qemu migration's source side will exit unexpectedly when we hotplug a deivce during a migration is processing. we can reproduced it easily by following step 1. do something with dirty memory requently(like memtester) in guest 2. startup a background migration with '-d' option 3. hotplug a device(device_add e1000,id=mye1000) 4. stop step.1, let guest idle so that migration can complete fastly
something unexpectedly occurs like below: *** Error in `/home/lizj/workspace/qemu/x86_64-softmmu/qemu-system-x86_64': free(): invalid pointer: 0x00007fff5c010b20 *** ======= Backtrace: ========= /lib64/libc.so.6(+0x7d1fd)[0x7ffff5ad41fd] /home/lizj/workspace/qemu/x86_64-softmmu/qemu-system-x86_64(+0x1e29c2)[0x5555557369c2] /lib64/libglib-2.0.so.0(g_free+0xf)[0x7ffff6aaa5af] /home/lizj/workspace/qemu/x86_64-softmmu/qemu-system-x86_64(+0x139454)[0x55555568d454] /home/lizj/workspace/qemu/x86_64-softmmu/qemu-system-x86_64(+0x13a232)[0x55555568e232] /home/lizj/workspace/qemu/x86_64-softmmu/qemu-system-x86_64(+0x13a2f1)[0x55555568e2f1] /home/lizj/workspace/qemu/x86_64-softmmu/qemu-system-x86_64(+0xec914)[0x555555640914] /home/lizj/workspace/qemu/x86_64-softmmu/qemu-system-x86_64(+0xc7e7e)[0x55555561be7e] /home/lizj/workspace/qemu/x86_64-softmmu/qemu-system-x86_64(+0xc7f0f)[0x55555561bf0f] /home/lizj/workspace/qemu/x86_64-softmmu/qemu-system-x86_64(+0xf01c9)[0x5555556441c9] /home/lizj/workspace/qemu/x86_64-softmmu/qemu-system-x86_64(+0x3541d4)[0x5555558a81d4] /home/lizj/workspace/qemu/x86_64-softmmu/qemu-system-x86_64(+0x3a5cf6)[0x5555558f9cf6] /home/lizj/workspace/qemu/x86_64-softmmu/qemu-system-x86_64(+0x3b5809)[0x555555909809] /home/lizj/workspace/qemu/x86_64-softmmu/qemu-system-x86_64(+0x3a6067)[0x5555558fa067] /lib64/libglib-2.0.so.0(g_main_context_dispatch+0x15a)[0x7ffff6aa49ba] /home/lizj/workspace/qemu/x86_64-softmmu/qemu-system-x86_64(+0x3b3c6f)[0x555555907c6f] /home/lizj/workspace/qemu/x86_64-softmmu/qemu-system-x86_64(+0x3b3d4c)[0x555555907d4c] /home/lizj/workspace/qemu/x86_64-softmmu/qemu-system-x86_64(+0x3b3e0b)[0x555555907e0b] /home/lizj/workspace/qemu/x86_64-softmmu/qemu-system-x86_64(+0x1df701)[0x555555733701] /home/lizj/workspace/qemu/x86_64-softmmu/qemu-system-x86_64(+0x1e6fed)[0x55555573afed] /lib64/libc.so.6(__libc_start_main+0xf5)[0x7ffff5a78af5] /home/lizj/workspace/qemu/x86_64-softmmu/qemu-system-x86_64(+0x93729)[0x5555555e7729] ======= Memory map: ======== 555555554000-555555b04000 r-xp 00000000 08:04 14111744 /home/lizj/workspace/qemu/x86_64-softmmu/qemu-system-x86_64 555555d03000-555555dcc000 r--p 005af000 08:04 14111744 /home/lizj/workspace/qemu/x86_64-softmmu/qemu-system-x86_64 555555dcc000-555555e42000 rw-p 00678000 08:04 14111744 /home/lizj/workspace/qemu/x86_64-softmmu/qemu-system-x86_64 555555e42000-55555affc000 rw-p 00000000 00:00 0 [heap] snip... Changelog v3 - migration_bitmap_mutex is to prevent bitmap set and bitmap copy at the same time rather than migration_bitmap pointer. v2 - do bitmap_set after bitmap_copy Li Zhijian (2): migration: protect migration_bitmap migration: extend migration_bitmap exec.c | 5 +++++ include/exec/exec-all.h | 3 +++ migration/ram.c | 51 +++++++++++++++++++++++++++++++++++++++++++------ 3 files changed, 53 insertions(+), 6 deletions(-) -- 2.1.4
