RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 977961 - libvirtd leaks URI on destination when migrating
Summary: libvirtd leaks URI on destination when migrating
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: libvirt
Version: 6.4
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: rc
: ---
Assignee: Jiri Denemark
QA Contact: Virtualization Bugs
URL:
Whiteboard:
: 982544 (view as bug list)
Depends On:
Blocks: 984578
TreeView+ depends on / blocked
 
Reported: 2013-06-25 16:49 UTC by Ján Tomko
Modified: 2013-11-21 09:03 UTC (History)
12 users (show)

Fixed In Version: libvirt-0.10.2-20.el6
Doc Type: Bug Fix
Doc Text:
When migrating, libvirtd leaked migration URI (Uniform Resource Identifier) on destination. A patch has been provided to fix this bug and the migration URI is now freed correctly.
Clone Of:
Environment:
Last Closed: 2013-11-21 09:03:54 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)
valgrind (26.19 KB, text/plain)
2013-07-10 02:58 UTC, zhpeng
no flags Details
valgrind msg 0723 (18.70 KB, text/plain)
2013-07-23 03:09 UTC, zhpeng
no flags Details


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2013:1581 0 normal SHIPPED_LIVE libvirt bug fix and enhancement update 2013-11-21 01:11:35 UTC

Description Ján Tomko 2013-06-25 16:49:47 UTC
Description of problem:
libvirtd leaks URI on destination when migrating

Version-Release number of selected component (if applicable):
libvirt-0.10.2-18.el6_4.9

How reproducible:
100 %

Steps to Reproduce:
1. (on host A): migrate a domain:
virsh migrate dom qemu+ssh://hostB/system tcp://hostB
2. (on host B): URI is not freed, as shown by valgrind

Actual results:
Valgrind on the destination shows a leak:
==2435== 84 (80 direct, 4 indirect) bytes in 1 blocks are definitely lost in loss record 517 of 717
==2435==    at 0x4A0577B: calloc (vg_replace_malloc.c:593)
==2435==    by 0x4E7877D: virAlloc (memory.c:100)
==2435==    by 0x4E9E9D9: virURIParse (viruri.c:170)
==2435==    by 0x47806E: qemuMigrationPrepareDirect (qemu_migration.c:1610)
==2435==    by 0x454743: qemuDomainMigratePrepare3 (qemu_driver.c:10021)
==2435==    by 0x4F00F6E: virDomainMigratePrepare3 (libvirt.c:6131)
==2435==    by 0x42E1EE: remoteDispatchDomainMigratePrepare3Helper (remote.c:3534)
==2435==    by 0x4F5E0E1: virNetServerProgramDispatch (virnetserverprogram.c:431)
==2435==    by 0x4F5F3CD: virNetServerProcessMsg (virnetserver.c:170)
==2435==    by 0x4F5FA6B: virNetServerHandleJob (virnetserver.c:191)
==2435==    by 0x4E8337B: virThreadPoolWorker (threadpool.c:144)
==2435==    by 0x4E82C68: virThreadHelper (threads-pthread.c:161)

Expected results:
URI is freed properly.

Additional info:
Fixed upstream by:
commit ddf8ad82eb5f638d6153f4b1869af17dca572e67
Author:     Jiri Denemark <jdenemar>
AuthorDate: 2013-06-18 13:38:55 +0200
Commit:     Jiri Denemark <jdenemar>
CommitDate: 2013-06-18 14:49:20 +0200

    qemu: Avoid leaking uri in qemuMigrationPrepareDirect

git describe: v1.0.6-91-gddf8ad8 contains: v1.1.0-rc1~75

Comment 1 Ján Tomko 2013-06-25 16:54:57 UTC
Downstream patch posted:
http://post-office.corp.redhat.com/archives/rhvirt-patches/2013-June/msg00608.html

Comment 7 zhpeng 2013-07-10 02:58:27 UTC
Created attachment 771355 [details]
valgrind

Comment 8 Ján Tomko 2013-07-10 11:36:37 UTC
There's a double free in the logs in comment 7:
==15763== Invalid free() / delete / delete[] / realloc()
==15763==    at 0x4A063F0: free (vg_replace_malloc.c:446)
==15763==    by 0x4E768B8: virFree (memory.c:419)
==15763==    by 0x4AAE37: qemuMigrationPrepareDirect (qemu_migration.c:1656)
==15763==    by 0x454893: qemuDomainMigratePrepare3 (qemu_driver.c:10039)
...
==15763==  Address 0x13a72ea0 is 0 bytes inside a block of size 11 free'd
==15763==    at 0x4A063F0: free (vg_replace_malloc.c:446)
==15763==    by 0x4E768B8: virFree (memory.c:419)
==15763==    by 0x4E9CBD6: virURIFree (viruri.c:325)
==15763==    by 0x4AAE2D: qemuMigrationPrepareDirect (qemu_migration.c:1655)

Moving back to POST:
http://post-office.corp.redhat.com/archives/rhvirt-patches/2013-July/msg00214.html

Comment 9 Jiri Denemark 2013-07-10 12:50:35 UTC
*** Bug 982544 has been marked as a duplicate of this bug. ***

Comment 12 zhpeng 2013-07-16 05:30:15 UTC
because of Bug 984793, i can't start a guest. so need to verify it later when that bug fixed.

Comment 14 zhpeng 2013-07-23 03:09:45 UTC
Created attachment 777147 [details]
valgrind msg 0723

Comment 15 Ján Tomko 2013-08-28 08:48:38 UTC
None of the leaks in the log in comment 14 seem significant to me.

Comment 16 yanbing du 2013-10-22 05:34:19 UTC
Retest this bug with libvirt-0.10.2-29.el6.x86_64, valgrind result is same with comment 13, so move this bug to VERIFIED.

Comment 17 yanbing du 2013-10-22 05:55:50 UTC
(In reply to yanbing du from comment #16)
> Retest this bug with libvirt-0.10.2-29.el6.x86_64, valgrind result is same
> with comment 13, so move this bug to VERIFIED.

Should be comment 14

Comment 19 errata-xmlrpc 2013-11-21 09:03:54 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2013-1581.html


Note You need to log in before you can comment on or make changes to this bug.