[libvirt] [PATCH] qemu: Take error path if acquiring of job fails in qemuDomainSaveInternal
Due to a goto statement missed when refactoring in 2771f8b74c1bf50d1fa when acquiring of a domain job failed the error path was not taken. This resulted into a crash afterwards as a extra reference was removed from a domain object leading to it being freed. An attempt to list the domains afterwards leaded to a crash of the daemon afterwards. https://bugzilla.redhat.com/show_bug.cgi?id=928672 --- Sorry for breaking that in the first place :/ src/qemu/qemu_driver.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 0af76a5..96f87cd 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -2987,8 +2987,8 @@ qemuDomainSaveInternal(virQEMUDriverPtr driver, virDomainPtr dom, if (!qemuMigrationIsAllowed(driver, vm, vm->def, false, false)) goto cleanup; - if (qemuDomainObjBeginAsyncJob(driver, vm, - QEMU_ASYNC_JOB_SAVE) < 0) + if (qemuDomainObjBeginAsyncJob(driver, vm, QEMU_ASYNC_JOB_SAVE) < 0) + goto cleanup; memset(&priv->job.info, 0, sizeof(priv->job.info)); priv->job.info.type = VIR_DOMAIN_JOB_UNBOUNDED; -- 1.8.3.2
On Tue, Jul 23, 2013 at 16:21:10 +0200, Peter Krempa wrote:
Due to a goto statement missed when refactoring in 2771f8b74c1bf50d1fa when acquiring of a domain job failed the error path was not taken. This resulted into a crash afterwards as a extra reference was removed from a
s/as a/as an/
domain object leading to it being freed. An attempt to list the domains afterwards leaded to a crash of the daemon afterwards.
ETOOMANYATERWARDS :-P
https://bugzilla.redhat.com/show_bug.cgi?id=928672 --- Sorry for breaking that in the first place :/
src/qemu/qemu_driver.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 0af76a5..96f87cd 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -2987,8 +2987,8 @@ qemuDomainSaveInternal(virQEMUDriverPtr driver, virDomainPtr dom, if (!qemuMigrationIsAllowed(driver, vm, vm->def, false, false)) goto cleanup;
- if (qemuDomainObjBeginAsyncJob(driver, vm, - QEMU_ASYNC_JOB_SAVE) < 0) + if (qemuDomainObjBeginAsyncJob(driver, vm, QEMU_ASYNC_JOB_SAVE) < 0) + goto cleanup;
memset(&priv->job.info, 0, sizeof(priv->job.info)); priv->job.info.type = VIR_DOMAIN_JOB_UNBOUNDED;
ACK with the commit message polished. Jirka
On 07/23/13 16:26, Jiri Denemark wrote:
On Tue, Jul 23, 2013 at 16:21:10 +0200, Peter Krempa wrote:
Due to a goto statement missed when refactoring in 2771f8b74c1bf50d1fa when acquiring of a domain job failed the error path was not taken. This resulted into a crash afterwards as a extra reference was removed from a
s/as a/as an/
domain object leading to it being freed. An attempt to list the domains afterwards leaded to a crash of the daemon afterwards.
ETOOMANYATERWARDS :-P
...
ACK with the commit message polished.
I upgraded the message and pushed the patch afterwards ;)
Jirka
Thanks. Peter
participants (2)
-
Jiri Denemark -
Peter Krempa