Bug 1202703

Summary: Libvirt will crash with segfault if you try to set non-existing nwfilter to network interface for live guest
Product: Red Hat Enterprise Linux 6 Reporter: Hu Jianwei <jiahu>
Component: libvirtAssignee: Pavel Hrdina <phrdina>
Status: CLOSED ERRATA QA Contact: Virtualization Bugs <virt-bugs>
Severity: high Docs Contact:
Priority: high    
Version: 6.7CC: dyuan, honzhang, lmiksik, mzhan, phrdina, rbalakri, virt-bugs
Target Milestone: rc   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: libvirt-0.10.2-51.el6 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 1169409 Environment:
Last Closed: 2015-07-22 05:49:08 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1169409    
Bug Blocks: 1143780    

Comment 2 Pavel Hrdina 2015-03-17 09:41:39 UTC 
Downstream patch posted:

http://post-office.corp.redhat.com/archives/rhvirt-patches/2015-March/msg00466.html
Comment 4 hongming 2015-03-23 08:27:53 UTC 
Verify it as follows. Move its status to VERIFIED.


# rpm -q libvirt
libvirt-0.10.2-51.el6.x86_64

# virsh dumpxml rhel6.5|grep "/interface" -B7
    </controller>
    <interface type='network'>
      <mac address='52:54:00:f5:c6:22'/>
      <source network='default'/>
      <target dev='vnet0'/>
      <alias name='net0'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
    </interface>

# cat nic.xml
<interface type='network'>
<mac address='52:54:00:f5:c6:22'/>
<source network='default'/>
<target dev='vnet0'/>
<alias name='net0'/>
<filterref filter='clean-traffic-non-exist'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
</interface>

# service libvirtd status
libvirtd (pid  29326) is running...
[root@hongming ~]# virsh update-device rhel6.5 nic.xml
error: Failed to update device from nic.xml
error: operation failed: failed to add new filter rules to 'vnet0' - attempting to restore old rules

# service libvirtd status
libvirtd (pid  29326) is running...

==========================================================================

Add filter 'clean-traffic' to interface

# virsh dumpxml rhel6.5|grep "/interface" -B7
    <interface type='network'>
      <mac address='52:54:00:f5:c6:22'/>
      <source network='default'/>
      <target dev='vnet0'/>
      <filterref filter='clean-traffic'/>
      <alias name='net0'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
    </interface>


# cat nic.xml
<interface type='network'>
<mac address='52:54:00:f5:c6:22'/>
<source network='default'/>
<target dev='vnet0'/>
<alias name='net0'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
</interface>


# virsh update-device rhel6.5 nic.xml
error: Failed to update device from nic.xml
error: operation failed: failed to add new filter rules to 'vnet0' - attempting to restore old rules

# service libvirtd status
libvirtd (pid  29326) is running...
Comment 7 errata-xmlrpc 2015-07-22 05:49:08 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2015-1252.html