Hi
----- Original Message -----
>
>
> On 11/07/2016 13:23, Jason Wang wrote:
> >
> >
> > On 2016年07月11日 17:18, Paolo Bonzini wrote:
> >>
> >> On 11/07/2016 11:06, Jason Wang wrote:
> >>>
> >>> On 2016年07月08日 23:27, Paolo Bonzini wrote:
> >>>> Otherwise, vhost-user causes a use-after-free.
> >>>>
> >>>> Signed-off-by: Paolo Bonzini <pbonz...@redhat.com>
> >>>> ---
> >>>> vl.c | 6 +++---
> >>>> 1 file changed, 3 insertions(+), 3 deletions(-)
> >>>>
> >>>> diff --git a/vl.c b/vl.c
> >>>> index d0b9ff9..005162d 100644
> >>>> --- a/vl.c
> >>>> +++ b/vl.c
> >>>> @@ -4327,9 +4327,6 @@ int main(int argc, char **argv, char **envp)
> >>>> qemu_opts_del(icount_opts);
> >>>> }
> >>>> - /* clean up network at qemu process termination */
> >>>> - atexit(&net_cleanup);
> >>>> -
> >>>> if (default_net) {
> >>>> QemuOptsList *net = qemu_find_opts("net");
> >>>> qemu_opts_set(net, NULL, "type", "nic", &error_abort);
> >>>> @@ -4596,6 +4593,9 @@ int main(int argc, char **argv, char **envp)
> >>>> #ifdef CONFIG_TPM
> >>>> tpm_cleanup();
> >>>> #endif
> >>>> +
> >>>> + /* vhost-user must be cleaned up before chardevs. */
> >>>> + net_cleanup();
> >>>> qemu_chr_cleanup();
> >>>> return 0;
> >>> Patch does not seems to be applied on master. Which tree is this patch
> >>> based?
> >> It's applied on top of Marc-André's character device cleanup series.
> >
> > Ok, but looks like the issue we tried to solve with commit
> > f30dbae63a46f23116715dff8d130c7d01ff02be will appear again?
>
> You're right. :/
>
> Marc-André, I think a possible solution is this:
>
> 1) add a Notifier to struct TAPState and register it with
> qemu_add_exit_notifier. The notifier, when called, invokes the down_script.
>
> 2) in tap_cleanup, invoke the down_script and unregister the notifier
> with qemu_remove_exit_notifier.
>
> Can you implement this?
What if we register an exit notifier right before leaving main() ?
(qemu_add_exit_notifier(&chr_cleanup_notifier))
So that qemu_chr_cleanup() is only invoked at the last time when doing main()
exit?
