libvirt-daemon error "virHashSearch:727 : Hash operation not allowed during iteration"
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Ubuntu Cloud Archive |
Fix Released
|
Undecided
|
Unassigned | ||
Pike |
Won't Fix
|
Undecided
|
Unassigned | ||
libvirt (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Bionic |
Fix Released
|
High
|
Christian Ehrhardt |
Bug Description
[Impact]
* Libvirt does an overzealous check on concurrent hash usage which breaks
some automation like for example Terraform. Upstream moved the need to
lock up the stack where applicable and dropped the checks as they were
superfluous.
* Backport the upstream change dropping the extra checks on hash usage
[Test Case]
* Run the attached script test-lp1789659.sh
(based on ideas of https:/
With the aforementioned patch, this error is not produced any more.
[Regression Potential]
* If the assumption that all remaining callers are safe isn't correct
there could be code using invalid hashes accessing guest information.
This needs thorough tests and regression checks as well as an extra
review if it can be applied to the libvirt 4.0 we have in Bionic.
This was done by me and also upstream did the same.
Quote from the patch: "Most important uses seem to be covered. Callers
have now a greater responsability, notably the ability to execute some
operations while iterating were reliably forbidden before are now
accepted."
It is important to see that the internal locking was inherently racy
(boolean) so we are replaceing a broken lock-ckeck with no check as
upper layers were supposed to do it correctly. That is true for what is
in the archive but there could be out-of archive things not doing so
calling directly into the python api bindings for example.
Never the less those are today just as affected by the locking being
broken, so those do not "loose" a lot.
All major exploiters we know of are good - the rest is a regression
risk we are willing to take in favor of fixing all the valid use cases
being affected by the broken lock handling.
[Other Info]
* n/a
----
In the SUSE Manager/Uyuni[1] project CIs we make use of Terraform[2], a tool to automate infrastructure deployments, together with terraform-
By default, this setup will issue several libvirt API calls concurrently in an hard-to-predict order, as demonstrated by logs that I am attaching.
In the "bad log" example, the following line appears:
error : virHashSearch:727 : Hash operation not allowed during iteration
According to analysis of a similar problem by Red Hat in an OpenStack scenario[4], this is has been fixed in upstream libvirt via commit 4d7384eb9ddef20
I tested the patch and it applies cleanly to the 4.0.0 package shipping with Bionic and that successfully resolves this issue.
Please evaluate including this patch.
Thanks in advance
[1] http://
[2] https:/
[3] https:/
[4] https:/
[5] https:/
ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: libvirt-daemon 4.0.0-1ubuntu8.3
ProcVersionSign
Uname: Linux 4.15.0-33-generic x86_64
NonfreeKernelMo
ApportVersion: 2.20.9-0ubuntu7.2
Architecture: amd64
CurrentDesktop: ubuntu:GNOME
Date: Wed Aug 29 16:05:10 2018
InstallationDate: Installed on 2014-06-12 (1539 days ago)
InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Release amd64 (20140417)
SourcePackage: libvirt
UpgradeStatus: Upgraded to bionic on 2018-05-02 (119 days ago)
description: | updated |
Changed in libvirt (Ubuntu Bionic): | |
importance: | Undecided → High |
description: | updated |
description: | updated |
This is upstram since 4.3 and thereby fixed in Cosmic.
Haven't had the time to look in depth and consider an SRU for Bionic ...