Bug 1536351

Summary: libvirtd crash on the target host when do migration with --offline and --persistent options
Product: Red Hat Enterprise Linux 7 Reporter: yafu <yafu>
Component: libvirtAssignee: Jiri Denemark <jdenemar>
Status: CLOSED ERRATA QA Contact: yafu <yafu>
Severity: high Docs Contact:
Priority: high    
Version: 7.5CC: chhu, dyuan, dzheng, jdenemar, lmiksik, mtessun, rbalakri, yanqzhan, yisun, zpeng
Target Milestone: betaKeywords: Regression
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: libvirt-3.9.0-9.el7 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2018-04-10 11:04:21 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description yafu 2018-01-19 08:30:29 UTC 
Description of problem:
libvirtd crash on the target host when do migration with --offline and --persistent options

Version-Release number of selected component (if applicable):
libvirt-3.9.0-8.el7.x86_64


How reproducible:
100%

Steps to Reproduce:
1.Do migration with --offline and --persistent options:
# virsh migrate rhel qemu+ssh://10.66.4.116/system --offline --verbose  --persistent
error: End of file while reading data: Ncat: Broken pipe.: Input/output error

2.
3.

Actual results:
Libvirtd crash on the target host

Expected results:
libvirtd should not crash and do migration successfully.

Additional info:
1.It works well with libvirt-3.9.0-7.el7.x86_64.

2.The issue also can be reproduced with libvirt-3.2.0-14.el7_4.8.x86_64.

3.The backtrace of the crashed libvirtd is:
(gdb) t a a bt

Thread 10 (Thread 0x7f8703c268c0 (LWP 12835)):
#0  0x00007f86ffd8fced in poll () at ../sysdeps/unix/syscall-template.S:81
#1  0x00007f8702cb7cfe in poll (__timeout=4998, __nfds=12, __fds=<optimized out>) at /usr/include/bits/poll2.h:46
#2  virEventPollRunOnce () at util/vireventpoll.c:641
#3  0x00007f8702cb5f3a in virEventRunDefaultImpl () at util/virevent.c:327
#4  0x00007f8702ec3235 in virNetDaemonRun (dmn=dmn@entry=0x556c7e5f6320) at rpc/virnetdaemon.c:837
#5  0x0000556c7dcc957c in main (argc=<optimized out>, argv=<optimized out>) at libvirtd.c:1494

Thread 9 (Thread 0x7f86e1b53700 (LWP 12843)):
#0  pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:185
#1  0x00007f8702d33c5e in virCondWait (c=c@entry=0x556c7e640b78, m=m@entry=0x556c7e640b50) at util/virthread.c:154
#2  0x00007f8702d34c03 in virThreadPoolWorker (opaque=opaque@entry=0x556c7e63f700) at util/virthreadpool.c:124
#3  0x00007f8702d33870 in virThreadHelper (data=<optimized out>) at util/virthread.c:206
#4  0x00007f8700070dd5 in start_thread (arg=0x7f86e1b53700) at pthread_create.c:308
#5  0x00007f86ffd9a94d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113

Thread 8 (Thread 0x7f86f2613700 (LWP 12837)):
#0  pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:185
#1  0x00007f8702d33c5e in virCondWait (c=c@entry=0x556c7e5f5a08, m=m@entry=0x556c7e5f59e0) at util/virthread.c:154
#2  0x00007f8702d34c03 in virThreadPoolWorker (opaque=opaque@entry=0x556c7e5f52a0) at util/virthreadpool.c:124
#3  0x00007f8702d33870 in virThreadHelper (data=<optimized out>) at util/virthread.c:206
#4  0x00007f8700070dd5 in start_thread (arg=0x7f86f2613700) at pthread_create.c:308
#5  0x00007f86ffd9a94d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113

Thread 7 (Thread 0x7f86f2e14700 (LWP 12836)):
#0  pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:185
#1  0x00007f8702d33c5e in virCondWait (c=c@entry=0x556c7e5f5a08, m=m@entry=0x556c7e5f59e0) at util/virthread.c:154
#2  0x00007f8702d34c03 in virThreadPoolWorker (opaque=opaque@entry=0x556c7e5f51d0) at util/virthreadpool.c:124
#3  0x00007f8702d33870 in virThreadHelper (data=<optimized out>) at util/virthread.c:206
#4  0x00007f8700070dd5 in start_thread (arg=0x7f86f2e14700) at pthread_create.c:308
#5  0x00007f86ffd9a94d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113

Thread 6 (Thread 0x7f86e2354700 (LWP 12842)):
#0  pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:185
#1  0x00007f8702d33c5e in virCondWait (c=c@entry=0x556c7e640b78, m=m@entry=0x556c7e640b50) at util/virthread.c:154
#2  0x00007f8702d34c03 in virThreadPoolWorker (opaque=opaque@entry=0x556c7e640710) at util/virthreadpool.c:124
#3  0x00007f8702d33870 in virThreadHelper (data=<optimized out>) at util/virthread.c:206
#4  0x00007f8700070dd5 in start_thread (arg=0x7f86e2354700) at pthread_create.c:308
#5  0x00007f86ffd9a94d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113

Thread 5 (Thread 0x7f86e2b55700 (LWP 12841)):
#0  pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:185
#1  0x00007f8702d33c5e in virCondWait (c=c@entry=0x556c7e640b78, m=m@entry=0x556c7e640b50) at util/virthread.c:154
#2  0x00007f8702d34c03 in virThreadPoolWorker (opaque=opaque@entry=0x556c7e640920) at util/virthreadpool.c:124
#3  0x00007f8702d33870 in virThreadHelper (data=<optimized out>) at util/virthread.c:206
#4  0x00007f8700070dd5 in start_thread (arg=0x7f86e2b55700) at pthread_create.c:308
#5  0x00007f86ffd9a94d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113

---Type <return> to continue, or q <return> to quit---
Thread 4 (Thread 0x7f86e3356700 (LWP 12840)):
#0  pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:185
#1  0x00007f8702d33c5e in virCondWait (c=c@entry=0x556c7e640b78, m=m@entry=0x556c7e640b50) at util/virthread.c:154
#2  0x00007f8702d34c03 in virThreadPoolWorker (opaque=opaque@entry=0x556c7e640650) at util/virthreadpool.c:124
#3  0x00007f8702d33870 in virThreadHelper (data=<optimized out>) at util/virthread.c:206
#4  0x00007f8700070dd5 in start_thread (arg=0x7f86e3356700) at pthread_create.c:308
#5  0x00007f86ffd9a94d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113

Thread 3 (Thread 0x7f86e3b57700 (LWP 12839)):
#0  pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:185
#1  0x00007f8702d33c5e in virCondWait (c=c@entry=0x556c7e640b78, m=m@entry=0x556c7e640b50) at util/virthread.c:154
#2  0x00007f8702d34c03 in virThreadPoolWorker (opaque=opaque@entry=0x556c7e6407d0) at util/virthreadpool.c:124
#3  0x00007f8702d33870 in virThreadHelper (data=<optimized out>) at util/virthread.c:206
#4  0x00007f8700070dd5 in start_thread (arg=0x7f86e3b57700) at pthread_create.c:308
#5  0x00007f86ffd9a94d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113

Thread 2 (Thread 0x7f86e0b51700 (LWP 12889)):
#0  pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:185
#1  0x00007f8702d33c5e in virCondWait (c=c@entry=0x7f86b80ff550, m=m@entry=0x7f86b80ff510) at util/virthread.c:154
#2  0x00007f86e8e6a388 in udevEventHandleThread (opaque=<optimized out>) at node_device/node_device_udev.c:1729
#3  0x00007f8702d338b5 in virThreadHelper (data=<optimized out>) at util/virthread.c:206
#4  0x00007f8700070dd5 in start_thread (arg=0x7f86e0b51700) at pthread_create.c:308
#5  0x00007f86ffd9a94d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113

Thread 1 (Thread 0x7f86f1e12700 (LWP 12838)):
#0  qemuMigrationFinish (driver=driver@entry=0x7f86b80ff230, dconn=dconn@entry=0x7f86dc000c50, vm=0x7f86b826dc30, cookiein=cookiein@entry=0x0, cookieinlen=cookieinlen@entry=0, 
    cookieout=cookieout@entry=0x7f86f1e11ab0, cookieoutlen=cookieoutlen@entry=0x7f86f1e11aa4, flags=flags@entry=1032, retcode=retcode@entry=0, v3proto=v3proto@entry=true) at qemu/qemu_migration.c:5463
#1  0x00007f86e82a1a8f in qemuDomainMigrateFinish3Params (dconn=0x7f86dc000c50, params=0x7f86dc001080, nparams=3, cookiein=0x0, cookieinlen=0, cookieout=0x7f86f1e11ab0, cookieoutlen=0x7f86f1e11aa4, flags=1032, 
    cancelled=0) at qemu/qemu_driver.c:12828

#2  0x00007f8702e2f2b7 in virDomainMigrateFinish3Params (dconn=0x7f86dc000c50, params=0x7f86dc001080, nparams=3, cookiein=0x0, cookieinlen=0, cookieout=cookieout@entry=0x7f86f1e11ab0, 
    cookieoutlen=cookieoutlen@entry=0x7f86f1e11aa4, flags=1032, cancelled=0) at libvirt-domain.c:5020
#3  0x0000556c7dcd9d7f in remoteDispatchDomainMigrateFinish3Params (server=<optimized out>, msg=0x556c7e643dd0, ret=0x7f86dc001f70, args=0x7f86dc001fb0, rerr=0x7f86f1e11bc0, client=<optimized out>)
    at remote.c:5447
#4  remoteDispatchDomainMigrateFinish3ParamsHelper (server=<optimized out>, client=<optimized out>, msg=0x556c7e643dd0, rerr=0x7f86f1e11bc0, args=0x7f86dc001fb0, ret=0x7f86dc001f70) at remote_dispatch.h:7645

#5  0x00007f8702ecbd5c in virNetServerProgramDispatchCall (msg=0x556c7e643dd0, client=0x556c7e5f6420, server=0x556c7e5f5780, prog=0x556c7e640750) at rpc/virnetserverprogram.c:437
#6  virNetServerProgramDispatch (prog=0x556c7e640750, server=server@entry=0x556c7e5f5780, client=client@entry=0x556c7e5f6420, msg=msg@entry=0x556c7e643dd0) at rpc/virnetserverprogram.c:307
#7  0x0000556c7dd1d0da in virNetServerProcessMsg (srv=srv@entry=0x556c7e5f5780, client=0x556c7e5f6420, prog=<optimized out>, msg=0x556c7e643dd0) at rpc/virnetserver.c:148
#8  0x0000556c7dd1d4e8 in virNetServerHandleJob (jobOpaque=<optimized out>, opaque=0x556c7e5f5780) at rpc/virnetserver.c:169
#9  0x00007f8702d34aa1 in virThreadPoolWorker (opaque=opaque@entry=0x556c7e5ea5e0) at util/virthreadpool.c:167
#10 0x00007f8702d33870 in virThreadHelper (data=<optimized out>) at util/virthread.c:206
#11 0x00007f8700070dd5 in start_thread (arg=0x7f86f1e12700) at pthread_create.c:308
#12 0x00007f86ffd9a94d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113
Comment 3 Jiri Denemark 2018-01-19 09:48:53 UTC 
Sent upstream for review: https://www.redhat.com/archives/libvir-list/2018-January/msg00604.html
Comment 4 Jiri Denemark 2018-01-19 09:53:49 UTC 
Fixed upstream now:

commit bcc5710708ec90146b71bdb00d8705cb4a9e0088
Refs: v4.0.0-rc2-26-gbcc5710708
Author:     Jiri Denemark <jdenemar>
AuthorDate: Fri Jan 19 10:32:44 2018 +0100
Commit:     Jiri Denemark <jdenemar>
CommitDate: Fri Jan 19 10:51:19 2018 +0100

    qemu: Fix crash in offline migration

    When migrating a shutoff domain (i.e., offline migration), we have no
    statistics to report and thus jobInfo will be NULL in
    qemuMigrationFinish.

    Broken by me in v3.10.0-183-ge8784e7868.

    https://bugzilla.redhat.com/show_bug.cgi?id=1536351

    Signed-off-by: Jiri Denemark <jdenemar>
    Reviewed-by: Pavel Hrdina <phrdina>
Comment 9 yafu 2018-01-26 07:37:39 UTC 
Verified with libvirt-3.9.0-9.el7.x86_64.
Comment 13 errata-xmlrpc 2018-04-10 11:04:21 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2018:0704