On Fri, May 10, 2013 at 10:05:45AM +0100, soyer yoo
wrote:> Hi all,
>
> I was reading source code around saving and restoring domains, and I found
the following function in _libxl_save_msgs_helper.c, which looks like causing
seg fault.
>
> int helper_stub_suspend(void *user)
> {
> unsigned char *buf = 0;
> int len = 0, allocd = 0;
>
> for (;;) {
> uint16_t_put(buf, &len, 3 /* suspend */);
> if (buf) break;
> buf = helper_allocbuf(len, user);
> assert(buf);
> allocd = len;
> len = 0;
> }
> assert(len == allocd);
> helper_transmitmsg(buf, len, user);
> int r = helper_getreply(user);
> return r;
> }
>
> Here, buf is null, and inside the for loop it tries to write
''3'' into buf, which will cause seg fault.
> Is it intended for suspending domain or am I misunderstanding?
> Also, could you tell me what does ''3'' do for suspending
domain.
>
uint16_t_put eventually calls bytes_put, which skips memcpy if buf is
NULL.
The number just means different phase. You can see other numbers in the
same files as well.
> On more question:
>
> helper_transmitmsg in the above writes the ''buf'' to file
descriptor 1 (i.e., /dev/tty1).
> I have idea what is going on here, and could anybody please enlighten me?
>
The helper program communicates with the caller via pipe. I''m not sure
what you mean by /dev/tty1 though. You should have a look at
libxl_domain_suspend.
Wei.
> Best,
> Soyer
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@lists.xen.org
> http://lists.xen.org/xen-devel