From: Michal Privoznik <mprivozn@redhat.com>
Date: Wed, 23 May 2018 16:19:16 +0000 (+0200)
Subject: qemuDomainDetachShmemDevice: Don't release shmem address twice
X-Git-Url: http://xenbits.xensource.com/gitweb?a=commitdiff_plain;h=c2fa7e7ffc36e37f96cfaa6b0ec4d689606925c7;p=libvirt.git

qemuDomainDetachShmemDevice: Don't release shmem address twice

On shmem unplug, when qemu doesn't support DEVICE_DELETED event
(or couple of other reasons) we do two things:

1) release shmem device address,
2) call qemuDomainRemoveShmemDevice() which does 1) again.

This is potentially dangerous.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
---

diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
index cddd700af8..dba4bc9a6e 100644
--- a/src/qemu/qemu_hotplug.c
+++ b/src/qemu/qemu_hotplug.c
@@ -5291,10 +5291,8 @@ qemuDomainDetachShmemDevice(virQEMUDriverPtr driver,
         ret = -1;
 
     if (ret == 0) {
-        if ((ret = qemuDomainWaitForDeviceRemoval(vm)) == 1) {
-            qemuDomainReleaseDeviceAddress(vm, &shmem->info, NULL);
+        if ((ret = qemuDomainWaitForDeviceRemoval(vm)) == 1)
             ret = qemuDomainRemoveShmemDevice(driver, vm, shmem);
-        }
     }
     qemuDomainResetDeviceRemoval(vm);