Avoid invoking the qemu monitor destroy callback if the constructor fails

Some, but not all, codepaths in the qemuMonitorOpen() method would trigger the destroy callback. The caller does not expect this to be invoked if construction fails, only during normal release of the monitor. This resulted in a possible double-unref of the virDomainObjPtr, because the caller explicitly unrefs the virDomainObjPtr if qemuMonitorOpen() fails * src/qemu/qemu_monitor.c: Don't invoke destroy callback from qemuMonitorOpen() failure paths

Avoid invoking the qemu monitor destroy callback if the constructor fails
Some, but not all, codepaths in the qemuMonitorOpen() method would trigger the destroy callback. The caller does not expect this to be invoked if construction fails, only during normal release of the monitor. This resulted in a possible double-unref of the virDomainObjPtr, because the caller explicitly unrefs the virDomainObjPtr if qemuMonitorOpen() fails * src/qemu/qemu_monitor.c: Don't invoke destroy callback from qemuMonitorOpen() failure paths
8134d396 · Daniel P. Berrange · adc796c8 · 8134d396
隐藏空白更改
内联并排

Showing with 7 addition and 1 deletion

src/qemu/qemu_monitor.c src/qemu/qemu_monitor.c +7 -1

未找到文件。
--- a/src/qemu/qemu_monitor.c
+++ b/src/qemu/qemu_monitor.c
@@ -198,7 +198,7 @@ void qemuMonitorUnlock(qemuMonitorPtr mon)
 static void qemuMonitorFree(qemuMonitorPtr mon)
 {
    VIR_DEBUG("mon=%p", mon);
-    if (mon->cb->destroy)
+    if (mon->cb && mon->cb->destroy)
        (mon->cb->destroy)(mon, mon->vm);
    if (virCondDestroy(&mon->notify) < 0)
    {}
@@ -671,6 +671,12 @@ qemuMonitorOpen(virDomainObjPtr vm,
    return mon;

 cleanup:
+    /* We don't want the 'destroy' callback invoked during
+     * cleanup from construction failure, because that can
+     * give a double-unref on virDomainObjPtr in the caller,
+     * so kill the callbacks now.
+     */
+    mon->cb = NULL;
    qemuMonitorUnlock(mon);
    qemuMonitorClose(mon);
    return NULL;