Bug 1215569

Summary: libvirtd crash when do blockcopy with "--shallow" option while guest source disk has no backing file
Product: Red Hat Enterprise Linux 7 Reporter: Shanzhi Yu <shyu>
Component: libvirtAssignee: Peter Krempa <pkrempa>
Status: CLOSED ERRATA QA Contact: Virtualization Bugs <virt-bugs>
Severity: high Docs Contact:
Priority: high    
Version: 7.2CC: dyuan, eblake, mzhan, pkrempa, rbalakri, xuzhang, yanyang
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: libvirt-1.2.15-1.el7 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-11-19 06:29:49 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Shanzhi Yu 2015-04-27 07:21:57 UTC
Description of problem:

libvirtd crash when do blockcopy with "--shallow" option while guest source disk has no backing file

Version-Release number of selected component (if applicable):

libvirt-1.2.14-1.el7.x86_64

How reproducible:

100%

Steps to Reproduce:

1. Prepare a transient guest, guest source disk has no backing file

# virsh list --transient
Id Name State
----------------------------------------------------
10 test running

# virsh dumpxml test |grep disk -A 4
<disk type='file' device='disk'>
<driver name='qemu' type='raw'/>
<source file='/var/lib/libvirt/images/test.img'/>
<backingStore/>
<target dev='vda' bus='virtio'/>
<alias name='virtio-disk0'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x06' function='0x0'/>
</disk>


2. Do blockcopy with --shallow option
# virsh blockcopy test vda /var/lib/libvirt/images/test.cp --reuse-external --shallow --raw
2015-04-27 05:23:55.928+0000: 8844: info : libvirt version: 1.2.14, package: 1.el7 (Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>, 2015-04-02-04:50:15, x86-035.build.eng.bos.redhat.com)
2015-04-27 05:23:55.928+0000: 8844: warning : virKeepAliveTimerInternal:143 : No response from client 0x7faf9e493470 after 6 keepalive messages in 35 seconds
2015-04-27 05:23:55.928+0000: 8845: warning : virKeepAliveTimerInternal:143 : No response from client 0x7faf9e493470 after 6 keepalive messages in 35 seconds
error: internal error: client socket is closed


3. backtrace info

(gdb) c
Continuing.
Detaching after fork from child process 9367.

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7f48ea655700 (LWP 9206)]
qemuDomainBlockCopyCommon (vm=0x7f48d81e7910, path=path@entry=0x7f48c8005ca0 "vda", mirror=0x7f48c8005ce0, bandwidth=bandwidth@entry=0, granularity=granularity@entry=0,
buf_size=buf_size@entry=0, flags=flags@entry=3, keepParentLabel=keepParentLabel@entry=true, conn=<optimized out>) at qemu/qemu_driver.c:16644
16644 mirror->format == VIR_STORAGE_FILE_RAW &&
(gdb) t a a bt

Thread 9 (Thread 0x7f48ea655700 (LWP 9206)):
#0 qemuDomainBlockCopyCommon (vm=0x7f48d81e7910, path=path@entry=0x7f48c8005ca0 "vda", mirror=0x7f48c8005ce0, bandwidth=bandwidth@entry=0, granularity=granularity@entry=0,
buf_size=buf_size@entry=0, flags=flags@entry=3, keepParentLabel=keepParentLabel@entry=true, conn=<optimized out>) at qemu/qemu_driver.c:16644
#1 0x00007f48de438ce7 in qemuDomainBlockRebase (dom=0x7f48c8005c60, path=0x7f48c8005ca0 "vda", base=<optimized out>, bandwidth=<optimized out>, flags=3)
at qemu/qemu_driver.c:16826
#2 0x00007f48fa207cf1 in virDomainBlockRebase (dom=dom@entry=0x7f48c8005c60, disk=0x7f48c8005ca0 "vda", base=0x7f48c8005c30 "/var/lib/libvirt/images/test.cp", bandwidth=0,
flags=15) at libvirt-domain.c:9966
#3 0x00007f48fac8a683 in remoteDispatchDomainBlockRebase (server=0x7f48fb9dea80, msg=0x7f48fb9f6100, args=0x7f48c80017c0, rerr=0x7f48ea654c70, client=<optimized out>)
at remote_dispatch.h:3172
#4 remoteDispatchDomainBlockRebaseHelper (server=0x7f48fb9dea80, client=<optimized out>, msg=0x7f48fb9f6100, rerr=0x7f48ea654c70, args=0x7f48c80017c0, ret=0x7f48c80018e0)
at remote_dispatch.h:3142
#5 0x00007f48fa265152 in virNetServerProgramDispatchCall (msg=0x7f48fb9f6100, client=0x7f48fb9f5a00, server=0x7f48fb9dea80, prog=0x7f48fb9f2bd0)
at rpc/virnetserverprogram.c:437
#6 virNetServerProgramDispatch (prog=0x7f48fb9f2bd0, server=server@entry=0x7f48fb9dea80, client=0x7f48fb9f5a00, msg=0x7f48fb9f6100) at rpc/virnetserverprogram.c:307
#7 0x00007f48facb1efd in virNetServerProcessMsg (msg=<optimized out>, prog=<optimized out>, client=<optimized out>, srv=0x7f48fb9dea80) at rpc/virnetserver.c:172
#8 virNetServerHandleJob (jobOpaque=<optimized out>, opaque=0x7f48fb9dea80) at rpc/virnetserver.c:193
#9 0x00007f48fa161615 in virThreadPoolWorker (opaque=opaque@entry=0x7f48fb9d30a0) at util/virthreadpool.c:145
#10 0x00007f48fa160b38 in virThreadHelper (data=<optimized out>) at util/virthread.c:206
#11 0x00007f48f75e2df5 in start_thread () from /lib64/libpthread.so.0
#12 0x00007f48f73101ad in clone () from /lib64/libc.so.6


Actual results:


Expected results:


Additional info:

Comment 1 Peter Krempa 2015-04-29 07:40:24 UTC
Fixed upstream by:

commit ebe0bd5590415981f5b01a5cf4aa702b269566f9
Author: Peter Krempa <pkrempa>
Date:   Mon Apr 27 13:57:20 2015 +0200

    qemu: blockCopy: Allow reuse of raw image for shallow block copy
    
    The documentation states that for shallow block copy the image has to
    have the same guest visible content as backing file of the current
    image if the file is being reused. This condition can be achieved also
    with a raw file (or a qcow without a backing file) so remove the
    condition that would disallow it.
    
    (This patch additionally fixes crash described in
     https://bugzilla.redhat.com/show_bug.cgi?id=1215569 )

v1.2.15-rc1-19-gebe0bd5

Comment 3 Shanzhi Yu 2015-06-16 08:35:36 UTC
The crash problem was fixed in libvirt-1.2.16-1.el7.x86_64, I can verify this.

Comment 5 errata-xmlrpc 2015-11-19 06:29:49 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2015-2202.html