commit a8eba5036 added further checking of the guest shutdown cause, but
this enhancement is available since qemu 2.10, causing a crash because
of a NULL pointer dereference on older qemus.
Thread 1 "libvirtd" received signal SIGSEGV, Segmentation fault.
0x00007ffff72441af in virJSONValueObjectGet (object=0x0,
key=0x7fffd5ef11bf "guest")
at util/virjson.c:769
769 if (object->type != VIR_JSON_TYPE_OBJECT)
(gdb) bt
0 in virJSONValueObjectGet
1 in virJSONValueObjectGetBoolean
2 in qemuMonitorJSONHandleShutdown
3 in qemuMonitorJSONIOProcessEvent
4 in qemuMonitorJSONIOProcessLine
5 in qemuMonitorJSONIOProcess
6 in qemuMonitorIOProcess
7 in qemuMonitorIO
8 in virEventPollDispatchHandles
9 in virEventPollRunOnce
10 in virEventRunDefaultImpl
11 in virNetDaemonRun
12 in main
Signed-off-by: Erik Skultety <eskultet@redhat.com>
---
src/qemu/qemu_monitor_json.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/qemu/qemu_monitor_json.c b/src/qemu/qemu_monitor_json.c
index 757595dd7..f208dd05a 100644
--- a/src/qemu/qemu_monitor_json.c
+++ b/src/qemu/qemu_monitor_json.c
@@ -528,7 +528,7 @@ static void qemuMonitorJSONHandleShutdown(qemuMonitorPtr mon, virJSONValuePtr da
bool guest = false;
virTristateBool guest_initiated = VIR_TRISTATE_BOOL_ABSENT;
- if (virJSONValueObjectGetBoolean(data, "guest", &guest) == 0)
+ if (data && virJSONValueObjectGetBoolean(data, "guest", &guest) == 0)
guest_initiated = guest ? VIR_TRISTATE_BOOL_YES : VIR_TRISTATE_BOOL_NO;
qemuMonitorEmitShutdown(mon, guest_initiated);
--
2.13.0
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
On Tue, May 30, 2017 at 10:41:17 +0200, Erik Skultety wrote: > commit a8eba5036 added further checking of the guest shutdown cause, but > this enhancement is available since qemu 2.10, causing a crash because > of a NULL pointer dereference on older qemus. > > Thread 1 "libvirtd" received signal SIGSEGV, Segmentation fault. > 0x00007ffff72441af in virJSONValueObjectGet (object=0x0, > key=0x7fffd5ef11bf "guest") > at util/virjson.c:769 > 769 if (object->type != VIR_JSON_TYPE_OBJECT) > (gdb) bt > 0 in virJSONValueObjectGet > 1 in virJSONValueObjectGetBoolean > 2 in qemuMonitorJSONHandleShutdown > 3 in qemuMonitorJSONIOProcessEvent > 4 in qemuMonitorJSONIOProcessLine > 5 in qemuMonitorJSONIOProcess > 6 in qemuMonitorIOProcess I think you can truncate is somewhere here. > 7 in qemuMonitorIO > 8 in virEventPollDispatchHandles > 9 in virEventPollRunOnce > 10 in virEventRunDefaultImpl > 11 in virNetDaemonRun > 12 in main > > Signed-off-by: Erik Skultety <eskultet@redhat.com> > --- > src/qemu/qemu_monitor_json.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/src/qemu/qemu_monitor_json.c b/src/qemu/qemu_monitor_json.c > index 757595dd7..f208dd05a 100644 > --- a/src/qemu/qemu_monitor_json.c > +++ b/src/qemu/qemu_monitor_json.c > @@ -528,7 +528,7 @@ static void qemuMonitorJSONHandleShutdown(qemuMonitorPtr mon, virJSONValuePtr da > bool guest = false; > virTristateBool guest_initiated = VIR_TRISTATE_BOOL_ABSENT; > > - if (virJSONValueObjectGetBoolean(data, "guest", &guest) == 0) > + if (data && virJSONValueObjectGetBoolean(data, "guest", &guest) == 0) > guest_initiated = guest ? VIR_TRISTATE_BOOL_YES : VIR_TRISTATE_BOOL_NO; > > qemuMonitorEmitShutdown(mon, guest_initiated); ACK, safe for freeze -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
On Tue, May 30, 2017 at 10:53:44AM +0200, Peter Krempa wrote: > On Tue, May 30, 2017 at 10:41:17 +0200, Erik Skultety wrote: > > commit a8eba5036 added further checking of the guest shutdown cause, but > > this enhancement is available since qemu 2.10, causing a crash because > > of a NULL pointer dereference on older qemus. > > > > Thread 1 "libvirtd" received signal SIGSEGV, Segmentation fault. > > 0x00007ffff72441af in virJSONValueObjectGet (object=0x0, > > key=0x7fffd5ef11bf "guest") > > at util/virjson.c:769 > > 769 if (object->type != VIR_JSON_TYPE_OBJECT) > > (gdb) bt > > 0 in virJSONValueObjectGet > > 1 in virJSONValueObjectGetBoolean > > 2 in qemuMonitorJSONHandleShutdown > > 3 in qemuMonitorJSONIOProcessEvent > > 4 in qemuMonitorJSONIOProcessLine > > 5 in qemuMonitorJSONIOProcess > > 6 in qemuMonitorIOProcess > > I think you can truncate is somewhere here. > > > 7 in qemuMonitorIO > > 8 in virEventPollDispatchHandles > > 9 in virEventPollRunOnce > > 10 in virEventRunDefaultImpl > > 11 in virNetDaemonRun > > 12 in main > > > > Signed-off-by: Erik Skultety <eskultet@redhat.com> > > --- > > src/qemu/qemu_monitor_json.c | 2 +- > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > diff --git a/src/qemu/qemu_monitor_json.c b/src/qemu/qemu_monitor_json.c > > index 757595dd7..f208dd05a 100644 > > --- a/src/qemu/qemu_monitor_json.c > > +++ b/src/qemu/qemu_monitor_json.c > > @@ -528,7 +528,7 @@ static void qemuMonitorJSONHandleShutdown(qemuMonitorPtr mon, virJSONValuePtr da > > bool guest = false; > > virTristateBool guest_initiated = VIR_TRISTATE_BOOL_ABSENT; > > > > - if (virJSONValueObjectGetBoolean(data, "guest", &guest) == 0) > > + if (data && virJSONValueObjectGetBoolean(data, "guest", &guest) == 0) > > guest_initiated = guest ? VIR_TRISTATE_BOOL_YES : VIR_TRISTATE_BOOL_NO; > > > > qemuMonitorEmitShutdown(mon, guest_initiated); > > ACK, safe for freeze > Adjusted the commit message and pushed, thanks. Erik -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
© 2016 - 2024 Red Hat, Inc.