Bug 1306343

Summary: drmgr with invalid value in guest crashes qemu [7.2.z]
Product: Red Hat Enterprise Linux 7 Reporter: Marcel Kolaja <mkolaja>
Component: qemu-kvm-rhevAssignee: Laurent Vivier <lvivier>
Status: CLOSED ERRATA QA Contact: Virtualization Bugs <virt-bugs>
Severity: unspecified Docs Contact:
Priority: high    
Version: 7.2CC: hannsj_uhl, jherrman, juzhang, knoel, lvivier, mazhang, mdeng, michen, mrezanin, qzhang, sherold, snagar, virt-maint
Target Milestone: rcKeywords: ZStream
Target Release: ---   
Hardware: ppc64le   
OS: Linux   
Whiteboard:
Fixed In Version: qemu-kvm-rhev-2.3.0-31.el7_2.8 Doc Type: Bug Fix
Doc Text:
Previously, if the drmgr command was used in the guest to hot plug a device before a device_add command was issued via the QEMU monitor, QEMU terminated unexpectedly with a segmentation fault. This update fixes the handling of drmgr so that in the described circumstances, an error is properly raised and QEMU does not crash.
 Story Points: ---
Clone Of: 1299030 Environment:
Last Closed: 2016-04-04 01:17:03 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1299030    
Bug Blocks: 1201513    

Description Marcel Kolaja 2016-02-10 15:41:53 UTC 
This bug has been copied from bug #1299030 and has been proposed
to be backported to 7.2 z-stream (EUS).
Comment 3 Miroslav Rezanina 2016-02-24 09:18:29 UTC 
Fix included in qemu-kvm-rhev-2.3.0-31.el7_2.8
Comment 5 mazhang 2016-02-26 03:27:06 UTC 
Reproduce this bug on qemu-kvm-rhev-2.3.0-31.el7.ppc64le.

Host:
3.10.0-327.el7.ppc64le
qemu-kvm-rhev-2.3.0-31.el7.ppc64le

Guest:
3.10.0-351.el7.ppc64le

Steps:
1. Boot guest with:
/usr/libexec/qemu-kvm -name bz1276205 -machine pseries,accel=kvm,usb=off -nodefaults -m 4G,slots=8,maxmem=8G -smp 4 -vga none -nographic -chardev stdio,id=conmon,mux=on,signal=off -device spapr-vty,chardev=conmon -mon conmon -drive file=/home/RHEL-Server-7.2-ppc64le-virtio.qcow2,if=none,id=drive-scsi0-0-0-0,format=qcow2,rerror=stop,werror=stop -device virtio-blk-pci,drive=drive-scsi0-0-0-0,id=scsi0-0-0-0,bus=pci.0,addr=0x3,bootindex=1 -serial unix:/tmp/console,server,nowait

2. In the guest execute: "drmgr -c mem -a -s 0x80000010".

Result:
qemu-kvm segmentation fault.

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x3fffb32ceaf0 (LWP 4680)]
0x00003fffb7101a4c in fdt_offset_ptr () from /lib64/libfdt.so.1
Missing separate debuginfos, use: debuginfo-install alsa-lib-1.0.28-2.el7.ppc64le bzip2-libs-1.0.6-13.el7.ppc64le cyrus-sasl-lib-2.1.26-19.2.el7.ppc64le dbus-libs-1.6.12-13.el7.ppc64le elfutils-libelf-0.163-3.el7.ppc64le elfutils-libs-0.163-3.el7.ppc64le flac-libs-1.3.0-5.el7_1.ppc64le glib2-2.42.2-5.el7.ppc64le glibc-2.17-105.el7.ppc64le gmp-6.0.0-11.el7.ppc64le gnutls-3.3.8-12.el7_1.1.ppc64le gperftools-libs-2.4-7.el7.ppc64le gsm-1.0.13-11.el7.ppc64le json-c-0.11-4.el7_0.ppc64le keyutils-libs-1.5.8-3.el7.ppc64le krb5-libs-1.13.2-10.el7.ppc64le libICE-1.0.9-2.el7.ppc64le libSM-1.2.2-2.el7.ppc64le libX11-1.6.3-2.el7.ppc64le libXau-1.0.8-2.1.el7.ppc64le libXext-1.3.3-3.el7.ppc64le libXi-1.7.4-2.el7.ppc64le libXtst-1.2.2-2.1.el7.ppc64le libaio-0.3.109-13.el7.ppc64le libasyncns-0.8-7.el7.ppc64le libattr-2.4.46-12.el7.ppc64le libcap-2.22-8.el7.ppc64le libcom_err-1.42.9-7.el7.ppc64le libcurl-7.29.0-25.el7.ppc64le libfdt-1.4.0-2.el7.ppc64le libffi-3.0.13-16.el7.ppc64le libgcc-4.8.5-4.el7.ppc64le libgcrypt-1.5.3-12.el7_1.1.ppc64le libgpg-error-1.12-3.el7.ppc64le libibverbs-1.1.8-8.el7.ppc64le libidn-1.28-4.el7.ppc64le libiscsi-1.9.0-6.el7.ppc64le libnl3-3.2.21-10.el7.ppc64le libogg-1.3.0-7.el7.ppc64le libpng-1.5.13-5.el7.ppc64le librdmacm-1.0.21-1.el7.ppc64le libselinux-2.2.2-6.el7.ppc64le libsndfile-1.0.25-10.el7.ppc64le libssh2-1.4.3-10.el7.ppc64le libstdc++-4.8.5-4.el7.ppc64le libtasn1-3.8-2.el7.ppc64le libusbx-1.0.15-4.el7.ppc64le libuuid-2.23.2-26.el7.ppc64le libvorbis-1.3.3-8.el7.ppc64le libxcb-1.11-4.el7.ppc64le lzo-2.06-8.el7.ppc64le nettle-2.7.1-4.el7.ppc64le nspr-4.10.8-2.el7_1.ppc64le nss-3.19.1-18.el7.ppc64le nss-softokn-freebl-3.16.2.3-13.el7_1.ppc64le nss-util-3.19.1-4.el7_1.ppc64le numactl-libs-2.0.9-5.el7_1.ppc64le openldap-2.4.40-8.el7.ppc64le openssl-libs-1.0.1e-42.el7_1.9.ppc64le p11-kit-0.20.7-3.el7.ppc64le pcre-8.32-15.el7.ppc64le pixman-0.32.6-3.el7.ppc64le pulseaudio-libs-6.0-7.el7.ppc64le snappy-1.1.0-3.el7.ppc64le systemd-libs-219-19.el7.ppc64le tcp_wrappers-libs-7.6-77.el7.ppc64le trousers-0.3.13-1.el7.ppc64le xz-libs-5.1.2-12alpha.el7.ppc64le zlib-1.2.7-15.el7.ppc64le
(gdb) bt
#0  0x00003fffb7101a4c in fdt_offset_ptr () from /lib64/libfdt.so.1
#1  0x00003fffb7101a44 in fdt_offset_ptr () from /lib64/libfdt.so.1
Backtrace stopped: frame did not save the PC


Update qemu-kvm to qemu-kvm-rhev-2.3.0-31.el7_2.8 and re-test.

Result:
qemu-kvm not crash anymore, guest works well.

[root@dhcp71-85 ~]# drmgr -c mem -a -s 0x80000010
drmgr -c mem -a -s 0x80000010
Validating Memory DLPAR capability...yes.
This adapter is currently unusable, available for exchange or available for recovery
Configure_connector failed for drc index 80000010
Data may be out of sync and the system may require a reboot.
Unexpected error (src/drmgr/drslot_chrp_mem.c:1008).  Contact support and provide debug log from /var/log/drmgr.
DR_TOTAL_RESOURCES=0
[root@dhcp71-85 ~]# ls
ls
anaconda-ks.cfg  Documents  Music  Pictures  Templates
Desktop		 Downloads  perl5  Public    Videos

So this bug has been fixed.
Comment 7 errata-xmlrpc 2016-04-04 01:17:03 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2016:0587