kvm tools: fix rbtree-interval search

Commit Message

kirill.shutemov@linux.intel.com Oct. 29, 2012, 12:12 p.m. UTC

From: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>

I've noticed message on kvm exit:

  Warning: serial8250__exit failed.

kvm tool is not able to remove ioport range which was added previously.

The issue is caused by bug in rbtree-interval. Search algorithm in
rb_int_search_single() expects correct value of max_high. But the tree
can contain leaf nodes, which never were updated by propagate_callback().
For this kind of nodes high_max will be 0 and we will not be able to
find and remove them.

Let's initialize max_high on RB_INT_INIT() time.

Fixing this bug makes other bug visible: propagate_callback() can be
called for empty tree: node == NULL. The callback is not ready for empty
tree. Let's fix that as well.

Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
---
 tools/kvm/include/kvm/rbtree-interval.h |    3 ++-
 tools/kvm/util/rbtree-interval.c        |    6 +++++-
 2 files changed, 7 insertions(+), 2 deletions(-)

Comments

William Dauchy Oct. 29, 2012, 4:51 p.m. UTC | #1

On Oct29 14:12, Kirill A. Shutemov wrote:
> I've noticed message on kvm exit:
> 
>   Warning: serial8250__exit failed.
> 
> kvm tool is not able to remove ioport range which was added previously.
> 
> The issue is caused by bug in rbtree-interval. Search algorithm in
> rb_int_search_single() expects correct value of max_high. But the tree
> can contain leaf nodes, which never were updated by propagate_callback().
> For this kind of nodes high_max will be 0 and we will not be able to
> find and remove them.
> 
> Let's initialize max_high on RB_INT_INIT() time.
> 
> Fixing this bug makes other bug visible: propagate_callback() can be
> called for empty tree: node == NULL. The callback is not ready for empty
> tree. Let's fix that as well.
> 
> Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>

I had the same issue but didn't found the time to fix it.
Applying the patch fixes the problem.

Tested-by: William Dauchy <william@gandi.net>

Thanks,

Patch

diff --git a/tools/kvm/include/kvm/rbtree-interval.h b/tools/kvm/include/kvm/rbtree-interval.h
index e97d05b..fb2102a 100644
--- a/tools/kvm/include/kvm/rbtree-interval.h
+++ b/tools/kvm/include/kvm/rbtree-interval.h
@@ -4,7 +4,8 @@ 
 #include <linux/rbtree_augmented.h>
 #include <linux/types.h>
 
-#define RB_INT_INIT(l, h) (struct rb_int_node){.low = l, .high = h}
+#define RB_INT_INIT(l, h) \
+	(struct rb_int_node){.low = l, .high = h, .max_high = h}
 #define rb_int(n) rb_entry(n, struct rb_int_node, node)
 
 struct rb_int_node {
diff --git a/tools/kvm/util/rbtree-interval.c b/tools/kvm/util/rbtree-interval.c
index c82ce98..d7fa96a 100644
--- a/tools/kvm/util/rbtree-interval.c
+++ b/tools/kvm/util/rbtree-interval.c
@@ -48,8 +48,12 @@  struct rb_int_node *rb_int_search_range(struct rb_root *root, u64 low, u64 high)
  */
 static void propagate_callback(struct rb_node *node, struct rb_node *stop)
 {
-	struct rb_int_node *i_node = rb_int(node);
+	struct rb_int_node *i_node;
 
+	if (node == stop)
+		return;
+
+	i_node = rb_int(node);
 	i_node->max_high = i_node->high;
 
 	if (node->rb_left)