render / rpms / libvirt

Forked from rpms/libvirt 9 months ago
Clone
Source Code
GIT

Blame SOURCES/libvirt-conf-fix-crash-when-parsing-a-unordered-NUMA-cell.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8-beta-stream-rhel c8-sig-altarch-stream-rhel c8-stream-rhel c8s-sig-hyperscale c8s-stream-rhel c9 c9-beta c9s-sig-hyperscale libvirt-hyperscale-10.4.0 upgrade-hyperscale-libvirt
  1.   7a340840837c631259c6a04f7f4b5e05bd0c28a1
  2.   SOURCES
  3.   libvirt-conf-fix-crash-when-parsing-a-unordered-NUMA-cell.patch
Blob History Raw
7a3408 
From e47ad8b77b309bd6e0cc0016537207a7426df10b Mon Sep 17 00:00:00 2001
7a3408 
Message-Id: <e47ad8b77b309bd6e0cc0016537207a7426df10b@dist-git>
7a3408 
From: Luyao Huang <lhuang@redhat.com>
7a3408 
Date: Tue, 8 Sep 2015 10:43:21 +0200
7a3408 
Subject: [PATCH] conf: fix crash when parsing a unordered NUMA <cell/>
7a3408
7a3408 
https://bugzilla.redhat.com/show_bug.cgi?id=1260846
7a3408
7a3408 
Introduced by 8fedbbdb, if we parse an unordered NUMA cell, will
7a3408 
get a segfault. This is because of a check for overlapping @cpus
7a3408 
sets we have there. However, since the array to hold guest NUMA
7a3408 
cells is allocated upfront and therefore it contains all zeros,
7a3408 
an out of order cell will break our assumption that cell IDs have
7a3408 
increasing character. At this point we try to access yet NULL
7a3408 
bitmap and therefore segfault.
7a3408
7a3408 
Signed-off-by: Luyao Huang <lhuang@redhat.com>
7a3408 
(cherry picked from commit 83ae3ee39bd13feddecc49aaad382d5cae72c257)
7a3408 
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
7a3408 
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
7a3408 
---
7a3408 
 src/conf/numa_conf.c                               | 10 +++++---
7a3408 
 .../qemuxml2argv-cpu-numa-disordered.xml           | 26 +++++++++++++++++++
7a3408 
 .../qemuxml2xmlout-cpu-numa-disordered.xml         | 29 ++++++++++++++++++++++
7a3408 
 tests/qemuxml2xmltest.c                            |  1 +
7a3408 
 4 files changed, 63 insertions(+), 3 deletions(-)
7a3408 
 create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-cpu-numa-disordered.xml
7a3408 
 create mode 100644 tests/qemuxml2xmloutdata/qemuxml2xmlout-cpu-numa-disordered.xml
7a3408
7a3408 
diff --git a/src/conf/numa_conf.c b/src/conf/numa_conf.c
7a3408 
index 5c123b9..b5963ac 100644
7a3408 
--- a/src/conf/numa_conf.c
7a3408 
+++ b/src/conf/numa_conf.c
7a3408 
@@ -759,11 +759,15 @@ virDomainNumaDefCPUParseXML(virDomainNumaPtr def,
7a3408 
         }
7a3408 
         VIR_FREE(tmp);
7a3408
7a3408 
-        for (j = 0; j < i; j++) {
7a3408 
+        for (j = 0; j < n; j++) {
7a3408 
+            if (j == cur_cell || !def->mem_nodes[j].cpumask)
7a3408 
+                continue;
7a3408 
+
7a3408 
             if (virBitmapOverlaps(def->mem_nodes[j].cpumask,
7a3408 
-                                  def->mem_nodes[i].cpumask)) {
7a3408 
+                                  def->mem_nodes[cur_cell].cpumask)) {
7a3408 
                 virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
7a3408 
-                               _("NUMA cells %zu and %zu have overlapping vCPU ids"), i, j);
7a3408 
+                               _("NUMA cells %u and %zu have overlapping vCPU ids"),
7a3408 
+                               cur_cell, j);
7a3408 
                 goto cleanup;
7a3408 
             }
7a3408 
         }
7a3408 
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-cpu-numa-disordered.xml b/tests/qemuxml2argvdata/qemuxml2argv-cpu-numa-disordered.xml
7a3408 
new file mode 100644
7a3408 
index 0000000..ad31607
7a3408 
--- /dev/null
7a3408 
+++ b/tests/qemuxml2argvdata/qemuxml2argv-cpu-numa-disordered.xml
7a3408 
@@ -0,0 +1,26 @@
7a3408 
+<domain type='qemu'>
7a3408 
+  <name>QEMUGuest1</name>
7a3408 
+  <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
7a3408 
+  <memory unit='KiB'>328650</memory>
7a3408 
+  <currentMemory unit='KiB'>328650</currentMemory>
7a3408 
+  <vcpu placement='static'>16</vcpu>
7a3408 
+  <os>
7a3408 
+    <type arch='x86_64' machine='pc'>hvm</type>
7a3408 
+    <boot dev='network'/>
7a3408 
+  </os>
7a3408 
+  <cpu>
7a3408 
+    <topology sockets='2' cores='4' threads='2'/>
7a3408 
+    <numa>
7a3408 
+      <cell id='0' cpus='0-5' memory='109550' unit='KiB'/>
7a3408 
+      <cell id='2' cpus='6-10' memory='109550' unit='KiB'/>
7a3408 
+      <cell id='1' cpus='11-15' memory='109550' unit='KiB'/>
7a3408 
+    </numa>
7a3408 
+  </cpu>
7a3408 
+  <clock offset='utc'/>
7a3408 
+  <on_poweroff>destroy</on_poweroff>
7a3408 
+  <on_reboot>restart</on_reboot>
7a3408 
+  <on_crash>destroy</on_crash>
7a3408 
+  <devices>
7a3408 
+      <emulator>/usr/bin/qemu</emulator>
7a3408 
+  </devices>
7a3408 
+</domain>
7a3408 
diff --git a/tests/qemuxml2xmloutdata/qemuxml2xmlout-cpu-numa-disordered.xml b/tests/qemuxml2xmloutdata/qemuxml2xmlout-cpu-numa-disordered.xml
7a3408 
new file mode 100644
7a3408 
index 0000000..0a76f12
7a3408 
--- /dev/null
7a3408 
+++ b/tests/qemuxml2xmloutdata/qemuxml2xmlout-cpu-numa-disordered.xml
7a3408 
@@ -0,0 +1,29 @@
7a3408 
+<domain type='qemu'>
7a3408 
+  <name>QEMUGuest1</name>
7a3408 
+  <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
7a3408 
+  <memory unit='KiB'>328650</memory>
7a3408 
+  <currentMemory unit='KiB'>328650</currentMemory>
7a3408 
+  <vcpu placement='static'>16</vcpu>
7a3408 
+  <os>
7a3408 
+    <type arch='x86_64' machine='pc'>hvm</type>
7a3408 
+    <boot dev='network'/>
7a3408 
+  </os>
7a3408 
+  <cpu>
7a3408 
+    <topology sockets='2' cores='4' threads='2'/>
7a3408 
+    <numa>
7a3408 
+      <cell id='0' cpus='0-5' memory='109550' unit='KiB'/>
7a3408 
+      <cell id='1' cpus='11-15' memory='109550' unit='KiB'/>
7a3408 
+      <cell id='2' cpus='6-10' memory='109550' unit='KiB'/>
7a3408 
+    </numa>
7a3408 
+  </cpu>
7a3408 
+  <clock offset='utc'/>
7a3408 
+  <on_poweroff>destroy</on_poweroff>
7a3408 
+  <on_reboot>restart</on_reboot>
7a3408 
+  <on_crash>destroy</on_crash>
7a3408 
+  <devices>
7a3408 
+    <emulator>/usr/bin/qemu</emulator>
7a3408 
+    <controller type='usb' index='0'/>
7a3408 
+    <controller type='pci' index='0' model='pci-root'/>
7a3408 
+    <memballoon model='virtio'/>
7a3408 
+  </devices>
7a3408 
+</domain>
7a3408 
diff --git a/tests/qemuxml2xmltest.c b/tests/qemuxml2xmltest.c
7a3408 
index 5f88c5d..d498610 100644
7a3408 
--- a/tests/qemuxml2xmltest.c
7a3408 
+++ b/tests/qemuxml2xmltest.c
7a3408 
@@ -604,6 +604,7 @@ mymain(void)
7a3408 
     DO_TEST_DIFFERENT("cpu-numa1");
7a3408 
     DO_TEST_DIFFERENT("cpu-numa2");
7a3408 
     DO_TEST_DIFFERENT("cpu-numa-no-memory-element");
7a3408 
+    DO_TEST_DIFFERENT("cpu-numa-disordered");
7a3408 
     DO_TEST("cpu-numa-disjoint");
7a3408 
     DO_TEST("cpu-numa-memshared");
7a3408
7a3408 
--
7a3408 
2.5.2
7a3408

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation