
On 04/05/13 04:50, Eric Blake wrote:
On 03/31/2013 10:20 AM, Peter Krempa wrote:
The last Viktor's effort to fix the race and memory corruption unfortunately wasn't complete in the case the close callback was not registered in an connection. At that time, the trail of event's that I'll describe later could still happend and corrupt the memory or cause a crash of the client (including the daemon in case of a p2p migration).
The new object - virConnectCloseCallbackData - is a lockable object that keeps the pointers to the real user registered callback and ensures that the connection callback is either not called if the connection was already freed or that the connection isn't freed while this is being called. --- src/datatypes.c | 55 ++++++++++++++++++++++++++++++++++++-------- src/datatypes.h | 22 ++++++++++++++---- src/libvirt.c | 29 ++++++++++++----------- src/remote/remote_driver.c | 57 +++++++++++++++++++++++++++------------------- 4 files changed, 112 insertions(+), 51 deletions(-)
I've (finally) completed my stress-testing, and agree that this patch is sufficient to avoid the race (especially when patch 1/6 is also applied to make the race more obvious).
ACK, and let's get this applied and backported to maintenance branches as appropriate.
Thanks I've pushed this upstream and I will post a 0.10.2 backport later. Peter