When writing to the qemu-pr-helper socket failed, the persistent
reservation manager was correctly disconnecting the socket, but it
did not clear pr_mgr->ioc. So the rest of the code did not know
that the socket had been disconnected, accessed pr_mgr->ioc and
happily caused a crash.
To reproduce, it is enough to stop qemu-pr-helper between QEMU
startup and executing e.g. sg_persist -k /dev/sdb.
Reviewed-by: Michal Privoznik <mpriv...@redhat.com>
Signed-off-by: Paolo Bonzini <pbonz...@redhat.com>
---
scsi/pr-manager-helper.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/scsi/pr-manager-helper.c b/scsi/pr-manager-helper.c
index 82ff6b6..0c0fe38 100644
--- a/scsi/pr-manager-helper.c
+++ b/scsi/pr-manager-helper.c
@@ -71,6 +71,7 @@ static int pr_manager_helper_write(PRManagerHelper *pr_mgr,
if (n_written <= 0) {
assert(n_written != QIO_CHANNEL_ERR_BLOCK);
object_unref(OBJECT(pr_mgr->ioc));
+ pr_mgr->ioc = NULL;
return n_written < 0 ? -EINVAL : 0;
}
--
1.8.3.1
