On Tue, Jul 16, 2013 at 03:47:10PM +0200, Peter Krempa wrote: > A part of the returned monitor response was freed twice and caused > crashes of the daemon when using guest agent cpu count retrieval. > > # virsh vcpucount dom --guest > > Introduced in v1.0.6-48-gc6afcb0 > --- > src/qemu/qemu_agent.c | 1 - > 1 file changed, 1 deletion(-) > > diff --git a/src/qemu/qemu_agent.c b/src/qemu/qemu_agent.c > index aca5ff3..72bf211 100644 > --- a/src/qemu/qemu_agent.c > +++ b/src/qemu/qemu_agent.c > @@ -1529,7 +1529,6 @@ qemuAgentGetVCPUs(qemuAgentPtr mon, > cleanup: > virJSONValueFree(cmd); > virJSONValueFree(reply); > - virJSONValueFree(data); > return ret; > } This is a strong indication that we need test coverage for the QEMU agent APIs. I think you could easily add a tests/qemuagenttest.c file by copying the existing qemumonitorjsontest.c & s/Monitor/Agent/, and thus get test coverage of this flaw.

Daniel