qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] hw/vfio/container: Fix SIGSEV on vfio_container_instance_fin

From: Cédric Le Goater
Subject: Re: [PATCH] hw/vfio/container: Fix SIGSEV on vfio_container_instance_finalize()
Date: Sat, 20 Jul 2024 08:57:24 +0200
User-agent: Mozilla Thunderbird 
On 7/19/24 18:50, Eric Auger wrote:

In vfio_connect_container's error path, the base container is
removed twice form the VFIOAddressSpace QLIST: first on the
listener_release_exit label and second, on free_container_exit
label, through object_unref(container), which calls
vfio_container_instance_finalize().

Let's remove the first instance.

Fixes: 938026053f4 ("vfio/container: Switch to QOM")
Signed-off-by: Eric Auger <eric.auger@redhat.com>


Oh. Nice catch !


Reviewed-by: Cédric Le Goater <clg@redhat.com>

Thanks,

C.



---
  hw/vfio/container.c | 1 -
  1 file changed, 1 deletion(-)

diff --git a/hw/vfio/container.c b/hw/vfio/container.c
index 425db1a14c..d8b7c533af 100644
--- a/hw/vfio/container.c
+++ b/hw/vfio/container.c
@@ -657,7 +657,6 @@ static bool vfio_connect_container(VFIOGroup *group, 
AddressSpace *as,
      return true;
  listener_release_exit:
      QLIST_REMOVE(group, container_next);
-    QLIST_REMOVE(bcontainer, next);
      vfio_kvm_device_del_group(group);
      memory_listener_unregister(&bcontainer->listener);
      if (vioc->release) {
reply via email to
[Prev in Thread] Current Thread [Next in Thread]