From nobody Fri Oct 18 08:44:20 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1718291573059359.8790788651305; Thu, 13 Jun 2024 08:12:53 -0700 (PDT) Received: by lists.libvirt.org (Postfix, from userid 996) id 0AC411201; Thu, 13 Jun 2024 11:12:52 -0400 (EDT) Received: from lists.libvirt.org (localhost [IPv6:::1]) by lists.libvirt.org (Postfix) with ESMTP id 096F41207; Thu, 13 Jun 2024 11:11:58 -0400 (EDT) Received: by lists.libvirt.org (Postfix, from userid 996) id 41BA3B2C; Thu, 13 Jun 2024 11:11:53 -0400 (EDT) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id D57AAA64 for ; Thu, 13 Jun 2024 11:11:52 -0400 (EDT) Received: from mx-prod-mc-02.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-203-2uzD06V4PpWRQEvsPYrqNA-1; Thu, 13 Jun 2024 11:11:50 -0400 Received: from mx-prod-int-05.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-05.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.17]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-02.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 4634C1955EA2 for ; Thu, 13 Jun 2024 15:11:49 +0000 (UTC) Received: from speedmetal.lan (unknown [10.45.242.20]) by mx-prod-int-05.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id 5F04F1956050 for ; Thu, 13 Jun 2024 15:11:48 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org X-Spam-Level: *** X-Spam-Status: No, score=3.0 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H4,RCVD_IN_MSPIKE_WL,RCVD_IN_SBL_CSS,SPF_HELO_NONE, T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.4 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1718291512; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=+5xtwMzGxxK9VyYKfXRQbbrU6O9Z8IAOGQNT6BnW4jw=; b=V+IcZPp/Mp1EvSPum4PE8C68d6cp5n9p7Ng4Cmn50Mlp4xB3vxD1PvOJ9ZV0eQeQkEEUwZ 6gLjDsNMHqNuqFQGVhq3JHtY8oF99jEGtuOyA+DQ4Xew+hDZdoQdkz5/4q3VW3kyCLY0el Ox2wUGCee6n03oDdxvwQwKlJDgYviEg= X-MC-Unique: 2uzD06V4PpWRQEvsPYrqNA-1 From: Peter Krempa To: devel@lists.libvirt.org Subject: [PATCH 02/12] qemuDomainDiskPrivateDispose: Prevent dangling 'disk' pointer in blockjob data Date: Thu, 13 Jun 2024 17:11:34 +0200 Message-ID: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.0 on 10.30.177.17 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Message-ID-Hash: W7EELBRDJFHS6S4JBRTCFAPPL3FA2MB3 X-Message-ID-Hash: W7EELBRDJFHS6S4JBRTCFAPPL3FA2MB3 X-MailFrom: pkrempa@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; header-match-config-2; header-match-config-3; header-match-devel.lists.libvirt.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; suspicious-header X-Mailman-Version: 3.2.2 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1718291573542100001 Content-Type: text/plain; charset="utf-8" Clear the 'disk' member of 'blockjob' as we're freeing the disk object at this point. While this should not normally happen it was observed when other bug allowed the VM to be cleared while other threads didn't yet finish. Signed-off-by: Peter Krempa --- src/qemu/qemu_domain.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 7ba2ea4a5e..a39f361a64 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -798,7 +798,13 @@ qemuDomainDiskPrivateDispose(void *obj) virObjectUnref(priv->migrSource); g_free(priv->qomName); g_free(priv->nodeCopyOnRead); - virObjectUnref(priv->blockjob); + if (priv->blockjob) { + /* Prevent dangling 'disk' pointer, as the disk object will be fre= ed + * right after this function returns if any of the blockjob instan= ce + * outlives this for any reason. */ + priv->blockjob->disk =3D NULL; + virObjectUnref(priv->blockjob); + } } static virClass *qemuDomainStorageSourcePrivateClass; --=20 2.45.2