On 04/28/2017 03:46 AM, Erik Skultety wrote: > The problem resides in virHostdevUpdateActiveMediatedDevices which gets > called during qemuProcessReconnect. The issue here is that > virMediatedDeviceListAdd takes a pointer to the item to be added to the > list to which VIR_APPEND_ELEMENT is used, which also clears the pointer. > However, in this case only the local copy of the pointer got cleared, > leaving the original pointing to valid memory. To sum it up, during > cleanup phase, the original pointer is freed and the daemon crashes > basically any time it would access it. > > Backtrace: > 0x00007ffff3ccdeba in __strcmp_sse2_unaligned > 0x00007ffff72a444a in virMediatedDeviceListFindIndex > 0x00007ffff7241446 in virHostdevReAttachMediatedDevices > 0x00007fffc60215d9 in qemuHostdevReAttachMediatedDevices > 0x00007fffc60216dc in qemuHostdevReAttachDomainDevices > 0x00007fffc6046e6f in qemuProcessStop > 0x00007fffc6091596 in processMonitorEOFEvent > 0x00007fffc6091793 in qemuProcessEventHandler > 0x00007ffff7294bf5 in virThreadPoolWorker > 0x00007ffff7294184 in virThreadHelper > 0x00007ffff3fdc3c4 in start_thread () from /lib64/libpthread.so.0 > 0x00007ffff3d269cf in clone () from /lib64/libc.so.6 > > Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1446455 > > Signed-off-by: Erik Skultety <eskultet@xxxxxxxxxx> Reviewed-by: Laine Stump <laine@xxxxxxxxx> or ACK, or whatever is the new accepted hotness. -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list
