diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index eccecd4425abedaa481529b5aface2c34e71b52f..b91ccf74178b35501acc3d5f08abce55e04d8cbb 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -4668,7 +4668,7 @@ virSecurityLabelDefsParseXML(virDomainDefPtr def,
                              virCapsPtr caps,
                              unsigned int flags)
 {
-    size_t i = 0;
+    size_t i = 0, j;
     int n;
     xmlNodePtr *list = NULL, saved_node;
     virCapsHostPtr host = &caps->host;
@@ -4689,10 +4689,23 @@ virSecurityLabelDefsParseXML(virDomainDefPtr def,
 
     /* Parse each "seclabel" tag */
     for (i = 0; i < n; i++) {
+        virSecurityLabelDefPtr seclabel;
+
         ctxt->node = list[i];
-        def->seclabels[i] = virSecurityLabelDefParseXML(ctxt, flags);
-        if (def->seclabels[i] == NULL)
+        if (!(seclabel = virSecurityLabelDefParseXML(ctxt, flags)))
             goto error;
+
+        for (j = 0; j < i; j++) {
+            if (STREQ_NULLABLE(seclabel->model, def->seclabels[j]->model)) {
+                virReportError(VIR_ERR_XML_DETAIL,
+                               _("seclablel for model %s is already provided"),
+                               seclabel->model);
+                virSecurityLabelDefFree(seclabel);
+                goto error;
+            }
+        }
+
+        def->seclabels[i] = seclabel;
     }
     def->nseclabels = n;
     ctxt->node = saved_node;
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-seclabel-multiple.xml b/tests/qemuxml2argvdata/qemuxml2argv-seclabel-multiple.xml
new file mode 100644
index 0000000000000000000000000000000000000000..bd6fd15e923ebfcf61c01a73f1b1e00497204add
--- /dev/null
+++ b/tests/qemuxml2argvdata/qemuxml2argv-seclabel-multiple.xml
@@ -0,0 +1,40 @@
+<domain type='qemu' id='1'>
+  <name>QEMUGuest1</name>
+  <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
+  <memory unit='KiB'>219100</memory>
+  <currentMemory unit='KiB'>219100</currentMemory>
+  <vcpu placement='static' cpuset='1-4,8-20,525'>1</vcpu>
+  <os>
+    <type arch='i686' machine='pc'>hvm</type>
+    <boot dev='hd'/>
+  </os>
+  <clock offset='utc'/>
+  <on_poweroff>destroy</on_poweroff>
+  <on_reboot>restart</on_reboot>
+  <on_crash>destroy</on_crash>
+  <devices>
+    <emulator>/usr/bin/qemu</emulator>
+    <disk type='block' device='disk'>
+      <source dev='/dev/HostVG/QEMUGuest1'>
+        <seclabel model='selinux' labelskip='yes'/>
+      </source>
+      <backingStore/>
+      <target dev='hda' bus='ide'/>
+      <address type='drive' controller='0' bus='0' target='0' unit='0'/>
+    </disk>
+    <controller type='usb' index='0'/>
+    <controller type='ide' index='0'/>
+    <controller type='pci' index='0' model='pci-root'/>
+    <memballoon model='virtio'/>
+  </devices>
+  <seclabel type='none' relabel='no'/>
+  <seclabel type='dynamic' model='dac' relabel='yes'/>
+  <seclabel type='static' model='selinux' relabel='yes'>
+    <label>system_u:system_r:svirt_custom_t:s0:c192,c392</label>
+    <imagelabel>system_u:system_r:svirt_custom_t:s0:c192,c392</imagelabel>
+  </seclabel>
+  <seclabel type='static' model='selinux' relabel='yes'>
+    <label>system_u:system_r:svirt_custom_t:s0:c192,c393</label>
+    <imagelabel>system_u:system_r:svirt_custom_t:s0:c192,c393</imagelabel>
+  </seclabel>
+</domain>
diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c
index bbc0fb7a9b551a1d842fb8808d96d9118aabfef9..a841adb3af6ee89d26783b2188e65ed4d9fa6416 100644
--- a/tests/qemuxml2argvtest.c
+++ b/tests/qemuxml2argvtest.c
@@ -1223,6 +1223,7 @@ mymain(void)
     DO_TEST("seclabel-static-labelskip", QEMU_CAPS_NAME);
     DO_TEST("seclabel-none", QEMU_CAPS_NAME);
     DO_TEST("seclabel-dac-none", QEMU_CAPS_NAME);
+    DO_TEST_PARSE_ERROR("seclabel-multiple", QEMU_CAPS_NAME);
 
     DO_TEST("pseries-basic",
             QEMU_CAPS_CHARDEV, QEMU_CAPS_DEVICE, QEMU_CAPS_NODEFCONFIG);