Bug 1215569 - libvirtd crash when do blockcopy with "--shallow" option while guest source disk has no backing file
Summary: libvirtd crash when do blockcopy with "--shallow" option while guest source d...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: libvirt
Version: 7.2
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: rc
: ---
Assignee: Peter Krempa
QA Contact: Virtualization Bugs
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2015-04-27 07:21 UTC by Shanzhi Yu
Modified: 2015-11-19 06:29 UTC (History)
7 users (show)

Fixed In Version: libvirt-1.2.15-1.el7
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2015-11-19 06:29:49 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2015:2202 normal SHIPPED_LIVE libvirt bug fix and enhancement update 2015-11-19 08:17:58 UTC

Description Shanzhi Yu 2015-04-27 07:21:57 UTC
Description of problem:

libvirtd crash when do blockcopy with "--shallow" option while guest source disk has no backing file

Version-Release number of selected component (if applicable):

libvirt-1.2.14-1.el7.x86_64

How reproducible:

100%

Steps to Reproduce:

1. Prepare a transient guest, guest source disk has no backing file

# virsh list --transient
Id Name State
----------------------------------------------------
10 test running

# virsh dumpxml test |grep disk -A 4
<disk type='file' device='disk'>
<driver name='qemu' type='raw'/>
<source file='/var/lib/libvirt/images/test.img'/>
<backingStore/>
<target dev='vda' bus='virtio'/>
<alias name='virtio-disk0'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x06' function='0x0'/>
</disk>


2. Do blockcopy with --shallow option
# virsh blockcopy test vda /var/lib/libvirt/images/test.cp --reuse-external --shallow --raw
2015-04-27 05:23:55.928+0000: 8844: info : libvirt version: 1.2.14, package: 1.el7 (Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>, 2015-04-02-04:50:15, x86-035.build.eng.bos.redhat.com)
2015-04-27 05:23:55.928+0000: 8844: warning : virKeepAliveTimerInternal:143 : No response from client 0x7faf9e493470 after 6 keepalive messages in 35 seconds
2015-04-27 05:23:55.928+0000: 8845: warning : virKeepAliveTimerInternal:143 : No response from client 0x7faf9e493470 after 6 keepalive messages in 35 seconds
error: internal error: client socket is closed


3. backtrace info

(gdb) c
Continuing.
Detaching after fork from child process 9367.

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7f48ea655700 (LWP 9206)]
qemuDomainBlockCopyCommon (vm=0x7f48d81e7910, path=path@entry=0x7f48c8005ca0 "vda", mirror=0x7f48c8005ce0, bandwidth=bandwidth@entry=0, granularity=granularity@entry=0,
buf_size=buf_size@entry=0, flags=flags@entry=3, keepParentLabel=keepParentLabel@entry=true, conn=<optimized out>) at qemu/qemu_driver.c:16644
16644 mirror->format == VIR_STORAGE_FILE_RAW &&
(gdb) t a a bt

Thread 9 (Thread 0x7f48ea655700 (LWP 9206)):
#0 qemuDomainBlockCopyCommon (vm=0x7f48d81e7910, path=path@entry=0x7f48c8005ca0 "vda", mirror=0x7f48c8005ce0, bandwidth=bandwidth@entry=0, granularity=granularity@entry=0,
buf_size=buf_size@entry=0, flags=flags@entry=3, keepParentLabel=keepParentLabel@entry=true, conn=<optimized out>) at qemu/qemu_driver.c:16644
#1 0x00007f48de438ce7 in qemuDomainBlockRebase (dom=0x7f48c8005c60, path=0x7f48c8005ca0 "vda", base=<optimized out>, bandwidth=<optimized out>, flags=3)
at qemu/qemu_driver.c:16826
#2 0x00007f48fa207cf1 in virDomainBlockRebase (dom=dom@entry=0x7f48c8005c60, disk=0x7f48c8005ca0 "vda", base=0x7f48c8005c30 "/var/lib/libvirt/images/test.cp", bandwidth=0,
flags=15) at libvirt-domain.c:9966
#3 0x00007f48fac8a683 in remoteDispatchDomainBlockRebase (server=0x7f48fb9dea80, msg=0x7f48fb9f6100, args=0x7f48c80017c0, rerr=0x7f48ea654c70, client=<optimized out>)
at remote_dispatch.h:3172
#4 remoteDispatchDomainBlockRebaseHelper (server=0x7f48fb9dea80, client=<optimized out>, msg=0x7f48fb9f6100, rerr=0x7f48ea654c70, args=0x7f48c80017c0, ret=0x7f48c80018e0)
at remote_dispatch.h:3142
#5 0x00007f48fa265152 in virNetServerProgramDispatchCall (msg=0x7f48fb9f6100, client=0x7f48fb9f5a00, server=0x7f48fb9dea80, prog=0x7f48fb9f2bd0)
at rpc/virnetserverprogram.c:437
#6 virNetServerProgramDispatch (prog=0x7f48fb9f2bd0, server=server@entry=0x7f48fb9dea80, client=0x7f48fb9f5a00, msg=0x7f48fb9f6100) at rpc/virnetserverprogram.c:307
#7 0x00007f48facb1efd in virNetServerProcessMsg (msg=<optimized out>, prog=<optimized out>, client=<optimized out>, srv=0x7f48fb9dea80) at rpc/virnetserver.c:172
#8 virNetServerHandleJob (jobOpaque=<optimized out>, opaque=0x7f48fb9dea80) at rpc/virnetserver.c:193
#9 0x00007f48fa161615 in virThreadPoolWorker (opaque=opaque@entry=0x7f48fb9d30a0) at util/virthreadpool.c:145
#10 0x00007f48fa160b38 in virThreadHelper (data=<optimized out>) at util/virthread.c:206
#11 0x00007f48f75e2df5 in start_thread () from /lib64/libpthread.so.0
#12 0x00007f48f73101ad in clone () from /lib64/libc.so.6


Actual results:


Expected results:


Additional info:

Comment 1 Peter Krempa 2015-04-29 07:40:24 UTC
Fixed upstream by:

commit ebe0bd5590415981f5b01a5cf4aa702b269566f9
Author: Peter Krempa <pkrempa@redhat.com>
Date:   Mon Apr 27 13:57:20 2015 +0200

    qemu: blockCopy: Allow reuse of raw image for shallow block copy
    
    The documentation states that for shallow block copy the image has to
    have the same guest visible content as backing file of the current
    image if the file is being reused. This condition can be achieved also
    with a raw file (or a qcow without a backing file) so remove the
    condition that would disallow it.
    
    (This patch additionally fixes crash described in
     https://bugzilla.redhat.com/show_bug.cgi?id=1215569 )

v1.2.15-rc1-19-gebe0bd5

Comment 3 Shanzhi Yu 2015-06-16 08:35:36 UTC
The crash problem was fixed in libvirt-1.2.16-1.el7.x86_64, I can verify this.

Comment 5 errata-xmlrpc 2015-11-19 06:29:49 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2015-2202.html


Note You need to log in before you can comment on or make changes to this bug.