On Tue, May 30, 2017 at 12:07:36PM +0200, Roman Pen wrote: > diff --git a/util/qemu-coroutine-lock.c b/util/qemu-coroutine-lock.c > index 6328eed26bc6..d589d8c66d5e 100644 > --- a/util/qemu-coroutine-lock.c > +++ b/util/qemu-coroutine-lock.c > @@ -77,10 +77,20 @@ void coroutine_fn qemu_co_queue_wait(CoQueue *queue, > CoMutex *mutex) > void qemu_co_queue_run_restart(Coroutine *co) > { > Coroutine *next; > + QSIMPLEQ_HEAD(, Coroutine) tmp_queue_wakeup = > + QSIMPLEQ_HEAD_INITIALIZER(tmp_queue_wakeup); > > trace_qemu_co_queue_run_restart(co); > - while ((next = QSIMPLEQ_FIRST(&co->co_queue_wakeup))) { > - QSIMPLEQ_REMOVE_HEAD(&co->co_queue_wakeup, co_queue_next); > + > + /* Because "co" has yielded, any coroutine that we wakeup can resume it. > + * If this happens and "co" terminates, co->co_queue_wakeup becomes > + * invalid memory. Therefore, use a temporary queue and do not touch > + * the "co" coroutine as soon as you enter another one. > + */ > + QSIMPLEQ_CONCAT(&tmp_queue_wakeup, &co->co_queue_wakeup); > + > + while ((next = QSIMPLEQ_FIRST(&tmp_queue_wakeup))) { > + QSIMPLEQ_REMOVE_HEAD(&tmp_queue_wakeup, co_queue_next); > qemu_coroutine_enter(next); > } > }
What happens if co remains alive and qemu_coroutine_enter(next) causes additional coroutines to add themselves to co->co_queue_wakeup? I think they used to be entered but not anymore after this patch. Not sure if anything depends on this behavior...
signature.asc
Description: PGP signature