Fix crash changing CDROM media

This change tried to fix a crash with changing CDROM media but
failed to actually do so

  commit d0172d2b1b5d865aaa042070d7c2d00effb2ff8c
  Author: Osier Yang <jyang@redhat.com>
  Date:   Tue Feb 19 20:27:45 2013 +0800

    qemu: Remove the shared disk entry if the operation is ejecting or updating

It was still accessing disk->src, when the entire 'disk' object
has been free'd already. Even if it weren't free'd, accessing
the 'src' value of virDomainDiskDef is not allowed without
first validating disk->type is file or block. Just remove the
broken code entirely.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>

diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index 1e969155cba9484db9f8f412120251cd02bde35b..8dae8f9848745ae4079dc3fe7e537330dfab708a 100644 (file)
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -5778,13 +5778,14 @@ qemuDomainAttachDeviceDiskLive(virConnectPtr conn,
         dev->data.disk = tmp;
 
         ret = qemuDomainChangeEjectableMedia(driver, vm, disk, orig_disk, false);
+        /* 'disk' must not be accessed now - it has been free'd.
+         * 'orig_disk' now points to the new disk, while 'dev_copy'
+         * now points to the old disk */
 
         /* Need to remove the shared disk entry for the original disk src
          * if the operation is either ejecting or updating.
          */
-        if (ret == 0 &&
-            orig_disk->src &&
-            STRNEQ_NULLABLE(orig_disk->src, disk->src))
+        if (ret == 0)
             ignore_value(qemuRemoveSharedDisk(driver, dev_copy->data.disk,
                                               vm->def->name));
         break;