From 3f2139843760e6d5596b75db9df6af8c6e9c1ee6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=A1n=20Tomko?= Date: Wed, 7 Jan 2015 14:35:49 +0100 Subject: [PATCH] Fix vmdef usage while in monitor in BlockStat* APIs Make a local copy of the disk alias instead of pointing to the domain definition, which might get freed if the domain dies while we're in monitor. Also exit early if that happens. --- src/qemu/qemu_driver.c | 26 +++++++++++++++++++------- 1 file changed, 19 insertions(+), 7 deletions(-) diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 4b77914e50..61db194cb0 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -10123,6 +10123,7 @@ qemuDomainBlockStats(virDomainPtr dom, virDomainObjPtr vm; virDomainDiskDefPtr disk = NULL; qemuDomainObjPrivatePtr priv; + char *diskAlias = NULL; if (!*path) { virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s", @@ -10158,11 +10159,14 @@ qemuDomainBlockStats(virDomainPtr dom, goto endjob; } + if (VIR_STRDUP(diskAlias, disk->info.alias) < 0) + goto endjob; + priv = vm->privateData; qemuDomainObjEnterMonitor(driver, vm); ret = qemuMonitorGetBlockStatsInfo(priv->mon, - disk->info.alias, + diskAlias, &stats->rd_req, &stats->rd_bytes, NULL, @@ -10172,13 +10176,15 @@ qemuDomainBlockStats(virDomainPtr dom, NULL, NULL, &stats->errs); - qemuDomainObjExitMonitor(driver, vm); + if (qemuDomainObjExitMonitor(driver, vm) < 0) + ret = -1; endjob: qemuDomainObjEndJob(driver, vm); cleanup: qemuDomObjEndAPI(&vm); + VIR_FREE(diskAlias); return ret; } @@ -10194,11 +10200,11 @@ qemuDomainBlockStatsFlags(virDomainPtr dom, int idx; int tmp, ret = -1; virDomainObjPtr vm; - virDomainDiskDefPtr disk = NULL; qemuDomainObjPrivatePtr priv; long long rd_req, rd_bytes, wr_req, wr_bytes, rd_total_times; long long wr_total_times, flush_req, flush_total_times, errs; virTypedParameterPtr param; + char *diskAlias = NULL; virCheckFlags(VIR_TYPED_PARAM_STRING_OKAY, -1); @@ -10227,6 +10233,7 @@ qemuDomainBlockStatsFlags(virDomainPtr dom, } if (*nparams != 0) { + virDomainDiskDefPtr disk = NULL; if ((idx = virDomainDiskIndexByName(vm->def, path, false)) < 0) { virReportError(VIR_ERR_INVALID_ARG, _("invalid path: %s"), path); @@ -10240,6 +10247,8 @@ qemuDomainBlockStatsFlags(virDomainPtr dom, disk->dst); goto endjob; } + if (VIR_STRDUP(diskAlias, disk->info.alias) < 0) + goto endjob; } priv = vm->privateData; @@ -10250,12 +10259,12 @@ qemuDomainBlockStatsFlags(virDomainPtr dom, ret = qemuMonitorGetBlockStatsParamsNumber(priv->mon, nparams); if (tmp == 0 || ret < 0) { - qemuDomainObjExitMonitor(driver, vm); + ignore_value(qemuDomainObjExitMonitor(driver, vm)); goto endjob; } ret = qemuMonitorGetBlockStatsInfo(priv->mon, - disk->info.alias, + diskAlias, &rd_req, &rd_bytes, &rd_total_times, @@ -10266,7 +10275,8 @@ qemuDomainBlockStatsFlags(virDomainPtr dom, &flush_total_times, &errs); - qemuDomainObjExitMonitor(driver, vm); + if (qemuDomainObjExitMonitor(driver, vm) < 0) + ret = -1; if (ret < 0) goto endjob; @@ -10351,6 +10361,7 @@ qemuDomainBlockStatsFlags(virDomainPtr dom, qemuDomainObjEndJob(driver, vm); cleanup: + VIR_FREE(diskAlias); qemuDomObjEndAPI(&vm); return ret; } @@ -16867,7 +16878,8 @@ qemuDomainSetBlockIoTune(virDomainPtr dom, qemuDomainObjEnterMonitor(driver, vm); ret = qemuMonitorSetBlockIoThrottle(priv->mon, device, &info, supportMaxOptions); - qemuDomainObjExitMonitor(driver, vm); + if (qemuDomainObjExitMonitor(driver, vm) < 0) + ret = -1; if (ret < 0) goto endjob; vm->def->disks[idx]->blkdeviotune = info;