[libvirt] 1.2.0 segfault on Centos 6

Daniel P. Berrange berrange at redhat.com
Wed Feb 5 12:57:51 UTC 2014


On Tue, Feb 04, 2014 at 11:23:42PM +0100, Jiri Denemark wrote:
> On Tue, Feb 04, 2014 at 17:02:41 +0100, Franky Van Liedekerke wrote:
> > Hi,
> > 
> > using libvirt 1.2.0 on a up-to-date Centos6.5 machine leads to 
> > occasional segmentation faults (see below).
> > Sometimes it runs for 5 minutes, sometimes for an hour, but after that 
> > the result is always the same: segfault after some weird qom-list, that 
> > apparently the qemu version on centos doesn't know. Has 1.2.1 a known 
> > fix for this?
> 
> I believe the following patch should fix the crash. I'll do some testing
> tomorrow and send it as a proper patch afterwards:
> 
> diff --git i/src/qemu/qemu_monitor.c w/src/qemu/qemu_monitor.c
> index a968901..cdd817f 100644
> --- i/src/qemu/qemu_monitor.c
> +++ w/src/qemu/qemu_monitor.c
> @@ -1019,7 +1019,9 @@ qemuMonitorFindBalloonObjectPath(qemuMonitorPtr mon,
>                                   virDomainObjPtr vm,
>                                   const char *curpath)
>  {
> -    size_t i, j, npaths = 0, nprops = 0;
> +    size_t i, j;
> +    int npaths = 0;
> +    int nprops = 0;
>      int ret = 0;
>      char *nextpath = NULL;
>      qemuMonitorJSONListPathPtr *paths = NULL;
> @@ -1045,6 +1047,8 @@ qemuMonitorFindBalloonObjectPath(qemuMonitorPtr mon,
>      VIR_DEBUG("Searching for Balloon Object Path starting at %s", curpath);
>  
>      npaths = qemuMonitorJSONGetObjectListPaths(mon, curpath, &paths);
> +    if (npaths < 0)
> +        return -1;
>  
>      for (i = 0; i < npaths && ret == 0; i++) {
>  
> @@ -1061,6 +1065,11 @@ qemuMonitorFindBalloonObjectPath(qemuMonitorPtr mon,
>               * then this version of qemu/kvm does not support the feature.
>               */
>              nprops = qemuMonitorJSONGetObjectListPaths(mon, nextpath, &bprops);
> +            if (nprops < 0) {
> +                ret = -1;
> +                goto cleanup;
> +            }
> +
>              for (j = 0; j < nprops; j++) {
>                  if (STREQ(bprops[j]->name, "guest-stats-polling-interval")) {
>                      VIR_DEBUG("Found Balloon Object Path %s", nextpath);
> 

It would be desirable to extend the qemujsonmonitor test suite to exercise
the crash scenario too.

Regards,
Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|




More information about the libvir-list mailing list