From 8ab6f1ad5f69738f2b41cd6d9aac2fd9deac78a4 Mon Sep 17 00:00:00 2001
From: Michal Privoznik <mprivozn@redhat.com>
Date: Tue, 7 Jan 2014 18:19:34 +0100
Subject: [PATCH] virConnect(Un)registerCloseCallback: Unlock @conn prior to
 error dispatch

The function checks for @conn to be valid and locks its mutex. Then, it
checks if callee is unregistering the same callback that he registered
previously. If this fails an error is reported and  the control jumps to
'error' label. Here, if @conn has some errors (and it certainly does -
the one that's been just reported) the conn->mutex is locked again -
without any previous unlock:

  Thread 1 (Thread 0x7fb500ef1800 (LWP 18982)):
  #0  __lll_lock_wait () at ../nptl/sysdeps/unix/sysv/linux/x86_64/lowlevellock.S:135
  #1  0x00007fb4fd99ce56 in _L_lock_918 () from /lib64/libpthread.so.0
  #2  0x00007fb4fd99ccaa in __GI___pthread_mutex_lock (mutex=0x7fb50153b670) at pthread_mutex_lock.c:64
  #3  0x00007fb5007e574d in virMutexLock (m=m@entry=0x7fb50153b670) at util/virthreadpthread.c:85
  #4  0x00007fb5007b198e in virDispatchError (conn=conn@entry=0x7fb50153b5e0) at util/virerror.c:594
  #5  0x00007fb5008a3735 in virConnectUnregisterCloseCallback (conn=0x7fb50153b5e0, cb=cb@entry=0x7fb500f588e0 <vshCatchDisconnect>) at libvirt.c:21025
  #6  0x00007fb500f5d690 in vshReconnect (ctl=ctl@entry=0x7fffff60e710) at virsh.c:328
  #7  0x00007fb500f5dc50 in vshCommandRun (ctl=ctl@entry=0x7fffff60e710, cmd=0x7fb50152ca80) at virsh.c:1755
  #8  0x00007fb500f5861b in main (argc=<optimized out>, argv=<optimized out>) at virsh.c:3393

And since the conn's mutex is not recursive, the virDispatchError will
never ever lock it successfully.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
---
 src/libvirt.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/libvirt.c b/src/libvirt.c
index 6656c9c099..619da806a0 100644
--- a/src/libvirt.c
+++ b/src/libvirt.c
@@ -20446,9 +20446,9 @@ virConnectRegisterCloseCallback(virConnectPtr conn,
     return 0;
 
 error:
-    virDispatchError(conn);
     virObjectUnlock(conn->closeCallback);
     virMutexUnlock(&conn->lock);
+    virDispatchError(conn);
     virObjectUnref(conn);
     return -1;
 }
@@ -20500,9 +20500,9 @@ virConnectUnregisterCloseCallback(virConnectPtr conn,
     return 0;
 
 error:
-    virDispatchError(conn);
     virObjectUnlock(conn->closeCallback);
     virMutexUnlock(&conn->lock);
+    virDispatchError(conn);
     return -1;
 }