Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
For bugs related to Red Hat Enterprise Linux 5 product line. The current stable release is 5.10. For Red Hat Enterprise Linux 6 and above, please visit Red Hat JIRA https://issues.redhat.com/secure/CreateIssue!default.jspa?pid=12332745 to report new issues.

Bug 555309

Summary: libvirt crashes in xenUnifiedNodeDeviceReset
Product: Red Hat Enterprise Linux 5 Reporter: Jiri Denemark <jdenemar>
Component: libvirtAssignee: Chris Lalancette <clalance>
Status: CLOSED ERRATA QA Contact: Virtualization Bugs <virt-bugs>
Severity: medium Docs Contact:
Priority: low    
Version: 5.5CC: clalance, gren, llim, veillard, virt-maint, xen-maint
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2010-03-30 08:10:31 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
Only call check function if it's non-NULL none

Description Jiri Denemark 2010-01-14 11:55:42 UTC 
Created attachment 383661 [details]
Only call check function if it's non-NULL

Description of problem:

When virt-manager tries to attach a PCI device to a Xen guest, it calls virNodeDeviceReset (unlike virsh, which doesn't do so) and crashes:

#0  0x0000000000000000 in ?? ()
#1  0x00000038c581acf0 in pciResetDevice (conn=<value optimized out>, vm=<value optimized out>, dev=<value optimized out>, check=<value optimized out>) at pci.c:647
#2  0x00000038c5860f2d in xenUnifiedNodeDeviceReset (dev=<value optimized out>) at xen_unified.c:1533
#3  0x00000038c5825108 in virNodeDeviceReset (dev=<value optimized out>) at libvirt.c:7577
#4  0x00002abf1fbf5c89 in libvirt_virNodeDeviceReset (self=<value optimized out>, args=<value optimized out>) at libvirt-py.c:1489
#5  0x0000003d504950ba in PyEval_EvalFrame () from /usr/lib64/libpython2.4.so.1.0
...

That is because xenUnifiedNodeDeviceReset at xen_unified.c:1533 calls
    pciResetDevice(dev->conn, NULL, pci, NULL)

but pciResetDevice does not really expect it's fourth argument (check) to be NULL and calls it:
    if (!check(conn, vm, dev)) ...

Version-Release number of selected component (if applicable):

libvirt-0.6.3-29.el5

How reproducible:

100%

Steps to Reproduce:

(Taken from https://bugzilla.redhat.com/show_bug.cgi?id=512315#c24)
1. xm cr HVM.cfg
2. Using virt-manager to hotplug a pci device, Add Hardware=>Physical Host
Device=>Choose a hidden pci device=>Click Finish
3. In guest, run #lspci  
4. In host, run #xm pci-list-assign
  
Actual results:

The backtrace above.

Expected results:

No backtrace.

Additional info:

Patch attached.
Comment 1 Jiri Denemark 2010-01-14 12:20:42 UTC 
Patch sent to virtualist: http://post-office.corp.redhat.com/archives/virtualist/2010-January/msg00562.html
Comment 2 Daniel Veillard 2010-01-14 15:12:03 UTC 
libvirt-0.6.3-30.el5 is built in dist-5E-qu-candidate with the fix,

  thanks !

Daniel
Comment 4 Gunannan Ren 2010-01-15 08:20:56 UTC 
The bugs has been verified in libvirt-0.6.3-30.el5

libvirt-devel-0.6.3-30.el5
libvirt-python-0.6.3-30.el5
libvirt-0.6.3-30.el5
libvirt-devel-0.6.3-30.el5
libvirt-debuginfo-0.6.3-30.el5
virt-manager-debuginfo-0.6.1-8.el5
virt-manager-0.6.1-12.el5

#lspci
...
03:00.0 Ethernet controller: Intel Corporation 82576 Gigabit Network Connection (rev 01)
03:00.1 Ethernet controller: Intel Corporation 82576 Gigabit Network Connection (rev 01)
...

# lspci -n |grep 03:00.0
03:00.0 0200: 8086:10c9 (rev 01)

#virsh nodedev-list 
...
pci_8086_10c9
pci_8086_10c9_0
...

#virsh nodedev-dettach pci_8086_10c9

open Virt-Manager->"Add Hardware" to assign the hidden PCI device to a vm, then
in the guest using "modeprobe acpiphp" and "lspci" will show the assigned PCI device.
Comment 7 errata-xmlrpc 2010-03-30 08:10:31 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2010-0205.html