If the socket fd is shutdown, there may be some data which is received before
shutdown. We will read the data and do read/write in nbd_trip(). But the exp's
blk is NULL, and it will cause qemu crashed.
Reported-by: Li Zhijian <lizhij...@cn.fujitsu.com>
Signed-off-by: Wen Congyang <we...@cn.fujitsu.com>
---
nbd.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/nbd.c b/nbd.c
index 06b501b..d8586a1 100644
--- a/nbd.c
+++ b/nbd.c
@@ -1132,6 +1132,7 @@ void nbd_export_close(NBDExport *exp)
nbd_export_set_name(exp, NULL);
nbd_export_put(exp);
if (exp->blk) {
+ bdrv_drain(blk_bs(exp->blk));
blk_remove_aio_context_notifier(exp->blk, blk_aio_attached,
blk_aio_detach, exp);
blk_unref(exp->blk);
@@ -1305,6 +1306,14 @@ static void nbd_trip(void *opaque)
goto invalid_request;
}
+ if (client->closing) {
+ /*
+ * The client may be closed when we are blocked in
+ * nbd_co_receive_request()
+ */
+ goto done;
+ }
+
switch (command) {
case NBD_CMD_READ:
TRACE("Request type is READ");
--
2.4.3
