XDR related breakage in libvirt v6.6.0 when using libvirt-lxc

Christian Ehrhardt christian.ehrhardt at canonical.com
Tue Aug 25 13:16:50 UTC 2020 

Hi,
I expect that this falls under the "with meson now everything is
different anyway" umbrella but wanted to let you know about this as it
affects v6.6 in at least Ubuntu/Debian.

The following recent patch has broken libvirt-lxc for us:
commit d7147b3797380de2d159ce6324536f3e1f2d97e3
Author: Pavel Hrdina <phrdina at redhat.com>
Date: Fri Jun 19 00:44:07 2020 +0200
    m4: virt-xdr: rewrite XDR check

I was tracking that down for [1] since the tests [4] failed on me. [2]
holds the backtrace.
In Debian the tests are skipped which explains why they were not seen there:
  smoke-lxc SKIP Test requires machine-level isolation but testbed
does not provide that

What happens is that the libvirt_lxc segfaults when using XDR functions.

dmesg shows:
[582093.524644] libvirt_lxc[261446]: segfault at 0 ip 0000000000000000
sp 00007ffdd2345598 error 14 in libvirt_lxc[5587e42aa000+8000]
[582093.524650] Code: Bad RIP value.

There are quite some uncertainties left, but on the surface it seems
that it links with libtirpc but
then instead of calling
libtirpc: src/xdr.c:929:xdr_uint64_t(xdrs, ullp)
it ends (gdb tells us in [2]) in glibc
glibc: sunrpc/xdr_intXX_t.c:62:xdr_uint64_t (XDR *xdrs, uint64_t *uip)

And the return from that function breaks it badly (instruction pointer
at 0x0 -> segfault)

Bisecting pointed to the referred commit which brings libtirpc into the mix.
The former builds had xdr detected, but not with libtirpc.
configure: xdr: yes (CFLAGS='' LIBS='')
The new config now does
configure: xdr: yes (CFLAGS='-I/usr/include/tirpc' LIBS='-ltirpc')

And the resulting libvirt_lxc reflects that

v6.0.0
$ lddtree /usr/lib/libvirt/libvirt_lxc | grep tirpc
v6.6.0
$ lddtree /usr/lib/libvirt/libvirt_lxc | grep tirpc
        libtirpc.so.3 => /lib/x86_64-linux-gnu/libtirpc.so.3

This seems to lead to the bad jump and the crash eventually.
Meanwhile reverting d7147b37 "m4: virt-xdr: rewrite XDR check" on top
of v6.6.0 resolves the issue back to the former state.

For anyone that wants to recreate this, I also attached a bisect
script [3] which includes the test case you'd need.

[1]: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1892826
[2]: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1892826/comments/4
[3]: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1892826/+attachment/5404392/+files/bisect-libvirt.sh
[4]: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-groovy/groovy/amd64/libv/libvirt/20200825_005918_44b74@/log.gz

-- 
Christian Ehrhardt
Staff Engineer, Ubuntu Server
Canonical Ltd

More information about the libvir-list mailing list