Re: [PATCH] mdev: fix daemon crash on reattach mdevs
On Tue, Jul 21, 2020 at 05:21:10PM +0800, Binfeng Wu wrote:
Causing a crash when virMediatedDeviceListFindIndex because of
some pointers in mgr->activeMediatedHostdevs become dangling
pointers if goto cleanup label in virMediatedDeviceListMarkDevices.
Reproduction scenario:
1. start vm1 with mdev1
2. start vm2 with mdev2, mdev1 (the order cannot be changed)
Backtrace:
#0 0x0000ffffb8c36250 in strcmp
#1 0x0000ffffb9b80754 in virMediatedDeviceListFindIndex
#2 0x0000ffffb9b80870 in virMediatedDeviceListFind
#3 0x0000ffffb9c9e168 in virHostdevReAttachMediatedDevices
#4 0x0000ffff9949f724 in qemuHostdevReAttachMediatedDevices
#5 0x0000ffff9949f7f8 in qemuHostdevReAttachDomainDevices
#6 0x0000ffff994bcd70 in qemuProcessStop
#7 0x0000ffff994bf4e0 in qemuProcessStart
Sorry for the delay, I got my hands on a machine to investigate. Good
catch, it was a tricky one :).
I reworded the commit message a bit to provide more detailed info about
the bug and pushed.
Reviewed-by: Erik Skultety <eskultet(a)redhat.com>