[v2] qemu: migration: Don't crash on access to 'current' job

[libvirt] [PATCH v2] qemu: migration: Don't crash on access to 'current' job

Posted by Peter Krempa 5 years, 11 months ago

When a VM is destroyed while being migrated (waiting in
qemuMigrationSrcWaitForCompletion) the private object cleanup code frees
the 'current' job info. Since the migration code attempts to setup
various aspects of the current job even on failure this results into a
crash.

Job data is cleared in qemuDomainObjPrivateDataClear since commit
888aa4b6b9db

Fix this by skipping all of the code which requires the qemu process to
be alive if the VM is not active any more.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
---
 src/qemu/qemu_migration.c | 33 +++++++++++++++++----------------
 1 file changed, 17 insertions(+), 16 deletions(-)

diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c
index b913e99928..1a857329ec 100644
--- a/src/qemu/qemu_migration.c
+++ b/src/qemu/qemu_migration.c
@@ -3561,27 +3561,28 @@ qemuMigrationSrcRun(virQEMUDriverPtr driver,
  error:
     orig_err = virSaveLastError();

-    if (cancel &&
-        priv->job.current->status != QEMU_DOMAIN_JOB_STATUS_QEMU_COMPLETED &&
-        virDomainObjIsActive(vm) &&
-        qemuDomainObjEnterMonitorAsync(driver, vm,
-                                       QEMU_ASYNC_JOB_MIGRATION_OUT) == 0) {
-        qemuMonitorMigrateCancel(priv->mon);
-        ignore_value(qemuDomainObjExitMonitor(driver, vm));
-    }
+    if (virDomainObjIsActive(vm)) {
+        if (cancel &&
+            priv->job.current->status != QEMU_DOMAIN_JOB_STATUS_QEMU_COMPLETED &&
+            qemuDomainObjEnterMonitorAsync(driver, vm,
+                                           QEMU_ASYNC_JOB_MIGRATION_OUT) == 0) {
+            qemuMonitorMigrateCancel(priv->mon);
+            ignore_value(qemuDomainObjExitMonitor(driver, vm));
+        }

-    /* cancel any outstanding NBD jobs */
-    if (mig && mig->nbd)
-        qemuMigrationSrcCancelDriveMirror(driver, vm, false,
-                                          QEMU_ASYNC_JOB_MIGRATION_OUT,
-                                          dconn);
+        /* cancel any outstanding NBD jobs */
+        if (mig && mig->nbd)
+            qemuMigrationSrcCancelDriveMirror(driver, vm, false,
+                                              QEMU_ASYNC_JOB_MIGRATION_OUT,
+                                              dconn);
+
+        if (priv->job.current->status != QEMU_DOMAIN_JOB_STATUS_CANCELED)
+            priv->job.current->status = QEMU_DOMAIN_JOB_STATUS_FAILED;
+    }

     if (iothread)
         qemuMigrationSrcStopTunnel(iothread, true);

-    if (priv->job.current->status != QEMU_DOMAIN_JOB_STATUS_CANCELED)
-        priv->job.current->status = QEMU_DOMAIN_JOB_STATUS_FAILED;
-
     goto cleanup;

  exit_monitor:
-- 
2.16.2

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH v2] qemu: migration: Don't crash on access to 'current' job

Posted by Jiri Denemark 5 years, 11 months ago

On Mon, Apr 30, 2018 at 13:36:39 +0200, Peter Krempa wrote:
> When a VM is destroyed while being migrated (waiting in
> qemuMigrationSrcWaitForCompletion) the private object cleanup code frees
> the 'current' job info. Since the migration code attempts to setup
> various aspects of the current job even on failure this results into a
> crash.
> 
> Job data is cleared in qemuDomainObjPrivateDataClear since commit
> 888aa4b6b9db
> 
> Fix this by skipping all of the code which requires the qemu process to
> be alive if the VM is not active any more.
> 
> Signed-off-by: Peter Krempa <pkrempa@redhat.com>

Reviewed-by: Jiri Denemark <jdenemar@redhat.com>

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list