[libvirt] [PATCH 3/5] tests: avoid segfault if json monitor not present

Eric Blake eblake at redhat.com
Fri Feb 22 23:09:07 UTC 2013


On a machine without json headers, I was seeing random segfaults
from qemumonitorjsontest (about 90% of the runs on my particular
machine).  The segfault was inside virClassIsDerivedFrom, which
points to a case of a race leading to unreferencing a stale
pointer to an object that had already been freed.  I also noticed
that if I got the segfault, I was seeing messages such as:

2013-02-22 16:12:37.504+0000: 19833: error : virNetSocketWriteWire:1361 : Cannot write data: Bad file descriptor

which is also evidence of deferencing a stale pointer.  I traced it
to a race where qemuMonitorTestIO could execute late, after the
main thread had already called qemuMonitorTestFree and called
virNetSocketClose(test->client) but not clearing it out to NULL.
Sure enough, after test->client has been closed, fd is -1, which
causes an attempt to write to the socket to fail, which in turn
triggers the error code of qemuMonitorTestIO that tries to re-close
test->client.

* tests/qemumonitortestutils.c (qemuMonitorTestIO): Don't attempt
to free client again if test already quit.
---
 tests/qemumonitortestutils.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/tests/qemumonitortestutils.c b/tests/qemumonitortestutils.c
index 1ed42ce..979623a 100644
--- a/tests/qemumonitortestutils.c
+++ b/tests/qemumonitortestutils.c
@@ -214,6 +214,10 @@ static void qemuMonitorTestIO(virNetSocketPtr sock,
     bool err = false;

     virMutexLock(&test->lock);
+    if (test->quit) {
+        virMutexUnlock(&test->lock);
+        return;
+    }
     if (events & VIR_EVENT_HANDLE_WRITABLE) {
         ssize_t ret;
         if ((ret = virNetSocketWrite(sock,
-- 
1.8.1.2




More information about the libvir-list mailing list