[Pkg-libvirt-maintainers] Bug#565983: Bug#565983: libvirt-bin: libvirtd crashes when accessed through virt-manager

Luca Tettamanti kronos.it at gmail.com
Mon Jan 25 17:13:08 UTC 2010 

On Mon, Jan 25, 2010 at 04:13:38PM +0100, Guido Günther wrote:
> On Fri, Jan 22, 2010 at 03:03:47PM +0100, Luca Tettamanti wrote:
> > #2  0x000000000041d1ff in remoteDispatchNodeDeviceLookupByName
> > (server=<value optimized out>, client=<value optimized out>,
> >     conn=0x14ea030, hdr=<value optimized out>, rerr=0x7f8115bb7e30,
> > args=<value optimized out>, ret=0x7f8115bb7e80)
> >     at remote.c:5401
> This seems to be in the device enumeration code.

Hum, it crashes the second time (same connection) it asks about my DVD unit
(I'm testing locally).

Breakpoint 1, remoteDispatchNodeDeviceLookupByName (server=0x6c6250, client=0x6def00, conn=0x6e3a40, hdr=0x75d210,
    rerr=0x7fffede0de20, args=0x7fffede0ddd0, ret=0x7fffede0de70) at remote.c:4461
4461    {
(gdb) p *args
$81 = {name = 0x6e4250 "storage_model_DVD_RAM_UJ_850S"}
(gdb) c
Continuing.

Program received signal SIGSEGV, Segmentation fault.
strlen () at ../sysdeps/x86_64/strlen.S:31
31      ../sysdeps/x86_64/strlen.S: No such file or directory.
        in ../sysdeps/x86_64/strlen.S
Current language:  auto
The current source language is "auto; currently asm".

More in details:

(gdb)
make_nonnull_node_device (server=<value optimized out>, client=<value optimized out>, conn=0x714d60,
    hdr=<value optimized out>, rerr=0x7fffef610e20, args=<value optimized out>, ret=0x7fffef610e70) at remote.c:5401
5401        dev_dst->name = strdup(dev_src->name);
(gdb) p dev_dst
$4 = <value optimized out>
(gdb) s
*__GI___strdup (s=0x5f74736f685f6973 <Address 0x5f74736f685f6973 out of bounds>) at strdup.c:41
(gdb) l
36      #endif
37
38      /* Duplicate S, returning an identical malloc'd string.  */
39      char *
40      __strdup (const char *s)
41      {
42        size_t len = strlen (s) + 1;
43        void *new = malloc (len);
44
45        if (new == NULL)
(gdb) p s
$5 = 0x5f74736f685f6973 <Address 0x5f74736f685f6973 out of bounds>

So... virNodeDeviceLookupByName returns corrupted data?
Might be related to "invalid node device pointer in virNodeDeviceFree"?

L

More information about the Pkg-libvirt-maintainers mailing list