[PATCH]daemon: Fix a crash during virNetlinkEventServiceStopAll

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

The virNetlinkEventServiceStopAll() should be executed behind virStateCleanup(),
for some important resources like(static virNetlinkEventSrvPrivatePtr server)
are freed unexpected. However virStateCleanup() need to use this
variable(server).

The call trace of virNetlinkEventServiceStopAll:

virNetlinkEventServiceStopAll()
	--> virNetlinkEventServiceStop()
	  --> server[protocol] = NULL;   // set server to null 

The call trace of virStateCleanup():
virStateCleanup()
	-->qemuStateCleanup()
	  -->qemuProcessStop()
	    -->virNetDevMacVLanDeleteWithVPortProfile()
	     -->virNetlinkEventRemoveClient()
	       --> srv = server[protocol] 

In virNetlinkEventRemoveClient() the variable server is used again, but now it
is null that is freed by virNetlinkEventServiceStopAll().So it would case a crash .

The call trace of crash:

(gdb) bt
0  __GI___pthread_mutex_lock (mutex=0x0) at /usr/src/debug/glibc/2.24-r0/git/nptl/pthread_mutex_lock.c:67
1  0x00007fb0d555d0f9 in virNetlinkEventRemoveClient () from /usr/lib64/libvirt.so.0
2  0x00007fb0d55551df in virNetDevMacVLanDeleteWithVPortProfile () from /usr/lib64/libvirt.so.0
3  0x00007fb0c1131251 in qemuProcessStop () from /usr/lib64/libvirt/connection-driver/libvirt_driver_qemu.so
4  0x00007fb0c11995ea in ?? () from /usr/lib64/libvirt/connection-driver/libvirt_driver_qemu.so
5  0x00007fb0d5588c5b in ?? () from /usr/lib64/libvirt.so.0
6  0x00007fb0d5587fe8 in ?? () from /usr/lib64/libvirt.so.0
7  0x00007fb0d19533f4 in start_thread (arg=0x7fb0be17b700) at /usr/src/debug/glibc/2.24-r0/git/nptl/pthread_create.c:456
8  0x00007fb0d128f10f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:105

Signed-off-by: Liu Haitao <haitao.liu@xxxxxxxxxxxxx>
---
 src/remote/remote_daemon.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/remote/remote_daemon.c b/src/remote/remote_daemon.c
index c3782971f1..7da20a6644 100644
--- a/src/remote/remote_daemon.c
+++ b/src/remote/remote_daemon.c
@@ -1464,8 +1464,6 @@ int main(int argc, char **argv) {
     /* Keep cleanup order in inverse order of startup */
     virNetDaemonClose(dmn);
 
-    virNetlinkEventServiceStopAll();
-
     if (driversInitialized) {
         /* NB: Possible issue with timing window between driversInitialized
          * setting if virNetlinkEventServerStart fails */
@@ -1473,6 +1471,8 @@ int main(int argc, char **argv) {
         virStateCleanup();
     }
 
+    virNetlinkEventServiceStopAll();
+
     virObjectUnref(adminProgram);
     virObjectUnref(srvAdm);
     virObjectUnref(qemuProgram);
-- 
2.21.0

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]

  Powered by Linux