git.ipfire.org Git - thirdparty/libvirt.git/commit

author	Daniel P. Berrange <berrange@redhat.com>
	Tue, 26 Jul 2011 14:49:15 +0000 (15:49 +0100)
committer	Daniel P. Berrange <berrange@redhat.com>
	Tue, 26 Jul 2011 15:22:32 +0000 (16:22 +0100)
commit	0302391ee643ad91fdc6d2ecf7e4cf0fc9724516
tree	a899f1cce3ac7f509b9b8e533cd8f50be2c0bc1b	tree
parent	652e55b7a5da4d8805f49c17979f4eb0a0d54741	commit \| diff

Fix race in ref counting when handling RPC jobs

When an incoming RPC message is ready for processing,

  virNetServerClientDispatchRead()

will invoke the 'dispatchFunc' callback. This is set to

  virNetServerDispatchNewMessage

This function puts the message + client in a queue for processing by the thread
pool. The thread pool worker function is

  virNetServerHandleJob

The first thing this does is acquire an extra reference on the 'client'.

Unfortunately, between the time the message+client are put on the thread pool
queue, and the time the worker runs, the client object may have had its last
reference removed.

We clearly need to add the reference to the client object before putting the
client on the processing queue

* src/rpc/virnetserverclient.c: Add a reference to the client when
  invoking the dispatch function
* src/rpc/virnetserver.c: Don't acquire a reference to the client
  when in the worker thread

src/rpc/virnetserver.c		diff \| blob \| blame \| history
src/rpc/virnetserverclient.c		diff \| blob \| blame \| history