Bug 889407
| Summary: | snapshot --redefine disk snapshot may cause libvirtd crash | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | weizhang <weizhan> | ||||
| Component: | libvirt | Assignee: | Peter Krempa <pkrempa> | ||||
| Status: | CLOSED ERRATA | QA Contact: | Virtualization Bugs <virt-bugs> | ||||
| Severity: | high | Docs Contact: | |||||
| Priority: | high | ||||||
| Version: | 6.4 | CC: | acathrow, dyasny, dyuan, mzhan, pkrempa, rwu, tlavigne, whuang, zpeng | ||||
| Target Milestone: | rc | ||||||
| Target Release: | --- | ||||||
| Hardware: | x86_64 | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | libvirt-0.10.2-15.el6 | Doc Type: | Bug Fix | ||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2013-02-21 07:29:27 UTC | Type: | Bug | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Bug Depends On: | |||||||
| Bug Blocks: | 895654 | ||||||
| Attachments: |
|
||||||
Fixed upstream:
commit 709b0f37c5cb22b8846e59c2259ea30e73d72d92
Author: Peter Krempa <pkrempa>
Date: Thu Jan 3 14:20:09 2013 +0100
snapshot: qemu: Fix segfault and vanishing snapshots when redefining
When the disk alignment check done while redefining an existing snapshot
failed, the qemu driver attempted to free the existing snapshot. As in
the cleanup path the definition of the snapshot wasn't assigned, the
cleanup code dereferenced a NULL pointer.
This patch changes the behavior on error paths while redefining snapshot
in two ways:
1) On failure, modifications done on the snapshot definition object are
rolled back.
2) The previous definition of the data isn't freed until it's certain it
won't be needed any more.
This change avoids the segfault and additionally the snapshot doesn't
vanish if redefinition fails for some reason.
I can reproduce this with build : libvirt-0.10.2-14.el6.x86_64
verify on libvirt-0.10.2-15.el6.x86_64
step:
1:prepare a shutdown guest
2:create snapshot with:
# virsh snapshot-create rhel6.3 rhel-sn.xml --reuse-external --quiesce --disk-only
# cat rhel-sn.xml
<domainsnapshot>
<name>snapshot-rhel6.3</name>
<state>shutoff</state>
<creationTime>1356059598</creationTime>
<memory snapshot='no'/>
<disks>
<disk name='hda' snapshot='external'>
<driver type='qcow2'/>
<source file='/var/lib/libvirt/images/rhel6.3.img'/>
</disk>
</disks>
</domainsnapshot>
3. redefine snapshot
# virsh snapshot-create rhel6.3 rhel-sn.xml --redefine
Domain snapshot snapshot-rhel6.3 created from 'rhel-sn.xml'
libvirtd not crash, verification passed.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHSA-2013-0276.html |
Created attachment 667100 [details] libvirtd crash log Description of problem: after create disk snapshot for shutdown guest and redefine it, It may cause libvirtd crash Version-Release number of selected component (if applicable): libvirt-0.10.2-13.el6.x86_64 qemu-kvm-0.12.1.2-2.346.el6.x86_64 kernel-2.6.32-348.el6.x86_64 How reproducible: 100% Steps to Reproduce: 1. prepare a shutdown guest 2. create snapshot with # virsh snapshot-create tt sn-tck1.xml --reuse-external --quiesce --disk-only # cat sn-tck1.xml <domainsnapshot> <name>snapshot-tck1</name> <state>shutoff</state> <creationTime>1356059598</creationTime> <memory snapshot='no'/> <disks> <disk name='vda' snapshot='external'> <driver type='qcow2'/> <source file='/var/lib/libvirt/images/images/tt.snapshot-tck1'/> </disk> </disks> </domainsnapshot> 3. redefine snapshot # virsh snapshot-create tt snapshot-tt.xml --redefine Actual results: libvirtd crash error: End of file while reading data: Input/output error error: Failed to reconnect to the hypervisor Expected results: libvirtd works well Additional info: