From 2635ac986fb70408292c274b4c0327f2cfc401e2 Mon Sep 17 00:00:00 2001 From: Alexander Graf Date: Fri, 13 Jan 2012 17:05:41 +0100 Subject: [PATCH] linux-user: fix segfault deadlock MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit When entering the guest we take a lock to ensure that nobody else messes with our TB chaining while we're doing it. If we get a segfault inside that code, we manage to work on, but will not unlock the lock. This patch forces unlocking of that lock in the segv handler. I'm not sure this is the right approach though. Maybe we should rather make sure we don't segfault in the code? I would greatly appreciate someone more intelligible than me to look at this :). Example code to trigger this is at: http://csgraf.de/tmp/conftest.c Reported-by: Fabio Erculiani Signed-off-by: Alexander Graf [AF: Drop spinlock_safe_unlock() and switch to tb_lock_reset() (bonzini)] Signed-off-by: Andreas Färber --- accel/tcg/user-exec.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/accel/tcg/user-exec.c b/accel/tcg/user-exec.c index 26a3ffbba1..43bbf92f36 100644 --- a/accel/tcg/user-exec.c +++ b/accel/tcg/user-exec.c @@ -103,6 +103,10 @@ static inline int handle_cpu_signal(uintptr_t pc, siginfo_t *info, printf("qemu: SIGSEGV pc=0x%08lx address=%08lx w=%d oldset=0x%08lx\n", pc, address, is_write, *(unsigned long *)old_set); #endif + + /* Maybe we're still holding the TB fiddling lock? */ + tb_lock_reset(); + /* XXX: locking issue */ /* Note that it is important that we don't call page_unprotect() unless * this is really a "write to nonwriteable page" fault, because