From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:34627) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bMage-00039x-Rs for qemu-devel@nongnu.org; Mon, 11 Jul 2016 08:51:49 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1bMagZ-0001v3-P7 for qemu-devel@nongnu.org; Mon, 11 Jul 2016 08:51:48 -0400 Received: from mx5-phx2.redhat.com ([209.132.183.37]:51871) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bMagZ-0001uu-Gt for qemu-devel@nongnu.org; Mon, 11 Jul 2016 08:51:43 -0400 Date: Mon, 11 Jul 2016 08:51:39 -0400 (EDT) From: =?utf-8?Q?Marc-Andr=C3=A9?= Lureau Message-ID: <1535901265.3647445.1468241499079.JavaMail.zimbra@redhat.com> In-Reply-To: <69e54b53-afa4-c0e7-73b7-8d6e74ac864e@redhat.com> References: <1467991671-93391-1-git-send-email-pbonzini@redhat.com> <578361B2.3040608@redhat.com> <7739c201-5561-2a00-1710-287236927a19@redhat.com> <578381B1.60807@redhat.com> <69e54b53-afa4-c0e7-73b7-8d6e74ac864e@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Subject: Re: [Qemu-devel] [PATCH] net: cleanup before character devices List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Paolo Bonzini Cc: Jason Wang , qemu-devel@nongnu.org, =?utf-8?Q?Marc-Andr=C3=A9?= Lureau Hi ----- Original Message ----- >=20 >=20 > On 11/07/2016 13:23, Jason Wang wrote: > >=20 > >=20 > > On 2016=E5=B9=B407=E6=9C=8811=E6=97=A5 17:18, Paolo Bonzini wrote: > >> > >> On 11/07/2016 11:06, Jason Wang wrote: > >>> > >>> On 2016=E5=B9=B407=E6=9C=8808=E6=97=A5 23:27, Paolo Bonzini wrote: > >>>> Otherwise, vhost-user causes a use-after-free. > >>>> > >>>> Signed-off-by: Paolo Bonzini > >>>> --- > >>>> vl.c | 6 +++--- > >>>> 1 file changed, 3 insertions(+), 3 deletions(-) > >>>> > >>>> diff --git a/vl.c b/vl.c > >>>> index d0b9ff9..005162d 100644 > >>>> --- a/vl.c > >>>> +++ b/vl.c > >>>> @@ -4327,9 +4327,6 @@ int main(int argc, char **argv, char **envp) > >>>> qemu_opts_del(icount_opts); > >>>> } > >>>> - /* clean up network at qemu process termination */ > >>>> - atexit(&net_cleanup); > >>>> - > >>>> if (default_net) { > >>>> QemuOptsList *net =3D qemu_find_opts("net"); > >>>> qemu_opts_set(net, NULL, "type", "nic", &error_abort); > >>>> @@ -4596,6 +4593,9 @@ int main(int argc, char **argv, char **envp) > >>>> #ifdef CONFIG_TPM > >>>> tpm_cleanup(); > >>>> #endif > >>>> + > >>>> + /* vhost-user must be cleaned up before chardevs. */ > >>>> + net_cleanup(); > >>>> qemu_chr_cleanup(); > >>>> return 0; > >>> Patch does not seems to be applied on master. Which tree is this patc= h > >>> based? > >> It's applied on top of Marc-Andr=C3=A9's character device cleanup seri= es. > >=20 > > Ok, but looks like the issue we tried to solve with commit > > f30dbae63a46f23116715dff8d130c7d01ff02be will appear again? >=20 > You're right. :/ >=20 > Marc-Andr=C3=A9, I think a possible solution is this: >=20 > 1) add a Notifier to struct TAPState and register it with > qemu_add_exit_notifier. The notifier, when called, invokes the down_scri= pt. >=20 > 2) in tap_cleanup, invoke the down_script and unregister the notifier > with qemu_remove_exit_notifier. >=20 > Can you implement this? What if we register an exit notifier right before leaving main() ? (qemu_ad= d_exit_notifier(&chr_cleanup_notifier)) So that qemu_chr_cleanup() is only invoked at the last time when doing main= () exit?