Re: [libvirt] [PATCH] qemuProcessReconnect: ensure vm xml integrity when save status
On Mon, May 20, 2019 at 12:57:17 +0200, Peter Krempa wrote:
On Sat, May 18, 2019 at 18:24:36 +0800, Wang King wrote:
[...]
> @@ -8023,6 +8024,9 @@ qemuProcessReconnect(void *opaque)
> cfg = virQEMUDriverGetConfig(driver);
> priv = obj->privateData;
>
> + /* need xmlopt later to save status, do not free */
> + xmlopt = virObjectRef(driver->xmlopt);
So I presume the problem is that qemuStateCleanup is called before this
function finishes and thus accesses invalid memory.
This patch will not fix the problem entirely, because the access to
XMLopt here (and everywhere else) is not atomic. This means that if
qemuStateCleanup is called before the above line you'll try to reference
a pointer which was already freed.
Also even if qemuStateCleanup sets the pointer to NULL your patch does
not check it.
To fully fix this I think we need an accessor similar to
virQEMUDriverGetConfig which will access the xmlopt object.
Or ideally we need to turn the qemu_driver struct into an virObject and
increase refcount prior to passing it into the threads reconnecting to
the instances. Otherwise there are potential other fields missing and
can cause problems.
Attachments:
- signature.asc (application/pgp-signature — 833 bytes)