Bug 1053432

Summary: qemu core dump when install a RHEL.6.5 guest w/ migration
Product: Red Hat Enterprise Linux 7 Reporter: CongLi <coli>
Component: qemu-kvmAssignee: Juan Quintela <quintela>
Status: CLOSED DUPLICATE QA Contact: Virtualization Bugs <virt-bugs>
Severity: medium Docs Contact:
Priority: high    
Version: 7.0CC: acathrow, hhuang, juzhang, kwolf, qzhang, virt-maint
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-02-11 23:14:47 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description CongLi 2014-01-15 08:59:19 UTC 
Description of problem:
qemu core dump when install a RHEL.6.5 guest w/ migration

Version-Release number of selected component (if applicable):
kernel-3.10.0-67.el7.x86_64
qemu-kvm-rhev-1.5.3-35.el7.x86_64

How reproducible:
only once

Steps to Reproduce:
1. install a src guest (RHEL.6.5)
2. boot dst guest w/ option '-incoming tcp:0:5204'
3. migrate src guest to dst in localhost while installation
   (qemu) migrate -d tcp:localhost:5204

Actual results:
qemu core dump 

Expected results:
migration is successful

Additional info:
1. gdb:
   Program terminated with signal 11, Segmentation fault.
#0  0x00007f38c74fac57 in copy_sectors (n_end=<optimized out>, n_start=0, cluster_offset=<optimized out>, 
    start_sect=<optimized out>, bs=0x7f38c8532360) at block/qcow2-cluster.c:377
377	    ret = bs->drv->bdrv_co_readv(bs, start_sect + n_start, n, &qiov);
(gdb) bt
#0  0x00007f38c74fac57 in copy_sectors (n_end=<optimized out>, n_start=0, cluster_offset=<optimized out>, 
    start_sect=<optimized out>, bs=0x7f38c8532360) at block/qcow2-cluster.c:377
#1  perform_cow (bs=bs@entry=0x7f38c8532360, r=r@entry=0x7f38c872ee40, m=0x7f38c872ee10, m=0x7f38c872ee10)
    at block/qcow2-cluster.c:664
#2  0x00007f38c74fb1b3 in qcow2_alloc_cluster_link_l2 (bs=bs@entry=0x7f38c8532360, m=0x7f38c872ee10)
    at block/qcow2-cluster.c:696
#3  0x00007f38c7500ea8 in qcow2_co_writev (bs=0x7f38c8532360, sector_num=19339464, remaining_sectors=8, 
    qiov=0x7f38c95eea90) at block/qcow2.c:1077
#4  0x00007f38c74e8a42 in bdrv_co_do_writev (bs=0x7f38c8532360, sector_num=19339464, nb_sectors=8, 
    qiov=0x7f38c95eea90, flags=(unknown: 0)) at block.c:2875
#5  0x00007f38c74e9436 in bdrv_co_do_rw (opaque=0x7f38ac002ec0) at block.c:4193
#6  0x00007f38c752551a in coroutine_trampoline (i0=<optimized out>, i1=<optimized out>) at coroutine-ucontext.c:118
#7  0x00007f38c20d0550 in ?? () from /usr/lib64/libc-2.17.so
#8  0x00007fffd2cf7920 in ?? ()
#9  0x0000000000000000 in ?? ()

2. Qemu CML (src):
/home/staf-kvm-devel/autotest-devel/client/tests/virt/qemu/qemu \
    -S  \
    -name 'virt-tests-vm1'  \
    -sandbox off  \
    -M pc  \
    -nodefaults  \
    -vga qxl  \
    -global qxl-vga.vram_size=33554432  \
    -chardev socket,id=qmp_id_qmpmonitor1,path=/tmp/monitor-qmpmonitor1-20140114-191555-w9YPjoHe,server,nowait \
    -mon chardev=qmp_id_qmpmonitor1,mode=control  \
    -chardev socket,id=serial_id_serial0,path=/tmp/serial-serial0-20140114-191555-w9YPjoHe,server,nowait \
    -device isa-serial,chardev=serial_id_serial0  \
    -chardev socket,id=seabioslog_id_20140114-191555-w9YPjoHe,path=/tmp/seabios-20140114-191555-w9YPjoHe,server,nowait \
    -device isa-debugcon,chardev=seabioslog_id_20140114-191555-w9YPjoHe,iobase=0x402 \
    -device ich9-usb-uhci1,id=usb1,bus=pci.0,addr=03 \
    -drive id=drive_image1,if=none,cache=none,snapshot=off,aio=threads,file=/home/staf-kvm-devel/autotest-devel/client/tests/virt/shared/data/images/RHEL-Server-6.5-64-virtio.qcow2 \
    -device virtio-blk-pci,id=image1,drive=drive_image1,bootindex=1,bus=pci.0,addr=04 \
    -device virtio-net-pci,mac=9a:06:07:08:09:0a,id=idAHpChz,netdev=idYgkVya,bus=pci.0,addr=05  \
    -netdev tap,id=idYgkVya,vhost=on  \
    -m 2048  \
    -smp 1,maxcpus=1,cores=1,threads=1,sockets=2  \
    -cpu 'Opteron_G3',+kvm_pv_unhalt \
    -drive id=drive_cd1,if=none,snapshot=off,aio=threads,media=cdrom,file=/home/staf-kvm-devel/autotest-devel/client/tests/virt/shared/data/isos/linux/RHEL6.5-Server-x86_64.iso \
    -device ide-cd,id=cd1,drive=drive_cd1,bootindex=2,bus=ide.0,unit=0 \
    -drive id=drive_fl,if=none,cache=none,snapshot=off,readonly=off,aio=threads,file=/home/staf-kvm-devel/autotest-devel/client/tests/virt/shared/data/images/rhel65-64/ks.vfd \
    -global isa-fdc.driveA=drive_fl \
    -device usb-tablet,id=usb-tablet1,bus=usb1.0,port=1  \
    -kernel '/home/staf-kvm-devel/autotest-devel/client/tests/virt/shared/data/images/rhel65-64/vmlinuz'  \
    -append 'ks=floppy nicdelay=60 console=ttyS0,115200 console=tty0'  \
    -initrd '/home/staf-kvm-devel/autotest-devel/client/tests/virt/shared/data/images/rhel65-64/initrd.img'  \
    -spice port=3004,password=123456  \
    -rtc base=utc,clock=host,driftfix=slew  \
    -boot order=cdn,once=d,menu=off  \
    -no-kvm-pit-reinjection \
    -no-shutdown \
    -enable-kvm \
    -monitor stdio

3. dst guest CML:
   same as 2) and option '-incoming tcp:0:5204'
 
4. cpuinfo:
processor	: 3
vendor_id	: AuthenticAMD
cpu family	: 16
model		: 2
model name	: AMD Phenom(tm) 9600B Quad-Core Processor
stepping	: 3
microcode	: 0x1000083
cpu MHz		: 1150.000
cache size	: 512 KB
physical id	: 0
siblings	: 4
core id		: 3
cpu cores	: 4
apicid		: 3
initial apicid	: 3
fpu		: yes
fpu_exception	: yes
cpuid level	: 5
wp		: yes
flags		: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm 3dnowext 3dnow constant_tsc rep_good nopl nonstop_tsc extd_apicid pni monitor cx16 popcnt lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw ibs hw_pstate npt lbrv svm_lock
bogomips	: 4587.24
TLB size	: 1024 4K pages
clflush size	: 64
cache_alignment	: 64
address sizes	: 48 bits physical, 48 bits virtual
power management: ts ttp tm stc 100mhzsteps hwpstate
Comment 3 Qunfang Zhang 2014-01-15 09:56:09 UTC 
There is a similar bug with similar bt log:

Bug 1048575 - Segmentation fault occurs after migrate guest(use scsi disk and add stress) to des machine
Comment 4 Juan Quintela 2014-02-11 23:14:47 UTC 
The backtrace is exactly the same than 1048575, so closing this one.

*** This bug has been marked as a duplicate of bug 1048575 ***
Comment 5 Kevin Wolf 2014-02-12 08:48:11 UTC 
Unfortunately you forgot to include the qemu output before the crash. Please
make sure to incluce it in future bug reports.

The bug that this is now marked a duplicate of mentions this output:

> qcow2: Preventing invalid write on metadata (overlaps with refcount block); image marked as corrupt.
> block I/O error in device 'scsi-disk0': Input/output error (5)

Such output is a key to understanding what's happening. I will assume that you
got the same output unless you tell us otherwise.
Comment 6 CongLi 2014-02-12 09:13:58 UTC 
(In reply to Kevin Wolf from comment #5)
> Unfortunately you forgot to include the qemu output before the crash. Please
> make sure to incluce it in future bug reports.
> 
> The bug that this is now marked a duplicate of mentions this output:
> 
> > qcow2: Preventing invalid write on metadata (overlaps with refcount block); image marked as corrupt.
> > block I/O error in device 'scsi-disk0': Input/output error (5)
> 
> Such output is a key to understanding what's happening. I will assume that
> you
> got the same output unless you tell us otherwise.


Thanks for your reminder, I will add the qemu output next time.

Thanks,
Cong