[PULL 01/16] hw/vfio/container: Fix SIGSEV on vfio_container_instance

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PULL 01/16] hw/vfio/container: Fix SIGSEV on vfio_container_instance_fi

From:	Cédric Le Goater
Subject:	[PULL 01/16] hw/vfio/container: Fix SIGSEV on vfio_container_instance_finalize()
Date:	Tue, 23 Jul 2024 16:00:04 +0200

From: Eric Auger <eric.auger@redhat.com>

In vfio_connect_container's error path, the base container is
removed twice form the VFIOAddressSpace QLIST: first on the
listener_release_exit label and second, on free_container_exit
label, through object_unref(container), which calls
vfio_container_instance_finalize().

Let's remove the first instance.

Fixes: 938026053f4 ("vfio/container: Switch to QOM")
Signed-off-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Cédric Le Goater <clg@redhat.com>
Reviewed-by: Zhenzhong Duan <zhenzhong.duan@intel.com>
---
 hw/vfio/container.c | 1 -
 1 file changed, 1 deletion(-)

diff --git a/hw/vfio/container.c b/hw/vfio/container.c
index 
38a9df34964a4e5a4d349c14d54f66585728d5ca..ce9a858e56218a9e9c803b4f5cf4c9f7cfc4edda
 100644
--- a/hw/vfio/container.c
+++ b/hw/vfio/container.c
@@ -656,7 +656,6 @@ static bool vfio_connect_container(VFIOGroup *group, 
AddressSpace *as,
     return true;
 listener_release_exit:
     QLIST_REMOVE(group, container_next);
-    QLIST_REMOVE(bcontainer, next);
     vfio_kvm_device_del_group(group);
     memory_listener_unregister(&bcontainer->listener);
     if (vioc->release) {
-- 
2.45.2

[Prev in Thread]

Current Thread

[Next in Thread]

[PULL 00/16] vfio queue, Cédric Le Goater, 2024/07/23
- [PULL 01/16] hw/vfio/container: Fix SIGSEV on vfio_container_instance_finalize(), Cédric Le Goater <=
- [PULL 02/16] vfio/pci: Extract mdev check into an helper, Cédric Le Goater, 2024/07/23
- [PULL 04/16] backends/iommufd: Extend iommufd_backend_get_device_info() to fetch HW capabilities, Cédric Le Goater, 2024/07/23
- [PULL 03/16] vfio/iommufd: Don't initialize nor set a HOST_IOMMU_DEVICE with mdev, Cédric Le Goater, 2024/07/23
- [PULL 05/16] vfio/iommufd: Return errno in iommufd_cdev_attach_ioas_hwpt(), Cédric Le Goater, 2024/07/23
- [PULL 06/16] vfio/ap: Don't initialize HOST_IOMMU_DEVICE with mdev, Cédric Le Goater, 2024/07/23
- [PULL 07/16] vfio/ccw: Don't initialize HOST_IOMMU_DEVICE with mdev, Cédric Le Goater, 2024/07/23
- [PULL 08/16] vfio/iommufd: Introduce auto domain creation, Cédric Le Goater, 2024/07/23
- [PULL 09/16] vfio/{iommufd,container}: Remove caps::aw_bits, Cédric Le Goater, 2024/07/23
- [PULL 10/16] vfio/iommufd: Add hw_caps field to HostIOMMUDeviceCaps, Cédric Le Goater, 2024/07/23
- [PULL 12/16] vfio/iommufd: Probe and request hwpt dirty tracking capability, Cédric Le Goater, 2024/07/23

Prev by Date: [PULL 00/16] vfio queue
Next by Date: [PULL 02/16] vfio/pci: Extract mdev check into an helper
Previous by thread: [PULL 00/16] vfio queue
Next by thread: [PULL 02/16] vfio/pci: Extract mdev check into an helper
Index(es):
- Date
- Thread