3:41 a.m.
commit a8eba5036 added further checking of the guest shutdown cause, but
this enhancement is available since qemu 2.10, causing a crash because
of a NULL pointer dereference on older qemus.
Thread 1 "libvirtd" received signal SIGSEGV, Segmentation fault.
0x00007ffff72441af in virJSONValueObjectGet (object=0x0,
key=0x7fffd5ef11bf "guest")
at util/virjson.c:769
769 if (object->type != VIR_JSON_TYPE_OBJECT)
(gdb) bt
0 in virJSONValueObjectGet
1 in virJSONValueObjectGetBoolean
2 in qemuMonitorJSONHandleShutdown
3 in qemuMonitorJSONIOProcessEvent
4 in qemuMonitorJSONIOProcessLine
5 in qemuMonitorJSONIOProcess
6 in qemuMonitorIOProcess
7 in qemuMonitorIO
8 in virEventPollDispatchHandles
9 in virEventPollRunOnce
10 in virEventRunDefaultImpl
11 in virNetDaemonRun
12 in main
Signed-off-by: Erik Skultety <eskultet(a)redhat.com>
---
src/qemu/qemu_monitor_json.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/qemu/qemu_monitor_json.c b/src/qemu/qemu_monitor_json.c
index 757595dd7..f208dd05a 100644
--- a/src/qemu/qemu_monitor_json.c
+++ b/src/qemu/qemu_monitor_json.c
@@ -528,7 +528,7 @@ static void qemuMonitorJSONHandleShutdown(qemuMonitorPtr mon,
virJSONValuePtr da
bool guest = false;
virTristateBool guest_initiated = VIR_TRISTATE_BOOL_ABSENT;
- if (virJSONValueObjectGetBoolean(data, "guest", &guest) == 0)
+ if (data && virJSONValueObjectGetBoolean(data, "guest", &guest)
== 0)
guest_initiated = guest ? VIR_TRISTATE_BOOL_YES : VIR_TRISTATE_BOOL_NO;
qemuMonitorEmitShutdown(mon, guest_initiated);
--
2.13.0
3:53 a.m.
On Tue, May 30, 2017 at 10:41:17 +0200, Erik Skultety wrote:
commit a8eba5036 added further checking of the guest shutdown cause,
but
this enhancement is available since qemu 2.10, causing a crash because
of a NULL pointer dereference on older qemus.
Thread 1 "libvirtd" received signal SIGSEGV, Segmentation fault.
0x00007ffff72441af in virJSONValueObjectGet (object=0x0,
key=0x7fffd5ef11bf "guest")
at util/virjson.c:769
769 if (object->type != VIR_JSON_TYPE_OBJECT)
(gdb) bt
0 in virJSONValueObjectGet
1 in virJSONValueObjectGetBoolean
2 in qemuMonitorJSONHandleShutdown
3 in qemuMonitorJSONIOProcessEvent
4 in qemuMonitorJSONIOProcessLine
5 in qemuMonitorJSONIOProcess
6 in qemuMonitorIOProcess
I think you can truncate is somewhere here.
7 in qemuMonitorIO
8 in virEventPollDispatchHandles
9 in virEventPollRunOnce
10 in virEventRunDefaultImpl
11 in virNetDaemonRun
12 in main
Signed-off-by: Erik Skultety <eskultet(a)redhat.com>
---
src/qemu/qemu_monitor_json.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/qemu/qemu_monitor_json.c b/src/qemu/qemu_monitor_json.c
index 757595dd7..f208dd05a 100644
--- a/src/qemu/qemu_monitor_json.c
+++ b/src/qemu/qemu_monitor_json.c
@@ -528,7 +528,7 @@ static void qemuMonitorJSONHandleShutdown(qemuMonitorPtr mon,
virJSONValuePtr da
bool guest = false;
virTristateBool guest_initiated = VIR_TRISTATE_BOOL_ABSENT;
- if (virJSONValueObjectGetBoolean(data, "guest", &guest) == 0)
+ if (data && virJSONValueObjectGetBoolean(data, "guest",
&guest) == 0)
guest_initiated = guest ? VIR_TRISTATE_BOOL_YES : VIR_TRISTATE_BOOL_NO;
qemuMonitorEmitShutdown(mon, guest_initiated);
ACK, safe for freeze
3:58 a.m.
On Tue, May 30, 2017 at 10:53:44AM +0200, Peter Krempa wrote:
On Tue, May 30, 2017 at 10:41:17 +0200, Erik Skultety wrote:
> commit a8eba5036 added further checking of the guest shutdown cause, but
> this enhancement is available since qemu 2.10, causing a crash because
> of a NULL pointer dereference on older qemus.
>
> Thread 1 "libvirtd" received signal SIGSEGV, Segmentation fault.
> 0x00007ffff72441af in virJSONValueObjectGet (object=0x0,
> key=0x7fffd5ef11bf "guest")
> at util/virjson.c:769
> 769 if (object->type != VIR_JSON_TYPE_OBJECT)
> (gdb) bt
> 0 in virJSONValueObjectGet
> 1 in virJSONValueObjectGetBoolean
> 2 in qemuMonitorJSONHandleShutdown
> 3 in qemuMonitorJSONIOProcessEvent
> 4 in qemuMonitorJSONIOProcessLine
> 5 in qemuMonitorJSONIOProcess
> 6 in qemuMonitorIOProcess
I think you can truncate is somewhere here.
> 7 in qemuMonitorIO
> 8 in virEventPollDispatchHandles
> 9 in virEventPollRunOnce
> 10 in virEventRunDefaultImpl
> 11 in virNetDaemonRun
> 12 in main
>
> Signed-off-by: Erik Skultety <eskultet(a)redhat.com>
> ---
> src/qemu/qemu_monitor_json.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/src/qemu/qemu_monitor_json.c b/src/qemu/qemu_monitor_json.c
> index 757595dd7..f208dd05a 100644
> --- a/src/qemu/qemu_monitor_json.c
> +++ b/src/qemu/qemu_monitor_json.c
> @@ -528,7 +528,7 @@ static void qemuMonitorJSONHandleShutdown(qemuMonitorPtr mon,
virJSONValuePtr da
> bool guest = false;
> virTristateBool guest_initiated = VIR_TRISTATE_BOOL_ABSENT;
>
> - if (virJSONValueObjectGetBoolean(data, "guest", &guest) == 0)
> + if (data && virJSONValueObjectGetBoolean(data, "guest",
&guest) == 0)
> guest_initiated = guest ? VIR_TRISTATE_BOOL_YES : VIR_TRISTATE_BOOL_NO;
>
> qemuMonitorEmitShutdown(mon, guest_initiated);
ACK, safe for freeze
Adjusted the commit message and pushed, thanks.
Erik
2733
days inactive
2733
days old
2 comments
2 participants
participants (2)
-
Erik Skultety -
Peter Krempa