCH 2/4] vhost-user-blk: fix invalid memory access Li Feng
2020-04-14  1:44   ` Raphael Norwitz
2020-04-15  3:28 ` [PATCH 3/4] char-socket: avoid double call tcp_chr_free_connection Li Feng
2020-04-15 10:35   ` Marc-André Lureau
2020-04-20  3:10     ` Li Feng
2020-04-20 14:28       ` Marc-André Lureau
2020-04-28  8:51   ` [PATCH v2] char-socket: initialize reconnect timer only when the timer doesn't start Li Feng
     [not found]     ` <20200508051441.8143-1-fengli@smartx.com>
2020-05-08  5:14       ` [PATCH v3 1/2] io/channel: fix crash when qio_channel_readv_all return 0 Li Feng
2020-05-08 12:32         ` Marc-André Lureau
2020-05-08 12:42           ` Li Feng
2020-05-11 10:02             ` Daniel P. Berrangé
2020-05-11 12:09               ` Li Feng
2020-05-08  5:14       ` [PATCH v3 2/2] char-socket: initialize reconnect timer only when the timer doesn't start Li Feng
2020-05-08 11:00         ` Marc-André Lureau
2020-05-08 12:16           ` Li Feng
2020-05-08 12:28             ` Marc-André Lureau
2020-05-08 12:31               ` Li Feng
2020-05-11 12:39     ` [PATCH v4] " Li Feng
2020-05-21 15:15       ` Paolo Bonzini
2020-04-28  8:54   ` [PATCH v2] " Li Feng
2020-04-28  8:59     ` Li Feng
2020-04-28 11:05       ` Marc-André Lureau
2020-04-28 14:09         ` Feng Li
2020-04-15  3:28 ` [PATCH 4/4] vhost-user-blk: fix crash in realize process Li Feng
2020-04-14  1:54   ` Raphael Norwitz
     [not found]     ` <CAHckoCwsLwqNhVHK4PF+pzt5ExkurPNsWLw7ueRG8dfOUA2rXg@mail.gmail.com>
2020-04-17 10:07       ` Fwd: " Li Feng
2020-04-17  9:45 ` [PATCH 0/4] fix crashes when inject errors to vhost-user-blk chardev Michael S. Tsirkin
2020-04-17 10:11   ` Li Feng

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20200415032826.16701-1-fengli@smartx.com \
    --to=fengli@smartx.com \
    --cc=kwolf@redhat.com \
    --cc=kyle@smartx.com \
    --cc=marcandre.lureau@redhat.com \
    --cc=mreitz@redhat.com \
    --cc=mst@redhat.com \
    --cc=pbonzini@redhat.com \
    --cc=qemu-block@nongnu.org \
    --cc=qemu-devel@nongnu.org \
    --cc=raphael.norwitz@nutanix.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.