On Fri, May 20, 2011 at 03:09:09PM +0800, Wen Congyang wrote:
> If we use p2p migration and the vm is transient, vm will be deleted in
> qemuDomainMigrateConfirm3(). But the caller(doPeer2PeerMigrate() and
> qemuMigrationPerform()) still access it, and it will cause libvirtd crashed.
>
> ---
> src/qemu/qemu_migration.c | 7 ++++++-
> 1 files changed, 6 insertions(+), 1 deletions(-)
>
> diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c
> index 4d7bc38..ab28416 100644
> --- a/src/qemu/qemu_migration.c
> +++ b/src/qemu/qemu_migration.c
> @@ -1971,6 +1971,11 @@ int qemuMigrationPerform(struct qemud_driver *driver,
> goto cleanup;
> priv->jobActive = QEMU_JOB_MIGRATION_OUT;
>
> + /* Hold an extra reference because we can't allow 'vm' to be deleted in
> + * qemuDomainMigrateConfirm3().
> + */
> + virDomainObjRef(vm);
> +
> if (!virDomainObjIsActive(vm)) {
> qemuReportError(VIR_ERR_OPERATION_INVALID,
> "%s", _("domain is not running"));
> @@ -2045,7 +2050,7 @@ endjob:
> vm = NULL;
>
> cleanup:
> - if (vm)
> + if (vm && virDomainObjUnref(vm) > 0)
> virDomainObjUnlock(vm);
> if (event)
> qemuDomainEventQueue(driver, event);
This is just working around a bug in qemuMigrationConfirm, which
should not have been deleting the 'vm' at all. So I am changing
that latter method to fix the issue
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list