On 06/02/2010 05:34 AM, Daniel P. Berrange wrote:
> On Tue, Jun 01, 2010 at 03:10:19PM -0400, Cole Robinson wrote:
>> If VM startup fails early enough (can't find a referenced USB device),
>> libvirtd will crash trying to clear the VNC port bit, since port = 0,
>> which overflows us out of the bitmap bounds.
>
> Why is port '0' in the first place ? Don't we always have it
> initialized to '-1' when autoport is true.
>
If autoport is set, port is only shown as -1 when we dump the XML,
otherwise it's stored internally as 0.
- Cole
>> diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
>> index c8cd50a..f5a1310 100644
>> --- a/src/qemu/qemu_driver.c
>> +++ b/src/qemu/qemu_driver.c
>> @@ -3741,7 +3741,7 @@ retry:
>> if ((vm->def->ngraphics == 1) &&
>> vm->def->graphics[0]->type == VIR_DOMAIN_GRAPHICS_TYPE_VNC &&
>> vm->def->graphics[0]->data.vnc.autoport &&
>> - vm->def->graphics[0]->data.vnc.port != -1) {
>> + vm->def->graphics[0]->data.vnc.port >= QEMU_VNC_PORT_MIN) {
>> if (virBitmapClearBit(driver->reservedVNCPorts,
>> vm->def->graphics[0]->data.vnc.port - \
>> QEMU_VNC_PORT_MIN) < 0) {
>
>
> Daniel
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list