mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2025-01-23 04:55:18 +00:00
qemu: Don't access vm->priv on unlocked domain
Since 86d90b3a (yes, my patch; again) we are supporting NBD storage migration. However, on error recovery path we got the steps reversed. The correct order is: return NBD port to the virPortAllocator and then either unlock the vm or remove it from the driver. Not vice versa. ==11192== Invalid write of size 4 ==11192== at 0x11488559: qemuMigrationPrepareAny (qemu_migration.c:2459) ==11192== by 0x11488EA6: qemuMigrationPrepareDirect (qemu_migration.c:2652) ==11192== by 0x114D1509: qemuDomainMigratePrepare3Params (qemu_driver.c:10332) ==11192== by 0x519075D: virDomainMigratePrepare3Params (libvirt.c:7290) ==11192== by 0x1502DA: remoteDispatchDomainMigratePrepare3Params (remote.c:4798) ==11192== by 0x12DECA: remoteDispatchDomainMigratePrepare3ParamsHelper (remote_dispatch.h:5741) ==11192== by 0x5212127: virNetServerProgramDispatchCall (virnetserverprogram.c:435) ==11192== by 0x5211C86: virNetServerProgramDispatch (virnetserverprogram.c:305) ==11192== by 0x520A8FD: virNetServerProcessMsg (virnetserver.c:165) ==11192== by 0x520A9E1: virNetServerHandleJob (virnetserver.c:186) ==11192== by 0x50DA78F: virThreadPoolWorker (virthreadpool.c:144) ==11192== by 0x50DA11C: virThreadHelper (virthreadpthread.c:161) ==11192== Address 0x1368baa0 is 576 bytes inside a block of size 688 free'd ==11192== at 0x4A07F5C: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) ==11192== by 0x5079A2F: virFree (viralloc.c:580) ==11192== by 0x11456C34: qemuDomainObjPrivateFree (qemu_domain.c:267) ==11192== by 0x50F41B4: virDomainObjDispose (domain_conf.c:2034) ==11192== by 0x50C2991: virObjectUnref (virobject.c:262) ==11192== by 0x50F4CFC: virDomainObjListRemove (domain_conf.c:2361) ==11192== by 0x1145C125: qemuDomainRemoveInactive (qemu_domain.c:2087) ==11192== by 0x11488520: qemuMigrationPrepareAny (qemu_migration.c:2456) ==11192== by 0x11488EA6: qemuMigrationPrepareDirect (qemu_migration.c:2652) ==11192== by 0x114D1509: qemuDomainMigratePrepare3Params (qemu_driver.c:10332) ==11192== by 0x519075D: virDomainMigratePrepare3Params (libvirt.c:7290) ==11192== by 0x1502DA: remoteDispatchDomainMigratePrepare3Params (remote.c:4798) Signed-off-by: Michal Privoznik <mprivozn@redhat.com> (cherry picked from commit 1f2f879ed17a784559f67b0fa2408d2436b731fd)
This commit is contained in:
parent
ecce7e23cf
commit
d740294222
@ -2420,14 +2420,14 @@ cleanup:
|
|||||||
VIR_FORCE_CLOSE(dataFD[0]);
|
VIR_FORCE_CLOSE(dataFD[0]);
|
||||||
VIR_FORCE_CLOSE(dataFD[1]);
|
VIR_FORCE_CLOSE(dataFD[1]);
|
||||||
if (vm) {
|
if (vm) {
|
||||||
if (ret >= 0 || vm->persistent)
|
|
||||||
virObjectUnlock(vm);
|
|
||||||
else
|
|
||||||
qemuDomainRemoveInactive(driver, vm);
|
|
||||||
if (ret < 0) {
|
if (ret < 0) {
|
||||||
virPortAllocatorRelease(driver->remotePorts, priv->nbdPort);
|
virPortAllocatorRelease(driver->remotePorts, priv->nbdPort);
|
||||||
priv->nbdPort = 0;
|
priv->nbdPort = 0;
|
||||||
}
|
}
|
||||||
|
if (ret >= 0 || vm->persistent)
|
||||||
|
virObjectUnlock(vm);
|
||||||
|
else
|
||||||
|
qemuDomainRemoveInactive(driver, vm);
|
||||||
}
|
}
|
||||||
if (event)
|
if (event)
|
||||||
qemuDomainEventQueue(driver, event);
|
qemuDomainEventQueue(driver, event);
|
||||||
|
Loading…
x
Reference in New Issue
Block a user