Commit 189f6d82 authored by Marti Raudsepp's avatar Marti Raudsepp Committed by Lennart Poettering
Browse files

journal: Don't hold pointers to journal while remapping


I was trying out the journal and the journalctl utility sometimes
crashed on me. After some debugging, I tracked it down to the fact
that next_with_matches() holds the "c" object pointer through the
journal_file_next_entry_for_data() call -- which apparently may re-map
the journal file, invalidating the pointer.

The attached patch fixes this crash for me, but being unfamiliar with
the code, I don't know if I'm doing the right thing.

This patch is also available from my github repository:


For the record, here's the original stack trace at the time of remapping:

ret=0x7fff1d5cdec0) at src/journal/journal-file.c:330
ret=0x7fff1d5cdf28) at src/journal/journal-file.c:414
ret=0x7fff1d5ce0a0, offset=0x7fff1d5ce098) at
i=5705, ret=0x7fff1d5ce0a0, offset=0x7fff1d5ce098) at
p=6413608, data_offset=66600, direction=DIRECTION_DOWN,
ret=0x7fff1d5ce0a0, offset=0x7fff1d5ce098) at
direction=DIRECTION_DOWN, ret=0x7fff1d5ce120, offset=0x7fff1d5ce128)
at src/journal/sd-journal.c:533
direction=DIRECTION_DOWN, ret=0x7fff1d5ce170, offset=0x7fff1d5ce178)
at src/journal/sd-journal.c:595

From 9266fc6a58065a7c5dab67430fd78925e519dce9 Mon Sep 17 00:00:00 2001
From: Marti Raudsepp <>
Date: Fri, 9 Mar 2012 16:23:00 +0200
Subject: [PATCH] journal: Don't hold pointers to journal while remapping

This would cause a segfault otherwise.
parent 8af0fcdb
......@@ -527,6 +527,9 @@ static int next_with_matches(sd_journal *j, JournalFile *f, direction_t directio
* matches are not OK */
r = journal_file_next_entry_for_data(f, c, cp, le64toh(c->entry.items[k].object_offset), direction, &qo, &q);
/* This pointer is invalidated if the window was
* remapped. May need to re-fetch it later */
c = NULL;
if (r < 0)
return r;
......@@ -552,8 +555,15 @@ static int next_with_matches(sd_journal *j, JournalFile *f, direction_t directio
/* Did this entry match against all matches? */
if (found) {
if (ret)
if (ret) {
if (c == NULL) {
/* Re-fetch the entry */
r = journal_file_move_to_object(f, OBJECT_ENTRY, cp, &c);
if (r < 0)
return r;
*ret = c;
if (offset)
*offset = cp;
return 1;
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment