Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 771562

Summary: Change numa parameters with 'nodeset' option will crash libvirtd
Product: Red Hat Enterprise Linux 6 Reporter: Alex Jia <ajia>
Component: libvirtAssignee: Alex Jia <ajia>
Status: CLOSED ERRATA QA Contact: Virtualization Bugs <virt-bugs>
Severity: high Docs Contact:
Priority: high    
Version: 6.3CC: acathrow, dyuan, gsun, mzhan, rwu, veillard
Target Milestone: rc   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: libvirt-0.9.9-1.el6 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-06-20 06:43:22 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Alex Jia 2012-01-04 05:57:08 UTC 
Description of problem:
Change numa parameters with 'nodeset' option will crash libvirtd.

Version-Release number of selected component (if applicable):
# rpm -q libvirt
libvirt-0.9.9-0rc1.el6.x86_64

How reproducible:
always

Steps to Reproduce:
1. # virsh list --all
 Id Name                 State
----------------------------------
  - vr-rhel5u7-x86_64-kvm shut off

2. # virsh numatune vr-rhel5u7-x86_64-kvm --nodeset 0
error: Unable to change numa parameters
error: End of file while reading data: Input/output error

3. # virsh list --all
error: Failed to reconnect to the hypervisor
error: no valid connection
error: Failed to connect socket to '/var/run/libvirt/libvirt-sock': Connection refused

  
Actual results:

# service libvirtd status
libvirtd dead but pid file exists

Expected results:
numa tuning works well and has no effect on libvirt daemon.

Additional info:
Comment 1 Alex Jia 2012-01-04 07:30:38 UTC 
It should be codes deref a NULL pointer to crash libvirt daemon:

(gdb) s

Program received signal SIGSEGV, Segmentation fault.
0x000000000045dffe in qemuDomainSetNumaParameters (dom=<value optimized out>, params=<value optimized out>, nparams=1, flags=2) at /usr/include/bits/string3.h:52
52        return __builtin___memcpy_chk (__dest, __src, __len, __bos0 (__dest));

#2  <signal handler called>
#3  0x000000000045dffe in qemuDomainSetNumaParameters (dom=<value optimized out>, params=<value optimized out>, nparams=1, flags=2) at /usr/include/bits/string3.h:52
#4  0x0000003b8b2d137a in virDomainSetNumaParameters (domain=0x7f8220000b50, params=0x7f82200008c0, nparams=1, flags=0) at libvirt.c:3816
#5  0x0000000000439a89 in remoteDispatchDomainSetNumaParameters (server=<value optimized out>, client=<value optimized out>, msg=<value optimized out>, rerr=0x7f823481bbd0, args=<value optimized out>,
    ret=<value optimized out>) at remote_dispatch.h:4824
#6  remoteDispatchDomainSetNumaParametersHelper (server=<value optimized out>, client=<value optimized out>, msg=<value optimized out>, rerr=0x7f823481bbd0, args=<value optimized out>,
    ret=<value optimized out>) at remote_dispatch.h:4794
#7  0x0000003b8b306335 in virNetServerProgramDispatchCall (prog=0x199cda0, server=0x1991b60, client=0x199bc10, msg=0x199cfb0) at rpc/virnetserverprogram.c:416
#8  virNetServerProgramDispatch (prog=0x199cda0, server=0x1991b60, client=0x199bc10, msg=0x199cfb0) at rpc/virnetserverprogram.c:289
#9  0x0000003b8b3075c1 in virNetServerHandleJob (jobOpaque=<value optimized out>, opaque=<value optimized out>) at rpc/virnetserver.c:164
#10 0x0000003b8b25758c in virThreadPoolWorker (opaque=<value optimized out>) at util/threadpool.c:144
#11 0x0000003b8b256ea2 in virThreadHelper (data=<value optimized out>) at util/threads-pthread.c:157
#12 0x0000003b72a077f1 in start_thread () from /lib64/libpthread.so.0
#13 0x0000003b726e570d in clone () from /lib64/libc.so.6
Comment 2 Alex Jia 2012-01-04 07:56:13 UTC 
Patch for upstream:
https://www.redhat.com/archives/libvir-list/2012-January/msg00116.html
Comment 3 Alex Jia 2012-01-05 05:41:58 UTC 
(In reply to comment #2)
> Patch for upstream:
> https://www.redhat.com/archives/libvir-list/2012-January/msg00116.html

The patch is incorrect, Hu Tao's patch works well for me, but still need to wait other developers ACK:
https://www.redhat.com/archives/libvir-list/2012-January/msg00125.html
Comment 4 Alex Jia 2012-01-06 02:41:20 UTC 
In POST:

commit 6b780f744b02b456931932a6d8c3db8c3a149656
Author: Hu Tao <hutao.com>
Date:   Wed Jan 4 17:41:43 2012 +0800

    qemu: fix a bug in numatune
    
    When setting numa nodeset for a domain which has no nodeset set
    before, libvirtd crashes by dereferencing the pointer to the old
    nodemask which is null in that case.
Comment 5 Daniel Veillard 2012-01-09 09:35:35 UTC 
It made it in time for 0.9.9,

Daniel
Comment 7 Wayne Sun 2012-01-10 09:00:48 UTC 
# rpm -q libvirt
libvirt-0.9.9-1.el6.x86_64

# virsh list --all
 Id Name                 State
----------------------------------
  - rhel6u2              shut off

# virsh numatune rhel6u2 --nodeset 0

# virsh list --all
 Id Name                 State
----------------------------------
  - rhel6u2              shut off

# service libvirtd status
libvirtd (pid  8024) is running...

# virsh dumpxml rhel6u2
  ......
  <numatune>
    <memory mode='strict' nodeset='0'/>
  </numatune>
  ......

# virsh start rhel6u2
Domain rhel6u2 started

so, this is fixed.
Comment 9 errata-xmlrpc 2012-06-20 06:43:22 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2012-0748.html