On 05/03/18 19:36, Paolo Bonzini wrote:
> address_space_access_valid is calling address_space_to_flatview but it can
> be called outside the RCU lock. To fix it, push the rcu_read_lock/unlock
> pair up from flatview_access_valid to address_space_access_valid.
>
> Cc: qemu-sta...@nongnu.org
> Signed-off-by: Paolo Bonzini <pbonz...@redhat.com>
Reviewed-by: Alexey Kardashevskiy <a...@ozlabs.ru>
> ---
> exec.c | 12 ++++++++----
> 1 file changed, 8 insertions(+), 4 deletions(-)
>
> diff --git a/exec.c b/exec.c
> index 55b7452bd7..177583c2ee 100644
> --- a/exec.c
> +++ b/exec.c
> @@ -3391,7 +3391,6 @@ static bool flatview_access_valid(FlatView *fv, hwaddr
> addr, int len,
> MemoryRegion *mr;
> hwaddr l, xlat;
>
> - rcu_read_lock();
> while (len > 0) {
> l = len;
> mr = flatview_translate(fv, addr, &xlat, &l, is_write);
> @@ -3406,15 +3405,20 @@ static bool flatview_access_valid(FlatView *fv,
> hwaddr addr, int len,
> len -= l;
> addr += l;
> }
> - rcu_read_unlock();
> return true;
> }
>
> bool address_space_access_valid(AddressSpace *as, hwaddr addr,
> int len, bool is_write)
> {
> - return flatview_access_valid(address_space_to_flatview(as),
> - addr, len, is_write);
> + FlatView *fv;
> + bool result;
> +
> + rcu_read_lock();
> + fv = address_space_to_flatview(as);
> + result = flatview_access_valid(fv, addr, len, is_write);
> + rcu_read_unlock();
> + return result;
> }
>
> static hwaddr
>
--
Alexey
