The rte_vhost_driver_unregister() vhost_user_read_cb()
vhost_user_client_reconnect() can be called at the same time by 3 threads.
when memory of vsocket is freed in rte_vhost_driver_unregister(),
then vhost_user_read_cb() maybe add vsocket to reconn_list,
the invalid memory of vsocket is accessed in vhost_user_client_reconnect().
The core trace is:
Program terminated with signal 11, Segmentation fault.
The fix is to perform a delete operation again after releasing the memory
Signed-off-by: zhaoxinxin <15957197...@163.com>
---
lib/vhost/socket.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/lib/vhost/socket.c b/lib/vhost/socket.c
index a75728a2e4..01946096c4 100644
--- a/lib/vhost/socket.c
+++ b/lib/vhost/socket.c
@@ -1121,6 +1121,8 @@ rte_vhost_driver_unregister(const char *path)
if (vsocket->is_server) {
close(vsocket->socket_fd);
unlink(path);
+ } else if (vsocket->reconnect) {
+ vhost_user_remove_reconnect(vsocket);
}
pthread_mutex_destroy(&vsocket->conn_mutex);
--
2.45.2
