From: Akihiko Odaki <akihiko.odaki@daynix.com>
Cc: "Paolo Bonzini" <pbonzini@redhat.com>,
"Alex Bennée" <alex.bennee@linaro.org>,
"Thomas Huth" <thuth@redhat.com>,
"Alexandre Iooss" <erdnaxe@crans.org>,
"Mahmoud Mandour" <ma.mandourr@gmail.com>,
"Eduardo Habkost" <eduardo@habkost.net>,
"Marcel Apfelbaum" <marcel.apfelbaum@gmail.com>,
"Philippe Mathieu-Daudé" <philmd@linaro.org>,
"Yanan Wang" <wangyanan55@huawei.com>,
"Richard Henderson" <richard.henderson@linaro.org>,
"Marc-André Lureau" <marcandre.lureau@redhat.com>,
"Daniel P. Berrangé" <berrange@redhat.com>,
"John Snow" <jsnow@redhat.com>, "Cleber Rosa" <crosa@redhat.com>,
"Peter Maydell" <peter.maydell@linaro.org>,
"Michael Rolnik" <mrolnik@gmail.com>,
"Edgar E. Iglesias" <edgar.iglesias@gmail.com>,
"Brian Cain" <bcain@quicinc.com>,
"Song Gao" <gaosong@loongson.cn>,
"Xiaojuan Yang" <yangxiaojuan@loongson.cn>,
"Laurent Vivier" <laurent@vivier.eu>,
"Aurelien Jarno" <aurelien@aurel32.net>,
"Jiaxun Yang" <jiaxun.yang@flygoat.com>,
"Aleksandar Rikalo" <aleksandar.rikalo@syrmia.com>,
"Chris Wulff" <crwulff@gmail.com>, "Marek Vasut" <marex@denx.de>,
"Stafford Horne" <shorne@gmail.com>,
"Daniel Henrique Barboza" <danielhb413@gmail.com>,
"Cédric Le Goater" <clg@kaod.org>,
"David Gibson" <david@gibson.dropbear.id.au>,
"Greg Kurz" <groug@kaod.org>,
"Nicholas Piggin" <npiggin@gmail.com>,
"Palmer Dabbelt" <palmer@dabbelt.com>,
"Alistair Francis" <alistair.francis@wdc.com>,
"Bin Meng" <bin.meng@windriver.com>,
"Weiwei Li" <liweiwei@iscas.ac.cn>,
"Liu Zhiwei" <zhiwei_liu@linux.alibaba.com>,
"Yoshinori Sato" <ysato@users.sourceforge.jp>,
"David Hildenbrand" <david@redhat.com>,
"Ilya Leoshkevich" <iii@linux.ibm.com>,
"Mark Cave-Ayland" <mark.cave-ayland@ilande.co.uk>,
"Artyom Tarasenko" <atar4qemu@gmail.com>,
"Bastian Koppelmann" <kbastian@mail.uni-paderborn.de>,
"Max Filippov" <jcmvbkbc@gmail.com>,
qemu-devel@nongnu.org, qemu-arm@nongnu.org, qemu-ppc@nongnu.org,
qemu-riscv@nongnu.org, qemu-s390x@nongnu.org,
"Akihiko Odaki" <akihiko.odaki@daynix.com>
Subject: [RFC PATCH 01/24] contrib/plugins: Use GRWLock in execlog
Date: Mon, 31 Jul 2023 17:43:28 +0900 [thread overview]
Message-ID: <20230731084354.115015-2-akihiko.odaki@daynix.com> (raw)
In-Reply-To: <20230731084354.115015-1-akihiko.odaki@daynix.com>
execlog had the following comment:
> As we could have multiple threads trying to do this we need to
> serialise the expansion under a lock. Threads accessing already
> created entries can continue without issue even if the ptr array
> gets reallocated during resize.
However, when the ptr array gets reallocated, the other threads may have
a stale reference to the old buffer. This results in use-after-free.
Use GRWLock to properly fix this issue.
Fixes: 3d7caf145e ("contrib/plugins: add execlog to log instruction execution and memory access")
Signed-off-by: Akihiko Odaki <akihiko.odaki@daynix.com>
---
contrib/plugins/execlog.c | 16 ++++++++++------
1 file changed, 10 insertions(+), 6 deletions(-)
diff --git a/contrib/plugins/execlog.c b/contrib/plugins/execlog.c
index 7129d526f8..ce67acf145 100644
--- a/contrib/plugins/execlog.c
+++ b/contrib/plugins/execlog.c
@@ -19,7 +19,7 @@ QEMU_PLUGIN_EXPORT int qemu_plugin_version = QEMU_PLUGIN_VERSION;
/* Store last executed instruction on each vCPU as a GString */
static GPtrArray *last_exec;
-static GMutex expand_array_lock;
+static GRWLock expand_array_lock;
static GPtrArray *imatches;
static GArray *amatches;
@@ -28,18 +28,16 @@ static GArray *amatches;
* Expand last_exec array.
*
* As we could have multiple threads trying to do this we need to
- * serialise the expansion under a lock. Threads accessing already
- * created entries can continue without issue even if the ptr array
- * gets reallocated during resize.
+ * serialise the expansion under a lock.
*/
static void expand_last_exec(int cpu_index)
{
- g_mutex_lock(&expand_array_lock);
+ g_rw_lock_writer_unlock(&expand_array_lock);
while (cpu_index >= last_exec->len) {
GString *s = g_string_new(NULL);
g_ptr_array_add(last_exec, s);
}
- g_mutex_unlock(&expand_array_lock);
+ g_rw_lock_writer_unlock(&expand_array_lock);
}
/**
@@ -51,8 +49,10 @@ static void vcpu_mem(unsigned int cpu_index, qemu_plugin_meminfo_t info,
GString *s;
/* Find vCPU in array */
+ g_rw_lock_reader_lock(&expand_array_lock);
g_assert(cpu_index < last_exec->len);
s = g_ptr_array_index(last_exec, cpu_index);
+ g_rw_lock_reader_unlock(&expand_array_lock);
/* Indicate type of memory access */
if (qemu_plugin_mem_is_store(info)) {
@@ -80,10 +80,14 @@ static void vcpu_insn_exec(unsigned int cpu_index, void *udata)
GString *s;
/* Find or create vCPU in array */
+ g_rw_lock_reader_lock(&expand_array_lock);
if (cpu_index >= last_exec->len) {
+ g_rw_lock_reader_unlock(&expand_array_lock);
expand_last_exec(cpu_index);
+ g_rw_lock_reader_lock(&expand_array_lock);
}
s = g_ptr_array_index(last_exec, cpu_index);
+ g_rw_lock_reader_unlock(&expand_array_lock);
/* Print previous instruction in cache */
if (s->len) {
--
2.41.0
next prev parent reply other threads:[~2023-07-31 8:45 UTC|newest]
Thread overview: 61+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-07-31 8:43 [RFC PATCH 00/24] plugins: Allow to read registers Akihiko Odaki
2023-07-31 8:43 ` Akihiko Odaki [this message]
2023-08-14 10:48 ` [RFC PATCH 01/24] contrib/plugins: Use GRWLock in execlog Alex Bennée
2023-07-31 8:43 ` [RFC PATCH 02/24] gdbstub: Introduce GDBFeature structure Akihiko Odaki
2023-07-31 13:34 ` Philippe Mathieu-Daudé
2023-07-31 13:51 ` Philippe Mathieu-Daudé
2023-08-14 11:33 ` Alex Bennée
2023-07-31 8:43 ` [RFC PATCH 03/24] gdbstub: Add num_regs member to GDBFeature Akihiko Odaki
2023-07-31 13:35 ` Philippe Mathieu-Daudé
2023-08-14 11:44 ` Alex Bennée
2023-07-31 8:43 ` [RFC PATCH 04/24] gdbstub: Introduce gdb_find_static_feature() Akihiko Odaki
2023-07-31 13:52 ` Philippe Mathieu-Daudé
2023-08-14 11:56 ` Alex Bennée
2023-07-31 8:43 ` [RFC PATCH 05/24] target/arm: Move the reference to arm-core.xml Akihiko Odaki
2023-07-31 8:43 ` [RFC PATCH 06/24] hw/core/cpu: Replace gdb_core_xml_file with gdb_core_feature Akihiko Odaki
2023-07-31 13:27 ` Philippe Mathieu-Daudé
2023-07-31 13:37 ` Akihiko Odaki
2023-08-14 11:59 ` Alex Bennée
2023-08-16 13:47 ` Akihiko Odaki
2023-08-16 15:00 ` Alex Bennée
2023-08-16 15:10 ` Akihiko Odaki
2023-08-14 13:19 ` Alex Bennée
2023-07-31 8:43 ` [RFC PATCH 07/24] target/arm: Use GDBFeature for dynamic XML Akihiko Odaki
2023-07-31 13:44 ` Philippe Mathieu-Daudé
2023-07-31 14:00 ` Akihiko Odaki
2023-08-14 13:01 ` Alex Bennée
2023-07-31 8:43 ` [RFC PATCH 08/24] target/ppc: " Akihiko Odaki
2023-07-31 13:45 ` Philippe Mathieu-Daudé
2023-07-31 8:43 ` [RFC PATCH 09/24] target/riscv: " Akihiko Odaki
2023-07-31 13:46 ` Philippe Mathieu-Daudé
2023-07-31 8:43 ` [RFC PATCH 10/24] gdbstub: Use GDBFeature for gdb_register_coprocessor Akihiko Odaki
2023-08-14 13:13 ` Alex Bennée
2023-07-31 8:43 ` [RFC PATCH 11/24] gdbstub: Use GDBFeature for GDBRegisterState Akihiko Odaki
2023-07-31 8:43 ` [RFC PATCH 12/24] gdbstub: Simplify XML lookup Akihiko Odaki
2023-08-14 13:27 ` Alex Bennée
2023-08-16 13:51 ` Akihiko Odaki
2023-07-31 8:43 ` [RFC PATCH 13/24] hw/core/cpu: Remove gdb_get_dynamic_xml member Akihiko Odaki
2023-08-14 13:29 ` Alex Bennée
2023-07-31 8:43 ` [RFC PATCH 14/24] gdbstub: Add members to identify registers to GDBFeature Akihiko Odaki
2023-08-14 13:30 ` Alex Bennée
2023-07-31 8:43 ` [RFC PATCH 15/24] target/arm: Fill new members of GDBFeature Akihiko Odaki
2023-08-14 14:56 ` Alex Bennée
2023-08-16 14:23 ` Akihiko Odaki
2023-08-16 15:03 ` Alex Bennée
2023-08-16 15:11 ` Akihiko Odaki
2023-07-31 8:43 ` [RFC PATCH 16/24] target/ppc: " Akihiko Odaki
2023-07-31 8:43 ` [RFC PATCH 17/24] target/riscv: " Akihiko Odaki
2023-07-31 8:43 ` [RFC PATCH 18/24] hw/core/cpu: Add a parameter to gdb_read_register/gdb_write_register Akihiko Odaki
2023-07-31 8:43 ` [RFC PATCH 19/24] gdbstub: Hide gdb_has_xml Akihiko Odaki
2023-07-31 8:43 ` [RFC PATCH 20/24] gdbstub: Expose functions to read registers Akihiko Odaki
2023-07-31 8:43 ` [RFC PATCH 21/24] plugins: Allow " Akihiko Odaki
2023-08-14 15:05 ` Alex Bennée
2023-08-16 14:38 ` Akihiko Odaki
2023-07-31 8:43 ` [RFC PATCH 22/24] contrib/plugins: Allow to log registers Akihiko Odaki
2023-08-14 15:21 ` Alex Bennée
2023-08-16 14:59 ` Akihiko Odaki
2023-07-31 8:43 ` [RFC PATCH 23/24] plugins: Support C++ Akihiko Odaki
2023-07-31 8:43 ` [RFC PATCH 24/24] contrib/plugins: Add cc plugin Akihiko Odaki
2023-08-14 15:23 ` Alex Bennée
2023-08-16 15:04 ` Akihiko Odaki
2023-08-14 15:27 ` [RFC PATCH 00/24] plugins: Allow to read registers Alex Bennée
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230731084354.115015-2-akihiko.odaki@daynix.com \
--to=akihiko.odaki@daynix.com \
--cc=aleksandar.rikalo@syrmia.com \
--cc=alex.bennee@linaro.org \
--cc=alistair.francis@wdc.com \
--cc=atar4qemu@gmail.com \
--cc=aurelien@aurel32.net \
--cc=bcain@quicinc.com \
--cc=berrange@redhat.com \
--cc=bin.meng@windriver.com \
--cc=clg@kaod.org \
--cc=crosa@redhat.com \
--cc=crwulff@gmail.com \
--cc=danielhb413@gmail.com \
--cc=david@gibson.dropbear.id.au \
--cc=david@redhat.com \
--cc=edgar.iglesias@gmail.com \
--cc=eduardo@habkost.net \
--cc=erdnaxe@crans.org \
--cc=gaosong@loongson.cn \
--cc=groug@kaod.org \
--cc=iii@linux.ibm.com \
--cc=jcmvbkbc@gmail.com \
--cc=jiaxun.yang@flygoat.com \
--cc=jsnow@redhat.com \
--cc=kbastian@mail.uni-paderborn.de \
--cc=laurent@vivier.eu \
--cc=liweiwei@iscas.ac.cn \
--cc=ma.mandourr@gmail.com \
--cc=marcandre.lureau@redhat.com \
--cc=marcel.apfelbaum@gmail.com \
--cc=marex@denx.de \
--cc=mark.cave-ayland@ilande.co.uk \
--cc=mrolnik@gmail.com \
--cc=npiggin@gmail.com \
--cc=palmer@dabbelt.com \
--cc=pbonzini@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=philmd@linaro.org \
--cc=qemu-arm@nongnu.org \
--cc=qemu-devel@nongnu.org \
--cc=qemu-ppc@nongnu.org \
--cc=qemu-riscv@nongnu.org \
--cc=qemu-s390x@nongnu.org \
--cc=richard.henderson@linaro.org \
--cc=shorne@gmail.com \
--cc=thuth@redhat.com \
--cc=wangyanan55@huawei.com \
--cc=yangxiaojuan@loongson.cn \
--cc=ysato@users.sourceforge.jp \
--cc=zhiwei_liu@linux.alibaba.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).