[Pkg-libvirt-maintainers] Bug#1072666: virsh drvesx coredumps on invalid connect URL esx://x?no_verify (without =0)
Trent W. Buck
trentbuck at gmail.com
Thu Jun 6 05:59:55 BST 2024
Package: libvirt-clients
Version: 9.0.0-4
Severity: minor
File: /usr/bin/virsh
I normally use virsh -c qemu+ssh://, but
I noticed https://libvirt.org/drvesx.html exists, and I tried it out.
I accidentally did, which made virsh coredump (unexpected behaviour):
virsh -c esx://x?no_verify
I should have done this, which exits with an error (expected behaviour):
virsh -c esx://x?no_verify=0
I haven't checked the source yet, but
I guess there's a URL parser in handwritten C (rather than, say, lex + yacc), and
it needs some more fuzz tests.
Here is the output of "coredumpctl info":
PID: 956182 (virsh)
UID: 1000 (twb)
GID: 1000 (twb)
Signal: 11 (SEGV)
Timestamp: Thu 2024-06-06 14:51:52 AEST (39s ago)
Command Line: virsh $'--connect=esx://x?no_verify'
Executable: /usr/bin/virsh
Control Group: /user.slice/user-1000.slice/user at 1000.service/app.slice/app-org.gnome.Terminal.slice/vte-spawn-2394d2ad-0c67-44b5-bfa5-7737eba911d2.scope
Unit: user at 1000.service
User Unit: vte-spawn-2394d2ad-0c67-44b5-bfa5-7737eba911d2.scope
Slice: user-1000.slice
Owner UID: 1000 (twb)
Boot ID: 61de1723deff475ab6121df0dd559048
Machine ID: 029d2e3fb4ee4d5eaa67c315db3ba66d
Hostname: hera
Storage: /var/lib/systemd/coredump/core.virsh.1000.61de1723deff475ab6121df0dd559048.956182.1717649512000000.zst (present)
Size on Disk: 460.0K
Message: Process 956182 (virsh) of user 1000 dumped core.
Stack trace of thread 956182:
#0 0x00007ff6c0ca5e3a __libc_free (libc.so.6 + 0x98e3a)
#1 0x00007ff6c13c6549 n/a (libvirt.so.0 + 0x27a549)
#2 0x00007ff6c13bb8dd n/a (libvirt.so.0 + 0x26f8dd)
#3 0x00007ff6c13bc0e1 n/a (libvirt.so.0 + 0x2700e1)
#4 0x00007ff6c1439704 n/a (libvirt.so.0 + 0x2ed704)
#5 0x00007ff6c143a080 virConnectOpenAuth (libvirt.so.0 + 0x2ee080)
#6 0x00005595d686f0ef n/a (virsh + 0x400ef)
#7 0x00005595d686f3c3 n/a (virsh + 0x403c3)
#8 0x00005595d686e9db n/a (virsh + 0x3f9db)
#9 0x00007ff6c0c3424a n/a (libc.so.6 + 0x2724a)
#10 0x00007ff6c0c34305 __libc_start_main (libc.so.6 + 0x27305)
#11 0x00005595d686ece1 n/a (virsh + 0x3fce1)
Stack trace of thread 956183:
#0 0x00007ff6c0d0915f __poll (libc.so.6 + 0xfc15f)
#1 0x00007ff6c0ebc9ae n/a (libglib-2.0.so.0 + 0x549ae)
#2 0x00007ff6c0ebcacc g_main_context_iteration (libglib-2.0.so.0 + 0x54acc)
#3 0x00007ff6c121e5e0 virEventGLibRunOnce (libvirt.so.0 + 0xd25e0)
#4 0x00005595d68ba7c5 n/a (virsh + 0x8b7c5)
#5 0x00007ff6c1272ad7 n/a (libvirt.so.0 + 0x126ad7)
#6 0x00007ff6c0c96134 n/a (libc.so.6 + 0x89134)
#7 0x00007ff6c0d167dc n/a (libc.so.6 + 0x1097dc)
ELF object binary architecture: AMD x86-64
-- System Information:
Debian Release: 12.5
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'proposed-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 6.6.13+bpo-amd64 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages libvirt-clients depends on:
ii libc6 2.36-9+deb12u7
ii libgcc-s1 12.2.0-14
ii libglib2.0-0 2.74.6-2+deb12u2
ii libgnutls30 3.7.9-2+deb12u2
ii libreadline8 8.2-1.3
ii libvirt0 9.0.0-4
ii libxml2 2.9.14+dfsg-1.3~deb12u1
ii sensible-utils 0.0.17+nmu1
libvirt-clients recommends no packages.
Versions of packages libvirt-clients suggests:
pn libvirt-clients-qemu <none>
ii libvirt-daemon 9.0.0-4
pn libvirt-login-shell <none>
-- no debconf information
More information about the Pkg-libvirt-maintainers
mailing list