|
[PATCH] qemu: fix libvirtd crash in migration after vm shutdown If we shutdown a guest, then migrate it without the arg XML, libvirtd will get crashed. The reason is that: 1 during shutdown callback, qemuProcessStop() , it points vm->def to vm->newDef 2 during migration, it frees persistentDef, which points to vm->newDef when the arg XML is NULL. However, because vm->newDef is now vm->def, what we IN FACT freed is vm->def. 3 it will refer to vm->def after step2, thus invalid read/write causes libvirtd crash We needn't to free persistentDef if persist_xml is NULL, because no extra def was alloced if persistent_xml is NULL.
--- src/qemu/qemu_migration.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c index 6a683f7..3636c93 100644 --- a/src/qemu/qemu_migration.c +++ b/src/qemu/qemu_migration.c @@ -4915,7 +4915,7 @@ qemuMigrationRun(virQEMUDriverPtr driver, VIR_WARN("Unable to encode migration cookie"); } - if (persistDef != vm->newDef) + if (persist_xml && persistDef) virDomainDefFree(persistDef); qemuMigrationCookieFree(mig); -- 1.9.5.msysgit.1 |
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list