On Tue, Aug 07, 2012 at 03:18:38PM +0800, Alex Jia wrote: > * src/qemu/qemu_domain.c (qemuDomainObjExitAgentInternal): fix crashing > libvirtd due to derefing a NULL pointer. > > For details, please see bug: > RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=845966 > > Signed-off-by: Alex Jia <ajia@xxxxxxxxxx> > --- > src/qemu/qemu_domain.c | 10 ++++++---- > 1 files changed, 6 insertions(+), 4 deletions(-) > > diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c > index 86f0265..8667b6c 100644 > --- a/src/qemu/qemu_domain.c > +++ b/src/qemu/qemu_domain.c > @@ -1136,12 +1136,14 @@ qemuDomainObjExitAgentInternal(struct qemud_driver *driver, > virDomainObjPtr obj) > { > qemuDomainObjPrivatePtr priv = obj->privateData; > - int refs; > + int refs = -1; > > - refs = qemuAgentUnref(priv->agent); > + if (priv->agent) { > + refs = qemuAgentUnref(priv->agent); > > - if (refs > 0) > - qemuAgentUnlock(priv->agent); > + if (refs > 0) > + qemuAgentUnlock(priv->agent); > + } > > if (driver_locked) > qemuDriverLock(driver); I'm not convinced this is the right fix. The whole point of the Enter/ExitAgent methods is to hold an extra reference on priv->agent, so that it is *not* deleted while a agent command is run. What is setting priv->agent to NULL while the command is still active ? Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list