Bug 845460
| Summary: | exit console will crash libvirtd | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | zhpeng | ||||
| Component: | libvirt | Assignee: | Peter Krempa <pkrempa> | ||||
| Status: | CLOSED ERRATA | QA Contact: | Virtualization Bugs <virt-bugs> | ||||
| Severity: | medium | Docs Contact: | |||||
| Priority: | medium | ||||||
| Version: | 6.4 | CC: | acathrow, ajia, cwei, dallan, dyasny, dyuan, honzhang, mzhan, pkrempa, rhodain, whuang | ||||
| Target Milestone: | rc | ||||||
| Target Release: | --- | ||||||
| Hardware: | x86_64 | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | libvirt-0.10.0-0rc1.el6 | Doc Type: | Bug Fix | ||||
| Doc Text: |
Bug in previously added feature
|
Story Points: | --- | ||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2013-02-21 07:20:42 UTC | Type: | Bug | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
BTW, libvirt upstream is fine without this issue. (In reply to comment #2) > BTW, libvirt upstream is fine without this issue. The crash is reproducible also on upstream. (In reply to comment #3) > (In reply to comment #2) > > BTW, libvirt upstream is fine without this issue. > > The crash is reproducible also on upstream. It's strange for me, I haven't reproduce it on upstream, but the crash is indeed reproducible on libvirt-0.10.0-0rc0.el6.x86_64, it's a use after free issue. Fix sent for review upstream http://www.redhat.com/archives/libvir-list/2012-August/msg00168.html Fixed upstream with:
commit 45edefc7a7bcbec988f54331ff37fc32e4bc2718
Author: Peter Krempa <pkrempa>
Date: Fri Aug 3 11:20:29 2012 +0200
conf: Remove console stream callback only when freeing console helper
Commit ba226d334acbc49f6751b430e0c4e00f69eef6bf tried to fix crash of
the daemon when a domain with an open console was destroyed. The fix was
wrong as it tried to remove the callback also when the stream was
aborted, where at that point the fd stream driver was already freed and
removed.
This patch clears the callbacks with a helper right before the hash is
freed, so that it doesn't interfere with other codepaths where the
stream object is freed.
and moving to POST.
Verified it using libvirt-0.10.0-0rc1.el6.x86_64 , The result is expected. So move its status to VERIFIED. Steps 1. # virsh console rhel6 Connected to domain rhel6 Escape character is ^] ------> press ctrl+] 2.# virsh list Id Name State ---------------------------------------------------- 43 win running 44 rhel6 running 3.# service libvirtd status libvirtd (pid 23792) is running... Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHSA-2013-0276.html |
Created attachment 602074 [details] libvirtd log Description of problem: exit console will crash libvirtd Version-Release number of selected component (if applicable): libvirt-0.10.0-0rc0.el6.x86_64 How reproducible: 100% Steps to Reproduce: [root@zhpeng ~]# virsh console test Connected to domain test Escape character is ^] ------> press ctrl+] [root@zhpeng ~]# virsh list error: Failed to reconnect to the hypervisor error: no valid connection error: Failed to connect socket to '/var/run/libvirt/libvirt-sock': Connection refused [root@zhpeng ~]# service libvirtd status libvirtd dead but pid file exists Actually results: libvirtd crashed Expected results: all be fine Additional info: pls use "less" view the libvirtd.log