Fix crash when cleaning up from failed save attempt

If a transient QEMU crashes during save attempt, then the virDomainPtr object may be freed. If a persistent QEMU crashes during save, then the 'priv->mon' field is no longer valid since it will be inactive. * src/qemu/qemu_driver.c: Fix two crashes when QEMU exits during a save attempt

Fix crash when cleaning up from failed save attempt
If a transient QEMU crashes during save attempt, then the virDomainPtr object may be freed. If a persistent QEMU crashes during save, then the 'priv->mon' field is no longer valid since it will be inactive. * src/qemu/qemu_driver.c: Fix two crashes when QEMU exits during a save attempt
d7e0fe6e · Daniel P. Berrange · ed7813d2 · d7e0fe6e
隐藏空白更改
内联并排

Showing with 22 addition and 14 deletion

src/qemu/qemu_driver.c src/qemu/qemu_driver.c +22 -14

未找到文件。
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -4924,19 +4924,20 @@ static int qemudDomainSaveFlag(virDomainPtr dom, const char *path,
    }
 endjob:
-    if (ret != 0 && header.was_running) {
+    if (vm) {
-        qemuDomainObjEnterMonitorWithDriver(driver, vm);
+        if (ret != 0 && header.was_running && priv->mon) {
-        rc = qemuMonitorStartCPUs(priv->mon, dom->conn);
+            qemuDomainObjEnterMonitorWithDriver(driver, vm);
-        qemuDomainObjExitMonitorWithDriver(driver, vm);
+            rc = qemuMonitorStartCPUs(priv->mon, dom->conn);
-        if (rc < 0)
+            qemuDomainObjExitMonitorWithDriver(driver, vm);
-            VIR_WARN0("Unable to resume guest CPUs after save failure");
+            if (rc < 0)
-        else
+                VIR_WARN0("Unable to resume guest CPUs after save failure");
-            vm->state = VIR_DOMAIN_RUNNING;
+            else
-    }
+                vm->state = VIR_DOMAIN_RUNNING;
+        }
-    if (vm &&
+        if (qemuDomainObjEndJob(vm) == 0)
-        qemuDomainObjEndJob(vm) == 0)
            vm = NULL;
+    }
 cleanup:
    VIR_FREE(xml);
@@ -7110,9 +7111,16 @@ static int qemudDomainAttachNetDevice(virConnectPtr conn,
    }
    /* FIXME - need to support vhost-net here (5th arg) */
-    if (!(netstr = qemuBuildHostNetStr(net, ' ',
+    if ((qemuCmdFlags & QEMUD_CMD_FLAG_NETDEV) &&
-                                       vlan, tapfd_name, 0)))
+        (qemuCmdFlags & QEMUD_CMD_FLAG_DEVICE)) {
-        goto try_tapfd_close;
+        if (!(netstr = qemuBuildHostNetStr(net, ',',
+                                           -1, tapfd_name, 0)))
+            goto try_tapfd_close;
+    } else {
+        if (!(netstr = qemuBuildHostNetStr(net, ' ',
+                                           vlan, tapfd_name, 0)))
+            goto try_tapfd_close;
+    }
    qemuDomainObjEnterMonitorWithDriver(driver, vm);
    if (qemuMonitorAddHostNetwork(priv->mon, netstr) < 0) {