From 52c40003805f1702f103095dc5c3d00cf38e7a82 Mon Sep 17 00:00:00 2001 From: Dario Faggioli Date: Fri, 20 Dec 2013 16:29:47 +0100 Subject: [PATCH] libxl: avoid crashing if calling `virsh numatune' on inactive domain by, in libxlDomainGetNumaParameters(), calling libxl_bitmap_init() as soon as possible, which avoids getting to 'cleanup:', where libxl_bitmap_dispose() happens, without having initialized the nodemap, and hence crashing after some invalid free()-s: # ./daemon/libvirtd -v *** Error in `/home/xen/libvirt.git/daemon/.libs/lt-libvirtd': munmap_chunk(): invalid pointer: 0x00007fdd42592666 *** ======= Backtrace: ========= /lib64/libc.so.6(+0x7bbe7)[0x7fdd3f767be7] /lib64/libxenlight.so.4.3(libxl_bitmap_dispose+0xd)[0x7fdd2c88c045] /home/xen/libvirt.git/daemon/.libs/../../src/.libs/libvirt_driver_libxl.so(+0x12d26)[0x7fdd2caccd26] /home/xen/libvirt.git/src/.libs/libvirt.so.0(virDomainGetNumaParameters+0x15c)[0x7fdd4247898c] /home/xen/libvirt.git/daemon/.libs/lt-libvirtd(+0x1d9a2)[0x7fdd42ecc9a2] /home/xen/libvirt.git/src/.libs/libvirt.so.0(virNetServerProgramDispatch+0x3da)[0x7fdd424e9eaa] /home/xen/libvirt.git/src/.libs/libvirt.so.0(+0x1a6f38)[0x7fdd424e3f38] /home/xen/libvirt.git/src/.libs/libvirt.so.0(+0xa81e5)[0x7fdd423e51e5] /home/xen/libvirt.git/src/.libs/libvirt.so.0(+0xa783e)[0x7fdd423e483e] /lib64/libpthread.so.0(+0x7c53)[0x7fdd3febbc53] /lib64/libc.so.6(clone+0x6d)[0x7fdd3f7e1dbd] Signed-off-by: Dario Faggili Cc: Jim Fehlig Cc: Ian Jackson (cherry picked from commit f9ee91d35510ccbc6fc42cef8864b291b2d220f4) Conflicts: src/libxl/libxl_driver.c --- src/libxl/libxl_driver.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/libxl/libxl_driver.c b/src/libxl/libxl_driver.c index 9fb4fa513e..0a67ad24f5 100644 --- a/src/libxl/libxl_driver.c +++ b/src/libxl/libxl_driver.c @@ -4682,6 +4682,8 @@ libxlDomainGetNumaParameters(virDomainPtr dom, * the filtering on behalf of older clients that can't parse it. */ flags &= ~VIR_TYPED_PARAM_STRING_OKAY; + libxl_bitmap_init(&nodemap); + libxlDriverLock(driver); vm = virDomainObjListFindByUUID(driver->domains, dom->uuid); libxlDriverUnlock(driver); @@ -4703,8 +4705,6 @@ libxlDomainGetNumaParameters(virDomainPtr dom, priv = vm->privateData; - libxl_bitmap_init(&nodemap); - if ((*nparams) == 0) { *nparams = LIBXL_NUMA_NPARAM; ret = 0; -- GitLab