[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PULL 60/65] migration: don't close a file descriptor while
|
From: |
Juan Quintela |
|
Subject: |
[Qemu-devel] [PULL 60/65] migration: don't close a file descriptor while it can be in use |
|
Date: |
Fri, 21 Apr 2017 13:56:41 +0200 |
From: Laurent Vivier <address@hidden>
If we close the QEMUFile descriptor in process_incoming_migration_co()
while it has been stopped by an error, the postcopy_ram_listen_thread()
can try to continue to use it. And as the memory has been freed
it is working with an invalid pointer and crashes.
Fix this by releasing the memory after having managed the error
case (which, in fact, calls exit())
Signed-off-by: Laurent Vivier <address@hidden>
Reviewed-by: Dr. David Alan Gilbert <address@hidden>
Reviewed-by: Juan Quintela <address@hidden>
Reviewed-by: Amit Shah <address@hidden>
Reviewed-by: Stefan Hajnoczi <address@hidden>
Signed-off-by: Juan Quintela <address@hidden>
---
migration/migration.c | 16 ++++++++--------
1 file changed, 8 insertions(+), 8 deletions(-)
diff --git a/migration/migration.c b/migration/migration.c
index a92d7f7..31e8141 100644
--- a/migration/migration.c
+++ b/migration/migration.c
@@ -435,17 +435,17 @@ static void process_incoming_migration_co(void *opaque)
qemu_thread_join(&mis->colo_incoming_thread);
}
+ if (ret < 0) {
+ migrate_set_state(&mis->state, MIGRATION_STATUS_ACTIVE,
+ MIGRATION_STATUS_FAILED);
+ error_report("load of migration failed: %s", strerror(-ret));
+ migrate_decompress_threads_join();
+ exit(EXIT_FAILURE);
+ }
+
qemu_fclose(f);
free_xbzrle_decoded_buf();
- if (ret < 0) {
- migrate_set_state(&mis->state, MIGRATION_STATUS_ACTIVE,
- MIGRATION_STATUS_FAILED);
- error_report("load of migration failed: %s", strerror(-ret));
- migrate_decompress_threads_join();
- exit(EXIT_FAILURE);
- }
-
mis->bh = qemu_bh_new(process_incoming_migration_bh, mis);
qemu_bh_schedule(mis->bh);
}
--
2.9.3
- [Qemu-devel] [PULL 50/65] ram: Change offset field in PageSearchStatus to page, (continued)
- [Qemu-devel] [PULL 50/65] ram: Change offset field in PageSearchStatus to page, Juan Quintela, 2017/04/21
- [Qemu-devel] [PULL 52/65] ram: rename last_ram_offset() last_ram_pages(), Juan Quintela, 2017/04/21
- [Qemu-devel] [PULL 54/65] migration: Remove MigrationState parameter from migration_is_idle(), Juan Quintela, 2017/04/21
- [Qemu-devel] [PULL 51/65] ram: Use ramblock and page offset instead of absolute offset, Juan Quintela, 2017/04/21
- [Qemu-devel] [PULL 53/65] ram: Use RAMBitmap type for coherence, Juan Quintela, 2017/04/21
- [Qemu-devel] [PULL 55/65] qdev: qdev_hotplug is really a bool, Juan Quintela, 2017/04/21
- [Qemu-devel] [PULL 56/65] qdev: Export qdev_hot_removed, Juan Quintela, 2017/04/21
- [Qemu-devel] [PULL 59/65] ram: Remove migration_bitmap_extend(), Juan Quintela, 2017/04/21
- [Qemu-devel] [PULL 58/65] migration: Disable hotplug/unplug during migration, Juan Quintela, 2017/04/21
- [Qemu-devel] [PULL 57/65] qdev: Move qdev_unplug() to qdev-monitor.c, Juan Quintela, 2017/04/21
- [Qemu-devel] [PULL 60/65] migration: don't close a file descriptor while it can be in use,
Juan Quintela <=
- [Qemu-devel] [PULL 61/65] virtio-rng: stop virtqueue while the CPU is stopped, Juan Quintela, 2017/04/21
- [Qemu-devel] [PULL 62/65] migration: set current_active_state once, Juan Quintela, 2017/04/21
- [Qemu-devel] [PULL 65/65] hmp: info migrate_parameters format tunes, Juan Quintela, 2017/04/21
- [Qemu-devel] [PULL 64/65] hmp: info migrate_capability format tunes, Juan Quintela, 2017/04/21
- [Qemu-devel] [PULL 63/65] migration: rename max_size to threshold_size, Juan Quintela, 2017/04/21
- Re: [Qemu-devel] [PULL 00/65] Migration pull request, Peter Maydell, 2017/04/21