On 2014-02-05 14:19, Jiri Denemark wrote:
If virDomainMemoryStats was run on a domain with virtio balloon driver
running on an old qemu which supports QMP but does not support
qom-list
QMP command, libvirtd would crash. The reason is we did not check if
qemuMonitorJSONGetObjectListPaths failed and moreover we even stored
its
result in an unsigned integer type.
Signed-off-by: Jiri Denemark <jdene...@redhat.com>
---
Notes:
version 2:
- use signed type for i and j to avoid comparison between signed
and
unsigned types; gcc-- for not complaining about it
src/qemu/qemu_monitor.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/src/qemu/qemu_monitor.c b/src/qemu/qemu_monitor.c
index a968901..a2769db 100644
--- a/src/qemu/qemu_monitor.c
+++ b/src/qemu/qemu_monitor.c
@@ -1019,7 +1019,7 @@ qemuMonitorFindBalloonObjectPath(qemuMonitorPtr
mon,
virDomainObjPtr vm,
const char *curpath)
{
- size_t i, j, npaths = 0, nprops = 0;
+ ssize_t i, j, npaths = 0, nprops = 0;
int ret = 0;
char *nextpath = NULL;
qemuMonitorJSONListPathPtr *paths = NULL;
@@ -1045,6 +1045,8 @@ qemuMonitorFindBalloonObjectPath(qemuMonitorPtr
mon,
VIR_DEBUG("Searching for Balloon Object Path starting at %s",
curpath);
npaths = qemuMonitorJSONGetObjectListPaths(mon, curpath, &paths);
+ if (npaths < 0)
+ return -1;
for (i = 0; i < npaths && ret == 0; i++) {
@@ -1061,6 +1063,11 @@ qemuMonitorFindBalloonObjectPath(qemuMonitorPtr
mon,
* then this version of qemu/kvm does not support the
feature.
*/
nprops = qemuMonitorJSONGetObjectListPaths(mon, nextpath,
&bprops);
+ if (nprops < 0) {
+ ret = -1;
+ goto cleanup;
+ }
+
for (j = 0; j < nprops; j++) {
if (STREQ(bprops[j]->name,
"guest-stats-polling-interval")) {
VIR_DEBUG("Found Balloon Object Path %s",
nextpath);
I tested this patch and so far it seems ok: libvirtd hasn't crashed
during 1 hour. I'll leave it running during the night to be sure.
I only see this now in the logs:
2014-02-05 14:54:41.280+0000: 8104: error :
qemuMonitorJSONCheckError:354 : internal error: unable to execute QEMU
command 'qom-list': The command qom-list has not been found
2014-02-05 14:54:41.306+0000: 8103: error :
qemuMonitorJSONCheckError:354 : internal error: unable to execute QEMU
command 'qom-list': The command qom-list has not been found
2014-02-05 14:54:41.333+0000: 8106: error :
qemuMonitorJSONCheckError:354 : internal error: unable to execute QEMU
command 'qom-list': The command qom-list has not been found
2014-02-05 14:54:41.358+0000: 8105: error :
qemuMonitorJSONCheckError:354 : internal error: unable to execute QEMU
command 'qom-list': The command qom-list has not been found
but no crashes because of that.
Franky
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
