Message ID | 1496320911-51305-25-git-send-email-pbonzini@redhat.com |
---|---|
State | New |
Headers | show |
On 06/01/2017 07:41 AM, Paolo Bonzini wrote: > From: Eric Blake <eblake@redhat.com> > > If a non-NBD client connects to qemu-nbd, we would end up with > a SIGSEGV in nbd_cilent_put() because we were trying to Since it looks like you have to respin this pull request for other reasons, you could s/cilent/client/ while touching things up. > unregister the client's association to the export, even though > we skipped inserting the client into that list. Easy trigger > in two terminals: >
diff --git a/nbd/server.c b/nbd/server.c index ee59e5d..49b55f6 100644 --- a/nbd/server.c +++ b/nbd/server.c @@ -1358,16 +1358,14 @@ static coroutine_fn void nbd_co_client_start(void *opaque) if (exp) { nbd_export_get(exp); + QTAILQ_INSERT_TAIL(&exp->clients, client, next); } + qemu_co_mutex_init(&client->send_lock); + if (nbd_negotiate(data)) { client_close(client); goto out; } - qemu_co_mutex_init(&client->send_lock); - - if (exp) { - QTAILQ_INSERT_TAIL(&exp->clients, client, next); - } nbd_client_receive_next_request(client); diff --git a/qemu-nbd.c b/qemu-nbd.c index f60842f..651f85e 100644 --- a/qemu-nbd.c +++ b/qemu-nbd.c @@ -325,7 +325,7 @@ out: static int nbd_can_accept(void) { - return nb_fds < shared; + return state == RUNNING && nb_fds < shared; } static void nbd_export_closed(NBDExport *exp)