qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed
* [PATCH] hw/vfio/container: Fix SIGSEV on vfio_container_instance_finalize()
@ 2024-07-19 16:50 Eric Auger
  2024-07-20  6:57 ` Cédric Le Goater
                   ` (2 more replies)
  0 siblings, 3 replies; 4+ messages in thread
From: Eric Auger @ 2024-07-19 16:50 UTC (permalink / raw)
  To: eric.auger.pro, eric.auger, qemu-devel, qemu-arm, clg,
	zhenzhong.duan, alex.williamson
  Cc: yanghliu

In vfio_connect_container's error path, the base container is
removed twice form the VFIOAddressSpace QLIST: first on the
listener_release_exit label and second, on free_container_exit
label, through object_unref(container), which calls
vfio_container_instance_finalize().

Let's remove the first instance.

Fixes: 938026053f4 ("vfio/container: Switch to QOM")
Signed-off-by: Eric Auger <eric.auger@redhat.com>
---
 hw/vfio/container.c | 1 -
 1 file changed, 1 deletion(-)

diff --git a/hw/vfio/container.c b/hw/vfio/container.c
index 425db1a14c..d8b7c533af 100644
--- a/hw/vfio/container.c
+++ b/hw/vfio/container.c
@@ -657,7 +657,6 @@ static bool vfio_connect_container(VFIOGroup *group, AddressSpace *as,
     return true;
 listener_release_exit:
     QLIST_REMOVE(group, container_next);
-    QLIST_REMOVE(bcontainer, next);
     vfio_kvm_device_del_group(group);
     memory_listener_unregister(&bcontainer->listener);
     if (vioc->release) {
-- 
2.41.0



^ permalink raw reply related	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2024-07-22 13:51 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-07-19 16:50 [PATCH] hw/vfio/container: Fix SIGSEV on vfio_container_instance_finalize() Eric Auger
2024-07-20  6:57 ` Cédric Le Goater
2024-07-22  6:29 ` Duan, Zhenzhong
2024-07-22 13:50 ` Cédric Le Goater

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).