15 Feb
2025
15 Feb
'25
6:15 a.m.
On Sat, 15 Feb 2025 00:08:41 +1100
David Gibson
GET_VRING_BASE stops the queue, clearing the call and kick fds. However, we don't clear vring.avail. That means that if vu_queue_notify() is called it won't realise the queue isn't ready and will die with an EBADFD.
We get this during migration, because for some reason, qemu reconfigures the vhost-user device when a migration is triggered. There's a window between the GET_VRING_BASE and re-establishing the call fd where the notify function can be called, causing a crash.
Signed-off-by: David Gibson
Applied. -- Stefano