performance: 0.825
device: 0.805
ppc: 0.796
PID: 0.795
graphic: 0.769
register: 0.686
files: 0.669
peripherals: 0.606
VMM: 0.601
network: 0.586
debug: 0.584
vnc: 0.575
TCG: 0.570
kernel: 0.558
permissions: 0.553
x86: 0.529
mistranslation: 0.513
socket: 0.509
semantic: 0.476
arm: 0.449
architecture: 0.429
risc-v: 0.413
user-level: 0.409
i386: 0.404
virtual: 0.397
boot: 0.383
hypervisor: 0.291
KVM: 0.181
assembly: 0.158

qemu crashes when doing iotest on  virtio-9p filesystem 

Qemu crashes when doing avocado-vt test on virtio-9p filesystem.
This bug can be reproduced running https://github.com/autotest/tp-qemu/blob/master/qemu/tests/9p.py.
The crash stack goes like:

Program terminated with signal SIGSEGV, Segmentation fault.
#0  v9fs_mark_fids_unreclaim (pdu=pdu@entry=0xaaab00046868, path=path@entry=0xffff851e2fa8)
    at hw/9pfs/9p.c:505
#1  0x0000aaaae3585acc in v9fs_unlinkat (opaque=0xaaab00046868) at hw/9pfs/9p.c:2590
#2  0x0000aaaae3811c10 in coroutine_trampoline (i0=<optimized out>, i1=<optimized out>)
    at util/coroutine-ucontext.c:116
#3  0x0000ffffa13ddb20 in ?? () from /lib64/libc.so.6
Backtrace stopped: not enough registers or memory available to unwind further

A segment fault is triggered at hw/9pfs/9p.c line 505

    for (fidp = s->fid_list; fidp; fidp = fidp->next) {
        if (fidp->path.size != path->size) {     # fidp is invalid 
            continue;
        }

(gdb) p path
$10 = (V9fsPath *) 0xffff851e2fa8
(gdb) p *path
$11 = {size = 21, data = 0xaaaafed6f420 "./9p_test/p2a1/d0/f1"}
(gdb) p *fidp
Cannot access memory at address 0x101010101010101
(gdb) p *pdu
$12 = {size = 19, tag = 54, id = 76 'L', cancelled = 0 '\000', complete = {entries = {
      sqh_first = 0x0, sqh_last = 0xaaab00046870}}, s = 0xaaab000454b8, next = {
    le_next = 0xaaab000467c0, le_prev = 0xaaab00046f88}, idx = 88}
(gdb) 

Address Sanitizer shows error and saying that there is a heap-use-after-free on *fidp*.


This is an automated cleanup. This bug report has been moved to QEMU's
new bug tracker on gitlab.com and thus gets marked as 'expired' now.
Please continue with the discussion here:

 https://gitlab.com/qemu-project/qemu/-/issues/181