aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorEugenio Pérez <eperezma@redhat.com>2023-09-13 14:34:08 +0200
committerMichael S. Tsirkin <mst@redhat.com>2023-10-04 18:15:06 -0400
commit0a7a164bc37b4ecbf74466e1e5243d72a768ad06 (patch)
tree0d4a4ba2bd9a0d1b68bbaf1a8b0414b52560220e
parente77db790d1bdef9370d23a0a9350c084ce45d91d (diff)
vdpa net: zero vhost_vdpa iova_tree pointer at cleanup
Not zeroing it causes a SIGSEGV if the live migration is cancelled, at net device restart. This is caused because CVQ tries to reuse the iova_tree that is present in the first vhost_vdpa device at the end of vhost_vdpa_net_cvq_start. As a consequence, it tries to access an iova_tree that has been already free. Fixes: 00ef422e9fbf ("vdpa net: move iova tree creation from init to start") Reported-by: Yanhui Ma <yama@redhat.com> Signed-off-by: Eugenio Pérez <eperezma@redhat.com> Message-Id: <20230913123408.2819185-1-eperezma@redhat.com> Acked-by: Jason Wang <jasowang@redhat.com> Tested-by: Lei Yang <leiyang@redhat.com> Reviewed-by: Si-Wei Liu <si-wei.liu@oracle.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
-rw-r--r--net/vhost-vdpa.c2
1 files changed, 2 insertions, 0 deletions
diff --git a/net/vhost-vdpa.c b/net/vhost-vdpa.c
index 94635fcbee..fe519d908d 100644
--- a/net/vhost-vdpa.c
+++ b/net/vhost-vdpa.c
@@ -405,6 +405,8 @@ static void vhost_vdpa_net_client_stop(NetClientState *nc)
dev = s->vhost_vdpa.dev;
if (dev->vq_index + dev->nvqs == dev->vq_index_end) {
g_clear_pointer(&s->vhost_vdpa.iova_tree, vhost_iova_tree_delete);
+ } else {
+ s->vhost_vdpa.iova_tree = NULL;
}
}