[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Missing unlock_user_struct , Deadlock
|
From: |
Laurent Vivier |
|
Subject: |
Re: Missing unlock_user_struct , Deadlock |
|
Date: |
Fri, 13 Mar 2020 11:20:22 +0100 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.5.0 |
Le 13/03/2020 à 10:08, Laurent Vivier a écrit :
> Le 13/03/2020 à 05:52, Mansour Ahmadi a écrit :
>> Hi
>>
>> In the case of badframe, user struct is not unlocked here and may lead
>> to deadlock:
>>
>> https://github.com/qemu/qemu/blob/d4f7d56759f7c75270c13d5f3f5f736a9558929c/linux-user/m68k/signal.c#L380
>
> badframe is called if lock fails, so no need to unlock.
>
>> In similar case, it in unlocked correctly:
>> https://github.com/qemu/qemu/blob/d4f7d56759f7c75270c13d5f3f5f736a9558929c/linux-user/sh4/signal.c#L303
In fact, this case is a little bit different and wrong but to fix that
the solution is to set frame to NULL when it is declared:
linux-user/qemu.h:
* Unlock an area of guest memory. The first LEN bytes must be
flushed back to guest memory. host_ptr = NULL is explicitly
allowed and does nothing. */
static inline void unlock_user(void *host_ptr, abi_ulong guest_addr,
long len)
like for linux-user/aarch64/signal.c:
long do_rt_sigreturn(CPUARMState *env)
{
struct target_rt_sigframe *frame = NULL;
...
We have several targets with the same problem.
Thanks,
Laurent