| Message ID | 20221017075351.2974642-1-zhenzhong.duan@intel.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | [1/2] multifd: Fix a race on reading MultiFDPages_t.block | expand |
Zhenzhong Duan <zhenzhong.duan@intel.com> wrote: > In multifd_queue_page() MultiFDPages_t.block is checked twice. > Between the two checks, MultiFDPages_t.block may be reset to NULL > by multifd thread. This lead to the 2nd check always true then a > redundant page submitted to multifd thread again. > > Signed-off-by: Zhenzhong Duan <zhenzhong.duan@intel.com> Reviewed-by: Juan Quintela <quintela@redhat.com>
diff --git a/migration/multifd.c b/migration/multifd.c index 586ddc9d657a..36e2139995cf 100644 --- a/migration/multifd.c +++ b/migration/multifd.c @@ -447,6 +447,7 @@ static int multifd_send_pages(QEMUFile *f) int multifd_queue_page(QEMUFile *f, RAMBlock *block, ram_addr_t offset) { MultiFDPages_t *pages = multifd_send_state->pages; + bool changed = false; if (!pages->block) { pages->block = block; @@ -459,14 +460,16 @@ int multifd_queue_page(QEMUFile *f, RAMBlock *block, ram_addr_t offset) if (pages->num < pages->allocated) { return 1; } + } else { + changed = true; } if (multifd_send_pages(f) < 0) { return -1; } - if (pages->block != block) { - return multifd_queue_page(f, block, offset); + if (changed) { + return multifd_queue_page(f, block, offset); } return 1;
In multifd_queue_page() MultiFDPages_t.block is checked twice. Between the two checks, MultiFDPages_t.block may be reset to NULL by multifd thread. This lead to the 2nd check always true then a redundant page submitted to multifd thread again. Signed-off-by: Zhenzhong Duan <zhenzhong.duan@intel.com> --- migration/multifd.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-)