Commit id '4313fead' added a call to virDomainPanicCheckABIStability()
which did not check whether the panic device existed before making a call
to virDomainDeviceInfoCheckABIStability() which ended up segfaulting:
Thread 1 (Thread 0x7f5332837700 (LWP 10964)):
(src=<optimized out>, dst=<optimized out>)
at conf/domain_conf.c:13007
(dst=<optimized out>, src=<optimized out>)
at conf/domain_conf.c:13712
(src=<optimized out>, dst=<optimized out>)
at conf/domain_conf.c:14056
(domain=domain@entry=0x7f53000057c0, vm=vm@entry=0x7f53000036d0,
defptr=defptr@entry=0x7f5332836978, snap=snap@entry=0x7f5332836970,
update_current=update_current@entry=0x7f5332836962, flags=flags@entry=1)
at conf/snapshot_conf.c:1230
(domain=0x7f53000057c0, xmlDesc=<optimized out>, flags=1)
at qemu/qemu_driver.c:12719
(domain=domain@entry=0x7f53000057c0, xmlDesc=0x7f53000081d0
"<domainsnapshot>\n <name>snap2</name>\n
<description>new-desc</description>\n
<state>running</state>\n
<parent>\n <name>snap1</name>\n </parent>\n
<creationTime>1387487268</creationTime>\n <memory s"...,
flags=1)
at libvirt.c:19695
...
(gdb) up 3
(gdb) print *other->def->dom
$2 = {virtType = 2, id = -1, ..
...
rng = 0x0, panic = 0x0, namespaceData = 0x0,...
...
(gdb) print *def->dom
$3 = {virtType = 2, id = -1, ...
...
rng = 0x0, panic = 0x0, namespaceData = 0x0,...
...
(gdb)
Signed-off-by: John Ferlan <jferlan(a)redhat.com>
---
NOTE: Optionally the call could be changed to:
"if (src->panic && !virDomainPanicCheckABIStability(...)"
I went with what I did following the RNGDefCheckABIStability.
src/conf/domain_conf.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 0079234..c86af9a 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -13709,6 +13709,9 @@ static bool
virDomainPanicCheckABIStability(virDomainPanicDefPtr src,
virDomainPanicDefPtr dst)
{
+ if (!src && !dst)
+ return true;
+
return virDomainDeviceInfoCheckABIStability(&src->info, &dst->info);
}
--
1.8.3.1