[systemd-commits] src/journal

[Lennart Poettering]

 src/journal/sd-journal.c |   12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

New commits:
commit 189f6d82eef8bccb733f735281bed4588dccbbd9
Author: Marti Raudsepp <marti at juffo.org>
Date:   Fri Mar 9 16:45:36 2012 +0200

    journal: Don't hold pointers to journal while remapping
    
    Hi!
    
    I was trying out the journal and the journalctl utility sometimes
    crashed on me. After some debugging, I tracked it down to the fact
    that next_with_matches() holds the "c" object pointer through the
    journal_file_next_entry_for_data() call -- which apparently may re-map
    the journal file, invalidating the pointer.
    
    The attached patch fixes this crash for me, but being unfamiliar with
    the code, I don't know if I'm doing the right thing.
    
    This patch is also available from my github repository:
    git://github.com/intgr/systemd.git
    https://github.com/intgr/systemd
    
    Regards,
    Marti
    
    For the record, here's the original stack trace at the time of remapping:
    
    ret=0x7fff1d5cdec0) at src/journal/journal-file.c:330
    ret=0x7fff1d5cdf28) at src/journal/journal-file.c:414
    ret=0x7fff1d5ce0a0, offset=0x7fff1d5ce098) at
    src/journal/journal-file.c:1101
    i=5705, ret=0x7fff1d5ce0a0, offset=0x7fff1d5ce098) at
    src/journal/journal-file.c:1147
    p=6413608, data_offset=66600, direction=DIRECTION_DOWN,
    ret=0x7fff1d5ce0a0, offset=0x7fff1d5ce098) at
    src/journal/journal-file.c:1626
    direction=DIRECTION_DOWN, ret=0x7fff1d5ce120, offset=0x7fff1d5ce128)
    at src/journal/sd-journal.c:533
    direction=DIRECTION_DOWN, ret=0x7fff1d5ce170, offset=0x7fff1d5ce178)
    at src/journal/sd-journal.c:595
    src/journal/sd-journal.c:651
    
    From 9266fc6a58065a7c5dab67430fd78925e519dce9 Mon Sep 17 00:00:00 2001
    From: Marti Raudsepp <marti at juffo.org>
    Date: Fri, 9 Mar 2012 16:23:00 +0200
    Subject: [PATCH] journal: Don't hold pointers to journal while remapping
    
    This would cause a segfault otherwise.

diff --git a/src/journal/sd-journal.c b/src/journal/sd-journal.c
index baf51db..86ac267 100644
--- a/src/journal/sd-journal.c
+++ b/src/journal/sd-journal.c
@@ -527,6 +527,9 @@ static int next_with_matches(sd_journal *j, JournalFile *f, direction_t directio
                          * matches are not OK */
 
                         r = journal_file_next_entry_for_data(f, c, cp, le64toh(c->entry.items[k].object_offset), direction, &qo, &q);
+                        /* This pointer is invalidated if the window was
+                         * remapped. May need to re-fetch it later */
+                        c = NULL;
                         if (r < 0)
                                 return r;
 
@@ -552,8 +555,15 @@ static int next_with_matches(sd_journal *j, JournalFile *f, direction_t directio
 
                 /* Did this entry match against all matches? */
                 if (found) {
-                        if (ret)
+                        if (ret) {
+                                if (c == NULL) {
+                                        /* Re-fetch the entry */
+                                        r = journal_file_move_to_object(f, OBJECT_ENTRY, cp, &c);
+                                        if (r < 0)
+                                                return r;
+                                }
                                 *ret = c;
+                        }
                         if (offset)
                                 *offset = cp;
                         return 1;