[PATCH] Fix crash changing CDROM media

"Daniel P. Berrange" <berrange@xxxxxxxxxx> · Mon, 25 Feb 2013 17:25:06 +0000

From: "Daniel P. Berrange" <berrange@xxxxxxxxxx>

This change tried to fix a crash with changing CDROM media but
failed to actually do so

  commit d0172d2b1b5d865aaa042070d7c2d00effb2ff8c
  Author: Osier Yang <jyang@xxxxxxxxxx>
  Date:   Tue Feb 19 20:27:45 2013 +0800

    qemu: Remove the shared disk entry if the operation is ejecting or updating

It was still accessing disk->src, when the entire 'disk' object
has been free'd already. Even if it weren't free'd, accessing
the 'src' value of virDomainDiskDef is not allowed without
first validating disk->type is file or block. Just remove the
broken code entirely.

Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx>
---
 src/qemu/qemu_driver.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index 1e96915..8dae8f9 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -5778,13 +5778,14 @@ qemuDomainAttachDeviceDiskLive(virConnectPtr conn,
         dev->data.disk = tmp;
 
         ret = qemuDomainChangeEjectableMedia(driver, vm, disk, orig_disk, false);
+        /* 'disk' must not be accessed now - it has been free'd.
+         * 'orig_disk' now points to the new disk, while 'dev_copy'
+         * now points to the old disk */
 
         /* Need to remove the shared disk entry for the original disk src
          * if the operation is either ejecting or updating.
          */
-        if (ret == 0 &&
-            orig_disk->src &&
-            STRNEQ_NULLABLE(orig_disk->src, disk->src))
+        if (ret == 0)
             ignore_value(qemuRemoveSharedDisk(driver, dev_copy->data.disk,
                                               vm->def->name));
         break;
-- 
1.8.1.2

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list





