Bug 1655533

Summary: [rhel.8.0][fast train]Stopping iscsi server by iptables result in qemu aborted (core dumped) while writing data to guest
Product: Red Hat Enterprise Linux Advanced Virtualization Reporter: Tingting Mao <timao>
Component: qemu-kvmAssignee: John Snow <jsnow>
Status: CLOSED CURRENTRELEASE QA Contact: Tingting Mao <timao>
Severity: low Docs Contact:
Priority: low    
Version: 8.0CC: chayang, coli, juzhang, kanderso, knoel, mtessun, rbalakri, ribarry, timao, virt-maint
Target Milestone: rc   
Target Release: 8.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-07-31 06:57:20 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
gdb backtrace none

Description Tingting Mao 2018-12-03 11:46:43 UTC 
Description of problem:
Stopping iscsi server by iptables result in qemu aborted (core dumped) while writing data to guest.


Version-Release number of selected component (if applicable):
qemu-kvm-3.1.0-0.module+el8+2266+616cf026.next.candidate
kernel-4.18.0-45.el8


How reproducible:
5/5


Steps to Reproduce:
Create base.img file
# lvcreate -L 20G -n test_base.img vg
Installed and boot up image based on iscsi block disk
/usr/libexec/qemu-kvm \
        -name 'guest-rhel7.6' \
        -machine q35 \
        -nodefaults \
        -vga qxl \
        -device virtio-scsi-pci,id=virtio_scsi_pci0,bus=pcie.0,addr=0x3 \
        -blockdev driver=host_device,cache.direct=off,cache.no-flush=on,filename=/dev/vg/test_base.img,node-name=my_file \
        -blockdev driver=raw,node-name=my,file=my_file \
        -device scsi-hd,drive=my \
        -vnc :1 \
        -monitor stdio \
        -m 8192 \
        -smp 8 \
        -device virtio-net-pci,mac=9a:b5:b6:b1:b2:b3,id=idMmq1jH,vectors=4,netdev=idxgXAlm,bus=pcie.0,addr=0x9  \
        -netdev tap,id=idxgXAlm \
        -chardev socket,id=qmp_id_qmpmonitor1,path=/var/tmp/timao/monitor-qmpmonitor1-20180220-094308-h9I6hRsI,server,nowait \
        -mon chardev=qmp_id_qmpmonitor1,mode=control  \
        -device pcie-root-port,id=pcie.0-root-port-8,slot=8,chassis=8,addr=0x8,bus=pcie.0 \
3. ‘dd’ a big file in guest
# dd if=/dev/urandom of=/home/ftest bs=1M count=10240

4. Stop data transmission from iscsi server by iptables on host while ‘dd’ in guest
# iptables -A OUTPUT -j REJECT -d $iscsi_server -p tcp --dport 3260


Actual results:
(qemu) qemu-kvm: hw/scsi/scsi-bus.c:1374: scsi_req_complete: Assertion `req->status == -1' failed.
qemu_blockdev.sh: line 21: 22019 Aborted                 (core dumped) /usr/libexec/qemu-kvm -name 'guest-rhel7.6' -machine q35 -nodefaults -vga qxl -device virtio-scsi-pci,id=virtio_scsi_pci0,bus=pcie.0,addr=0x3 -blockdev driver=host_device,cache.direct=off,cache.no-flush=on,filename=$1,node-name=my_file -blockdev driver=raw,node-name=my,file=my_file -device scsi-hd,drive=my -vnc :1 -monitor stdio -m 8192 -smp 8 -device virtio-net-pci,mac=9a:b5:b6:b1:b2:b3,id=idMmq1jH,vectors=4,netdev=idxgXAlm,bus=pcie.0,addr=0x9 -netdev tap,id=idxgXAlm -chardev socket,id=qmp_id_qmpmonitor1,path=/var/tmp/timao/monitor-qmpmonitor1-20180220-094308-h9I6hRsI,server,nowait -mon chardev=qmp_id_qmpmonitor1,mode=control -device pcie-root-port,id=pcie.0-root-port-8,slot=8,chassis=8,addr=0x8,bus=pcie.0


Expected results:
QEMU works normally.


Additional info:
There is something wrong when generating the gdb file. I will upload it tomorrow, thanks.
Comment 1 Tingting Mao 2018-12-04 05:48:22 UTC 
Created attachment 1511194 [details]
gdb backtrace
Comment 3 Martin Tessun 2018-12-21 10:08:32 UTC 
Instead of REJECT I would rather use "DROP" as a rule, as typically you will not get an ICMP message here. I think this is a rarely happening usecase.
Comment 4 Tingting Mao 2018-12-24 08:15:20 UTC 
(In reply to Martin Tessun from comment #3)
> Instead of REJECT I would rather use "DROP" as a rule, as typically you will
> not get an ICMP message here. I think this is a rarely happening usecase.

That' okay to me. And I did not hit the issue either in the latest qemu version(qemu-kvm-3.1.0-2.module+el8+2606+2c716ad7), thanks.
Comment 5 Tingting Mao 2019-07-31 06:57:20 UTC 
Tested this issue with the latest qemu package, not hit the issue(Tested 4 times, and all not hit the issue). So close this bug. Thanks.


Tested with:
qemu-kvm-4.0.0-6.module+el8.1.0+3736+a2aefea3
kernel-4.18.0-123.el8.x86_64


Boot scripts:
# /usr/libexec/qemu-kvm   \
        -name  'guest-rhel8.1.0'    \
        -machine  q35   \
        -nodefaults   \
        -vga  qxl \
        -device virtio-scsi-pci,id=virtio_scsi_pci0,bus=pcie.0,addr=0x3 \
        -blockdev driver=host_device,cache.direct=off,cache.no-flush=on,filename=$1,node-name=my_file \
        -blockdev driver=raw,node-name=my,file=my_file \
        -device scsi-hd,drive=my,werror=stop,rerror=stop \
        -vnc :0 \
        -monitor  stdio \
        -m  4096 \
        -smp  8 \
        -device virtio-net-pci,mac=9a:b5:b6:b1:b2:b3,id=idMmq1jH,vectors=4,netdev=idxgXAlm,bus=pcie.0,addr=0x9      \
        -netdev tap,id=idxgXAlm \
        -qmp tcp:localhost:5902,server,nowait  \
        -chardev socket,id=qmp_id_qmpmonitor1,path=/var/tmp/timao/monitor-qmpmonitor1-20180220-094308-h9I6hRsI,server,nowait \
        -mon chardev=qmp_id_qmpmonitor1,mode=control  \