Bug 836326 - virsh net-create with SRV records kills libvirtd
virsh net-create with SRV records kills libvirtd
Product: Virtualization Tools
Classification: Community
Component: libvirt (Show other bugs)
x86_64 Linux
unspecified Severity unspecified
: ---
: ---
Assigned To: Laine Stump
Depends On:
  Show dependency treegraph
Reported: 2012-06-28 13:29 EDT by Stephen Gordon
Modified: 2016-04-26 21:50 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2016-03-23 18:20:54 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
backtrace (3.21 KB, text/plain)
2012-06-28 13:42 EDT, Dave Allan
no flags Details

  None (edit)
Description Stephen Gordon 2012-06-28 13:29:48 EDT
Description of problem:

Ran virsh net-create on a given XML file defining a network, libvirt crashed. There may or may not be an issue with my network in the XML file (probably around the SRV entries) but I would not have expected that to result in the daemon dying...

Output from virsh net-create:

# virsh net-create /tmp/demo.redhat.com-network.xml 
error: Failed to create network from /tmp/demo.redhat.com-network.xml
error: End of file while reading data: Input/output error

Additional Info:

    <bridge name='virbr9' />
    <forward mode='nat' />
    <domain name='demo.redhat.com' />
    <srv service='_kerberos' protocol='_tcp' domain='pony.demo.redhat.com' target='pony.demo.redhat.com' port='88'/>
    <srv service='_kerberos' protocol='_udp' domain='pony.demo.redhat.com' target='pony.demo.redhat.com' port='88'/>
    <srv service='_ldap' protocol='_tcp' domain='pony.demo.redhat.com' target='pony.demo.redhat.com' port='389'/>
    <host ip=''><hostname>pony.demo.redhat.com</hostname></host>
    <ip address='' netmask=''>
    <range start='' end='' />
Comment 2 Stephen Gordon 2012-06-28 13:35:46 EDT
As an aside it's unclear to me how the SRV records should really be written, the examples on libvirt.org set protocol="tcp" rather than "_tcp" but that results in a non-sensical srv-host entry being sent to dnsmasq with:


Instead of:


Resulting, I think, in this failure:

error: Failed to create network from /tmp/demo.redhat.com-network.xml
error: internal error Child process (/sbin/dnsmasq --strict-order --bind-interfaces --domain demo.redhat.com --pid-file=/var/run/libvirt/network/demo.redhat.pid --conf-file= --except-interface lo --srv-host=kerberos.tcp.pony.demo.redhat.com,pony.demo.redhat.com,88,1095468768,32544 --srv-host=kerberos.udp.pony.demo.redhat.com,pony.demo.redhat.com,88,1095468768,32544 --srv-host=ldap.tcp.pony.demo.redhat.com,pony.demo.redhat.com,389,1095468768,32544 --listen-address --dhcp-range, --dhcp-leasefile=/var/lib/libvirt/dnsmasq/demo.redhat.leases --dhcp-lease-max=1 --dhcp-no-override --expand-hosts --addn-hosts=/var/lib/libvirt/dnsmasq/demo.redhat.addnhosts) status unexpected: exit status 1

So there are a few issues here:

1) Why does a failed net-create kill libvirt? This shouldn't happen.

2) What is the correct syntax expected when defining SRV entries in the network definition, and does it actually result in valid SRV entries?
Comment 3 Stephen Gordon 2012-06-28 13:39:15 EDT
Comment 4 Dave Allan 2012-06-28 13:41:19 EDT
I've reproduced this with the current git HEAD.  It's 100% reproducible for me.
Comment 5 Dave Allan 2012-06-28 13:42:08 EDT
Created attachment 595096 [details]
Comment 7 Peter Krempa 2012-06-28 18:07:39 EDT
Fix is now commited upstream:

commit 96ebb4fe586512487f83b4696d20923315889796
Author: Peter Krempa <pkrempa@redhat.com>
Date:   Thu Jun 28 23:42:50 2012 +0200

    network_conf: Don't free uninitialized pointers while parsing DNS SRV


this patch solves problem 1) of your report. As of problem 2) the code checks for values "tcp" and "udp" (without leading underscores) for the protocol property. With the mentioned patch, you now get "error: Invalid protocol attribute value '_tcp'" (instead of daemon crash). When I remove the underscores I get another error:

error: internal error Child process (/usr/sbin/dnsmasq --strict-order --bind-interfaces --domain demo.redhat.com --pid-file=/var/run/libvirt/network/demo-redhat.pid --conf-file= --except-interface lo --srv-host=_kerberos.tcp.pony.demo.redhat.com,pony.demo.redhat.com,88,-1686014515,32560 --srv-host=_kerberos.udp.pony.demo.redhat.com,pony.demo.redhat.com,88,-1686014515,32560 --srv-host=_ldap.tcp.pony.demo.redhat.com,pony.demo.redhat.com,389,-1686014515,32560 --listen-address --dhcp-range, --dhcp-leasefile=/var/lib/libvirt/dnsmasq/demo-redhat.leases --dhcp-lease-max=1 --dhcp-no-override --expand-hosts --addn-hosts=/var/lib/libvirt/dnsmasq/demo-redhat.addnhosts) status unexpected: exit status 1

I'm not familiar with SRV DNS records in libvirt, so I'll leave this bug open for someone other to follow up with this problem.
Comment 8 Stephen Gordon 2012-06-28 18:21:19 EDT
I am pretty sure the issue is that the tcp in the srv-host line(s) should be prefixed with an underscore (and the same for udp entries) but as you can see, not much in the way of specific information from dnsmasq about the failure.
Comment 9 Dave Allan 2012-06-28 21:28:36 EDT
I've verified that the crash is fixed in the upstream git HEAD.
Comment 10 Gunannan Ren 2012-07-04 09:55:43 EDT
According to RFC 2782, the service and protocol fields should have leading underscores. In practice it is fine not to follow this rule, I will try to post a patch for it after digging into code.

The format of SRV RR should be <name>,<target>,<port>,<priority>,<weight>
so use the following xml for <srv> element
<srv service='kerberos' protocol='tcp' domain='pony.demo.redhat.com' target='pony.demo.redhat.com' port='88' priority='10' weight='10'/>

instead of
<srv service='_kerberos' protocol='_tcp' domain='pony.demo.redhat.com' target='pony.demo.redhat.com' port='88'/>

your case will lead to random digit value for <priority> as well as <weight>
error like:
Comment 11 Stephen Gordon 2012-07-04 11:10:45 EDT
Ok, but the docs say that only service name and protocol are mandatory arguments and seem to indicate the reason they are optional is because they are defined that way in that same RFC:


To me where these optional fields are not provided in the XML then no value for them should be sent to dnsmasq (random or otherwise). Certainly you don't have to set them when interacting with dnsmasq directly.
Comment 12 Stephen Gordon 2012-07-04 11:14:36 EDT
s/seem to indicate the reason they/seem to indicate the reason the others/
Comment 13 Gunannan Ren 2012-07-05 01:32:14 EDT
Yes, that's right. The dnsmasq adds zero value for these missing optional values, libvirt should align itself with dnsmasq. I will try to fix it.
Comment 14 Gunannan Ren 2012-07-08 06:54:17 EDT
patches sent to upstream:

Note You need to log in before you can comment on or make changes to this bug.