sporadic UAF in MT-TCG during PCI bar setup

There's a use-after-free bug somewhere in TCG code, which happens during PCI bar setup when linux guest is booting. It's sort of difficult to trigger, - for it to happen, the qemu threads have to run sloooow.

For details, see https://lore.kernel.org/qemu-devel/abe00af4-3af5-4c6b-8443-b7350a4d9349@tls.msk.ru/ .

I haven't tried to reproduce this issue with other guest architectures but x86, so far anyway.

Yes, this issue looks very similar to #1866 (closed), but this one has been fixed already.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information