[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [xen stable-4.14] libxl: Don't segfault on soft-reset failure
commit 3486d599f71e5ad563f3974ab2374b9b084e5e28 Author: Jason Andryuk <jandryuk@xxxxxxxxx> AuthorDate: Thu Apr 7 09:10:38 2022 +0200 Commit: Jan Beulich <jbeulich@xxxxxxxx> CommitDate: Thu Apr 7 09:10:38 2022 +0200 libxl: Don't segfault on soft-reset failure If domain_soft_reset_cb can't rename the save file, it doesn't call initiate_domain_create() and calls domcreate_complete(). Skipping initiate_domain_create() means dcs->console_wait is uninitialized and all 0s. We have: domcreate_complete() libxl__xswait_stop() libxl__ev_xswatch_deregister(). The uninitialized slotnum 0 is considered valid (-1 is the invalid sentinel), so the NULL pointer path to passed to xs_unwatch() which segfaults. libxl__ev_xswatch_deregister:watch w=0x12bc250 wpath=(null) token=0/0: deregister slotnum=0 Move dcs->console_xswait initialization into the callers of initiate_domain_create, do_domain_create() and do_domain_soft_reset(), so it is initialized along with the other dcs state. Fixes: c57e6ebd8c3e ("(lib)xl: soft reset support") Signed-off-by: Jason Andryuk <jandryuk@xxxxxxxxx> Reviewed-by: Anthony PERARD <anthony.perard@xxxxxxxxxx> master commit: d2ecf97f911fc00a85b34b70ca311b5d355a9756 master date: 2022-04-01 17:01:57 +0100 --- tools/libxl/libxl_create.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/libxl/libxl_create.c b/tools/libxl/libxl_create.c index 5cadb95a3f..daf3ff0a55 100644 --- a/tools/libxl/libxl_create.c +++ b/tools/libxl/libxl_create.c @@ -1221,8 +1221,6 @@ static void initiate_domain_create(libxl__egc *egc, libxl_domain_config *const d_config = dcs->guest_config; libxl__domain_build_state *dbs = &dcs->build_state; - libxl__xswait_init(&dcs->console_xswait); - domid = dcs->domid; libxl__domain_build_state_init(dbs); dbs->restore = dcs->restore_fd >= 0; @@ -2037,6 +2035,7 @@ static int do_domain_create(libxl_ctx *ctx, libxl_domain_config *d_config, cdcs->dcs.callback = domain_create_cb; cdcs->dcs.domid = INVALID_DOMID; cdcs->dcs.soft_reset = false; + libxl__xswait_init(&cdcs->dcs.console_xswait); if (cdcs->dcs.restore_params.checkpointed_stream == LIBXL_CHECKPOINTED_STREAM_COLO) { @@ -2137,6 +2136,7 @@ static int do_domain_soft_reset(libxl_ctx *ctx, cdcs->dcs.domid = domid; cdcs->dcs.soft_reset = true; cdcs->dcs.callback = domain_create_cb; + libxl__xswait_init(&cdcs->dcs.console_xswait); libxl__ao_progress_gethow(&srs->cdcs.dcs.aop_console_how, aop_console_how); cdcs->domid_out = &domid_out; -- generated by git-patchbot for /home/xen/git/xen.git#stable-4.14
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |