Description of problem:
boot guest with device to the switch behind switch.
One swith is composed of "xio3130-downstream behind x3130-upstream"
When the number of switch is >=23, qemu-kvm will core dump.
Version-Release number of selected component (if applicable):
qemu-kvm-1.5.3-41.el7.x86_64
3.10.0-79.el7.x86_64
How reproducible:
100%
Steps to Reproduce:
1.boot guest with the following script.
# sh 4230869-switch-behind-switch.sh 23
--
# cat 4230869-switch-behind-switch.sh
#! /bin/sh
CLI="gdb --args /usr/libexec/qemu-kvm -M q35 -m 4G -smp 4,socket=2,core=2,thread=1 \
-device virtio-scsi-pci,bus=pcie.0,id=scsi,addr=0x6 \
-drive file=/home/juli/rhel7.0.qcow2,format=qcow2,if=none,media=disk,id=aa \
-device scsi-hd,drive=aa,id=sys-image,bootindex=0 \
-boot menu=on,strict=on \
-monitor stdio \
-serial unix:/tmp/ttyS0,server,nowait \
-spice port=5931,disable-ticketing \
-vga qxl -global qxl-vga.revision=3 "
CLI="$CLI -device ioh3420,bus=pcie.0,id=root.0 "
CLI="$CLI -device x3130-upstream,bus=root.0,id=upstream1 "
CLI="$CLI -device xio3130-downstream,bus=upstream1,id=downstream1,chassis=1 "
NUM_STREAM=${1:--1}
for ((i=1;i<=$NUM_STREAM;i++)); do
CLI="$CLI -device x3130-upstream,bus=downstream$i,id=upstream$((i+1))"
CLI="$CLI -device xio3130-downstream,bus=upstream$((i+1)),id=downstream$((i+1)),chassis=$((i+1))"
done
BUS_STREAM=downstream$i
CLI="$CLI -device nec-usb-xhci,bus=$BUS_STREAM,id=usb_controller"
CLI="$CLI -drive file=/home/juli/usb-storages/usb1,if=none,format=qcow2,id=aa-usb1,media=disk "
CLI="$CLI -device usb-storage,drive=aa-usb1,port=1,id=device-usb1,serial=usb_controller1"
$CLI
Actual results:
qemu-kvm core dump:
---
qemu-kvm: /builddir/build/BUILD/qemu-1.5.3/savevm.c:1642: vmstate_register_with_alias_id: Assertion `!se->compat || se->instance_id == 0' failed.
---Type <return> to continue, or q <return> to quit---
Program received signal SIGABRT, Aborted.
0x00007ffff2c9c979 in raise () from /lib64/libc.so.6
(gdb) bt
#0 0x00007ffff2c9c979 in raise () from /lib64/libc.so.6
#1 0x00007ffff2c9e088 in abort () from /lib64/libc.so.6
#2 0x00007ffff2c958e6 in __assert_fail_base () from /lib64/libc.so.6
#3 0x00007ffff2c95992 in __assert_fail () from /lib64/libc.so.6
#4 0x00005555557e5a22 in vmstate_register_with_alias_id ()
#5 0x00005555556806ff in device_set_realized ()
#6 0x000055555574123e in property_set_bool ()
#7 0x0000555555743df7 in object_property_set_qobject ()
#8 0x0000555555742c00 in object_property_set_bool ()
#9 0x000055555567f69a in qdev_init ()
#10 0x00005555556ca0f4 in scsi_bus_legacy_add_drive ()
#11 0x00005555556de0c7 in usb_msd_initfn_storage ()
#12 0x00005555556d473b in usb_qdev_init ()
#13 0x000055555567f184 in device_realize ()
#14 0x00005555556806ab in device_set_realized ()
#15 0x000055555574123e in property_set_bool ()
#16 0x0000555555743df7 in object_property_set_qobject ()
#17 0x0000555555742c00 in object_property_set_bool ()
#18 0x000055555572f14e in qdev_device_add ()
#19 0x0000555555773649 in device_init_func ()
#20 0x00005555558a61bb in qemu_opts_foreach ()
#21 0x0000555555601be1 in main ()
Expected results:
no core dump. Or give some warning or error message to forbid booting.
Additional info:
Comment 7Dr. David Alan Gilbert
2017-02-14 10:28:56 UTC
*** This bug has been marked as a duplicate of bug 1342434 ***
Description of problem: boot guest with device to the switch behind switch. One swith is composed of "xio3130-downstream behind x3130-upstream" When the number of switch is >=23, qemu-kvm will core dump. Version-Release number of selected component (if applicable): qemu-kvm-1.5.3-41.el7.x86_64 3.10.0-79.el7.x86_64 How reproducible: 100% Steps to Reproduce: 1.boot guest with the following script. # sh 4230869-switch-behind-switch.sh 23 -- # cat 4230869-switch-behind-switch.sh #! /bin/sh CLI="gdb --args /usr/libexec/qemu-kvm -M q35 -m 4G -smp 4,socket=2,core=2,thread=1 \ -device virtio-scsi-pci,bus=pcie.0,id=scsi,addr=0x6 \ -drive file=/home/juli/rhel7.0.qcow2,format=qcow2,if=none,media=disk,id=aa \ -device scsi-hd,drive=aa,id=sys-image,bootindex=0 \ -boot menu=on,strict=on \ -monitor stdio \ -serial unix:/tmp/ttyS0,server,nowait \ -spice port=5931,disable-ticketing \ -vga qxl -global qxl-vga.revision=3 " CLI="$CLI -device ioh3420,bus=pcie.0,id=root.0 " CLI="$CLI -device x3130-upstream,bus=root.0,id=upstream1 " CLI="$CLI -device xio3130-downstream,bus=upstream1,id=downstream1,chassis=1 " NUM_STREAM=${1:--1} for ((i=1;i<=$NUM_STREAM;i++)); do CLI="$CLI -device x3130-upstream,bus=downstream$i,id=upstream$((i+1))" CLI="$CLI -device xio3130-downstream,bus=upstream$((i+1)),id=downstream$((i+1)),chassis=$((i+1))" done BUS_STREAM=downstream$i CLI="$CLI -device nec-usb-xhci,bus=$BUS_STREAM,id=usb_controller" CLI="$CLI -drive file=/home/juli/usb-storages/usb1,if=none,format=qcow2,id=aa-usb1,media=disk " CLI="$CLI -device usb-storage,drive=aa-usb1,port=1,id=device-usb1,serial=usb_controller1" $CLI Actual results: qemu-kvm core dump: --- qemu-kvm: /builddir/build/BUILD/qemu-1.5.3/savevm.c:1642: vmstate_register_with_alias_id: Assertion `!se->compat || se->instance_id == 0' failed. ---Type <return> to continue, or q <return> to quit--- Program received signal SIGABRT, Aborted. 0x00007ffff2c9c979 in raise () from /lib64/libc.so.6 (gdb) bt #0 0x00007ffff2c9c979 in raise () from /lib64/libc.so.6 #1 0x00007ffff2c9e088 in abort () from /lib64/libc.so.6 #2 0x00007ffff2c958e6 in __assert_fail_base () from /lib64/libc.so.6 #3 0x00007ffff2c95992 in __assert_fail () from /lib64/libc.so.6 #4 0x00005555557e5a22 in vmstate_register_with_alias_id () #5 0x00005555556806ff in device_set_realized () #6 0x000055555574123e in property_set_bool () #7 0x0000555555743df7 in object_property_set_qobject () #8 0x0000555555742c00 in object_property_set_bool () #9 0x000055555567f69a in qdev_init () #10 0x00005555556ca0f4 in scsi_bus_legacy_add_drive () #11 0x00005555556de0c7 in usb_msd_initfn_storage () #12 0x00005555556d473b in usb_qdev_init () #13 0x000055555567f184 in device_realize () #14 0x00005555556806ab in device_set_realized () #15 0x000055555574123e in property_set_bool () #16 0x0000555555743df7 in object_property_set_qobject () #17 0x0000555555742c00 in object_property_set_bool () #18 0x000055555572f14e in qdev_device_add () #19 0x0000555555773649 in device_init_func () #20 0x00005555558a61bb in qemu_opts_foreach () #21 0x0000555555601be1 in main () Expected results: no core dump. Or give some warning or error message to forbid booting. Additional info: