[libvirt] RHBZ 1013045: Crash on xen domain startup

Jeremy Fitzhardinge jeremy at goop.org
Thu Oct 24 16:45:28 UTC 2013 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 10/24/2013 02:52 AM, Martin Kletzander wrote:
> On Wed, Oct 23, 2013 at 10:46:14AM -0700, Jeremy Fitzhardinge wrote:
>> Hi all,
>>
>> I posted this bug (https://bugzilla.redhat.com/show_bug.cgi?id=1013045)
>> to the Redhat Bugzilla a while ago, and the only response has been to
>> post a note to this list about the bug.
>>
>> Summary below, but it looks like a pretty clear use-after-free or
>> something. The full details are attached to the bug report.
>>
>
> From the looks of the BZ, I think the probnlem found by valgrind (not
> the one in libxl) is a different than the one which causes the
> 'invalid free()', but anyway, I posted a patch [1] which might help
> (read: fixes a problem found out thanks to the valgrind output), but I
> have no way to test it.  If you do, I would appreciate you trying
> whether the issue gets fixed for you with that patch.

Thanks, I'll give it a try when I get the chance. I agree that none of
the Valgrind messages really point to why I'm getting invalid frees, or
why valgrind itself is crashing. The invalid memory accesses are all
reads, so while not good, don't explain the symptom.

I think SVN Valgrind has more Xen support in it, so I'm going to try that.

    J

>
>
> Thank you,
> Martin
>
> [1] https://www.redhat.com/archives/libvir-list/2013-October/msg01075.html
>
>> Thanks,
>>
>>     J
>>
>>
>> --
>> Description of problem:
>> When starting a Xen domain with libvirt + libxl, it crashes after
>> creating the domain.  The domain is left in a paused state, and works
>> fine if manually unpaused with xl unpause. virt-manager never shows the
>> domain as running.
>>
>> [...]
>>
>> Steps to Reproduce:
>> 1. Open virt-manager
>> 2. Connect to localhost (xen)
>> 3. Start a domain
>>
>> Actual results:
>> Domain is created in a paused state, virt-manager shows errors about
>> losing connection to the daemon. Logs show libvirtd crashed.
>>
>> Expected results:
>> Domain creation.
>>
>> Additional info:
>> Sep 27 09:08:30 saboo libvirtd[24880]: *** Error in
>> `/usr/sbin/libvirtd': free(): invalid next size (fast):
>> 0x00007f82c8003210 ***
>> Sep 27 09:08:30 saboo libvirtd[24880]: ======= Backtrace: =========
>> Sep 27 09:08:30 saboo libvirtd[24880]:
>> /lib64/libc.so.6(+0x365b27d0e8)[0x7f82f5a7a0e8]
>> Sep 27 09:08:30 saboo libvirtd[24880]:
>> /lib64/libvirt.so.0(virFree+0x1a)[0x7f82f8f07d5a]
>> Sep 27 09:08:30 saboo libvirtd[24880]:
>>
/usr/lib64/libvirt/connection-driver/libvirt_driver_libxl.so(+0x14b6c)[0x7f82e032bb6c]
>> Sep 27 09:08:30 saboo libvirtd[24880]:
>>
/usr/lib64/libvirt/connection-driver/libvirt_driver_libxl.so(+0x154d4)[0x7f82e032c4d4]
>> Sep 27 09:08:30 saboo libvirtd[24880]:
>> /lib64/libvirt.so.0(virDomainCreate+0xf7)[0x7f82f8fdb6b7]
>> Sep 27 09:08:30 saboo libvirtd[24880]:
>> /usr/sbin/libvirtd(+0x350c7)[0x7f82f9a1a0c7]
>> Sep 27 09:08:30 saboo libvirtd[24880]:
>> /lib64/libvirt.so.0(virNetServerProgramDispatch+0x3ba)[0x7f82f90314aa]
>> Sep 27 09:08:30 saboo libvirtd[24880]:
>> /lib64/libvirt.so.0(+0x3a33f822d8)[0x7f82f902c2d8]
>> Sep 27 09:08:30 saboo libvirtd[24880]:
>> /lib64/libvirt.so.0(+0x3a33ea0c15)[0x7f82f8f4ac15]
>> Sep 27 09:08:30 saboo libvirtd[24880]:
>> /lib64/libvirt.so.0(+0x3a33ea0691)[0x7f82f8f4a691]
>> Sep 27 09:08:30 saboo libvirtd[24880]:
>> /lib64/libpthread.so.0(+0x365ba07c53)[0x7f82f61ccc53]
>> Sep 27 09:08:30 saboo libvirtd[24880]:
>> /lib64/libc.so.6(clone+0x6d)[0x7f82f5af2d3d]
>>
>>
>>
>> --
>> libvir-list mailing list
>> libvir-list at redhat.com
>> https://www.redhat.com/mailman/listinfo/libvir-list

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)

iQEkBAEBCgAGBQJSaU6eAAoJEAUkni6MUg7HY2MIOwdamON9ggteRT+FVO6cPISE
FEmP/75Hu06SqdcnNw8agwha4ZYBG5JpdrUgWcpudbg4A2XUVsrRXWLJOukaF8t7
d5OgZ9lKOU9Hv0o3+kDK+Yh6KWu9NwnvxoTtX+Ft+z+9vwARtL1JBIfuIcXegT9m
eV0A0M+mI3x0cp2PwnQepzJwxA3IOh9PtbP+3K+ydm/sU3Tiv/Qn9HEpgkR4AEOk
S6xTrJ2pPwi6/+/Tan7ya4Xcsyma2YTg0mu2dYkQighsSTp6yqI/fE2DFzsV6aJC
SDkdqlmxDzm1+bM5ybt8Afukvp1/wZJLR0Hk4TqggWiAxNpA+3j1TGt2VqsUUZWo
/lvHGs3KKQ==
=PzKp
-----END PGP SIGNATURE-----

More information about the libvir-list mailing list