From d09a6fde1590ca3a45b608b6873a680f208dfeb5 Mon Sep 17 00:00:00 2001 From: Paolo Bonzini Date: Thu, 9 Jul 2015 08:47:58 +0200 Subject: [PATCH 1/2] migration: fix RCU deadlock migration_end calls synchronize_rcu() within a critical section. That causes a deadlock; move the call after rcu_read_unlock(). Signed-off-by: Paolo Bonzini --- migration/ram.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/migration/ram.c b/migration/ram.c index c696814196..1e58cd3924 100644 --- a/migration/ram.c +++ b/migration/ram.c @@ -1266,9 +1266,10 @@ static int ram_save_complete(QEMUFile *f, void *opaque) flush_compressed_data(f); ram_control_after_iterate(f, RAM_CONTROL_FINISH); - migration_end(); rcu_read_unlock(); + + migration_end(); qemu_put_be64(f, RAM_SAVE_FLAG_EOS); return 0; From 4f4f6976d80614e2d81cea4385885876f24bb257 Mon Sep 17 00:00:00 2001 From: Paolo Bonzini Date: Thu, 9 Jul 2015 16:52:48 +0200 Subject: [PATCH 2/2] crypto: fix builtin qcrypto_cipher_free This was dereferencing a pointer before checking if it was NULL. Reported-by: Christian Borntraeger Reported-by: Aurelien Jarno Signed-off-by: Paolo Bonzini --- crypto/cipher-builtin.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/crypto/cipher-builtin.c b/crypto/cipher-builtin.c index c625cb40f7..912c1b947d 100644 --- a/crypto/cipher-builtin.c +++ b/crypto/cipher-builtin.c @@ -354,11 +354,13 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg, void qcrypto_cipher_free(QCryptoCipher *cipher) { - QCryptoCipherBuiltin *ctxt = cipher->opaque; + QCryptoCipherBuiltin *ctxt; + if (!cipher) { return; } + ctxt = cipher->opaque; ctxt->free(cipher); g_free(cipher); }