On Thu, Apr 23, 2026 at 20:15:16 +0200, Roman Bogorodskiy wrote:
Currently, there are two (at least) issues in virBhyveProcessStop().
Before going into details, a quick overview of the bhyve shutdown process. It is a two stage process*: first, the main bhyve process gets destroyed (either via an external command or within the guest), then the resources need to be cleaned up using the bhyvectl(8) tool.
The first issue is that if virCommandRun() for bhyvectl(8) fails, virBhyveProcessStop() jumps to the 'cleanup' label and misses cleaning of some resources.
The second issue is more serious. Currently, monitor is closed only after running of the bhyvectl(8) command. That means that the monitor could catch the domain destroy event and try to run virBhyveProcessStop() on the same domain again, resulting in trying to release already released resources, such as the monitor itself.
Address by:
* Making virCommandRun() on bhyvectl(8) non-critical. Even if it fails, we try to clean up all resources. We consider the function failed (return value 1) though.
* Close monitor before running bhyvectl(8)
Additionally, do not verify that virBhyveProcessBuildDestroyCmd() returns non-NULL, there could be only allocation errors.
And with 'glib' they result in an abort() so no need to worry about those.
Reported-by: Peter Krempa <pkrempa@redhat.com> Signed-off-by: Roman Bogorodskiy <bogorodskiy@gmail.com> --- src/bhyve/bhyve_process.c | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-)
Reviewed-by: Peter Krempa <pkrempa@redhat.com>