Skip to content
Permalink
Browse files Browse the repository at this point in the history
qemu: Add missing lock in qemuProcessHandleMonitorEOF
qemuMonitorUnregister will be called in multiple threads (e.g. threads
in rpc worker pool and the vm event thread).  In some cases, it isn't
protected by the monitor lock, which may lead to call g_source_unref
more than one time and a use-after-free problem eventually.

Add the missing lock in qemuProcessHandleMonitorEOF (which is the only
position missing lock of monitor I found).

Suggested-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Peng Liang <liangpeng10@huawei.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
  • Loading branch information
Peng Liang authored and zippy2 committed Feb 24, 2021
1 parent 5172293 commit 1ac703a
Showing 1 changed file with 2 additions and 0 deletions.
2 changes: 2 additions & 0 deletions src/qemu/qemu_process.c
Expand Up @@ -318,7 +318,9 @@ qemuProcessHandleMonitorEOF(qemuMonitorPtr mon,
/* We don't want this EOF handler to be called over and over while the
* thread is waiting for a job.
*/
virObjectLock(mon);
qemuMonitorUnregister(mon);
virObjectUnlock(mon);

/* We don't want any cleanup from EOF handler (or any other
* thread) to enter qemu namespace. */
Expand Down

0 comments on commit 1ac703a

Please sign in to comment.