virsh domblkerror gets SIGSEGV when migrating with --live --copy-storage-all
Software environment
- Operating system: Fedora 33
- Architecture: x86_64
- kernel version: 5.11.13-200.fc33.x86_64
- libvirt version: v7.2.0-224-gac87f612
- Hypervisor and version: qemu-6.0.0-0.1.rc2.fc35.x86_64
Description of problem
As subject
Steps to reproduce
- Start an VM
- Get domblkerror in a infinite loop
while true; do virsh domblkerror hhan;done
- Migrate the VM to another host
virsh migrate hhan qemu+ssh://root@XXXX/system --live --copy-storage-all
Then get the coredump by `coredumpctl -1`:
TIME PID UID GID SIG COREFILE EXE
Mon 2021-04-19 03:43:38 UTC 262078 0 0 11 present /usr/bin/virsh
Backtrace:
Core was generated by `virsh domblkerror hhan'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0 cmdDomBlkError (ctl=<optimized out>, cmd=<optimized out>) at ../tools/virsh-domain-monitor.c:1256
1256 VIR_FREE(disks[i].disk);
[Current thread is 1 (Thread 0x7f5ecf1f8ac0 (LWP 262078))]
Missing separate debuginfos, use: dnf debuginfo-install glibc-2.33-5.fc34.x86_64 ncurses-libs-6.2-3.20200222.fc33.x86_64 readline-8.0-5.fc33.x86_64
(gdb) bt fu
#0 cmdDomBlkError (ctl=<optimized out>, cmd=<optimized out>) at ../tools/virsh-domain-monitor.c:1256
_pp = {in = 0x0, out = 0x0}
_p = <optimized out>
dom = 0x55c6ad568500
disks = <optimized out>
ndisks = <optimized out>
i = 0
count = <optimized out>
ret = <optimized out>
#1 0x000055c6ac77b416 in vshCommandRun (ctl=0x7ffebef76f10, cmd=0x55c6ad55ed10) at ../tools/vsh.c:1266
before = 1618803818722702
after = <optimized out>
enable_timing = false
hooks = 0x55c6ac7c5d08 <hooks>
ret = true
#2 0x000055c6ac73ab21 in main (argc=<optimized out>, argv=<optimized out>) at ../tools/virsh.c:896
_ctl =
{name = 0x55c6ac791f91 "virsh", env_prefix = 0x55c6ac791f97 "VIRSH", connname = 0x0, progname = 0x7ffebef7779d "virsh", cmd = 0x55c6ad55ed10, cmdstr = 0x0, imode = false, quiet = false, timing = false, debug = 4, logfile = 0x0, log_fd = -1, historydir = 0x0, historyfile = 0x0, eventLoop = {thread = 140045175637568}, lock = {lock = {__data = {__lock = 0, __count = 0, __owner = 0, __nusers = 0, __kind = 512, __spins = 0, __elision = 0, __list = {__prev = 0x0, __next = 0x0}}, __size = '\000' <repeats 17 times>, "\002", '\000' <repeats 21 times>, __align = 0}}, eventLoopStarted = true, quit = false, eventPipe = {-1, -1}, eventTimerId = 1, keepalive_interval = -1, keepalive_count = -1, termattr = {c_iflag = 1280, c_oflag = 5, c_cflag = 191, c_lflag = 35387, c_line = 0 '\000', c_cc = "\003\034\177\025\004\000\001\000\021\023\032\000\022\017\027\026", '\000' <repeats 15 times>, c_ispeed = 15, c_ospeed = 15}, istty = true, hooks = 0x55c6ac7c5d08 <hooks>, privData = 0x7ffebef76ec0}
ctl = 0x7ffebef76f10
virshCtl = {conn = 0x55c6ad561040, readonly = false, useGetInfo = false, useSnapshotOld = false, blockJobNoBytes = false, escapeChar = 0x55c6ac791f9d "^]"}
ret = true
Additional information
See the VM xml and full backtrace in blkerror.tgz
Edited by Peter Krempa