Bugzilla (bugzilla.redhat.com) will be under maintenance for infrastructure upgrades and will not be unavailable on July 31st between 12:30 AM - 05:30 AM UTC. We appreciate your understanding and patience. You can follow status.redhat.com for details.
Bug 1339535 - getAllDomainStats returns a corrupted array which leads to a segfault
Summary: getAllDomainStats returns a corrupted array which leads to a segfault
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: libvirt-python
Version: 24
Hardware: x86_64
OS: Linux
unspecified
high
Target Milestone: ---
Assignee: Daniel Berrangé
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-05-25 09:31 UTC by Roman Mohr
Modified: 2016-06-27 18:27 UTC (History)
5 users (show)

Fixed In Version: libvirt-python-1.3.3-3.fc24
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-06-27 18:27:37 UTC
Type: Bug


Attachments (Terms of Use)

Description Roman Mohr 2016-05-25 09:31:53 UTC
Description of problem:
The array returning getAllDomainStats, which contains pairs of (domain, stats dict) seems to return a corrupt array. I get a segfault when iterating over it.

Version-Release number of selected component (if applicable):
libvirt.x86_64                           1.2.18.3-1.fc23           @updates     
libvirt-client.x86_64                    1.2.18.3-1.fc23           @updates
libvirt-python.x86_64                    1.2.18-1.fc23             @@commandline

How reproducible:
Always on my machine.

Steps to Reproduce:
1. Start at least on VM
2. Try to access the stats 
3.

Actual results:
The code iterates over the end of the stats array.
Maybe the StopIterator is not thrown after the end of the array?

Expected results:
Stop iterating over stats when we are at the end of the array.

Additional info:
#!/bin/python

import libvirt

conn = libvirt.openReadOnly(None)
s = conn.getAllDomainStats(libvirt.VIR_DOMAIN_STATS_CPU_TOTAL |
                           libvirt.VIR_DOMAIN_STATS_BALLOON |
                           libvirt.VIR_DOMAIN_STATS_VCPU |
                           libvirt.VIR_DOMAIN_STATS_INTERFACE |
                           libvirt.VIR_DOMAIN_STATS_BLOCK,
                           libvirt.VIR_CONNECT_GET_ALL_DOMAINS_STATS_ACTIVE)


print(s) # this works
print(len(s)) # this reports in my case the correct length of 1
for domain, stats in s: # this does not stop after the first element
    print(stats) # when accessing the second element I get the segfault

Comment 1 Cole Robinson 2016-05-26 15:38:51 UTC
Should be fixed by:

commit e9c4e2abffef007a28112ebb40a9586b0128f10b
Author: Pavel Hrdina <phrdina@redhat.com>
Date:   Mon Apr 18 16:53:50 2016 +0200

    fix crash in getAllDomainStats
    
    Commits 1d39dbaf and 827ed9b4 broke the libvirt-python API by removing
    virDomainRef() and virDomainFree().  virDomainStatsRecordListFree() will
    free that domain pointer and later when virDomain (python object) call
    its destructor and tries to free that same pointer again.
    
    Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1326839
    
    Signed-off-by: Pavel Hrdina <phrdina@redhat.com>

Comment 2 Cole Robinson 2016-06-22 00:22:25 UTC
Hmm, are you definitely using packaged libvirt, and not a version from pip or similar? That issue exists with f24 era libvirt-python bug I can't reproduce it with f23

Comment 3 Roman Mohr 2016-06-23 11:05:20 UTC
(In reply to Cole Robinson from comment #2)
> Hmm, are you definitely using packaged libvirt, and not a version from pip
> or similar? That issue exists with f24 era libvirt-python bug I can't
> reproduce it with f23

Hm, seems like I can't reliably reproduce it anymore. For instance I had it yesterday but not today. I checked that it was not from pip. I even rebuilt the packages from the latest release back then and I had the same issue there too.

I will try to create a stacktrace with gdb when it happens again (if that helps).

Comment 4 Roman Mohr 2016-06-23 11:49:15 UTC
(In reply to Cole Robinson from comment #2)
> Hmm, are you definitely using packaged libvirt, and not a version from pip
> or similar?
Oh now I have it. I still had libvirt-python from pip for Python3. Seems like I only removed it for python2 from pip.

 That issue exists with f24 era libvirt-python bug I can't
> reproduce it with f23

Tested it again. Everything is working now.
Thanks for following up.

Comment 5 Fedora Update System 2016-06-23 13:10:09 UTC
libvirt-python-1.3.3-3.fc24 has been submitted as an update to Fedora 24. https://bodhi.fedoraproject.org/updates/FEDORA-2016-f9336762ec

Comment 6 Fedora Update System 2016-06-27 18:27:33 UTC
libvirt-python-1.3.3-3.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.