qemuMigrationSrcRun: Re-check whether VM is active before accessing job data

'qemuProcessStop()' clears the 'current' job data. While the code under
the 'error' label in 'qemuMigrationSrcRun()' does check that the VM is
active before accessing the job, it also invokes multiple helper
functions to clean up the migration including
'qemuMigrationSrcNBDCopyCancel()' which calls 'qemuDomainObjWait()'
invalidating the result of the liveness check as it unlocks the VM.

Duplicate the liveness check and explain why. The rest of the code e.g.
accessing the monitor is safe as 'qemuDomainEnterMonitorAsync()'
performs a liveness check. The cleanup path just ignores the return
values of those functions.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
This commit is contained in:
Peter Krempa 2024-06-13 16:21:47 +02:00
parent 9243e87820
commit e00a58c10a

View File

@ -5074,7 +5074,13 @@ qemuMigrationSrcRun(virQEMUDriver *driver,
dconn);
qemuMigrationSrcCancelRemoveTempBitmaps(vm, VIR_ASYNC_JOB_MIGRATION_OUT);
}
/* We need to re-check that the VM is active as functions like
* qemuMigrationSrcCancel/qemuMigrationSrcNBDCopyCancel wait on the VM
* condition unlocking the VM object which can lead to a cleanup of the
* 'current' job via qemuProcessStop */
if (qemuDomainObjIsActive(vm)) {
if (vm->job->current->status != VIR_DOMAIN_JOB_STATUS_CANCELED)
vm->job->current->status = VIR_DOMAIN_JOB_STATUS_FAILED;
}