Description of problem:
Tried to verify bug 1024684 but the patch cause qemu core dumped.
Version-Release number of selected component (if applicable):
host info:
# uname -r && rpm -q qemu-kvm
2.6.32-538.el6.x86_64
qemu-kvm-0.12.1.2-2.454.el6.x86_64
How reproducible:
3/3
Steps to Reproduce:
1.assigned more than 992 disks to random controllers, targets and LUNs.
# sh cli-random-disk.sh 512
Script Example:
# cat cli-random-disk.sh
ulimit -n 40960
cli="/usr/libexec/qemu-kvm -S -M pc -m 24G -smp 12 -cpu SandyBridge -vnc :1 -monitor stdio -boot menu=on -monitor unix:/tmp/monitor,server,nowait -drive file=/home/RHEL-6.5-Snapshot-4-Server-x86_64.qcow2,if=none,id=blk1 -device virtio-blk-pci,scsi=off,drive=blk1,id=blk-disk1,bootindex=0 -netdev tap,id=netdev1,vhost=on,script=/etc/qemu-ifup -device virtio-net-pci,netdev=netdev1,mac=02:03:04:05:06:00,id=net-pci1 -global PIIX4_PM.disable_s3=0 -global PIIX4_PM.disable_s4=0 -serial unix:/tmp/ttyS0,server,nowait"
cli="$cli -device virtio-scsi-pci,id=scsi0"
cli="$cli -device virtio-scsi-pci,id=scsi1"
count=$((${1:-1}-1))
for i in $(seq 0 $count)
do
j=$((2*$i))
echo $j
cli="$cli -drive file=/home/disk/disk$j,if=none,id=disk$j"
cli="$cli -device scsi-hd,bus=scsi0.0,drive=disk$j,id=target$j,scsi-id=$(($i%256)),lun=$(($i/256))"
cli="$cli -drive file=/home/disk/disk$(($j+1)),if=none,id=disk$(($j+1))"
cli="$cli -device scsi-hd,bus=scsi1.0,drive=disk$(($j+1)),id=target$(($j+1)),scsi-id=$(($i%256)),lun=$(($i/256))"
done
$cli
2.
3.
Actual results:
QEMU 0.12.1 monitor - type 'help' for more information
(qemu) qemu-kvm: /builddir/build/BUILD/qemu-kvm-0.12.1.2/vl.c:4042: main_loop_wait: Assertion `ioh->fd < 1024' failed.
cli-random-disk.sh: line 15: 38376 Aborted (core dumped) $cli
The bt log as following:
Core was generated by `/usr/libexec/qemu-kvm -S -M pc -m 24G -smp 12 -cpu SandyBridge -vnc :1 -monitor'.
Program terminated with signal 6, Aborted.
#0 0x00007f370bb93625 in raise (sig=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
64 return INLINE_SYSCALL (tgkill, 3, pid, selftid, sig);
(gdb) bt
#0 0x00007f370bb93625 in raise (sig=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
#1 0x00007f370bb94e05 in abort () at abort.c:92
#2 0x00007f370bb8c74e in __assert_fail_base (fmt=<value optimized out>, assertion=0x7f370f2c4458 "ioh->fd < 1024",
file=0x7f370f2c4ee8 "/builddir/build/BUILD/qemu-kvm-0.12.1.2/vl.c", line=<value optimized out>,
function=<value optimized out>) at assert.c:96
#3 0x00007f370bb8c810 in __assert_fail (assertion=0x7f370f2c4458 "ioh->fd < 1024",
file=0x7f370f2c4ee8 "/builddir/build/BUILD/qemu-kvm-0.12.1.2/vl.c", line=4042,
function=0x7f370f2c9224 "main_loop_wait") at assert.c:105
#4 0x00007f370f10b5f6 in main_loop_wait (timeout=1000) at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:4042
#5 0x00007f370f12eb4a in kvm_main_loop () at /usr/src/debug/qemu-kvm-0.12.1.2/qemu-kvm.c:2258
#6 0x00007f370f10fdc7 in main_loop (argc=<value optimized out>, argv=<value optimized out>, envp=<value optimized out>)
at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:4285
#7 main (argc=<value optimized out>, argv=<value optimized out>, envp=<value optimized out>)
at /usr/src/debug/qemu-kvm-0.12.1.2/vl.c:6742
(gdb)
Expected results:
we should document that and also error out when it exceeds the limit and it should no any qemu crash.
Additional info:
The added assertion is to avoid silent memory corruption. The limit will be fixed by bz 1005016
*** This bug has been marked as a duplicate of bug 1005016 ***