[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] simple qmp core dump
From: |
Markus Armbruster |
Subject: |
Re: [Qemu-devel] simple qmp core dump |
Date: |
Mon, 12 Oct 2015 11:17:04 +0200 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux) |
Eric Blake <address@hidden> writes:
> Just noticed this core dump (I was actually trying to exceed the 1024
> hard-baked limit in qmp-input-visitor.c which tries to set an Error
> object, but it looks like that limit was unreachable due to this earlier
> assertion):
>
> $ printf '{"execute":"qmp_capabilities","id":%1025s' " " | tr ' ' { |
> ./x86_64-softmmu/qemu-system-x86_64 -nodefaults -qmp stdio
> {"QMP": {"version": {"qemu": {"micro": 50, "minor": 4, "major": 2},
> "package": ""}, "capabilities": []}}
> main-loop: WARNING: I/O thread spun for 1000 iterations
> **
> ERROR:qobject/json-parser.c:294:parser_context_peek_token: assertion
> failed: (ctxt->tokens.pos < ctxt->tokens.count)
> Aborted (core dumped)
>
> I don't know the best way to deal with a client that abuses QMP
> protocol, but it would at least be nice to not abort.
Handwritten parser crashes, surprise, surprise.
1023 works, 1024 crashes. Need to dig to find out why.