[libvirt] [PATCH] libxl: avoid crashing if calling `virsh numatune' on inactive domain

Fri Dec 20 18:36:50 UTC 2013

Dario Faggioli wrote:
> by, in libxlDomainGetNumaParameters(), calling libxl_bitmap_init() as soon as
> possible, which avoids getting to 'cleanup:', where libxl_bitmap_dispose()
> happens, without having initialized the nodemap, and hence crashing after some
> invalid free()-s:
>   

Yikes!  ACK to the fix.  I've pushed it.

Regards,
Jim

>  # ./daemon/libvirtd -v
>  *** Error in `/home/xen/libvirt.git/daemon/.libs/lt-libvirtd': munmap_chunk(): invalid pointer: 0x00007fdd42592666 ***
>  ======= Backtrace: =========
>  /lib64/libc.so.6(+0x7bbe7)[0x7fdd3f767be7]
>  /lib64/libxenlight.so.4.3(libxl_bitmap_dispose+0xd)[0x7fdd2c88c045]
>  /home/xen/libvirt.git/daemon/.libs/../../src/.libs/libvirt_driver_libxl.so(+0x12d26)[0x7fdd2caccd26]
>  /home/xen/libvirt.git/src/.libs/libvirt.so.0(virDomainGetNumaParameters+0x15c)[0x7fdd4247898c]
>  /home/xen/libvirt.git/daemon/.libs/lt-libvirtd(+0x1d9a2)[0x7fdd42ecc9a2]
>  /home/xen/libvirt.git/src/.libs/libvirt.so.0(virNetServerProgramDispatch+0x3da)[0x7fdd424e9eaa]
>  /home/xen/libvirt.git/src/.libs/libvirt.so.0(+0x1a6f38)[0x7fdd424e3f38]
>  /home/xen/libvirt.git/src/.libs/libvirt.so.0(+0xa81e5)[0x7fdd423e51e5]
>  /home/xen/libvirt.git/src/.libs/libvirt.so.0(+0xa783e)[0x7fdd423e483e]
>  /lib64/libpthread.so.0(+0x7c53)[0x7fdd3febbc53]
>  /lib64/libc.so.6(clone+0x6d)[0x7fdd3f7e1dbd]
>
> Signed-off-by: Dario Faggili <dario.faggioli at citrix.com>
> Cc: Jim Fehlig <jfehlig at suse.com>
> Cc: Ian Jackson <Ian.Jackson at eu.citrix.com>
> ---
>  src/libxl/libxl_driver.c |    4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/src/libxl/libxl_driver.c b/src/libxl/libxl_driver.c
> index 29aa6c7..d91744f 100644
> --- a/src/libxl/libxl_driver.c
> +++ b/src/libxl/libxl_driver.c
> @@ -3958,6 +3958,8 @@ libxlDomainGetNumaParameters(virDomainPtr dom,
>       * the filtering on behalf of older clients that can't parse it. */
>      flags &= ~VIR_TYPED_PARAM_STRING_OKAY;
>  
> +    libxl_bitmap_init(&nodemap);
> +
>      if (!(vm = libxlDomObjFromDomain(dom)))
>          goto cleanup;
>  
> @@ -3972,8 +3974,6 @@ libxlDomainGetNumaParameters(virDomainPtr dom,
>  
>      priv = vm->privateData;
>  
> -    libxl_bitmap_init(&nodemap);
> -
>      if ((*nparams) == 0) {
>          *nparams = LIBXL_NUMA_NPARAM;
>          ret = 0;
>
>
>
>   